The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3252-1 advisory.

    The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-35965: Fix not validating setsockopt user input (bsc#1224579).
    - CVE-2024-35933: Fixed a build regression (bsc#1224640).
    - CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
    - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
    - CVE-2024-43863: Fix a deadlock in dma buf fence polling (bsc#1229497)
    - CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
    - CVE-2024-43907: Fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787).
    - CVE-2024-43905: Fix the null pointer dereference for vega10_hwmgr (bsc#1229784).
    - CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
    - CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
    - CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
    - CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
    - CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
    - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
    - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
    - CVE-2022-48910: Ensure we call ipv6_mc_down() at most once (bsc#1229632)
    - CVE-2023-52893: Fix null-deref in gsmi_get_variable (bsc#1229535)
    - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
    - CVE-2022-48875: Initialize struct pn533_out_arg properly (bsc#1229516).
    - CVE-2023-52907: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526).
    - CVE-2024-43871: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490)
    - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
    - CVE-2024-43872: Fix soft lockup under heavy CEQE load (bsc#1229489)
    - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
    - CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB     (bsc#1228709).
    - CVE-2024-42236: Prevent OOB read/write in usb_string_copy() (bsc#1228964).
    - CVE-2024-42244: Fix crash on resume (bsc#1228967).
    - CVE-2024-43879: Handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482).
    - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
    - CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
    - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
    - CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
    - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
    - CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
    - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
    - CVE-2021-47341: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923).
    - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
    - CVE-2022-48769: Avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629).
    - CVE-2024-43856: Fix call order in dmam_free_coherent (bsc#1229346).
    - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
    - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
    - CVE-2024-40984: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (bsc#1227820).
    - CVE-2024-26677: Blacklist e7870cf13d20 ('rxrpc: Fix delayed ACKs to not set the reference serial     number') (bsc#1222387)
    - CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
    - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
    - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
    - CVE-2024-42310: Fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358)
    - CVE-2024-42309: Fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359)
    - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
    - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
    - CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
    - CVE-2024-42285: Fix a use-after-free related to destroying CM IDs (bsc#1229381)
    - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
    - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
    - CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
    - CVE-2024-38618: Set lower bound of start tick time (bsc#1226754).
    - CVE-2024-41035: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485)
    - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
    - CVE-2023-52708: Fix error handling in mmc_spi_probe() (bsc#1225483).
    - CVE-2021-47549: Fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508).
    - CVE-2021-47373: Fix potential VPE leak on error (bsc#1225190).
    - CVE-2021-47425: Fix resource leak in reconfiguration device addition (bsc#1225223).
    - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
    - CVE-2024-41098: Fix null pointer dereference on error (bsc#1228467).
    - CVE-2021-4440: Drop USERGS_SYSRET64 paravirt call (bsc#1227069).
    - CVE-2022-48786: Remove vsock from connected table when connect is interrupted by a signal (bsc#1227996).
    - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
    - CVE-2024-35915: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes CVE-2024-35915     bsc#1224479).
    - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
    - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
    - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
    - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
    - CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
    - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
    - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
    - CVE-2024-42090: Fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449).
    - CVE-2024-42101: Fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495).
    - CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
    - CVE-2021-47257: Fix null deref in parse dev addr (bsc#1224896).
    - CVE-2022-48751: Transitional solution for clcsock race issue (bsc#1226653).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:7001 advisory.

    CVE-2023-6040  CVE-2024-26595  CVE-2021-46984  CVE-2023-52478  CVE-2023-52476  CVE-2023-52522     CVE-2021-47101  CVE-2021-47097  CVE-2023-52605  CVE-2024-26645  CVE-2024-26665  CVE-2024-26720     CVE-2024-26717  CVE-2024-26769  CVE-2024-26894  CVE-2024-26880  CVE-2024-26855  CVE-2024-26923     CVE-2024-26939  CVE-2024-27013  CVE-2024-27042  CVE-2024-35809  CVE-2023-52683  CVE-2024-35884     CVE-2024-35877  CVE-2024-35944  CVE-2024-35989  CVE-2021-47412  CVE-2021-47393  CVE-2021-47386     CVE-2021-47385  CVE-2021-47384  CVE-2021-47383  CVE-2021-47432  CVE-2021-47352  CVE-2021-47338     CVE-2021-47321  CVE-2021-47289  CVE-2021-47287  CVE-2023-52817  CVE-2023-52840  CVE-2021-47441     CVE-2021-47466  CVE-2021-47455  CVE-2021-47497  CVE-2021-47560  CVE-2021-47527  CVE-2024-36883     CVE-2024-36920  CVE-2024-36902  CVE-2024-36953  CVE-2024-36939  CVE-2024-36901  CVE-2021-47582     CVE-2021-47609  CVE-2024-38619  CVE-2022-48754  CVE-2022-48760  CVE-2024-38581  CVE-2024-38570     CVE-2024-38559  CVE-2024-38558  CVE-2024-37356  CVE-2024-39471  CVE-2024-39499  CVE-2024-39501     CVE-2024-39506  CVE-2024-40904  CVE-2024-40911  CVE-2024-40912  CVE-2024-40929  CVE-2024-40931     CVE-2024-40941  CVE-2024-40954  CVE-2024-40958  CVE-2024-40959  CVE-2024-40960  CVE-2024-40972     CVE-2024-40977  CVE-2024-40978  CVE-2024-40988  CVE-2024-40989  CVE-2024-40995  CVE-2024-40997     CVE-2024-40998  CVE-2024-41005  CVE-2024-40901  CVE-2024-41007  CVE-2024-41008  CVE-2022-48804     CVE-2022-48836  CVE-2022-48866  CVE-2024-41090  CVE-2024-41091  CVE-2024-41012  CVE-2024-41013     CVE-2024-41014  CVE-2024-41035  CVE-2024-41038  CVE-2024-41039  CVE-2024-41040  CVE-2024-41041     CVE-2024-41044  CVE-2024-41055  CVE-2024-41056  CVE-2024-41060  CVE-2024-41071  CVE-2024-41076     CVE-2024-41097  CVE-2024-42084  CVE-2024-42090  CVE-2024-42096  CVE-2024-42114  CVE-2024-42124     CVE-2024-42131  CVE-2024-42152  CVE-2024-42154  CVE-2024-42226  CVE-2024-42228  CVE-2024-42237     CVE-2024-42238  CVE-2024-42240  CVE-2024-42246  CVE-2024-42322  CVE-2024-43871

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7009-2 advisory.

    Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free     vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly     execute arbitrary code. (CVE-2024-23848)

    Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the     device to be enabled before writing. A local attacker could possibly use this to cause a denial of     service. (CVE-2024-25741)

    It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing     xattr debug information. A local attacker could use this to cause a denial of service (system crash).
    (CVE-2024-40902)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - M68K architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Accessibility subsystem;

    - ACPI drivers;

    - Serial ATA and Parallel ATA drivers;

    - Drivers core;

    - Bluetooth drivers;

    - Character device driver;

    - CPU frequency scaling framework;

    - Hardware crypto device drivers;

    - Buffer Sharing and Synchronization framework;

    - DMA engine subsystem;

    - FPGA Framework;

    - GPIO subsystem;

    - GPU drivers;

    - Greybus drivers;

    - HID subsystem;

    - HW tracing;

    - I2C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device (Mouse) drivers;

    - Macintosh device drivers;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Pin controllers subsystem;

    - PTP clock framework;

    - S/390 drivers;

    - SCSI drivers;

    - SoundWire subsystem;

    - Greybus lights staging drivers;

    - Media staging drivers;

    - Thermal drivers;

    - TTY drivers;

    - USB subsystem;

    - DesignWare USB3 driver;

    - Framebuffer layer;

    - ACRN Hypervisor Service Module driver;

    - eCrypt file system;

    - File systems infrastructure;

    - Ext4 file system;

    - F2FS file system;

    - JFFS2 file system;

    - JFS file system;

    - NILFS2 file system;

    - NTFS3 file system;

    - SMB network file system;

    - IOMMU subsystem;

    - Memory management;

    - Netfilter;

    - BPF subsystem;

    - Kernel debugger infrastructure;

    - DMA mapping infrastructure;

    - IRQ subsystem;

    - Tracing infrastructure;

    - 9P file system network protocol;

    - B.A.T.M.A.N. meshing protocol;

    - CAN network layer;

    - Ceph Core library;

    - Networking core;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - NET/ROM layer;

    - NFC subsystem;

    - Open vSwitch;

    - Network traffic control;

    - TIPC protocol;

    - TLS protocol;

    - Unix domain sockets;

    - Wireless networking;

    - XFRM subsystem;

    - ALSA framework;

    - SoC Audio for Freescale CPUs drivers;

    - Kirkwood ASoC drivers; (CVE-2024-42076, CVE-2024-40994, CVE-2024-40932, CVE-2024-41000, CVE-2024-42224,     CVE-2024-38633, CVE-2024-40954, CVE-2024-36270, CVE-2024-38623, CVE-2024-38549, CVE-2024-42225,     CVE-2024-42085, CVE-2024-42157, CVE-2024-42229, CVE-2024-42109, CVE-2024-41040, CVE-2024-38607,     CVE-2024-39493, CVE-2024-38546, CVE-2024-41046, CVE-2024-38567, CVE-2024-42092, CVE-2024-39501,     CVE-2024-41005, CVE-2024-42223, CVE-2024-39480, CVE-2024-38571, CVE-2024-41048, CVE-2024-38605,     CVE-2024-42094, CVE-2024-38598, CVE-2024-38559, CVE-2024-38558, CVE-2024-40931, CVE-2024-40942,     CVE-2024-39495, CVE-2024-40981, CVE-2024-40911, CVE-2024-42148, CVE-2024-33621, CVE-2024-39502,     CVE-2024-41095, CVE-2024-40960, CVE-2024-36286, CVE-2024-42232, CVE-2024-42130, CVE-2024-42154,     CVE-2024-41087, CVE-2024-41004, CVE-2024-39277, CVE-2024-38560, CVE-2024-36978, CVE-2024-42089,     CVE-2024-37356, CVE-2024-38547, CVE-2024-38381, CVE-2024-36015, CVE-2024-38548, CVE-2024-42120,     CVE-2024-41092, CVE-2024-40978, CVE-2024-38619, CVE-2024-40914, CVE-2024-41089, CVE-2024-40988,     CVE-2024-41047, CVE-2024-38565, CVE-2024-38550, CVE-2023-52887, CVE-2024-38552, CVE-2024-38583,     CVE-2024-38613, CVE-2024-40967, CVE-2024-40927, CVE-2024-42124, CVE-2024-42244, CVE-2024-42152,     CVE-2024-39509, CVE-2024-38662, CVE-2024-38618, CVE-2024-42140, CVE-2024-38579, CVE-2024-40945,     CVE-2024-42101, CVE-2024-42104, CVE-2024-41044, CVE-2024-42161, CVE-2024-42093, CVE-2024-42270,     CVE-2024-42097, CVE-2024-40970, CVE-2024-40908, CVE-2024-38582, CVE-2024-42247, CVE-2024-38661,     CVE-2024-40941, CVE-2024-42084, CVE-2024-42090, CVE-2024-42131, CVE-2024-42077, CVE-2024-40995,     CVE-2024-42105, CVE-2024-41035, CVE-2024-41097, CVE-2024-38780, CVE-2024-35247, CVE-2024-36974,     CVE-2024-42070, CVE-2024-40902, CVE-2024-36972, CVE-2024-38586, CVE-2024-38573, CVE-2024-38612,     CVE-2024-42121, CVE-2023-52884, CVE-2024-39276, CVE-2024-38615, CVE-2024-42095, CVE-2024-42086,     CVE-2024-39507, CVE-2024-40983, CVE-2024-40943, CVE-2024-41002, CVE-2024-40958, CVE-2024-41049,     CVE-2024-38596, CVE-2024-37078, CVE-2024-38637, CVE-2024-38621, CVE-2024-42153, CVE-2024-38659,     CVE-2024-39468, CVE-2024-38589, CVE-2024-38587, CVE-2024-36971, CVE-2024-38599, CVE-2024-31076,     CVE-2024-39490, CVE-2024-40959, CVE-2024-38634, CVE-2024-38624, CVE-2024-42240, CVE-2024-42127,     CVE-2024-42102, CVE-2024-38578, CVE-2024-34027, CVE-2024-38601, CVE-2024-42087, CVE-2024-38597,     CVE-2024-38591, CVE-2024-39503, CVE-2024-42236, CVE-2024-42082, CVE-2024-40956, CVE-2024-41041,     CVE-2024-38580, CVE-2024-39506, CVE-2024-36894, CVE-2024-40987, CVE-2024-39475, CVE-2024-38635,     CVE-2024-41007, CVE-2024-39471, CVE-2024-39467, CVE-2022-48772, CVE-2024-40934, CVE-2024-42106,     CVE-2024-39469, CVE-2024-40963, CVE-2024-39482, CVE-2024-39505, CVE-2024-36014, CVE-2024-39500,     CVE-2024-42096, CVE-2024-41055, CVE-2024-40937, CVE-2024-38590, CVE-2024-38610, CVE-2024-41034,     CVE-2024-42115, CVE-2024-40974, CVE-2024-40968, CVE-2024-42080, CVE-2024-40957, CVE-2024-40971,     CVE-2024-36032, CVE-2024-39499, CVE-2024-42137, CVE-2024-39489, CVE-2024-40976, CVE-2024-39466,     CVE-2024-42145, CVE-2024-36489, CVE-2024-40980, CVE-2024-39301, CVE-2024-40905, CVE-2024-41093,     CVE-2024-40912, CVE-2024-42119, CVE-2024-38588, CVE-2024-40916, CVE-2024-39488, CVE-2024-41027,     CVE-2024-42068, CVE-2024-40904, CVE-2024-40961, CVE-2024-33847, CVE-2024-38555, CVE-2024-41006,     CVE-2024-40929, CVE-2024-34777, CVE-2024-38627, CVE-2024-40984, CVE-2024-40990, CVE-2024-39487,     CVE-2024-42098, CVE-2024-40901)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3195-1 advisory.

