The version of kernel installed on the remote host is prior to 5.15.156-102.160. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-049 advisory.

    In the Linux kernel, the following vulnerability has been resolved:

    net: dsa: fix panic when DSA master device unbinds on shutdown (CVE-2022-48808)

    In the Linux kernel, the following vulnerability has been resolved:

    nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)

    In the Linux kernel, the following vulnerability has been resolved:

    xen/events: close evtchn after mapping cleanup (CVE-2024-26687)

    In the Linux kernel, the following vulnerability has been resolved:

    vfio/pci: Lock external INTx masking ops (CVE-2024-26810)

    In the Linux kernel, the following vulnerability has been resolved:

    vfio/pci: Create persistent INTx handler (CVE-2024-26812)

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path

    The commit mutex should not be released during the critical sectionbetween nft_gc_seq_begin() and     nft_gc_seq_end(), otherwise, async GCworker could collect expired objects and get the released commit     lockwithin the same GC sequence.

    nf_tables_module_autoload() temporarily releases the mutex to loadmodule dependencies, then it goes back     to replay the transaction again.Move it at the end of the abort phase after nft_gc_seq_end() is called.
    (CVE-2024-26925)

    In the Linux kernel, the following vulnerability has been resolved:

    USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: core: Fix unremoved procfs host directory regression (CVE-2024-26935)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/i915/gt: Reset queue_priority_hint on parking (CVE-2024-26937)

    In the Linux kernel, the following vulnerability has been resolved:

    wireguard: netlink: access device through ctx instead of peer (CVE-2024-26950)

    In the Linux kernel, the following vulnerability has been resolved:

    wireguard: netlink: check for dangling peer via is_dead instead of empty list (CVE-2024-26951)

    In the Linux kernel, the following vulnerability has been resolved:

    nfs: fix UAF in direct writes (CVE-2024-26958)

    In the Linux kernel, the following vulnerability has been resolved:

    mm: swap: fix race between free_swap_and_cache() and swapoff() (CVE-2024-26960)

    In the Linux kernel, the following vulnerability has been resolved:

    mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961)

    In the Linux kernel, the following vulnerability has been resolved:

    usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)

    In the Linux kernel, the following vulnerability has been resolved:

    fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)

    In the Linux kernel, the following vulnerability has been resolved:

    pci_iounmap(): Fix MMIO mapping leak (CVE-2024-26977)

    In the Linux kernel, the following vulnerability has been resolved:

    xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)

    In the Linux kernel, the following vulnerability has been resolved:

    vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791)

    In the Linux kernel, the following vulnerability has been resolved:

    KVM: x86: Mark target gfn of emulated atomic instruction as dirty (CVE-2024-35804)

    In the Linux kernel, the following vulnerability has been resolved:

    dm snapshot: fix lockup in dm_exception_table_exit (CVE-2024-35805)

    In the Linux kernel, the following vulnerability has been resolved:

    PCI/PM: Drain runtime-idle callbacks before driver removal (CVE-2024-35809)

    In the Linux kernel, the following vulnerability has been resolved:

    fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion (CVE-2024-35815)

    In the Linux kernel, the following vulnerability has been resolved:

    vt: fix unicode buffer corruption when deleting characters (CVE-2024-35823)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/secretmem: fix GUP-fast succeeding on secretmem folios (CVE-2024-35872)

    In the Linux kernel, the following vulnerability has been resolved:

    udp: do not accept non-tunnel GSO skbs landing in a tunnel (CVE-2024-35884)

    In the Linux kernel, the following vulnerability has been resolved:

    erspan: make sure erspan_base_hdr is present in skb->head (CVE-2024-35888)

    In the Linux kernel, the following vulnerability has been resolved:

    gro: fix ownership transfer (CVE-2024-35890)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf, sockmap: Prevent lock inversion deadlock in map delete elem (CVE-2024-35895)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: validate user input for expected length (CVE-2024-35896)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: flush pending destroy work before exit_net release (CVE-2024-35899)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: reject new basechain after table flag update (CVE-2024-35900)

    In the Linux kernel, the following vulnerability has been resolved:

    net/rds: fix possible cp null dereference (CVE-2024-35902)

    In the Linux kernel, the following vulnerability has been resolved:

    tcp: properly terminate timers for kernel sockets (CVE-2024-35910)

    In the Linux kernel, the following vulnerability has been resolved:

    block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: send: handle path ref underflow in header iterate_inode_ref() (CVE-2024-35935)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (CVE-2024-35936)

    In the Linux kernel, the following vulnerability has been resolved:

    VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (CVE-2024-35944)

    In the Linux kernel, the following vulnerability has been resolved:

    drm/client: Fully protect modes[] with dev->mode_config.mutex (CVE-2024-35950)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (CVE-2024-35969)

    In the Linux kernel, the following vulnerability has been resolved:

    af_unix: Clear stale u->oob_skb. (CVE-2024-35970)

    In the Linux kernel, the following vulnerability has been resolved:

    geneve: fix header validation in geneve[6]_xmit_skb (CVE-2024-35973)

    In the Linux kernel, the following vulnerability has been resolved:

    xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (CVE-2024-35976)

    In the Linux kernel, the following vulnerability has been resolved:

    ACPI: CPPC: Use access_width over bit_width for system memory accesses (CVE-2024-35995)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-585 advisory.

