cvelistv5 - cve-2024-43901

CVE-2024-43901 (GCVE-0-2024-43901)

Vulnerability from cvelistv5

Published

2024-08-26 10:11

Modified

2025-07-11 17:20

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log The following NULL pointer dereference happens: [ +0.000003] BUG: kernel NULL pointer dereference, address: NULL [ +0.000005] #PF: supervisor instruction fetch in kernel mode [ +0.000002] #PF: error_code(0x0010) - not-present page [ +0.000002] PGD 0 P4D 0 [ +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI [ +0.000003] RIP: 0010:0x0 [ +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [...] [ +0.000002] PKRU: 55555554 [ +0.000002] Call Trace: [ +0.000002] <TASK> [ +0.000003] ? show_regs+0x65/0x70 [ +0.000006] ? __die+0x24/0x70 [ +0.000004] ? page_fault_oops+0x160/0x470 [ +0.000006] ? do_user_addr_fault+0x2b5/0x690 [ +0.000003] ? prb_read_valid+0x1c/0x30 [ +0.000005] ? exc_page_fault+0x8c/0x1a0 [ +0.000005] ? asm_exc_page_fault+0x27/0x30 [ +0.000012] dcn10_log_color_state+0xf9/0x510 [amdgpu] [ +0.000306] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? vsnprintf+0x2fb/0x600 [ +0.000009] dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [ +0.000218] ? __mod_memcg_lruvec_state+0xe8/0x170 [ +0.000008] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? debug_smp_processor_id+0x17/0x20 [ +0.000003] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? set_ptes.isra.0+0x2b/0x90 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? _raw_spin_unlock+0x19/0x40 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? do_anonymous_page+0x337/0x700 [ +0.000004] dtn_log_read+0x82/0x120 [amdgpu] [ +0.000207] full_proxy_read+0x66/0x90 [ +0.000007] vfs_read+0xb0/0x340 [ +0.000005] ? __count_memcg_events+0x79/0xe0 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? count_memcg_events.constprop.0+0x1e/0x40 [ +0.000003] ? handle_mm_fault+0xb2/0x370 [ +0.000003] ksys_read+0x6b/0xf0 [ +0.000004] __x64_sys_read+0x19/0x20 [ +0.000003] do_syscall_64+0x60/0x130 [ +0.000004] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ +0.000003] RIP: 0033:0x7fdf32f147e2 [...] This error happens when the color log tries to read the gamut remap information from DCN401 which is not initialized in the dcn401_dpp_funcs which leads to a null pointer dereference. This commit addresses this issue by adding a proper guard to access the gamut_remap callback in case the specific ASIC did not implement this function.