    The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
    - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
    - CVE-2024-43911: Fix NULL dereference at band check in starting tx ba session (bsc#1229827).
    - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
    - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
    - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
    - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
    - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
    - CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
    - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
    - CVE-2024-36881: Fix reset ptes when close() for wr-protected (bsc#1225718).
    - CVE-2024-42316: Fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
    - CVE-2024-43855: Fix deadlock between mddev_suspend and flush bio (bsc#1229342).
    - CVE-2024-43864: Fix CT entry update leaks of modify header context (bsc#1229496).
    - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
    - CVE-2024-42109: Unconditionally flush pending work before notifier (bsc#1228505).
    - CVE-2024-41084: Avoid null pointer dereference in region lookup (bsc#1228472).
    - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
    - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
    - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
    - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
    - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
    - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
    - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
    - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
    - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
    - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
    - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
    - CVE-2024-26809: Release elements in clone only from destroy path (bsc#1222633).
    - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
    - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
    - CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
    - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
    - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
    - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
    - CVE-2024-27433: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711).
    - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
    - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
    - CVE-2024-40920: Fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
    - CVE-2024-40921: Pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
    - CVE-2024-36979: Fix vlan use-after-free (bsc#1226604).
    - CVE-2024-26590: Fix inconsistent per-file compression format (bsc#1220252).
    - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
    - CVE-2024-42270: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404).
    - CVE-2024-42269: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402).
    - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
    - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
    - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
    - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
    - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
    - CVE-2024-42290: Handle runtime power management correctly (bsc#1229379).
    - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
    - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
    - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
    - CVE-2024-43850: Fix refcount imbalance seen during bwmon_remove (bsc#1229316).
    - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
    - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
    - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
    - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
    - CVE-2024-26669: Fix chain template offload (bsc#1222350).
    - CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number')     (bsc#1222387)
    - CVE-2024-41050: Cyclic allocation of msg_id to avoid reuse (bsc#1228499).
    - CVE-2024-41051: Wait for ondemand_object_worker to finish when dropping object (bsc#1228468).
    - CVE-2024-41074: Set object to close if ondemand_id < 0 in copen (bsc#1228643).
    - CVE-2024-41075: Add consistency check for copen/cread (bsc#1228646).
    - CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
    - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
    - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
    - CVE-2024-42159: Fix sanitise num_phys (bsc#1228754).
    - CVE-2024-42241: Disable PMD-sized page cache if needed (bsc#1228986).
    - CVE-2024-42245: Revert 'sched/fair: Make sure to try to detach at least one movable task' (bsc#1228978).
    - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
    - CVE-2024-26837: Race between creation of new group memberships and generation of the list of MDB events     to replay (bsc#1222973).
    - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
    - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
    - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727).
    - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
    - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
    - CVE-2024-40938: Fix d_parent walk (bsc#1227840).
    - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
    - CVE-2024-41010: Fix too early release of tcx_entry (bsc#1228021).
    - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
    - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
    - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
    - CVE-2024-42138: Fix double memory deallocation in case of invalid INI file (bsc#1228500).
    - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
    - CVE-2024-42139: Fix improper extts handling (bsc#1228503).
    - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
    - CVE-2024-42113: Initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568).
    - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
    - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
    - CVE-2024-42073: Fix memory corruptions on Spectrum-4 systems (bsc#1228457).
    - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
    - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
    - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
    - CVE-2024-41000: Prefer different overflow check (bsc#1227867).
    - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
    - CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
    - CVE-2024-41069: Fix route memory corruption (bsc#1228644).
    - CVE-2024-39506: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
    - CVE-2024-42145: Implement a limit on UMAD receive List (bsc#1228743).
    - CVE-2024-40994: Fix integer overflow in max_vclocks_store (bsc#1227829).
    - CVE-2024-42124: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
    - CVE-2024-42096: Stop playing stack games in profile_pc() (bsc#1228633).
    - CVE-2024-42224: Correct check for empty list (bsc#1228723).
    - CVE-2024-41048: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
    - CVE-2024-40958: Make get_net_ns() handle zero refcount net (bsc#1227812).
    - CVE-2024-40939: Fix tainted pointer delete is case of region creation fail (bsc#1227799).
    - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
    - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
    - CVE-2024-41044: Reject claimed-as-LCP but actually malformed packets (bsc#1228530).
    - CVE-2024-41066: Add tx check to prevent skb leak (bsc#1228640).
    - CVE-2024-42093: Avoid explicit cpumask var allocation on stack (bsc#1228680).
    - CVE-2024-42122: Add NULL pointer check for kzalloc (bsc#1228591).
    - CVE-2024-41078: Fix quota root leak after quota disable failure (bsc#1228655).
    - CVE-2024-40989: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
    - CVE-2024-41064: Avoid possible crash when edev->pdev changes (bsc#1228599).
    - CVE-2024-41036: Fix deadlock with the SPI chip variant (bsc#1228496).
    - CVE-2024-41040: Fix UAF when resolving a clash (bsc#1228518).
    - CVE-2024-35949: Make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
    - CVE-2024-41081: Block BH in ila_output() (bsc#1228617).
    - CVE-2024-41076: Fix memory leak in nfs4_set_security_label (bsc#1228649).
    - CVE-2024-42079: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
    - CVE-2024-41057: Fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
    - CVE-2024-41058: Fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
    - CVE-2024-41015: Add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
    - CVE-2024-40956: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
    - CVE-2024-27437: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
    - CVE-2024-41032: Check if a hash-index is in cpu_possible_mask (bsc#1228460).
    - CVE-2024-40957: Fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors     (bsc#1227811).
    - CVE-2024-41041: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
    - CVE-2024-40954: Do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
    - CVE-2024-42070: Fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
    - CVE-2024-41070: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
    - CVE-2024-40959: Check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
    - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
    - CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
    - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13946 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)

    * kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor     (CVE-2024-41035)

    * kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CVE-2025-22020)

    * kernel: nfsd: don't ignore the return code of svc_proc_register() (CVE-2025-22026)

    * kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797)

    * kernel: net: ch9200: fix uninitialised access during mii_nway_restart (CVE-2025-38086)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function.
    This can result in a bluetooth sniffing exception issue, possibly leading denial of     service.(CVE-2024-24859)

    bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq(CVE-2024-38540)

    drivers: core: synchronize really_probe() and dev_uevent()(CVE-2024-39501)

    drm/amd/display: Fix potential index out of bounds in color transformation function(CVE-2024-38552)

    drop_monitor: replace spin_lock by raw_spin_lock(CVE-2024-40980)

    dyndbg: fix old BUG_ON in control parser(CVE-2024-35947)

    ext4: do not create EA inode under buffer lock(CVE-2024-40972)

    HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()(CVE-2024-40934)

    ice: Fix crash by keep old cfg when update TCs more than queues(CVE-2022-48652)

    In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to     drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.(CVE-2024-23848)

    ipv6: fix possible race in __fib6_drop_pcpu_from()(CVE-2024-40905)

    ipv6: fix potential 'struct net' leak in inet6_rtm_getaddr()(CVE-2024-27417)

    kernel:af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg(CVE-2024-38596)

    kernel:bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()(CVE-2024-39487)

    kernel:dm: call the resume method on internal suspend(CVE-2024-26880)

    kernel:fix lockup in dm_exception_table_exit  There was reported lockup(CVE-2024-35805)

    kernel:ftrace: Fix possible use-after-free issue in ftrace_location()(CVE-2024-38588)

    kernel:ima: Fix use-after-free on a dentry's dname.name(CVE-2024-39494)

    kernel:ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr(CVE-2024-35969)

    kernel:ipv6: prevent possible NULL dereference in rt6_probe()(CVE-2024-40960)

    kernel:kdb: Fix buffer overflow during tab-complete(CVE-2024-39480)

    kernel:net/mlx5e: Avoid field-overflowing memcpy()(CVE-2022-48744)

    kernel:net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()(CVE-2024-40995)

    kernel:net: bridge: xmit: make sure we have at least eth header len bytes(CVE-2024-38538)

    kernel:netpoll: Fix race condition in netpoll_owner_active(CVE-2024-41005)

    kernel:nouveau: lock the client object tree. (CVE-2024-27062)

    kernel:nvme-fc: do not wait in vain when unloading module(CVE-2024-26846)

    kernel:of: Fix double free in of_parse_phandle_with_args_map(CVE-2023-52679)

    kernel:of: module: add buffer overflow check in of_modalias()(CVE-2024-38541)

    kernel:scsi: lpfc: Fix link down processing to address NULL pointer dereference(CVE-2021-47183)

    kernel:SUNRPC: fix some memleaks in gssx_dec_option_array(CVE-2024-27388)

    kernel:tcp: avoid too many retransmit packets(CVE-2024-41007)

    kernel:tcp: Fix shift-out-of-bounds in dctcp_update_alpha().(CVE-2024-37356)

    md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING(CVE-2024-39476)

    md: fix resync softlockup when bitmap size is less than array size(CVE-2024-38598)

    media: imon: fix access to invalid resource for the second interface(CVE-2023-52754)

    net/mlx5: Add a timeout to acquire the command queue semaphore(CVE-2024-38556)

    net/mlx5: Discard command completions in internal error(CVE-2024-38555)

    net/mlx5e: Fix netif state handling(CVE-2024-38608)

    net/sched: act_skbmod: prevent kernel-infoleak(CVE-2024-35893)

    netfilter: bridge: replace physindev with physinif in nf_bridge_info(CVE-2024-35839)

    netfilter: ipset: fix performance regression in swap operation(CVE-2024-26910)

    netfilter: nf_tables: flush pending destroy work before exit_net release(CVE-2024-35899)

    netfilter: nf_tables: honor table dormant flag from netdev release event path(CVE-2024-36005)

    netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()(CVE-2024-36286)

    NFSD: Fix ia_size underflow(CVE-2022-48828)

    RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt(CVE-2024-38544)

    scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory(CVE-2024-40901)

    tipc: force a dst refcount before doing decryption(CVE-2024-40983)

    usb: config: fix iteration issue in 'usb_get_bos_descriptor()'(CVE-2023-52781)

    bcache: fix variable length array abuse in btree_iter(CVE-2024-39482)

    pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER(CVE-2024-42090)

    udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().(CVE-2024-41041)

    net: hns3: fix kernel crash when 1588 is received on HIP08 devices(CVE-2024-26881)

    bpf: Fix a segment issue when downgrading gso_size(CVE-2024-42281)

    quota: Fix potential NULL pointer dereference(CVE-2024-26878)

    rds: tcp: Fix use-after-free of net in reqsk_timer_handler().(CVE-2024-26865)

    io_uring: fix possible deadlock in io_register_iowq_max_workers()(CVE-2024-41080)

    ASoC: topology: Fix references to freed memory(CVE-2024-41069)

    crypto: hisilicon/sec - Fix memory leak for sec resource release(CVE-2024-41002)

    filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)

    x86: stop playing stack games in profile_pc()(CVE-2024-42096)

    iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected(CVE-2024-26891)

    xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)

    xfs: don't walk off the end of a directory data block(CVE-2024-41013)

    sched/deadline: Fix task_struct reference leak(CVE-2024-41023)

    of: module: prevent NULL pointer dereference in vsnprintf()(CVE-2024-35878)

    mm: avoid overflows in dirty throttling logic(CVE-2024-42131)

    drm/ nouveau: fix null pointer dereference in nouveau_connector_get_modes(CVE-2024-42101)

    crypto: ecdh - explicitly zeroize private_key(CVE-2024-42098)