    2024-07-03: CVE-2024-26643 was added to this advisory.

    2024-07-03: CVE-2024-26642 was added to this advisory.

    2024-07-03: CVE-2024-36031 was added to this advisory.

    2024-06-06: CVE-2024-35801 was added to this advisory.

    2024-06-06: CVE-2024-35809 was added to this advisory.

    2024-05-23: CVE-2024-26883 was added to this advisory.

    2024-05-23: CVE-2024-26865 was added to this advisory.

    2024-05-23: CVE-2024-26815 was added to this advisory.

    2024-05-23: CVE-2024-26898 was added to this advisory.

    Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM (md, raid, raid5 modules)     allows Forced Integer Overflow. (CVE-2024-23307)

    A malicious hypervisor can potentially break confidentiality and integrity of Linux SEV-SNP guests by     injecting interrupts. (CVE-2024-25742)

    In the Linux kernel, the following vulnerability has been resolved:

    net: tls: handle backlogging of crypto requests

    Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on ourrequests to the crypto API,     crypto_aead_{encrypt,decrypt} can return-EBUSY instead of -EINPROGRESS in valid situations. For example,     whenthe cryptd queue for AESNI is full (easy to trigger with anartificially low     cryptd.cryptd_max_cpu_qlen), requests will be enqueuedto the backlog but still processed. In that case,     the async callbackwill also be called twice: first with err == -EINPROGRESS, which itseems we can just     ignore, then with err == 0.

    Compared to Sabrina's original patch this version uses the newtls_*crypt_async_wait() helpers and converts     the EBUSY toEINPROGRESS to avoid having to modify all the error handlingpaths. The handling is identical.
    (CVE-2024-26584)

    In the Linux kernel, the following vulnerability has been resolved:

    tls: fix race between tx work scheduling and socket close

    Similarly to previous commit, the submitting thread (recvmsg/sendmsg)may exit as soon as the async crypto     handler calls complete().Reorder scheduling the work before calling complete().This seems more logical in     the first place, as it'sthe inverse order of what the submitting thread will do. (CVE-2024-26585)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check (CVE-2024-26815)

    In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in     reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and     another ref tracker warning [1]. syzkaller could not find a repro, but in the log, the only suspicious     sequence was as follows: 18:26:22 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ...
    connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4001, 0x0, @loopback}, 0x1c) (async) The notable thing here is     0x4001 in connect(), which is RDS_TCP_PORT. (CVE-2024-26865)

    In the Linux kernel, the following vulnerability has been resolved:

    bpf: Fix stackmap overflow check on 32-bit arches (CVE-2024-26883)

    In the Linux kernel, the following vulnerability has been resolved:

    aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts (CVE-2024-26898)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)

    In the Linux kernel, the following vulnerability has been resolved:

    PCI/PM: Drain runtime-idle callbacks before driver removal (CVE-2024-35809)

    In the Linux kernel, the following vulnerability has been resolved:

    keys: Fix overwrite of key expiration on instantiation (CVE-2024-36031)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory.

    Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error     conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this     vulnerability to cause a denial of service. (CVE-2022-38096)

    Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition     during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could     possibly use this to cause a denial of service (system crash). (CVE-2023-47233)

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux     kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker     could use this to cause a denial of service. (CVE-2024-21823)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    It was discovered that the MediaTek SoC Gigabit Ethernet driver in the Linux kernel contained a race     condition when stopping the device. A local attacker could possibly use this to cause a denial of service     (device unavailability). (CVE-2024-27432)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - PowerPC architecture;

    - x86 architecture;

    - Block layer subsystem;

    - ACPI drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - CPU frequency scaling framework;

    - Cryptographic API;

    - DPLL subsystem;

    - ARM SCMI message protocol;

    - EFI core;

    - GPU drivers;

    - InfiniBand drivers;

    - IOMMU subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - MMC subsystem;

    - Network drivers;

    - NTB driver;

    - NVME drivers;

    - PCI subsystem;

    - Powercap sysfs driver;

    - SCSI drivers;

    - Freescale SoC drivers;

    - SPI subsystem;

    - Media staging drivers;

    - Thermal drivers;

    - TTY drivers;

    - USB subsystem;

    - DesignWare USB3 driver;

    - VFIO drivers;

    - Backlight driver;

    - Virtio drivers;

    - Xen hypervisor drivers;

    - AFS file system;

    - File systems infrastructure;

    - BTRFS file system;

    - debug file system;

    - Ext4 file system;

    - F2FS file system;

    - FAT file system;

    - Network file system client;

    - NILFS2 file system;

    - Overlay file system;

    - Pstore file system;

    - Diskquota system;

    - SMB network file system;

    - UBI file system;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Memory management;

    - Bluetooth subsystem;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - IEEE 802.15.4 subsystem;

    - Netfilter;

    - Packet sockets;

    - Network traffic control;

    - Sun RPC protocol;

    - ALSA SH drivers;

    - SOF drivers;

    - USB sound devices;