References

URL

wid-sec-w-2024-1925

Vulnerability from csaf_certbund

Published

2024-08-25 22:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um weitere, nicht beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1925 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1925.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1925 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1925"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcements vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43896 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082610-CVE-2024-43896-10b9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43898 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082613-CVE-2024-43898-52c2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43899 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082614-CVE-2024-43899-2339@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43900 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082616-CVE-2024-43900-029c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43901 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082617-CVE-2024-43901-6c76@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43902 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082618-CVE-2024-43902-eb6d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43903 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082620-CVE-2024-43903-3644@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43904 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082621-CVE-2024-43904-63a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43905 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082623-CVE-2024-43905-008f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43906 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082624-CVE-2024-43906-27ab@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43907 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082626-CVE-2024-43907-91a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43908 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082627-CVE-2024-43908-4406@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43909 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082628-CVE-2024-43909-acb8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43910 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082630-CVE-2024-43910-c6ec@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43911 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082631-CVE-2024-43911-96bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43912 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082632-CVE-2024-43912-801f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43913 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082633-CVE-2024-43913-6ec7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43914 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082635-CVE-2024-43914-a664@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44931 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082636-CVE-2024-44931-8212@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44932 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082638-CVE-2024-44932-2659@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44933 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082639-CVE-2024-44933-222c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44934 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082641-CVE-2024-44934-a7fe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44935 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082642-CVE-2024-44935-3452@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44936 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082643-CVE-2024-44936-505c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44937 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082645-CVE-2024-44937-5c1d@gregkh/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3194-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019400.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3189-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019404.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3195-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019407.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3252-1 vom 2024-09-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019436.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3251-1 vom 2024-09-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019435.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3383-1 vom 2024-09-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019497.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5782 vom 2024-10-03",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00195.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3912 vom 2024-10-07",
        "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019562.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3553-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019560.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q7MIMQMCXNGMVS32KLTADYTPQCKF5HWU/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3569-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6GBL67LQ3MUSYQCQRQH2AZH3XWILTO5A/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3564-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R7FS3QARF7WUPH5GFL22NW3G3SDO2C7Z/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3559-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019575.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3561-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LSUY4BSWS5WR46CHS4FPBIJIRLKHRDHV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3591-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019587.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3587-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019588.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3592-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019589.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12780 vom 2024-10-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12780.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12782 vom 2024-10-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12782.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-1 vom 2024-10-31",
        "url": "https://ubuntu.com/security/notices/USN-7088-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-2 vom 2024-11-04",
        "url": "https://ubuntu.com/security/notices/USN-7088-2"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8856 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8856"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8870 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8870"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-8856 vom 2024-11-06",
        "url": "https://linux.oracle.com/errata/ELSA-2024-8856.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-3 vom 2024-11-06",
        "url": "https://ubuntu.com/security/notices/USN-7088-3"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:8870 vom 2024-11-08",
        "url": "https://errata.build.resf.org/RLSA-2024:8870"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7100-1 vom 2024-11-11",
        "url": "https://ubuntu.com/security/notices/USN-7100-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9315"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7100-2 vom 2024-11-12",
        "url": "https://ubuntu.com/security/notices/USN-7100-2"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12815 vom 2024-11-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12815.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3986-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CIC23R3UQSPF2K4P2CX54TPCX5T7KWQG/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3984-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L52VEDNTEHWEPR56WZN4KZNMEUYGCJX6/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3985-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB6DG7QR5KXDQRV57H4IY2TB2LW42K4S/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3983-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QUOFKELDJYP3JMHIXPCVKVI4REVXAKTX/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-5 vom 2024-11-14",
        "url": "https://ubuntu.com/security/notices/USN-7088-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7119-1 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7119-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7123-1 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7123-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5818 vom 2024-11-24",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00233.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4100-1 vom 2024-11-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019864.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12868 vom 2024-12-09",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12868.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7144-1 vom 2024-12-09",
        "url": "https://ubuntu.com/security/notices/USN-7144-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7154-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7154-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7156-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7156-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7155-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7155-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12884.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7166-1 vom 2024-12-17",
        "url": "https://ubuntu.com/security/notices/USN-7166-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4346-1 vom 2024-12-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2FJJW5HEWYSYWAJBRWARBIZ4AQHAXLNG/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4345-1 vom 2024-12-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020018.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12887.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7166-3 vom 2024-12-20",