    Fix userfaultfd_api to return EINVAL as expected(CVE-2024-41027)

    ftruncate: pass a signed offset(CVE-2024-42084)

    nvmet: fix a possible leak when destroy a ctrl during qp establishment(CVE-2024-42152)

    nvmet: always initialize cqe.result(CVE-2024-41079)

    crypto: aead,cipher - zeroize key buffer after use(CVE-2024-42229)

    Bluetooth: L2CAP: Fix not validating setsockopt user input(CVE-2024-35965)

    KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()(CVE-2024-40953)

    filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)

    USB: serial: mos7840: fix crash on resume(CVE-2024-42244)

    tty: add the option to have a tty reject a new ldisc(CVE-2024-40966)

    media: dvb-frontends: tda10048: Fix integer overflow(CVE-2024-42223)

    ata: libata-core: Fix double free on error(CVE-2024-41087)

    ata: libata-core: Fix null pointer dereference on error(CVE-2024-41098)

    leds: trigger: Unregister sysfs attributes before calling deactivate()(CVE-2024-43830)

    enic: Validate length of nl attributes in enic_set_vf_port(CVE-2024-38659)

    tap: add missing verification for short frame(CVE-2024-41090)

    tun: add missing verification for short frame(CVE-2024-41091)

    netfilter: tproxy: bail out if IP has been disabled on the device(CVE-2024-36270)

    ext4: make sure the first directory block is not a hole(CVE-2024-42304)

    ext4: fix infinite loop when replaying fast_commit(CVE-2024-43828)

    ppp: reject claimed-as-LCP but actually malformed packets(CVE-2024-41044)

    RDMA/restrack: Fix potential invalid address access(CVE-2024-42080)

    nvme-fabrics: use reserved tag for reg read/write command(CVE-2024-41082)

    bnx2x: Fix multiple UBSAN array-index-out-of-bounds(CVE-2024-42148)

    inet_diag: Initialize pad field in struct inet_diag_req_v2(CVE-2024-42106)

    bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD(CVE-2024-42161)

    drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)(CVE-2024-39497)

    drm/amd/display: Add NULL pointer check for kzalloc(CVE-2024-42122)

    net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket(CVE-2024-42246)

    net: phy: fix phy_get_internal_delay accessing an empty array(CVE-2024-27047)

    tcp_metrics: validate source addr length(CVE-2024-42154)

    netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)

    RDMA/hns: Modify the print level of CQE error(CVE-2024-38590)

    udp: do not accept non-tunnel GSO skbs landing in a tunnel(CVE-2024-35884)

    skmsg: Skip zero length skb in sk_msg_recvmsg(CVE-2024-41048)

    xdp: Remove WARN() from __xdp_reg_mem_model()(CVE-2024-42082)

    HID: core: remove unnecessary WARN_ON() in implement()(CVE-2024-39509)

    net: nexthop: Initialize all fields in dumped nexthops(CVE-2024-42283)

    IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)

    RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)

    ipvs: properly dereference pe in ip_vs_add_service(CVE-2024-42322)

    net: usb: qmi_wwan: fix memory leak for not ip packets(CVE-2024-43861)

    libceph: fix race between delayed_work() and ceph_monc_stop()(CVE-2024-42232)

    tipc: Return non-zero value from tipc_udp_addr2str() on error(CVE-2024-42284)

    drm/ nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes(CVE-2024-41089)

    netfilter: nf_tables: prefer nft_chain_validate(CVE-2024-41042)

    net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE(CVE-2024-42321)

    net/mlx5: Always drain health in shutdown callback(CVE-2024-43866)

    USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3190-1 advisory.

    The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
    - CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
    - CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
    - CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
    - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
    - CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
    - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
    - CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
    - CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
    - CVE-2024-44939: fix null ptr deref in dtInsertEntry (bsc#1229820).
    - CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
    - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
    - CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
    - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
    - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
    - CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
    - CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
    - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
    - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
    - CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
    - CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
    - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
    - CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
    - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
    - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
    - CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function     (bsc#1229569).
    - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
    - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
    - CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
    - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
    - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
    - CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
    - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
    - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
    - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
    - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
    - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
    - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
    - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
    - CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
    - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
    - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
    - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
    - CVE-2024-27016: Validate pppoe header (bsc#1223807).
    - CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
    - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
    - CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
    - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
    - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
    - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
    - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
    - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
    - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
    - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
    - CVE-2024-26677: Blacklist e7870cf13d20 ('rxrpc: Fix delayed ACKs to not set the reference serial     number') (bsc#1222387)
    - CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542)
    - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
    - CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
    - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
    - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
    - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
    - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
    - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
    - CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
    - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
    - CVE-2024-26669: Fix chain template offload (bsc#1222350).
    - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
    - CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
    - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
    - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
    - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
    - CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
    - CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
    - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
    - CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
    - CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
    - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
    - CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
    - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
    - CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
    - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
    - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
    - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
    - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
    - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
    - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
    - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
    - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
    - CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
    - CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
    - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
    - CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
    - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
    - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
    - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
    - CVE-2024-42139: Fix improper extts handling (bsc#1228503).
    - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
    - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
    - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
    - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
    - CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
    - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local     privilege escalation (bsc#1213580).
    - CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
    - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
    - CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613).
    - CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
    - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
    - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
    - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7089-3 advisory.

    Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the     device to be enabled before writing. A local attacker could possibly use this to cause a denial of     service. (CVE-2024-25741)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - MIPS architecture;

    - PA-RISC architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - x86 architecture;

    - Cryptographic API;

    - Serial ATA and Parallel ATA drivers;

    - Null block device driver;

    - Bluetooth drivers;

    - Cdrom driver;

    - Clock framework and drivers;

    - Hardware crypto device drivers;

    - CXL (Compute Express Link) drivers;

    - Cirrus firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - I2C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - Network drivers;

    - Microsoft Azure Network Adapter (MANA) driver;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - NVMEM (Non Volatile Memory) drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - S/390 drivers;

    - SCSI drivers;

    - Thermal drivers;

    - TTY drivers;

    - UFS subsystem;

    - USB DSL drivers;

    - USB core drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Serial drivers;

    - VFIO drivers;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - GFS2 file system;

    - JFFS2 file system;

    - JFS file system;

    - Network file systems library;

    - Network file system client;

    - NILFS2 file system;

    - NTFS3 file system;

    - SMB network file system;

    - Memory management;

    - Netfilter;

    - Tracing infrastructure;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Bluetooth subsystem;

    - CAN network layer;

    - Ceph Core library;

    - Networking core;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - MAC80211 subsystem;

    - Network traffic control;

    - Sun RPC protocol;

    - Wireless networking;

    - AMD SoC Alsa drivers;

    - SoC Audio for Freescale CPUs drivers;

    - MediaTek ASoC drivers;

    - SoC audio core drivers;

    - SOF drivers;

    - Sound sequencer drivers; (CVE-2024-42239, CVE-2024-42079, CVE-2024-41080, CVE-2024-42064,     CVE-2024-42127, CVE-2024-41049, CVE-2024-41086, CVE-2024-42142, CVE-2024-42244, CVE-2024-41060,     CVE-2024-42131, CVE-2024-42085, CVE-2024-42246, CVE-2024-41062, CVE-2024-42115, CVE-2024-42234,     CVE-2024-42080, CVE-2024-41095, CVE-2024-41063, CVE-2024-42227, CVE-2024-41089, CVE-2024-42133,     CVE-2024-43858, CVE-2024-42135, CVE-2024-42113, CVE-2024-42120, CVE-2024-42149, CVE-2024-42132,     CVE-2024-41038, CVE-2024-41069, CVE-2024-41090, CVE-2024-41059, CVE-2024-41028, CVE-2024-42126,     CVE-2024-42121, CVE-2024-42155, CVE-2024-42110, CVE-2024-41021, CVE-2024-41044, CVE-2024-42098,     CVE-2024-42235, CVE-2024-41083, CVE-2024-41065, CVE-2024-42094, CVE-2024-42229, CVE-2024-42240,     CVE-2024-42225, CVE-2024-42230, CVE-2024-41088, CVE-2024-42073, CVE-2024-42145, CVE-2024-42076,     CVE-2024-42087, CVE-2024-42241, CVE-2024-41019, CVE-2024-41052, CVE-2024-42093, CVE-2024-42063,     CVE-2024-41039, CVE-2024-42106, CVE-2024-42108, CVE-2024-42237, CVE-2024-41048, CVE-2024-41033,     CVE-2023-52888, CVE-2024-41096, CVE-2024-41032, CVE-2024-41091, CVE-2024-42238, CVE-2024-41056,     CVE-2024-42091, CVE-2024-42088, CVE-2024-41047, CVE-2024-42271, CVE-2024-41064, CVE-2024-42223,     CVE-2024-42129, CVE-2024-42102, CVE-2024-42146, CVE-2024-42138, CVE-2024-41079, CVE-2024-42232,     CVE-2024-42112, CVE-2024-39487, CVE-2024-42245, CVE-2024-41093, CVE-2024-41066, CVE-2024-43855,     CVE-2024-41055, CVE-2024-42100, CVE-2024-41053, CVE-2024-42069, CVE-2024-42252, CVE-2024-42243,     CVE-2024-42124, CVE-2024-41054, CVE-2024-42151, CVE-2024-42118, CVE-2024-42251, CVE-2024-42137,     CVE-2024-41071, CVE-2024-41010, CVE-2024-41087, CVE-2024-41050, CVE-2024-42068, CVE-2024-42158,     CVE-2024-41075, CVE-2024-42141, CVE-2024-42236, CVE-2024-41068, CVE-2024-42157, CVE-2024-42140,     CVE-2024-41058, CVE-2024-41076, CVE-2024-42097, CVE-2024-41029, CVE-2024-41097, CVE-2024-42109,     CVE-2024-41051, CVE-2024-41061, CVE-2024-42156, CVE-2024-42101, CVE-2024-41031, CVE-2024-41017,     CVE-2024-42247, CVE-2024-42128, CVE-2024-41085, CVE-2024-41072, CVE-2024-42248, CVE-2024-41045,     CVE-2024-42104, CVE-2024-42253, CVE-2024-42117, CVE-2024-41078, CVE-2024-42130, CVE-2024-42090,     CVE-2024-42280, CVE-2024-42250, CVE-2024-42231, CVE-2024-41042, CVE-2024-42077, CVE-2024-42153,     CVE-2024-41015, CVE-2024-41035, CVE-2024-41082, CVE-2024-42114, CVE-2024-41007, CVE-2024-41073,     CVE-2024-42161, CVE-2024-42082, CVE-2024-42150, CVE-2024-42111, CVE-2024-42086, CVE-2024-42095,     CVE-2024-41025, CVE-2024-41081, CVE-2024-42105, CVE-2024-41027, CVE-2024-42089, CVE-2024-39486,     CVE-2024-41084, CVE-2024-42092, CVE-2024-42152, CVE-2024-41022, CVE-2024-41077, CVE-2024-41098,     CVE-2024-41023, CVE-2024-42066, CVE-2024-41034, CVE-2024-41037, CVE-2024-41046, CVE-2023-52887,     CVE-2024-42147, CVE-2024-42065, CVE-2024-42096, CVE-2024-41018, CVE-2024-42067, CVE-2024-41041,     CVE-2024-42103, CVE-2024-42084, CVE-2024-42074, CVE-2024-41094, CVE-2024-42119, CVE-2024-41012,     CVE-2024-41020, CVE-2024-41074, CVE-2024-42144, CVE-2024-41067, CVE-2024-42070, CVE-2024-41057,     CVE-2024-41036, CVE-2024-42136, CVE-2024-41030, CVE-2024-41070, CVE-2024-41092)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    scsi: qedi: Fix crash while reading debugfs attribute(CVE-2024-40978)

    drm/ nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes(CVE-2024-41095)

    drm/ nouveau/debugfs: fix file release memory leak(CVE-2021-47423)

    USB: serial: mos7840: fix crash on resume(CVE-2024-42244)

    NFSD: Fix ia_size underflow(CVE-2022-48828)

    xhci: Fix command ring pointer corruption while aborting a command(CVE-2021-47434)

    ata: libata-core: Fix double free on error(CVE-2024-41087)

    xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)

    ftruncate: pass a signed offset(CVE-2024-42084)

    ext4: check dot and dotdot of dx_root before making dir indexed(CVE-2024-42305)

    ext4: make sure the first directory block is not a hole(CVE-2024-42304)

    leds: trigger: Unregister sysfs attributes before calling deactivate()(CVE-2024-43830)

    Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again'(CVE-2024-42102)

    filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)

    filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)

    protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)

    scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)

    exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)

    xhci: Fix null pointer dereference when host dies(CVE-2023-52898)

    mm: avoid overflows in dirty throttling logic(CVE-2024-42131)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc(CVE-2023-52880)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    drm/ nouveau: fix off by one in BIOS boundary checking(CVE-2022-48732)

    IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)

    drm/virtio: Fix GEM handle creation UAF(CVE-2022-48899)

    cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)

    net: usb: qmi_wwan: fix memory leak for not ip packets(CVE-2024-43861)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    netfilter: ctnetlink: use helper function to calculate expect ID(CVE-2024-44944)

    RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)

    KVM: x86/mmu: make apf token non-zero to fix bug(CVE-2022-48943)

    efi: fix NULL-deref in init error path(CVE-2022-48879)

    nvme-rdma: fix possible use-after-free in transport error_recovery work(CVE-2022-48788)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    tcp_metrics: validate source addr length(CVE-2024-42154)

    inet: inet_defrag: prevent sk release while still in use(CVE-2024-26921)

    net: hns3: do not allow call hns3_nic_net_open repeatedly(CVE-2021-47400)

    net/ipv6: avoid possible UAF in ip6_route_mpath_notify()(CVE-2024-26852)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    SUNRPC: Fix UAF in svc_tcp_listen_data_ready()(CVE-2023-52885)

    HID: core: remove unnecessary WARN_ON() in implement()(CVE-2024-39509)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    x86: stop playing stack games in profile_pc()(CVE-2024-42096)

    ASoC: topology: Fix references to freed memory(CVE-2024-41069)

    crypto: aead,cipher - zeroize key buffer after use(CVE-2024-42229)

    ata: libata-core: Fix double free on error(CVE-2024-41087)

    media: dvb-frontends: tda10048: Fix integer overflow(CVE-2024-42223)

    xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)

    USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)

    ftruncate: pass a signed offset(CVE-2024-42084)

    filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)

    filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)

    thermal: int340x: fix memory leak in int3400_notify()(CVE-2022-48924)

    ext4: check dot and dotdot of dx_root before making dir indexed(CVE-2024-42305)

    scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)

    scsi: qla2xxx: Fix for possible memory corruption(CVE-2024-42288)

    exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    xhci: Fix null pointer dereference when host dies(CVE-2023-52898)

    dev/parport: fix the array out-of-bounds risk(CVE-2024-42301)

    mm: avoid overflows in dirty throttling logic(CVE-2024-42131)

    IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)

    RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)

    tipc: Return non-zero value from tipc_udp_addr2str() on error(CVE-2024-42284)

    netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)

    bnx2x: Fix multiple UBSAN array-index-out-of-bounds(CVE-2024-42148)

    libceph: fix race between delayed_work() and ceph_monc_stop()(CVE-2024-42232)

    mISDN: Fix a use after free in hfcmulti_tx()(CVE-2024-42280)

    cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)

    protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak(CVE-2021-47296)

    KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()(CVE-2024-40953)

    KVM: x86/mmu: make apf token non-zero to fix bug(CVE-2022-48943)

    udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().(CVE-2024-41041)

    ppp: reject claimed-as-LCP but actually malformed packets(CVE-2024-41044)

    enic: Validate length of nl attributes in enic_set_vf_port(CVE-2024-38659)

    RDMA/ib_srp: Fix a deadlock(CVE-2022-48930)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    mISDN: fix possible use-after-free in HFC_cleanup()(CVE-2021-47356)

    mISDN: Fix memory leak in dsp_pipeline_build()(CVE-2022-48863)

    media: xc2028: avoid use-after-free in load_firmware_cb()(CVE-2024-43900)

    tcp_metrics: validate source addr length(CVE-2024-42154)

    x86/mtrr: Check if fixed MTRRs exist before saving them(CVE-2024-44948)

    tap: add missing verification for short frame(CVE-2024-41090)

    tun: add missing verification for short frame(CVE-2024-41091)

    media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer(CVE-2023-52915)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again'(CVE-2024-42102)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    kernel: netfilter: conntrack: serialize hash resizes and cleanups(CVE-2021-47408)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

    VMCI: Fix use-after-free when removing resource in vmci_resource_remove()(CVE-2024-46738)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7089-5 advisory.

    Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the     device to be enabled before writing. A local attacker could possibly use this to cause a denial of     service. (CVE-2024-25741)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - MIPS architecture;

    - PA-RISC architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - x86 architecture;

    - Cryptographic API;

    - Serial ATA and Parallel ATA drivers;

    - Null block device driver;

    - Bluetooth drivers;

    - Cdrom driver;

    - Clock framework and drivers;

    - Hardware crypto device drivers;

    - CXL (Compute Express Link) drivers;

    - Cirrus firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - I2C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - Network drivers;

    - Microsoft Azure Network Adapter (MANA) driver;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - NVMEM (Non Volatile Memory) drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - S/390 drivers;

    - SCSI drivers;

    - Thermal drivers;

    - TTY drivers;

    - UFS subsystem;

    - USB DSL drivers;

    - USB core drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Serial drivers;

    - VFIO drivers;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - GFS2 file system;

    - JFFS2 file system;

    - JFS file system;

    - Network file systems library;

    - Network file system client;

    - NILFS2 file system;

    - NTFS3 file system;

    - SMB network file system;

    - Memory management;

    - Netfilter;

    - Tracing infrastructure;

    - io_uring subsystem;

    - BPF subsystem;

    - Core kernel;

    - Bluetooth subsystem;

    - CAN network layer;

    - Ceph Core library;

    - Networking core;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - MAC80211 subsystem;

    - Network traffic control;

    - Sun RPC protocol;

    - Wireless networking;

    - AMD SoC Alsa drivers;

    - SoC Audio for Freescale CPUs drivers;

    - MediaTek ASoC drivers;

    - SoC audio core drivers;

    - SOF drivers;