    - KVM core; (CVE-2024-35822, CVE-2024-26859, CVE-2024-26967, CVE-2024-27053, CVE-2024-27064,     CVE-2024-27437, CVE-2024-26931, CVE-2024-26870, CVE-2024-26927, CVE-2024-26880, CVE-2024-35789,     CVE-2024-26929, CVE-2024-27034, CVE-2024-26816, CVE-2024-26896, CVE-2024-26975, CVE-2024-26972,     CVE-2024-26937, CVE-2024-27032, CVE-2024-26871, CVE-2024-26655, CVE-2024-35829, CVE-2024-26886,     CVE-2023-52653, CVE-2024-27028, CVE-2024-26877, CVE-2024-26898, CVE-2024-35796, CVE-2024-27065,     CVE-2024-35807, CVE-2024-26966, CVE-2024-35826, CVE-2024-27067, CVE-2024-27039, CVE-2024-35811,     CVE-2024-26895, CVE-2024-26814, CVE-2024-26893, CVE-2023-52649, CVE-2024-35801, CVE-2023-52648,     CVE-2024-27048, CVE-2024-26934, CVE-2024-27049, CVE-2024-26890, CVE-2024-26874, CVE-2022-48669,     CVE-2023-52661, CVE-2024-27436, CVE-2024-27058, CVE-2024-26935, CVE-2024-26956, CVE-2024-26960,     CVE-2024-26976, CVE-2024-27041, CVE-2024-26873, CVE-2024-26946, CVE-2024-27080, CVE-2024-27432,     CVE-2023-52650, CVE-2024-26879, CVE-2023-52647, CVE-2024-27435, CVE-2024-27038, CVE-2024-26951,     CVE-2024-27390, CVE-2024-26863, CVE-2024-26959, CVE-2024-35794, CVE-2024-26889, CVE-2024-35845,     CVE-2024-27433, CVE-2024-26961, CVE-2024-35803, CVE-2024-26653, CVE-2024-26939, CVE-2024-26872,     CVE-2024-26979, CVE-2024-26973, CVE-2024-27029, CVE-2024-35831, CVE-2024-26892, CVE-2024-26888,     CVE-2024-27074, CVE-2024-35844, CVE-2024-26938, CVE-2024-26953, CVE-2024-27391, CVE-2024-35843,     CVE-2024-27040, CVE-2024-26875, CVE-2024-27026, CVE-2024-26978, CVE-2024-26882, CVE-2023-52652,     CVE-2023-52662, CVE-2024-26963, CVE-2024-26962, CVE-2024-27051, CVE-2024-27068, CVE-2024-26881,     CVE-2024-35800, CVE-2024-26964, CVE-2024-27389, CVE-2024-27043, CVE-2024-26901, CVE-2024-26941,     CVE-2024-35798, CVE-2024-35799, CVE-2024-26952, CVE-2024-26654, CVE-2024-27046, CVE-2024-35810,     CVE-2024-27050, CVE-2024-27063, CVE-2024-26954, CVE-2024-26884, CVE-2024-27047, CVE-2024-26932,     CVE-2024-26883, CVE-2024-26943, CVE-2024-26651, CVE-2024-26815, CVE-2024-26948, CVE-2024-27066,     CVE-2024-27037, CVE-2024-35806, CVE-2024-26869, CVE-2024-26878, CVE-2024-26810, CVE-2024-35797,     CVE-2024-27073, CVE-2024-26812, CVE-2024-26933, CVE-2024-26809, CVE-2024-26894, CVE-2024-35813,     CVE-2024-27033, CVE-2024-26876, CVE-2024-27076, CVE-2024-27045, CVE-2024-27079, CVE-2024-26861,     CVE-2024-26957, CVE-2024-26864, CVE-2024-26866, CVE-2024-35814, CVE-2024-26813, CVE-2024-27388,     CVE-2024-27042, CVE-2024-26862, CVE-2024-26968, CVE-2024-26940, CVE-2024-27027, CVE-2024-35793,     CVE-2024-35874, CVE-2024-27035, CVE-2024-26958, CVE-2024-26887, CVE-2024-35809, CVE-2024-26930,     CVE-2024-35819, CVE-2024-27392, CVE-2024-35808, CVE-2023-52644, CVE-2024-35828, CVE-2024-26657,     CVE-2024-26969, CVE-2024-27434, CVE-2024-35821, CVE-2023-52663, CVE-2024-27078, CVE-2024-35787,     CVE-2024-27044, CVE-2024-26848, CVE-2024-26955, CVE-2024-26899, CVE-2024-27077, CVE-2024-26897,     CVE-2024-26945, CVE-2024-26885, CVE-2024-27069, CVE-2024-27070, CVE-2024-27054, CVE-2024-35795,     CVE-2024-35817, CVE-2024-35827, CVE-2024-26656, CVE-2024-26860, CVE-2024-26942, CVE-2023-52659,     CVE-2024-26865, CVE-2024-26868, CVE-2024-26947, CVE-2024-35788, CVE-2024-26950, CVE-2024-27030,     CVE-2024-26949, CVE-2024-26900, CVE-2024-26971, CVE-2024-35805, CVE-2024-26977, CVE-2024-26944,     CVE-2024-27036, CVE-2024-26965, CVE-2024-26891, CVE-2024-27071, CVE-2024-27075, CVE-2024-27072,     CVE-2024-35830, CVE-2024-27052, CVE-2024-26970, CVE-2024-27031)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-4 advisory.

    Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error     conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this     vulnerability to cause a denial of service. (CVE-2022-38096)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when     modifying certain settings values through debugfs. A privileged local attacker could use this to cause a     denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - RISC-V architecture;

    - x86 architecture;

    - Block layer subsystem;

    - Accessibility subsystem;

    - Android drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - Data acquisition framework and drivers;

    - Cryptographic API;

    - DMA engine subsystem;

    - GPU drivers;

    - HID subsystem;

    - I2C subsystem;

    - IRQ chip drivers;

    - Multiple devices driver;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Device tree and open firmware driver;

    - PCI subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - Freescale SoC drivers;

    - Trusted Execution Environment drivers;

    - TTY drivers;

    - USB subsystem;

    - VFIO drivers;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - FAT file system;

    - Network file system client;

    - Network file system server daemon;

    - NILFS2 file system;

    - Pstore file system;

    - SMB network file system;

    - UBI file system;

    - Netfilter;

    - BPF subsystem;

    - Core kernel;

    - PCI iomap interfaces;

    - Memory management;

    - B.A.T.M.A.N. meshing protocol;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - Networking core;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - IEEE 802.15.4 subsystem;

    - NFC subsystem;

    - Open vSwitch;

    - RDS protocol;

    - Network traffic control;

    - SMC sockets;

    - Unix domain sockets;

    - eXpress Data Path;

    - ALSA SH drivers;

    - KVM core; (CVE-2024-35872, CVE-2024-35807, CVE-2024-27013, CVE-2024-35989, CVE-2024-36008,     CVE-2024-26957, CVE-2024-35912, CVE-2024-27000, CVE-2024-35918, CVE-2024-26977, CVE-2024-35821,     CVE-2024-35853, CVE-2024-26814, CVE-2024-35823, CVE-2024-35958, CVE-2024-26813, CVE-2024-26811,     CVE-2024-26937, CVE-2024-26951, CVE-2024-35925, CVE-2024-26929, CVE-2024-35988, CVE-2024-35902,     CVE-2024-26994, CVE-2024-27001, CVE-2024-36029, CVE-2024-36005, CVE-2024-35970, CVE-2024-36007,     CVE-2024-35809, CVE-2024-27019, CVE-2024-26970, CVE-2024-27059, CVE-2024-35877, CVE-2024-35899,     CVE-2024-26989, CVE-2024-27008, CVE-2024-26812, CVE-2024-35969, CVE-2024-35785, CVE-2024-35871,     CVE-2024-35847, CVE-2024-36006, CVE-2024-35973, CVE-2024-27396, CVE-2024-35849, CVE-2024-35990,     CVE-2024-26960, CVE-2024-26931, CVE-2024-35852, CVE-2024-26965, CVE-2024-35960, CVE-2024-35813,     CVE-2024-26976, CVE-2024-36004, CVE-2024-35895, CVE-2024-27018, CVE-2024-26969, CVE-2024-27016,     CVE-2024-27437, CVE-2024-26956, CVE-2024-26629, CVE-2024-35879, CVE-2024-35817, CVE-2024-26922,     CVE-2024-35815, CVE-2024-35935, CVE-2024-35940, CVE-2023-52880, CVE-2024-35851, CVE-2024-35854,     CVE-2024-35893, CVE-2024-26973, CVE-2024-35997, CVE-2024-26984, CVE-2024-26961, CVE-2024-26966,     CVE-2024-35885, CVE-2024-27020, CVE-2024-26950, CVE-2024-35934, CVE-2024-26988, CVE-2024-35938,     CVE-2024-26958, CVE-2024-35888, CVE-2024-27395, CVE-2024-35915, CVE-2024-35806, CVE-2024-26934,     CVE-2024-35825, CVE-2024-35796, CVE-2024-35900, CVE-2024-35791, CVE-2024-26925, CVE-2024-35982,     CVE-2024-26810, CVE-2024-26955, CVE-2024-26935, CVE-2024-35805, CVE-2024-35896, CVE-2024-35855,     CVE-2024-35819, CVE-2024-26642, CVE-2024-27009, CVE-2024-35804, CVE-2024-35898, CVE-2024-35822,     CVE-2024-35930, CVE-2024-35789, CVE-2024-26687, CVE-2024-26964, CVE-2024-35978, CVE-2024-35976,     CVE-2024-35936, CVE-2024-26926, CVE-2024-26993, CVE-2024-35933, CVE-2024-35884, CVE-2024-26974,     CVE-2024-35922, CVE-2024-35886, CVE-2024-27004, CVE-2024-36020, CVE-2024-35955, CVE-2024-26996,     CVE-2024-26981, CVE-2024-36025, CVE-2024-26654, CVE-2024-27015, CVE-2024-35984, CVE-2024-26828,     CVE-2024-35950, CVE-2024-35944, CVE-2024-35905, CVE-2024-35890, CVE-2024-26923, CVE-2024-35897,     CVE-2024-27393, CVE-2023-52699, CVE-2024-26817, CVE-2024-35910, CVE-2024-35857, CVE-2024-35907,     CVE-2023-52488, CVE-2024-26999)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7001 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.
    Security Fix(es):