        "url": "https://ubuntu.com/security/notices/USN-7166-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7179-1 vom 2024-12-20",
        "url": "https://ubuntu.com/security/notices/USN-7179-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4008 vom 2025-01-03",
        "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7154-2 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7154-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7179-2 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7179-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7186-1 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7186-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7179-3 vom 2025-01-07",
        "url": "https://ubuntu.com/security/notices/USN-7179-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0034-1 vom 2025-01-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020071.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7194-1 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7194-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7186-2 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7186-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7196-1 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7196-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0117-1 vom 2025-01-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020131.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0154-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020151.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0153-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020150.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:19:52.282+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-1925",
      "initial_release_date": "2024-08-25T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-08-25T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-09-10T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-11T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-16T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-23T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-29T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-10-07T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-10-08T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-09T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-14T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-04T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
        },
        {
          "date": "2024-11-05T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-11-10T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-12T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-14T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-24T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-11-28T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-09T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-12T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-15T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-16T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-18T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-19T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-22T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-02T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-01-06T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-07T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-08T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-09T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-15T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "39"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.11-rc3",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.11-rc3",
                  "product_id": "T036886"
                }
              },
              {
                "category": "product_version",
                "name": "6.11-rc3",
                "product": {
                  "name": "Open Source Linux Kernel 6.11-rc3",
                  "product_id": "T036886-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.11-rc3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.19.320",
                "product": {
                  "name": "Open Source Linux Kernel \u003c4.19.320",
                  "product_id": "T037072"
                }
              },
              {
                "category": "product_version",
                "name": "4.19.320",
                "product": {
                  "name": "Open Source Linux Kernel 4.19.320",
                  "product_id": "T037072-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:4.19.320"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.4.282",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.4.282",
                  "product_id": "T037073"
                }
              },
              {
                "category": "product_version",
                "name": "5.4.282",
                "product": {
                  "name": "Open Source Linux Kernel 5.4.282",
                  "product_id": "T037073-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.4.282"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.10.224",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.10.224",
                  "product_id": "T037074"
                }
              },
              {
                "category": "product_version",
                "name": "5.10.224",
                "product": {
                  "name": "Open Source Linux Kernel 5.10.224",
                  "product_id": "T037074-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.10.224"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.15.165",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.15.165",
                  "product_id": "T037075"
                }
              },
              {
                "category": "product_version",
                "name": "5.15.165",
                "product": {
                  "name": "Open Source Linux Kernel 5.15.165",
                  "product_id": "T037075-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.15.165"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.1.105",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.1.105",
                  "product_id": "T037076"
                }
              },
              {
                "category": "product_version",
                "name": "6.1.105",
                "product": {
                  "name": "Open Source Linux Kernel 6.1.105",
                  "product_id": "T037076-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.1.105"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.10.5",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.10.5",
                  "product_id": "T037078"
                }
              },
              {
                "category": "product_version",
                "name": "6.10.5",
                "product": {
                  "name": "Open Source Linux Kernel 6.10.5",
                  "product_id": "T037078-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.10.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.6.47",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.6.47",
                  "product_id": "T037088"
                }
              },
              {
                "category": "product_version",
                "name": "6.6.47",
                "product": {
                  "name": "Open Source Linux Kernel 6.6.47",
                  "product_id": "T037088-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.6.47"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-43896",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43896"
    },
    {
      "cve": "CVE-2024-43898",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43898"
    },
    {
      "cve": "CVE-2024-43899",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43899"
    },
    {
      "cve": "CVE-2024-43900",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43900"
    },
    {
      "cve": "CVE-2024-43901",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43901"
    },
    {
      "cve": "CVE-2024-43902",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43902"
    },
    {
      "cve": "CVE-2024-43903",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43903"
    },
    {
      "cve": "CVE-2024-43904",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43904"
    },
    {
      "cve": "CVE-2024-43905",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43905"
    },
    {
      "cve": "CVE-2024-43906",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43906"
    },
    {
      "cve": "CVE-2024-43907",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43907"
    },
    {
      "cve": "CVE-2024-43908",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43908"
    },
    {
      "cve": "CVE-2024-43909",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43909"
    },
    {
      "cve": "CVE-2024-43910",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43910"
    },
    {
      "cve": "CVE-2024-43911",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43911"
    },
    {
      "cve": "CVE-2024-43912",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43912"
    },
    {
      "cve": "CVE-2024-43913",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43913"
    },
    {
      "cve": "CVE-2024-43914",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43914"
    },
    {
      "cve": "CVE-2024-44931",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44931"
    },
    {
      "cve": "CVE-2024-44932",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44932"
    },
    {
      "cve": "CVE-2024-44933",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44933"
    },
    {
      "cve": "CVE-2024-44934",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44934"
    },
    {
      "cve": "CVE-2024-44935",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44935"
    },
    {
      "cve": "CVE-2024-44936",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44936"
    },
    {
      "cve": "CVE-2024-44937",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44937"
    }
  ]
}