    - Sound sequencer drivers; (CVE-2024-42223, CVE-2024-42244, CVE-2024-42105, CVE-2024-42100,     CVE-2024-42235, CVE-2024-41007, CVE-2024-41047, CVE-2024-42088, CVE-2024-42079, CVE-2024-41053,     CVE-2024-41094, CVE-2024-42227, CVE-2024-42253, CVE-2024-42150, CVE-2024-41049, CVE-2024-42096,     CVE-2024-42093, CVE-2024-41079, CVE-2024-41037, CVE-2024-42129, CVE-2024-41031, CVE-2024-39486,     CVE-2024-41065, CVE-2024-42101, CVE-2024-41082, CVE-2024-42135, CVE-2024-42236, CVE-2024-41078,     CVE-2024-42098, CVE-2024-41056, CVE-2024-41096, CVE-2024-41074, CVE-2024-42246, CVE-2024-42137,     CVE-2024-42232, CVE-2024-42121, CVE-2024-41093, CVE-2024-41076, CVE-2024-42157, CVE-2024-41062,     CVE-2024-42104, CVE-2024-42085, CVE-2024-41092, CVE-2024-41034, CVE-2024-41036, CVE-2024-41072,     CVE-2024-41012, CVE-2024-39487, CVE-2024-42124, CVE-2024-42065, CVE-2024-41061, CVE-2024-41064,     CVE-2024-41091, CVE-2024-42119, CVE-2024-41088, CVE-2024-42089, CVE-2024-41048, CVE-2024-41032,     CVE-2024-41020, CVE-2024-42066, CVE-2024-42068, CVE-2024-42238, CVE-2024-41069, CVE-2024-41044,     CVE-2024-41025, CVE-2024-42161, CVE-2023-52887, CVE-2024-42127, CVE-2024-42239, CVE-2024-42149,     CVE-2024-42091, CVE-2024-42097, CVE-2024-41054, CVE-2024-41041, CVE-2024-42131, CVE-2024-41089,     CVE-2024-41018, CVE-2024-42067, CVE-2024-41039, CVE-2024-42128, CVE-2024-42248, CVE-2024-41090,     CVE-2024-42073, CVE-2024-43858, CVE-2024-42225, CVE-2024-42077, CVE-2024-42247, CVE-2024-42109,     CVE-2024-41045, CVE-2024-41019, CVE-2024-42231, CVE-2024-41017, CVE-2024-42145, CVE-2024-41046,     CVE-2024-42063, CVE-2024-41087, CVE-2024-41033, CVE-2024-41021, CVE-2024-42241, CVE-2024-42229,     CVE-2024-41015, CVE-2024-42087, CVE-2024-42133, CVE-2024-41073, CVE-2024-42070, CVE-2024-41067,     CVE-2024-41077, CVE-2024-42102, CVE-2024-42158, CVE-2024-42126, CVE-2024-41042, CVE-2024-41055,     CVE-2024-42092, CVE-2024-42114, CVE-2024-41059, CVE-2024-41058, CVE-2024-41071, CVE-2024-42144,     CVE-2024-42146, CVE-2024-41084, CVE-2024-42155, CVE-2024-42245, CVE-2024-42156, CVE-2024-41050,     CVE-2024-42141, CVE-2024-42095, CVE-2024-41097, CVE-2024-42103, CVE-2024-42152, CVE-2024-42140,     CVE-2024-41023, CVE-2024-41083, CVE-2024-42138, CVE-2024-42271, CVE-2024-42252, CVE-2024-42237,     CVE-2024-42132, CVE-2024-41098, CVE-2024-42086, CVE-2024-41063, CVE-2024-42153, CVE-2024-41070,     CVE-2024-42115, CVE-2024-42111, CVE-2024-42142, CVE-2024-42069, CVE-2024-41027, CVE-2024-42130,     CVE-2024-42090, CVE-2024-42251, CVE-2024-42118, CVE-2024-41060, CVE-2024-41029, CVE-2024-41095,     CVE-2024-41038, CVE-2024-42243, CVE-2024-42112, CVE-2024-41035, CVE-2024-42240, CVE-2024-41066,     CVE-2024-41085, CVE-2024-42082, CVE-2024-42117, CVE-2024-42250, CVE-2024-41080, CVE-2024-42147,     CVE-2024-41081, CVE-2024-42113, CVE-2023-52888, CVE-2024-42136, CVE-2024-41057, CVE-2024-41086,     CVE-2024-42064, CVE-2024-42234, CVE-2024-42076, CVE-2024-42084, CVE-2024-42094, CVE-2024-42230,     CVE-2024-41068, CVE-2024-43855, CVE-2024-42080, CVE-2024-41052, CVE-2024-41051, CVE-2024-42074,     CVE-2024-41010, CVE-2024-41028, CVE-2024-41030, CVE-2024-41022, CVE-2024-42120, CVE-2024-42108,     CVE-2024-41075, CVE-2024-42106, CVE-2024-42280, CVE-2024-42110, CVE-2024-42151)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

USB: core: duplicate endpoint bug.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	Name	Product	Family	Published	Updated	Severity
207332	SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3252-1)	Nessus	SuSE Local Security Checks	9/17/2024	9/24/2025	high
207938	RockyLinux 8 : kernel-rt (RLSA-2024:7001)	Nessus	Rocky Linux Local Security Checks	9/30/2024	9/24/2025	high
207738	Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7009-2)	Nessus	Ubuntu Local Security Checks	9/25/2024	9/24/2025	high
206955	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3195-1)	Nessus	SuSE Local Security Checks	9/11/2024	9/24/2025	high
251026	RHEL 9 : kernel (RHSA-2025:13946)	Nessus	Red Hat Local Security Checks	8/18/2025	8/18/2025	high
208398	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2585)	Nessus	Huawei Local Security Checks	10/9/2024	10/13/2025	high
206957	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3190-1)	Nessus	SuSE Local Security Checks	9/11/2024	9/24/2025	high
210531	Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7089-3)	Nessus	Ubuntu Local Security Checks	11/7/2024	9/24/2025	high
210643	EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-2888)	Nessus	Huawei Local Security Checks	11/8/2024	11/8/2024	high
210652	EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-2907)	Nessus	Huawei Local Security Checks	11/8/2024	11/8/2024	high
211360	Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7089-5)	Nessus	Ubuntu Local Security Checks	11/14/2024	9/24/2025	high
213470	Debian dla-4008 : linux-config-6.1 - security update	Nessus	Debian Local Security Checks	1/3/2025	10/28/2025	critical
504502	Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41035)	Tenable OT Security	Tenable.ot	11/18/2025	11/18/2025	high

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high

high

high

high

high

critical

high