     CVE-2023-6040  CVE-2024-26595  CVE-2021-46984  CVE-2023-52478  CVE-2023-52476  CVE-2023-52522     CVE-2021-47101  CVE-2021-47097  CVE-2023-52605  CVE-2024-26645  CVE-2024-26665  CVE-2024-26720     CVE-2024-26717  CVE-2024-26769  CVE-2024-26894  CVE-2024-26880  CVE-2024-26855  CVE-2024-26923     CVE-2024-26939  CVE-2024-27013  CVE-2024-27042  CVE-2024-35809  CVE-2023-52683  CVE-2024-35884     CVE-2024-35877  CVE-2024-35944  CVE-2024-35989  CVE-2021-47412  CVE-2021-47393  CVE-2021-47386     CVE-2021-47385  CVE-2021-47384  CVE-2021-47383  CVE-2021-47432  CVE-2021-47352  CVE-2021-47338     CVE-2021-47321  CVE-2021-47289  CVE-2021-47287  CVE-2023-52817  CVE-2023-52840  CVE-2021-47441     CVE-2021-47466  CVE-2021-47455  CVE-2021-47497  CVE-2021-47560  CVE-2021-47527  CVE-2024-36883     CVE-2024-36920  CVE-2024-36902  CVE-2024-36953  CVE-2024-36939  CVE-2024-36901  CVE-2021-47582     CVE-2021-47609  CVE-2024-38619  CVE-2022-48754  CVE-2022-48760  CVE-2024-38581  CVE-2024-38570     CVE-2024-38559  CVE-2024-38558  CVE-2024-37356  CVE-2024-39471  CVE-2024-39499  CVE-2024-39501     CVE-2024-39506  CVE-2024-40904  CVE-2024-40911  CVE-2024-40912  CVE-2024-40929  CVE-2024-40931     CVE-2024-40941  CVE-2024-40954  CVE-2024-40958  CVE-2024-40959  CVE-2024-40960  CVE-2024-40972     CVE-2024-40977  CVE-2024-40978  CVE-2024-40988  CVE-2024-40989  CVE-2024-40995  CVE-2024-40997     CVE-2024-40998  CVE-2024-41005  CVE-2024-40901  CVE-2024-41007  CVE-2024-41008  CVE-2022-48804     CVE-2022-48836  CVE-2022-48866  CVE-2024-41090  CVE-2024-41091  CVE-2024-41012  CVE-2024-41013     CVE-2024-41014  CVE-2024-41035  CVE-2024-41038  CVE-2024-41039  CVE-2024-41040  CVE-2024-41041     CVE-2024-41044  CVE-2024-41055  CVE-2024-41056  CVE-2024-41060  CVE-2024-41071  CVE-2024-41076     CVE-2024-41097  CVE-2024-42084  CVE-2024-42090  CVE-2024-42096  CVE-2024-42114  CVE-2024-42124     CVE-2024-42131  CVE-2024-42152  CVE-2024-42154  CVE-2024-42226  CVE-2024-42228  CVE-2024-42237     CVE-2024-42238  CVE-2024-42240  CVE-2024-42246  CVE-2024-42322  CVE-2024-43871  For more details about the     security issue(s), including the impact, a CVSS score, acknowledgments, and other related information,     refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1983-1 advisory.