WID-SEC-W-2024-1925

Vulnerability from csaf_certbund

Published

2024-08-25 22:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um weitere, nicht beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1925 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1925.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1925 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1925"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcements vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43896 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082610-CVE-2024-43896-10b9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43898 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082613-CVE-2024-43898-52c2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43899 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082614-CVE-2024-43899-2339@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43900 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082616-CVE-2024-43900-029c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43901 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082617-CVE-2024-43901-6c76@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43902 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082618-CVE-2024-43902-eb6d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43903 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082620-CVE-2024-43903-3644@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43904 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082621-CVE-2024-43904-63a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43905 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082623-CVE-2024-43905-008f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43906 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082624-CVE-2024-43906-27ab@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43907 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082626-CVE-2024-43907-91a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43908 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082627-CVE-2024-43908-4406@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43909 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082628-CVE-2024-43909-acb8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43910 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082630-CVE-2024-43910-c6ec@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43911 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082631-CVE-2024-43911-96bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43912 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082632-CVE-2024-43912-801f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43913 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082633-CVE-2024-43913-6ec7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-43914 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082635-CVE-2024-43914-a664@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44931 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082636-CVE-2024-44931-8212@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44932 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082638-CVE-2024-44932-2659@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44933 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082639-CVE-2024-44933-222c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44934 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082641-CVE-2024-44934-a7fe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44935 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082642-CVE-2024-44935-3452@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44936 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082643-CVE-2024-44936-505c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2024-44937 vom 2024-08-25",
        "url": "https://lore.kernel.org/linux-cve-announce/2024082645-CVE-2024-44937-5c1d@gregkh/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3194-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019400.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3189-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019404.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3195-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019407.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3252-1 vom 2024-09-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019436.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3251-1 vom 2024-09-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019435.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3383-1 vom 2024-09-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019497.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5782 vom 2024-10-03",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00195.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3912 vom 2024-10-07",
        "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019562.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3553-1 vom 2024-10-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019560.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q7MIMQMCXNGMVS32KLTADYTPQCKF5HWU/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3569-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6GBL67LQ3MUSYQCQRQH2AZH3XWILTO5A/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3564-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R7FS3QARF7WUPH5GFL22NW3G3SDO2C7Z/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3559-1 vom 2024-10-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019575.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3561-1 vom 2024-10-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LSUY4BSWS5WR46CHS4FPBIJIRLKHRDHV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3591-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019587.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3587-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019588.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3592-1 vom 2024-10-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019589.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12780 vom 2024-10-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12780.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12782 vom 2024-10-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12782.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-1 vom 2024-10-31",
        "url": "https://ubuntu.com/security/notices/USN-7088-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-2 vom 2024-11-04",
        "url": "https://ubuntu.com/security/notices/USN-7088-2"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8856 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8856"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8870 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8870"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-8856 vom 2024-11-06",
        "url": "https://linux.oracle.com/errata/ELSA-2024-8856.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-3 vom 2024-11-06",
        "url": "https://ubuntu.com/security/notices/USN-7088-3"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:8870 vom 2024-11-08",
        "url": "https://errata.build.resf.org/RLSA-2024:8870"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7100-1 vom 2024-11-11",
        "url": "https://ubuntu.com/security/notices/USN-7100-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9315"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7100-2 vom 2024-11-12",
        "url": "https://ubuntu.com/security/notices/USN-7100-2"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12815 vom 2024-11-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12815.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3986-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CIC23R3UQSPF2K4P2CX54TPCX5T7KWQG/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3984-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L52VEDNTEHWEPR56WZN4KZNMEUYGCJX6/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3985-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB6DG7QR5KXDQRV57H4IY2TB2LW42K4S/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3983-1 vom 2024-11-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QUOFKELDJYP3JMHIXPCVKVI4REVXAKTX/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7088-5 vom 2024-11-14",
        "url": "https://ubuntu.com/security/notices/USN-7088-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7119-1 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7119-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7123-1 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7123-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5818 vom 2024-11-24",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00233.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4100-1 vom 2024-11-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019864.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12868 vom 2024-12-09",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12868.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7144-1 vom 2024-12-09",
        "url": "https://ubuntu.com/security/notices/USN-7144-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7154-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7154-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7156-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7156-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7155-1 vom 2024-12-12",
        "url": "https://ubuntu.com/security/notices/USN-7155-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12884.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7166-1 vom 2024-12-17",
        "url": "https://ubuntu.com/security/notices/USN-7166-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4346-1 vom 2024-12-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2FJJW5HEWYSYWAJBRWARBIZ4AQHAXLNG/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4345-1 vom 2024-12-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020018.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12887.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7166-3 vom 2024-12-20",
        "url": "https://ubuntu.com/security/notices/USN-7166-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7179-1 vom 2024-12-20",
        "url": "https://ubuntu.com/security/notices/USN-7179-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4008 vom 2025-01-03",
        "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7154-2 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7154-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7179-2 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7179-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7186-1 vom 2025-01-06",
        "url": "https://ubuntu.com/security/notices/USN-7186-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7179-3 vom 2025-01-07",
        "url": "https://ubuntu.com/security/notices/USN-7179-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0034-1 vom 2025-01-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020071.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7194-1 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7194-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7186-2 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7186-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7196-1 vom 2025-01-09",
        "url": "https://ubuntu.com/security/notices/USN-7196-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0117-1 vom 2025-01-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020131.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0154-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020151.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0153-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020150.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:19:52.282+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-1925",
      "initial_release_date": "2024-08-25T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-08-25T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-09-10T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-11T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-16T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-23T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-29T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-10-07T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-10-08T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-09T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-14T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-04T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
        },
        {
          "date": "2024-11-05T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-11-10T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-12T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-14T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-24T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-11-28T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-09T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-12T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-15T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-16T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-18T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-12-19T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-22T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-02T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-01-06T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-07T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-08T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-09T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-15T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "39"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.11-rc3",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.11-rc3",
                  "product_id": "T036886"
                }
              },
              {
                "category": "product_version",
                "name": "6.11-rc3",
                "product": {
                  "name": "Open Source Linux Kernel 6.11-rc3",
                  "product_id": "T036886-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.11-rc3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.19.320",
                "product": {
                  "name": "Open Source Linux Kernel \u003c4.19.320",
                  "product_id": "T037072"
                }
              },
              {
                "category": "product_version",
                "name": "4.19.320",
                "product": {
                  "name": "Open Source Linux Kernel 4.19.320",
                  "product_id": "T037072-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:4.19.320"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.4.282",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.4.282",
                  "product_id": "T037073"
                }
              },
              {
                "category": "product_version",
                "name": "5.4.282",
                "product": {
                  "name": "Open Source Linux Kernel 5.4.282",
                  "product_id": "T037073-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.4.282"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.10.224",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.10.224",
                  "product_id": "T037074"
                }
              },
              {
                "category": "product_version",
                "name": "5.10.224",
                "product": {
                  "name": "Open Source Linux Kernel 5.10.224",
                  "product_id": "T037074-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.10.224"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.15.165",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.15.165",
                  "product_id": "T037075"
                }
              },
              {
                "category": "product_version",
                "name": "5.15.165",
                "product": {
                  "name": "Open Source Linux Kernel 5.15.165",
                  "product_id": "T037075-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.15.165"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.1.105",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.1.105",
                  "product_id": "T037076"
                }
              },
              {
                "category": "product_version",
                "name": "6.1.105",
                "product": {
                  "name": "Open Source Linux Kernel 6.1.105",
                  "product_id": "T037076-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.1.105"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.10.5",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.10.5",
                  "product_id": "T037078"
                }
              },
              {
                "category": "product_version",
                "name": "6.10.5",
                "product": {
                  "name": "Open Source Linux Kernel 6.10.5",
                  "product_id": "T037078-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.10.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.6.47",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.6.47",
                  "product_id": "T037088"
                }
              },
              {
                "category": "product_version",
                "name": "6.6.47",
                "product": {
                  "name": "Open Source Linux Kernel 6.6.47",
                  "product_id": "T037088-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.6.47"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-43896",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43896"
    },
    {
      "cve": "CVE-2024-43898",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43898"
    },
    {
      "cve": "CVE-2024-43899",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43899"
    },
    {
      "cve": "CVE-2024-43900",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43900"
    },
    {
      "cve": "CVE-2024-43901",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43901"
    },
    {
      "cve": "CVE-2024-43902",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43902"
    },
    {
      "cve": "CVE-2024-43903",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43903"
    },
    {
      "cve": "CVE-2024-43904",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43904"
    },
    {
      "cve": "CVE-2024-43905",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43905"
    },
    {
      "cve": "CVE-2024-43906",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43906"
    },
    {
      "cve": "CVE-2024-43907",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43907"
    },
    {
      "cve": "CVE-2024-43908",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43908"
    },
    {
      "cve": "CVE-2024-43909",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43909"
    },
    {
      "cve": "CVE-2024-43910",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43910"
    },
    {
      "cve": "CVE-2024-43911",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43911"
    },
    {
      "cve": "CVE-2024-43912",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43912"
    },
    {
      "cve": "CVE-2024-43913",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43913"
    },
    {
      "cve": "CVE-2024-43914",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-43914"
    },
    {
      "cve": "CVE-2024-44931",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44931"
    },
    {
      "cve": "CVE-2024-44932",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44932"
    },
    {
      "cve": "CVE-2024-44933",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44933"
    },
    {
      "cve": "CVE-2024-44934",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44934"
    },
    {
      "cve": "CVE-2024-44935",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44935"
    },
    {
      "cve": "CVE-2024-44936",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44936"
    },
    {
      "cve": "CVE-2024-44937",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen z\u00e4hlen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T036886",
          "T004914",
          "T037088",
          "T032255",
          "T037078",
          "T037073",
          "T037074",
          "T037075",
          "T037076",
          "2951",
          "T002207",
          "T000126",
          "T037072"
        ]
      },
      "release_date": "2024-08-25T22:00:00.000+00:00",
      "title": "CVE-2024-44937"
    }
  ]
}