    The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
    - CVE-2022-48686: Fix UAF when detecting digest errors (bsc#1223948).
    - CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
    - CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
    - CVE-2022-48697: Fix a use-after-free (bsc#1223922).
    - CVE-2024-26846: Do not wait in vain when unloading module (bsc#1223023).
    - CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
    - CVE-2023-42755: Check user supplied offsets (bsc#1215702).
    - CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).
    - CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
    - CVE-2021-47246: Fix page reclaim for dead peer hairpin (bsc#1224831).
    - CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace (bsc#1225222).
    - CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)
    - CVE-2021-47548: Fixed a possible array out-of-bounds (bsc#1225506)
    - CVE-2024-36029: Pervent access to suspended controller (bsc#1225708)
    - CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
    - CVE-2021-47352: Add validation for used length (bsc#1225124).
    - CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)
    - CVE-2021-47431: Fix gart.bo pin_count leak (bsc#1225390).
    - CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)
    - CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
    - CVE-2021-47423: Fix file release memory leak (bsc#1225366).
    - CVE-2022-48710: Fix a possible null pointer dereference (bsc#1225230).
    - CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
    - CVE-2024-35932: Do not check if plane->state->fb == state->fb (bsc#1224650).
    - CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
    - CVE-2024-35809: Drain runtime-idle callbacks before driver removal (bsc#1224738).
    - CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
    - CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
    - CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).
    - CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
    - CVE-2024-35982: Avoid infinite loop trying to resize local TT (bsc#1224566)
    - CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
    - CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot accesses (bsc#1224960).
    - CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725).
    - CVE-2021-47401: Fix stack information leak (bsc#1225242).
    - CVE-2023-52867: Fix possible buffer overflow (bsc#1225009).
    - CVE-2023-52821: Fix a possible null pointer dereference (bsc#1225022).
    - CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)
    - CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).
    - CVE-2021-47361: Fix error handling in mcb_alloc_bus() (bsc#1225151).
    - CVE-2023-52864: Fix opening of char device (bsc#1225132).
    - CVE-2022-48708: Fix potential NULL dereference (bsc#1224942).
    - CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
    - CVE-2021-47238: Fix memory leak in ip_mc_add1_src (bsc#1224847)
    - CVE-2023-52730: Fix possible resource leaks in some error paths (bsc#1224956).
    - CVE-2021-47355: Fix possible use-after-free in nicstar_cleanup() (bsc#1225141).
    - CVE-2021-47245: Fix out of bounds when parsing TCP options (bsc#1224838)
    - CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).
    - CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)
    - CVE-2021-47249: Fix memory leak in rds_recvmsg (bsc#1224880)
    - CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb (bsc#1225082)
    - CVE-2021-47250: Fix memory leak in netlbl_cipsov4_add_std (bsc#1224827)
    - CVE-2024-35849: Fix information leak in btrfs_ioctl_logical_to_ino() (bsc#1224733).
    - CVE-2024-27436: Stop parsing channels bits when all channels are found (bsc#1224803).
    - CVE-2021-47281: Fix race of snd_seq_timer_open() (bsc#1224983).
    - CVE-2024-35789: Clear fast rx for non-4addr sta VLAN changes (bsc#1224749).
    - CVE-2024-35830: Register v4l2 async device only after successful setup (bsc#1224680).
    - CVE-2021-47334: Fix two use after free in ibmasm_init_one (bsc#1225112).
    - CVE-2021-47357: Fix possible use-after-free in ia_module_exit() (bsc#1225144).
    - CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).
    - CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086).
    - CVE-2024-35887: Fix use-after-free bugs caused by ax25_ds_del_timer (bzg#1224663)
    - CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit() (bsc#1224907).
    - CVE-2024-26957: Fix reference counting on zcrypt card objects (bsc#1223666).
    - CVE-2023-52691: Fix a double-free in si_dpm_init (bsc#1224607).
    - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
    - CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).
    - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
    - CVE-2024-26984: Fix instmem race condition around ptr stores (bsc#1223633)
    - CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
    - CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
    - CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
    - CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
    - CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
    - CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
    - CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
    - CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)
    - CVE-2021-47206: Check return value after calling platform_get_resource() (bsc#1222894).
    - CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
    - CVE-2024-26996: Fix UAF ncm object at re-bind after usb ep transport error (bsc#1223752).
    - CVE-2024-26874: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (bsc#1223048)
    - CVE-2022-48702: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923).
    - CVE-2022-48672: Fix off-by-one error in unflatten_dt_nodes() (bsc#1223931).
    - CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
    - CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
    - CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
    - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets     (bsc#1220513).
    - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init     in net/sctp/socket.c (bsc#1218917).
    - CVE-2024-27008: Fix out of bounds access (bsc#1223802).
    - CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).
    - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2184-1 advisory.