ghsa-vhrf-w875-h9vr

Vulnerability from github

Published

2024-08-26 12:31

Modified

2024-08-27 15:32

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401

When users run the command:

cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log

The following NULL pointer dereference happens:

[ +0.000003] BUG: kernel NULL pointer dereference, address: NULL [ +0.000005] #PF: supervisor instruction fetch in kernel mode [ +0.000002] #PF: error_code(0x0010) - not-present page [ +0.000002] PGD 0 P4D 0 [ +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI [ +0.000003] RIP: 0010:0x0 [ +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [...] [ +0.000002] PKRU: 55555554 [ +0.000002] Call Trace: [ +0.000002] [ +0.000003] ? show_regs+0x65/0x70 [ +0.000006] ? __die+0x24/0x70 [ +0.000004] ? page_fault_oops+0x160/0x470 [ +0.000006] ? do_user_addr_fault+0x2b5/0x690 [ +0.000003] ? prb_read_valid+0x1c/0x30 [ +0.000005] ? exc_page_fault+0x8c/0x1a0 [ +0.000005] ? asm_exc_page_fault+0x27/0x30 [ +0.000012] dcn10_log_color_state+0xf9/0x510 [amdgpu] [ +0.000306] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? vsnprintf+0x2fb/0x600 [ +0.000009] dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [ +0.000218] ? __mod_memcg_lruvec_state+0xe8/0x170 [ +0.000008] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? debug_smp_processor_id+0x17/0x20 [ +0.000003] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? set_ptes.isra.0+0x2b/0x90 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? _raw_spin_unlock+0x19/0x40 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? do_anonymous_page+0x337/0x700 [ +0.000004] dtn_log_read+0x82/0x120 [amdgpu] [ +0.000207] full_proxy_read+0x66/0x90 [ +0.000007] vfs_read+0xb0/0x340 [ +0.000005] ? __count_memcg_events+0x79/0xe0 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? count_memcg_events.constprop.0+0x1e/0x40 [ +0.000003] ? handle_mm_fault+0xb2/0x370 [ +0.000003] ksys_read+0x6b/0xf0 [ +0.000004] __x64_sys_read+0x19/0x20 [ +0.000003] do_syscall_64+0x60/0x130 [ +0.000004] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ +0.000003] RIP: 0033:0x7fdf32f147e2 [...]

This error happens when the color log tries to read the gamut remap information from DCN401 which is not initialized in the dcn401_dpp_funcs which leads to a null pointer dereference. This commit addresses this issue by adding a proper guard to access the gamut_remap callback in case the specific ASIC did not implement this function.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-43901"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-26T11:15:04Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix NULL pointer dereference for DTN log in DCN401\n\nWhen users run the command:\n\ncat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log\n\nThe following NULL pointer dereference happens:\n\n[  +0.000003] BUG: kernel NULL pointer dereference, address: NULL\n[  +0.000005] #PF: supervisor instruction fetch in kernel mode\n[  +0.000002] #PF: error_code(0x0010) - not-present page\n[  +0.000002] PGD 0 P4D 0\n[  +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI\n[  +0.000003] RIP: 0010:0x0\n[  +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n[...]\n[  +0.000002] PKRU: 55555554\n[  +0.000002] Call Trace:\n[  +0.000002]  \u003cTASK\u003e\n[  +0.000003]  ? show_regs+0x65/0x70\n[  +0.000006]  ? __die+0x24/0x70\n[  +0.000004]  ? page_fault_oops+0x160/0x470\n[  +0.000006]  ? do_user_addr_fault+0x2b5/0x690\n[  +0.000003]  ? prb_read_valid+0x1c/0x30\n[  +0.000005]  ? exc_page_fault+0x8c/0x1a0\n[  +0.000005]  ? asm_exc_page_fault+0x27/0x30\n[  +0.000012]  dcn10_log_color_state+0xf9/0x510 [amdgpu]\n[  +0.000306]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000003]  ? vsnprintf+0x2fb/0x600\n[  +0.000009]  dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu]\n[  +0.000218]  ? __mod_memcg_lruvec_state+0xe8/0x170\n[  +0.000008]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? debug_smp_processor_id+0x17/0x20\n[  +0.000003]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? set_ptes.isra.0+0x2b/0x90\n[  +0.000004]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? _raw_spin_unlock+0x19/0x40\n[  +0.000004]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? do_anonymous_page+0x337/0x700\n[  +0.000004]  dtn_log_read+0x82/0x120 [amdgpu]\n[  +0.000207]  full_proxy_read+0x66/0x90\n[  +0.000007]  vfs_read+0xb0/0x340\n[  +0.000005]  ? __count_memcg_events+0x79/0xe0\n[  +0.000002]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000003]  ? count_memcg_events.constprop.0+0x1e/0x40\n[  +0.000003]  ? handle_mm_fault+0xb2/0x370\n[  +0.000003]  ksys_read+0x6b/0xf0\n[  +0.000004]  __x64_sys_read+0x19/0x20\n[  +0.000003]  do_syscall_64+0x60/0x130\n[  +0.000004]  entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[  +0.000003] RIP: 0033:0x7fdf32f147e2\n[...]\n\nThis error happens when the color log tries to read the gamut remap\ninformation from DCN401 which is not initialized in the dcn401_dpp_funcs\nwhich leads to a null pointer dereference. This commit addresses this\nissue by adding a proper guard to access the gamut_remap callback in\ncase the specific ASIC did not implement this function.",
  "id": "GHSA-vhrf-w875-h9vr",
  "modified": "2024-08-27T15:32:44Z",
  "published": "2024-08-26T12:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43901"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5af757124792817f8eb1bd0c80ad60fab519586b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

msrc_cve-2024-43901

Vulnerability from csaf_microsoft

Published

2024-08-02 00:00

Modified

2025-09-03 21:13

Summary

drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-43901 drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-43901.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401",
    "tracking": {
      "current_release_date": "2025-09-03T21:13:11.000Z",
      "generator": {
        "date": "2025-10-20T02:00:16.316Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-43901",
      "initial_release_date": "2024-08-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-09-03T21:13:11.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-43901",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "general",
          "text": "Linux",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "under_investigation": [
          "17084-2",
          "17084-1",
          "17086-3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43901 drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-43901.json"
        }
      ],
      "title": "drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401"
    }
  ]
}

fkie_cve-2024-43901

Vulnerability from fkie_nvd

Published

2024-08-26 11:15

Modified

2024-08-27 14:38

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351	Patch
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5af757124792817f8eb1bd0c80ad60fab519586b	Patch

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CB0927-C720-465B-99F2-3E47215515F2",
              "versionEndExcluding": "6.10.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix NULL pointer dereference for DTN log in DCN401\n\nWhen users run the command:\n\ncat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log\n\nThe following NULL pointer dereference happens:\n\n[  +0.000003] BUG: kernel NULL pointer dereference, address: NULL\n[  +0.000005] #PF: supervisor instruction fetch in kernel mode\n[  +0.000002] #PF: error_code(0x0010) - not-present page\n[  +0.000002] PGD 0 P4D 0\n[  +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI\n[  +0.000003] RIP: 0010:0x0\n[  +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n[...]\n[  +0.000002] PKRU: 55555554\n[  +0.000002] Call Trace:\n[  +0.000002]  \u003cTASK\u003e\n[  +0.000003]  ? show_regs+0x65/0x70\n[  +0.000006]  ? __die+0x24/0x70\n[  +0.000004]  ? page_fault_oops+0x160/0x470\n[  +0.000006]  ? do_user_addr_fault+0x2b5/0x690\n[  +0.000003]  ? prb_read_valid+0x1c/0x30\n[  +0.000005]  ? exc_page_fault+0x8c/0x1a0\n[  +0.000005]  ? asm_exc_page_fault+0x27/0x30\n[  +0.000012]  dcn10_log_color_state+0xf9/0x510 [amdgpu]\n[  +0.000306]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000003]  ? vsnprintf+0x2fb/0x600\n[  +0.000009]  dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu]\n[  +0.000218]  ? __mod_memcg_lruvec_state+0xe8/0x170\n[  +0.000008]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? debug_smp_processor_id+0x17/0x20\n[  +0.000003]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? set_ptes.isra.0+0x2b/0x90\n[  +0.000004]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? _raw_spin_unlock+0x19/0x40\n[  +0.000004]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000002]  ? do_anonymous_page+0x337/0x700\n[  +0.000004]  dtn_log_read+0x82/0x120 [amdgpu]\n[  +0.000207]  full_proxy_read+0x66/0x90\n[  +0.000007]  vfs_read+0xb0/0x340\n[  +0.000005]  ? __count_memcg_events+0x79/0xe0\n[  +0.000002]  ? srso_alias_return_thunk+0x5/0xfbef5\n[  +0.000003]  ? count_memcg_events.constprop.0+0x1e/0x40\n[  +0.000003]  ? handle_mm_fault+0xb2/0x370\n[  +0.000003]  ksys_read+0x6b/0xf0\n[  +0.000004]  __x64_sys_read+0x19/0x20\n[  +0.000003]  do_syscall_64+0x60/0x130\n[  +0.000004]  entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[  +0.000003] RIP: 0033:0x7fdf32f147e2\n[...]