    The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
    - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets     (bsc#1220513).
    - CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
    - CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
    - CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
    - CVE-2021-47206: Check return value after calling  platform_get_resource() (bsc#1222894).
    - CVE-2021-47238: Fixed memory leak in ip_mc_add1_src  (bsc#1224847)
    - CVE-2021-47245: Fixed out of bounds when parsing TCP options  (bsc#1224838)
    - CVE-2021-47246: Fixed page reclaim for dead peer hairpin  (CVE-2021-47246 bsc#1224831).
    - CVE-2021-47249: Fixed memory leak in rds_recvmsg  (bsc#1224880)
    - CVE-2021-47250: Fixed memory leak in netlbl_cipsov4_add_std  (bsc#1224827)
    - CVE-2021-47265: Verify port when creating flow rule (bsc#1224957)
    - CVE-2021-47277: Avoid speculation-based attacks from out-of-range memslot  accesses (bsc#1224960).
    - CVE-2021-47281: Fixed race of snd_seq_timer_open() (bsc#1224983).
    - CVE-2021-47334: Fixed two use after free in ibmasm_init_one  (bsc#1225112).
    - CVE-2021-47352: Add validation for used length (bsc#1225124).
    - CVE-2021-47355: Fixed possible use-after-free in nicstar_cleanup()  (bsc#1225141).
    - CVE-2021-47357: Fixed possible use-after-free in ia_module_exit()  (bsc#1225144).
    - CVE-2021-47361: Fixed error handling in mcb_alloc_bus() (bsc#1225151).
    - CVE-2021-47362: Update intermediate power state for SI (bsc#1225153).
    - CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
    - CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225208).
    - CVE-2021-47397: Break out if skb_header_pointer returns NULL in sctp_rcv_ootb  (bsc#1225082)
    - CVE-2021-47401: Fixed stack information leak (bsc#1225242).
    - CVE-2021-47423: Fixed file release memory leak (bsc#1225366).
    - CVE-2021-47431: Fixed gart.bo pin_count leak (bsc#1225390).
    - CVE-2021-47469: Add SPI fix commit to be ignored (bsc#1225347)
    - CVE-2021-47483: Fixed possible double-free in regcache_rbtree_exit()  (bsc#1224907).
    - CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
    - CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
    - CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
    - CVE-2021-47509: Limit the period size to 16MB (bsc#1225409).
    - CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
    - CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)
    - CVE-2022-48672: Fixed off-by-one error in unflatten_dt_nodes()  (CVE-2022-48672 bsc#1223931).
    - CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948).
    - CVE-2022-48697: Fixed a use-after-free (bsc#1223922).
    - CVE-2022-48702: Fixed out of bounds access in  snd_emu10k1_pcm_channel_alloc() (bsc#1223923).
    - CVE-2022-48704: Add a force flush to delay work when radeon (bsc#1223932)
    - CVE-2022-48708: Fixed potential NULL dereference (bsc#1224942).
    - CVE-2022-48710: Fixed a possible null pointer dereference (bsc#1225230).
    - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
    - CVE-2023-42755: Check user supplied offsets (bsc#1215702).
    - CVE-2023-52586: Fixed  mutex lock in control vblank irq (bsc#1221081).
    - CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
    - CVE-2023-52664: Eliminate double free in error handling logic  (bsc#1224747).
    - CVE-2023-52691: Fixed a double-free in si_dpm_init (bsc#1224607).
    - CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass()  (bsc#1224621)
    - CVE-2023-52730: Fixed possible resource leaks in some error paths  (bsc#1224956).
    - CVE-2023-52732: Blocklist the kclient when receiving corrupted snap trace  (bsc#1225222).
    - CVE-2023-52747: Restore allocated resources on failed copyout (bsc#1224931)
    - CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
    - CVE-2023-52821: Fixed a possible null pointer dereference (bsc#1225022).
    - CVE-2023-52864: Fixed opening of char device (bsc#1225132).
    - CVE-2023-52865: Add check for mtk_alloc_clk_data  (bsc#1225086).
    - CVE-2023-52867: Fixed possible buffer overflow (bsc#1225009).
    - CVE-2023-52875: Add check for mtk_alloc_clk_data  (bsc#1225096).
    - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init     in net/sctp/socket.c (bsc#1218917).
    - CVE-2024-26625: Call sock_orphan() at release time  (bsc#1221086)
    - CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
    - CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
    - CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
    - CVE-2024-26846: Do not wait in vain when unloading module  (bsc#1223023).
    - CVE-2024-26874: Fixed a null pointer crash in (bsc#1223048)
    - CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).
    - CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
    - CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
    - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
    - CVE-2024-26957: Fixed reference counting on zcrypt card objects  (bsc#1223666).
    - CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
    - CVE-2024-26984: Fixed instmem race condition around ptr stores (bsc#1223633)
    - CVE-2024-26996: Fixed UAF ncm object at re-bind after usb  ep transport error (bsc#1223752).
    - CVE-2024-27008: Fixed out of bounds access (CVE-2024-27008 bsc#1223802).
    - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
    - CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
    - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
    - CVE-2024-27401: Fixed user_length taken into account when  fetching packet contents (bsc#1224181).
    - CVE-2024-27419: Fixed data-races around sysctl_net_busy_read  (bsc#1224759)
    - CVE-2024-27436: Stop parsing channels bits when all channels  are found (bsc#1224803).
    - CVE-2024-35789: Check fast rx for non-4addr sta VLAN  changes (bsc#1224749).
    - CVE-2024-35791: Flush pages under kvm->lock to fix UAF in  svm_register_enc_region() (bsc#1224725).
    - CVE-2024-35809: Drain runtime-idle callbacks before driver removal  (bsc#1224738).
    - CVE-2024-35830: Register v4l2 async device only after  successful setup (bsc#1224680).
    - CVE-2024-35849: Fixed information leak in btrfs_ioctl_logical_to_ino()  (bsc#1224733).
    - CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
    - CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf()  (bsc#1224671).
    - CVE-2024-35887: Fixed use-after-free bugs caused by ax25_ds_del_timer  (bsc#1224663)
    - CVE-2024-35932: Do not check if plane->state->fb == state->fb (bsc#1224650).
    - CVE-2024-35935: Handle path ref underflow in header iterate_inode_ref() (bsc#1224645)
    - CVE-2024-35936: Add missing mutex_unlock in btrfs_relocate_sys_chunks() (bsc#1224644)
    - CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host()  (bsc#1224648).
    - CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr  (bsc#1224580).
    - CVE-2024-35982: Avoid infinite loop trying to resize local TT  (bsc#1224566)
    - CVE-2024-36029: Prevent access to suspended controller (bsc#1225708)


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6896-3 advisory.

    It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition,     leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or     possibly execute arbitrary code. (CVE-2023-6270)

    It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data     structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial     of service. (CVE-2023-7042)

    Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race     condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of     service (system crash). (CVE-2024-22099)

    Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition,     leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a     denial of service (system crash). (CVE-2024-23307)

    It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when     modifying certain settings values through debugfs. A privileged local attacker could use this to cause a     denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

    Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a     race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause     a denial of service (system crash). (CVE-2024-24861)

    Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did     not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this     to cause a denial of service (system crash). (CVE-2024-25739)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - x86 architecture;

    - Block layer subsystem;

    - Accessibility subsystem;

    - ACPI drivers;

    - Android drivers;

    - Bluetooth drivers;

    - Clock framework and drivers;

    - Data acquisition framework and drivers;

    - Cryptographic API;

    - GPU drivers;

    - HID subsystem;

    - I2C subsystem;

    - IRQ chip drivers;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - PCI subsystem;

    - SCSI drivers;

    - Freescale SoC drivers;

    - SPI subsystem;

    - Media staging drivers;

    - TTY drivers;

    - USB subsystem;

    - VFIO drivers;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - FAT file system;

    - NILFS2 file system;

    - Diskquota system;

    - SMB network file system;

    - UBI file system;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Memory management;

    - B.A.T.M.A.N. meshing protocol;

    - Bluetooth subsystem;

    - Networking core;

    - HSR network protocol;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Netfilter;

    - NET/ROM layer;

    - NFC subsystem;

    - Open vSwitch;

    - Packet sockets;

    - RDS protocol;

    - Network traffic control;

    - Sun RPC protocol;

    - Unix domain sockets;

    - ALSA SH drivers;

    - USB sound devices;

    - KVM core; (CVE-2023-52620, CVE-2023-52650, CVE-2024-26999, CVE-2024-26857, CVE-2024-35984,     CVE-2024-27043, CVE-2024-26810, CVE-2023-52880, CVE-2024-35915, CVE-2024-26955, CVE-2024-27396,     CVE-2024-35922, CVE-2024-27395, CVE-2024-35899, CVE-2024-35809, CVE-2024-27000, CVE-2024-27004,     CVE-2024-35830, CVE-2024-26931, CVE-2024-26993, CVE-2024-27013, CVE-2024-26812, CVE-2024-35893,     CVE-2024-27073, CVE-2024-26687, CVE-2024-26969, CVE-2024-26901, CVE-2024-26875, CVE-2024-26976,     CVE-2024-26889, CVE-2024-26586, CVE-2024-36020, CVE-2024-26859, CVE-2024-35944, CVE-2024-35888,     CVE-2024-26965, CVE-2024-36007, CVE-2024-35847, CVE-2024-27436, CVE-2024-35982, CVE-2023-52699,     CVE-2024-26903, CVE-2024-26966, CVE-2024-35910, CVE-2024-26973, CVE-2024-35895, CVE-2024-27008,     CVE-2024-26934, CVE-2024-26923, CVE-2024-26956, CVE-2024-27001, CVE-2024-26651, CVE-2024-26894,     CVE-2024-27028, CVE-2024-27053, CVE-2024-27059, CVE-2023-52656, CVE-2024-26878, CVE-2024-35806,     CVE-2024-27038, CVE-2024-27076, CVE-2024-26994, CVE-2024-27077, CVE-2024-27437, CVE-2024-26813,     CVE-2024-26828, CVE-2024-35807, CVE-2024-35969, CVE-2024-35805, CVE-2024-26862, CVE-2022-48627,     CVE-2024-26926, CVE-2024-35933, CVE-2024-35898, CVE-2024-27024, CVE-2024-35789, CVE-2024-35819,     CVE-2024-35930, CVE-2024-26654, CVE-2024-26922, CVE-2024-26984, CVE-2024-26880, CVE-2024-27388,     CVE-2024-27046, CVE-2024-26820, CVE-2024-36006, CVE-2024-26883, CVE-2024-27078, CVE-2024-35813,     CVE-2024-35935, CVE-2024-35855, CVE-2024-35973, CVE-2024-27044, CVE-2024-35886, CVE-2024-26642,     CVE-2024-35997, CVE-2024-35822, CVE-2024-27074, CVE-2024-35853, CVE-2024-35936, CVE-2024-35821,     CVE-2024-26981, CVE-2024-35852, CVE-2024-26852, CVE-2024-26863, CVE-2024-27065, CVE-2024-35828,     CVE-2024-26974, CVE-2024-35823, CVE-2024-35900, CVE-2024-36004, CVE-2024-35960, CVE-2024-35978,     CVE-2024-26855, CVE-2024-26816, CVE-2024-35897, CVE-2024-35815, CVE-2024-26884, CVE-2023-52644,     CVE-2024-27419, CVE-2024-26882, CVE-2024-35955, CVE-2024-35877, CVE-2024-26957, CVE-2024-35849,     CVE-2024-26817, CVE-2024-35925, CVE-2024-26935, CVE-2024-27020, CVE-2024-35950, CVE-2024-26937,     CVE-2024-26898, CVE-2024-35854, CVE-2024-26851, CVE-2024-27030, CVE-2024-26874, CVE-2024-35825,     CVE-2024-27075)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
205715	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-049)	Nessus	Amazon Linux Local Security Checks	8/17/2024	5/22/2025	high
193443	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-585)	Nessus	Amazon Linux Local Security Checks	4/17/2024	12/11/2024	high
200227	Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)	Nessus	Ubuntu Local Security Checks	6/7/2024	2/4/2025	high
203020	Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6898-4)	Nessus	Ubuntu Local Security Checks	7/23/2024	12/31/2024	high
207656	RHEL 8 : kernel-rt (RHSA-2024:7001)	Nessus	Red Hat Local Security Checks	9/24/2024	2/6/2025	high
207773	Oracle Linux 8 : kernel (ELSA-2024-7000)	Nessus	Oracle Linux Local Security Checks	9/25/2024	4/18/2025	high
200410	SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)	Nessus	SuSE Local Security Checks	6/12/2024	1/1/2025	high
200931	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2184-1)	Nessus	SuSE Local Security Checks	6/25/2024	1/1/2025	high
202576	Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6896-3)	Nessus	Ubuntu Local Security Checks	7/17/2024	12/31/2024	high
205957	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2206)	Nessus	Huawei Local Security Checks	8/21/2024	8/21/2024	high
208351	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2519)	Nessus	Huawei Local Security Checks	10/9/2024	10/9/2024	high

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high

high

high

high

high