\n\nThis error happens when the color log tries to read the gamut remap\ninformation from DCN401 which is not initialized in the dcn401_dpp_funcs\nwhich leads to a null pointer dereference. This commit addresses this\nissue by adding a proper guard to access the gamut_remap callback in\ncase the specific ASIC did not implement this function."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: corrige la desreferencia del puntero NULL para el registro DTN en DCN401 Cuando los usuarios ejecutan el comando: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log El siguiente puntero NULL ocurre la desreferencia: [+0.000003] ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: NULL [+0.000005] #PF: b\u00fasqueda de instrucciones del supervisor en modo kernel [+0.000002] #PF: c\u00f3digo_error(0x0010) - p\u00e1gina no presente [+0.000002] PGD 0 P4D 0 [ +0.000004] Ups: 0010 [#1] PREEMPT SMP NOPTI [ +0.000003] RIP: 0010:0x0 [ +0.000008] C\u00f3digo: No se puede acceder a los bytes del c\u00f3digo de operaci\u00f3n en 0xffffffffffffffd6. [...] [ +0.000002] PKRU: 55555554 [ +0.000002] Seguimiento de llamadas: [ +0.000002]  [ +0.000003] ? show_regs+0x65/0x70 [+0.000006]? __die+0x24/0x70 [ +0.000004] ? page_fault_oops+0x160/0x470 [+0.000006]? do_user_addr_fault+0x2b5/0x690 [+0.000003]? prb_read_valid+0x1c/0x30 [+0.000005]? exc_page_fault+0x8c/0x1a0 [+0.000005]? asm_exc_page_fault+0x27/0x30 [ +0.000012] dcn10_log_color_state+0xf9/0x510 [amdgpu] [ +0.000306] ? srso_alias_return_thunk+0x5/0xfbef5 [+0.000003]? vsnprintf+0x2fb/0x600 [ +0.000009] dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [ +0.000218] ? __mod_memcg_lruvec_state+0xe8/0x170 [ +0.000008] ? srso_alias_return_thunk+0x5/0xfbef5 [+0.000002]? debug_smp_processor_id+0x17/0x20 [+0.000003]? srso_alias_return_thunk+0x5/0xfbef5 [+0.000002]? srso_alias_return_thunk+0x5/0xfbef5 [+0.000002]? set_ptes.isra.0+0x2b/0x90 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [+0.000002]? _raw_spin_unlock+0x19/0x40 [+0.000004]? srso_alias_return_thunk+0x5/0xfbef5 [+0.000002]? do_anonymous_page+0x337/0x700 [ +0.000004] dtn_log_read+0x82/0x120 [amdgpu] [ +0.000207] full_proxy_read+0x66/0x90 [ +0.000007] vfs_read+0xb0/0x340 [ +0.000005] ? __count_memcg_events+0x79/0xe0 [+0.000002]? srso_alias_return_thunk+0x5/0xfbef5 [+0.000003]? count_memcg_events.constprop.0+0x1e/0x40 [+0.000003]? handle_mm_fault+0xb2/0x370 [ +0.000003] ksys_read+0x6b/0xf0 [ +0.000004] __x64_sys_read+0x19/0x20 [ +0.000003] do_syscall_64+0x60/0x130 [ +0.000004] _64_after_hwframe+0x6e/0x76 [+0.000003] RIP: 0033:0x7fdf32f147e2 [...] Este error ocurre cuando el registro de color intenta leer la informaci\u00f3n de reasignaci\u00f3n de gama de DCN401 que no est\u00e1 inicializada en dcn401_dpp_funcs, lo que conduce a una desreferencia del puntero nulo. Esta confirmaci\u00f3n soluciona este problema agregando una protecci\u00f3n adecuada para acceder a la devoluci\u00f3n de llamada gamut_remap en caso de que el ASIC espec\u00edfico no haya implementado esta funci\u00f3n."
    }
  ],
  "id": "CVE-2024-43901",
  "lastModified": "2024-08-27T14:38:44.187",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-26T11:15:04.673",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5af757124792817f8eb1bd0c80ad60fab519586b"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-43901 (GCVE-0-2024-43901)

Vulnerability from cvelistv5

wid-sec-w-2024-1925

Vulnerability from csaf_certbund

WID-SEC-W-2024-1925

Vulnerability from csaf_certbund

ghsa-vhrf-w875-h9vr

Vulnerability from github

msrc_cve-2024-43901

Vulnerability from csaf_microsoft

fkie_cve-2024-43901

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature