According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    vsock/virtio: free queued packets when closing socket(CVE-2021-47024)

    KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak(CVE-2021-47296)

    kernel:RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests(CVE-2021-47391)

    net: hns3: do not allow call hns3_nic_net_open repeatedly(CVE-2021-47400)

    drm/ nouveau/debugfs: fix file release memory leak(CVE-2021-47423)

    xhci: Fix command ring pointer corruption while aborting a command(CVE-2021-47434)

    net/tls: Fix flipped sign in tls_err_abort() calls(CVE-2021-47496)

    drm/ nouveau: fix off by one in BIOS boundary checking(CVE-2022-48732)

    nvme-rdma: fix possible use-after-free in transport error_recovery work(CVE-2022-48788)

    NFSD: Fix ia_size underflow(CVE-2022-48828)

    net-sysfs: add check for netdevice being present to speed_show(CVE-2022-48850)

    efi: fix NULL-deref in init error path(CVE-2022-48879)

    drm/virtio: Fix GEM handle creation UAF(CVE-2022-48899)

    netfilter: nf_queue: fix possible use-after-free(CVE-2022-48911)

    netfilter: fix use-after-free in __nf_register_net_hook()(CVE-2022-48912)

    RDMA/ib_srp: Fix a deadlock(CVE-2022-48930)

    KVM: x86/mmu: make apf token non-zero to fix bug(CVE-2022-48943)

    tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc(CVE-2023-52880)

    SUNRPC: Fix UAF in svc_tcp_listen_data_ready()(CVE-2023-52885)

    xhci: Fix null pointer dereference when host dies(CVE-2023-52898)

    create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero     bytes, and crash, because of a missing check for ubi-leb_size.(CVE-2024-25739)

    dm-crypt: don't modify the data when using authenticated encryption(CVE-2024-26763)

    net/ipv6: avoid possible UAF in ip6_route_mpath_notify()(CVE-2024-26852)

    inet: inet_defrag: prevent sk release while still in use(CVE-2024-26921)

    drm/client: Fully protect modes[] with dev-mode_config.mutex(CVE-2024-35950)

    netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()(CVE-2024-36286)

    kernel:ima: Fix use-after-free on a dentry's dname.name(CVE-2024-39494)

    HID: core: remove unnecessary WARN_ON() in implement()(CVE-2024-39509)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    scsi: qedi: Fix crash while reading debugfs attribute(CVE-2024-40978)

    filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)

    xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)

    filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)

    USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)

    ppp: reject claimed-as-LCP but actually malformed packets(CVE-2024-41044)

    ata: libata-core: Fix double free on error(CVE-2024-41087)

    drm/ nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes(CVE-2024-41095)

    netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)

    ftruncate: pass a signed offset(CVE-2024-42084)

    pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER(CVE-2024-42090)

    Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again'(CVE-2024-42102)

    inet_diag: Initialize pad field in struct inet_diag_req_v2(CVE-2024-42106)

    mm: avoid overflows in dirty throttling logic(CVE-2024-42131)

    IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)

    bnx2x: Fix multiple UBSAN array-index-out-of-bounds(CVE-2024-42148)

    tcp_metrics: validate source addr length(CVE-2024-42154)

    libceph: fix race between delayed_work() and ceph_monc_stop()(CVE-2024-42232)

    USB: serial: mos7840: fix crash on resume(CVE-2024-42244)

    protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)

    RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    ext4: make sure the first directory block is not a hole(CVE-2024-42304)

    ext4: check dot and dotdot of dx_root before making dir indexed(CVE-2024-42305)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    leds: trigger: Unregister sysfs attributes before calling deactivate()(CVE-2024-43830)

    cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    net: usb: qmi_wwan: fix memory leak for not ip packets(CVE-2024-43861)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    netfilter: ctnetlink: use helper function to calculate expect ID(CVE-2024-44944)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    kernel:SUNRPC: fix a memleak in gss_import_v2_context(CVE-2023-52653)

    apparmor: Fix null pointer deref when receiving skb during sock creation(CVE-2023-52889)

    protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)

    tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc(CVE-2023-52880)

    padata: Fix possible divide-by-0 panic in padata_mt_helper()(CVE-2024-43889)

    dev/parport: fix the array out-of-bounds risk(CVE-2024-42301)

    netfilter: ctnetlink: use helper function to calculate expect ID(CVE-2024-44944)

    netns: Make get_net_ns() handle zero refcount net(CVE-2024-40958)

    ipv6: fix possible UAF in ip6_finish_output2()(CVE-2024-44986)

    kvm: s390: Reject memory region operations for ucontrol VMs(CVE-2024-43819)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)

    gpio: prevent potential speculation leaks in gpio_device_get_desc()(CVE-2024-44931)

    ipv6: prevent possible NULL deref in fib6_nh_init()(CVE-2024-40961)

    cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)

    drm/vmwgfx: Fix a deadlock in dma buf fence polling(CVE-2024-43863)

    io_uring: lock overflowing for IOPOLL(CVE-2023-52903)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    scsi: qla2xxx: Fix for possible memory corruption(CVE-2024-42288)

    dmaengine: idxd: Prevent use after free on completion memory(CVE-2022-48867)

    x86/mtrr: Check if fixed MTRRs exist before saving them(CVE-2024-44948)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    block: initialize integrity buffer to zero before writing it to media(CVE-2024-43854)

    media: xc2028: avoid use-after-free in load_firmware_cb()(CVE-2024-43900)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    lib: objagg: Fix general protection fault(CVE-2024-43846)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    drm/client: fix null pointer dereference in drm_client_modeset_probe(CVE-2024-43894)

    drm/qxl: Add check for drm_cvt_mode(CVE-2024-43829)

    userfaultfd: fix checks for huge PMDs(CVE-2024-46787)

    md: fix deadlock between mddev_suspend and flush bio(CVE-2024-43855)

    udf: Avoid excessive partition lengths(CVE-2024-46777)

    uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (CVE-2024-46739)

    In the Linux kernel, the following vulnerability has been resolved:memcg_write_event_control(): fix a     user-triggerable oops  we are *not* guaranteed that anything past the terminating NUL is mapped (let alone     initialized with anything sane).(CVE-2024-45021)

    scsi: aacraid: Fix double-free on probe failure(CVE-2024-46673)

    Squashfs: sanity check symbolic link size(CVE-2024-46744)

    apparmor: fix possible NULL pointer dereference(CVE-2024-46721)

    of/irq: Prevent device address out-of-bounds read in interrupt map walk(CVE-2024-46743)

    PCI: Add missing bridge lock to pci_bus_lock()(CVE-2024-46750)

    fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE(CVE-2024-45025)

    usb: typec: ucsi: Fix null pointer dereference in trace(CVE-2024-46719)

    thunderbolt: Mark XDomain as unplugged when router is removed(CVE-2024-46702)

    selinux,smack: don't bypass permissions check in inode_setsecctx hook(CVE-2024-46695)

    VMCI: Fix use-after-free when removing resource in vmci_resource_remove()(CVE-2024-46738)

    drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links(CVE-2024-46816)

    drm/amd/display: Check msg_id before processing transcation(CVE-2024-46814)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

    nvmet-tcp: fix kernel crash if commands allocation fails(CVE-2024-46737)

    drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[](CVE-2024-46815)

    ice: Add netif_device_attach/detach into PF reset flow(CVE-2024-46770)

    driver: iio: add missing checks on iio_info's callback access(CVE-2024-46715)

    pktgen: use cpus_read_lock() in pg_net_init()(CVE-2024-46681)

    drm/amd/display: Check link_index before accessing dc-links[](CVE-2024-46813)

    drm/amd/display: Assign linear_pitch_alignment even for VM(CVE-2024-46732)

    rtmutex: Drop rt_mutex::wait_lock before scheduling(CVE-2024-46829)

    perf/aux: Fix AUX buffer serialization(CVE-2024-46713)

    Input: MT - limit max slots(CVE-2024-45008)

    SUNRPC: lock against -sock changing during sysfs read(CVE-2022-48816)

    inet: inet_defrag: prevent sk release while still in use(CVE-2024-26921)

    rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation(CVE-2024-36017)

    xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING(CVE-2024-35976)

    netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()(CVE-2024-35898)

    net: atlantic: eliminate double free in error handling logic(CVE-2023-52664)

    In the Linux kernel, the following vulnerability has been resolved:USB: usbtmc: prevent kernel-usb-     infoleak  The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before     filling fields.(CVE-2024-47671)

    ELF: fix kernel.randomize_va_space double read(CVE-2024-46826)

    vfs: Don't evict inode under the inode lru traversing context(CVE-2024-45003)

    perf/x86/intel: Limit the period on Haswell(CVE-2024-46848)

    platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses(CVE-2024-46859)

    arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry(CVE-2024-46822)

    ethtool: fail closed if we can't get max channel used in indirection tables(CVE-2024-46834)

    netem: fix return value if duplicate enqueue fails(CVE-2024-45016)

    ethtool: check device is present when getting link settings(CVE-2024-46679)

    In the Linux kernel, the following vulnerability has been resolved:iommu: Return right value in     iommu_sva_bind_device()  iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR     value in error cases. Existing drivers (idxd and uacce) only check the return value with IS_ERR(). This     could potentially lead to a kernel NULL pointer dereference issue if the function returns NULL instead of     an error pointer.  In reality, this doesn't cause any problems because iommu_sva_bind_device() only     returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA. In this case,     iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) will return an error, and the device drivers won't call     iommu_sva_bind_device() at all.(CVE-2024-40945)

    xdp: fix invalid wait context of page_pool_destroy()(CVE-2024-43834)

    mlxsw: spectrum_acl_erp: Fix object nesting warning(CVE-2024-43880)

    virtio_net: Fix napi_skb_cache_put warning (CVE-2024-43835)

    tcp_bpf: fix return value of tcp_bpf_sendmsg()(CVE-2024-46783)

    drm/vmwgfx: Remove rcu locks from user resources(CVE-2022-48887)

    bonding: fix xfrm real_dev null pointer dereference(CVE-2024-44989)

    bonding: fix null pointer deref in bond_ipsec_offload_ok(CVE-2024-44990)

    net: core: reject skb_copy(_expand) for fraglist GSO skbs(CVE-2024-36929)

    block, bfq: fix possible UAF for bfqq-bic with merge chain(CVE-2024-47706)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    ipvlan: Dont Use skb-sk in ipvlan_process_v{4,6}_outbound(CVE-2024-33621)

    In the Linux kernel, the following vulnerability has been resolved:net: ena: Add validation for completion     descriptors consistency  Validate that `first` flag is set only for the first descriptor in multi-buffer     packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption     has been added.(CVE-2024-40999)

    net: hns3: fix kernel crash problem in concurrent scenario (CVE-2024-39507)

    net/mlx5: Fix bridge mode operations when there are no VFs(CVE-2024-46857)

    KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3(CVE-2024-46707)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    net: hns3: fix a deadlock problem when config TC during resetting(CVE-2024-44995)

    fsnotify: clear PARENT_WATCHED flags lazily(CVE-2024-47660)

    sctp: Fix null-ptr-deref in reuseport_add_sock()(CVE-2024-44935)

    bpf: Take return from set_memory_rox() into account with bpf_jit_binary_lock_ro()(CVE-2024-42067)

    In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from set_memory_ro()     into account with bpf_prog_lock_ro() set_memory_ro() can fail, leaving memory unprotected. Check its     return and take it into account as an error.(CVE-2024-42068)

    fuse: Initialize beyond-EOF page contents before setting uptodate(CVE-2024-44947)

    i2c: core: Run atomic i2c xfer when !preemptible(CVE-2023-52791)

    nvme: avoid double free special payload(CVE-2024-41073)

    drm/amd/display: Fix index out of bounds in degamma hardware format translation(CVE-2024-49894)

    drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error(CVE-2024-47698)

    cifs: Fix buffer overflow when parsing NFS reparse points(CVE-2024-49996)

    netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()(CVE-2024-47685)

    net: do not delay dst_entries_add() in dst_release()(CVE-2024-50036)

    ppp: fix ppp_async_encode() illegal access(CVE-2024-50035)

    ACPI: sysfs: validate return type of _STR method(CVE-2024-49860)

    nbd: fix race between timeout and normal completion(CVE-2024-49855)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7156-1 advisory.

    Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the     device to be enabled before writing. A local attacker could possibly use this to cause a denial of     service. (CVE-2024-25741)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - ARM64 architecture;

    - MIPS architecture;

    - PA-RISC architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Ublk userspace block driver;

    - Bluetooth drivers;

    - Cdrom driver;

    - Character device driver;

    - Clock framework and drivers;

    - Hardware crypto device drivers;

    - CXL (Compute Express Link) drivers;

    - Buffer Sharing and Synchronization framework;

    - DMA engine subsystem;

    - Cirrus firmware drivers;

    - Qualcomm firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I2C subsystem;

    - I3C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Mailbox framework;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Ethernet bonding driver;

    - Network drivers;

    - Mellanox network drivers;

    - Microsoft Azure Network Adapter (MANA) driver;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - NVMEM (Non Volatile Memory) drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - Power supply drivers;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI subsystem;

    - QCOM SoC drivers;

    - SPI subsystem;

    - Direct Digital Synthesis drivers;

    - Thermal drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - UFS subsystem;

    - Userspace I/O drivers;

    - USB DSL drivers;

    - USB core drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Serial drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VFIO drivers;

    - Virtio Host (VHOST) subsystem;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - GFS2 file system;

    - JFFS2 file system;

    - JFS file system;

    - Network file systems library;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - NILFS2 file system;

    - File system notification infrastructure;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Tracing file system;

    - Bitmap API;

    - BPF subsystem;

    - Syscall compatibility layer;

    - Memory Management;

    - Memory management;

    - Objagg library;

    - Perf events;

    - Syscall interfaces;

    - Virtio network driver;

    - VMware vSockets driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - Netfilter;

    - Tracing infrastructure;

    - io_uring subsystem;

    - Control group (cgroup);

    - DMA mapping infrastructure;

    - Locking primitives;

    - Padata parallel execution mechanism;

    - Scheduler infrastructure;

    - Closures library;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - KUnit for arithmetic overflow checks;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Ceph Core library;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - SELinux security module;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - AMD SoC Alsa drivers;

    - Texas InstrumentS Audio (ASoC/HDA) drivers;

    - SoC Audio for Freescale CPUs drivers;

    - Intel ASoC drivers;

    - MediaTek ASoC drivers;

    - Amlogic Meson SoC drivers;

    - SoC audio core drivers;

    - SOF drivers;

    - Sound sequencer drivers;

    - USB sound devices;

    - Real-Time Linux Analysis tools; (CVE-2024-43911, CVE-2024-46762, CVE-2024-46794, CVE-2024-43843,     CVE-2024-42229, CVE-2024-43888, CVE-2024-44978, CVE-2024-46693, CVE-2024-46695, CVE-2024-42290,     CVE-2024-42067, CVE-2024-45012, CVE-2024-42316, CVE-2024-47665, CVE-2024-41052, CVE-2024-42074,     CVE-2024-41058, CVE-2024-44975, CVE-2024-46709, CVE-2024-46871, CVE-2024-42090, CVE-2024-42296,     CVE-2024-42096, CVE-2024-42146, CVE-2024-46855, CVE-2024-39487, CVE-2024-43825, CVE-2024-42066,     CVE-2024-42126, CVE-2024-41022, CVE-2024-41025, CVE-2023-52888, CVE-2024-46702, CVE-2024-42269,     CVE-2024-41082, CVE-2024-42284, CVE-2024-42227, CVE-2024-41017, CVE-2024-42250, CVE-2024-46778,     CVE-2024-47661, CVE-2024-46727, CVE-2024-46845, CVE-2024-44953, CVE-2024-47659, CVE-2024-42137,     CVE-2024-42245, CVE-2024-41096, CVE-2024-46829, CVE-2024-41053, CVE-2024-46782, CVE-2024-44972,     CVE-2024-41095, CVE-2024-42239, CVE-2024-42127, CVE-2024-42292, CVE-2024-46752, CVE-2024-46679,     CVE-2024-41076, CVE-2024-46784, CVE-2024-46786, CVE-2024-46678, CVE-2024-44957, CVE-2024-46755,     CVE-2024-47660, CVE-2024-41067, CVE-2024-46838, CVE-2024-43879, CVE-2024-45007, CVE-2024-45025,     CVE-2024-45001, CVE-2024-41009, CVE-2024-41051, CVE-2024-46836, CVE-2024-49984, CVE-2024-45028,     CVE-2024-43871, CVE-2024-46783, CVE-2024-42272, CVE-2024-42087, CVE-2024-46785, CVE-2024-42276,     CVE-2024-47658, CVE-2024-46761, CVE-2024-46715, CVE-2024-46676, CVE-2024-43824, CVE-2024-42100,     CVE-2024-46745, CVE-2024-41084, CVE-2024-41086, CVE-2024-45015, CVE-2024-46797, CVE-2024-42160,     CVE-2024-46706, CVE-2024-46803, CVE-2024-46708, CVE-2024-47669, CVE-2024-45009, CVE-2024-41021,     CVE-2024-42159, CVE-2024-42321, CVE-2024-46868, CVE-2024-41078, CVE-2024-42303, CVE-2024-45027,     CVE-2024-42309, CVE-2024-43849, CVE-2024-43907, CVE-2024-43899, CVE-2024-43823, CVE-2024-42232,     CVE-2024-44937, CVE-2024-41046, CVE-2024-42237, CVE-2024-42063, CVE-2024-42065, CVE-2024-42154,     CVE-2024-42259, CVE-2024-46698, CVE-2024-46741, CVE-2024-45020, CVE-2024-42151, CVE-2024-41073,     CVE-2024-46719, CVE-2024-42295, CVE-2024-46859, CVE-2024-41035, CVE-2024-46751, CVE-2024-47667,     CVE-2024-46728, CVE-2024-46824, CVE-2024-42121, CVE-2024-46776, CVE-2024-46768, CVE-2024-43908,     CVE-2024-43900, CVE-2024-46707, CVE-2024-44934, CVE-2024-41062, CVE-2024-42304, CVE-2024-42312,     CVE-2024-42157, CVE-2024-41092, CVE-2024-41041, CVE-2024-43832, CVE-2024-41039, CVE-2024-44962,     CVE-2024-46858, CVE-2024-43856, CVE-2024-41060, CVE-2024-45010, CVE-2024-41044, CVE-2024-44942,     CVE-2024-42307, CVE-2024-44984, CVE-2024-41075, CVE-2024-43817, CVE-2024-46791, CVE-2024-46853,     CVE-2024-42301, CVE-2024-44993, CVE-2024-41094, CVE-2024-27022, CVE-2024-41088, CVE-2024-43883,     CVE-2024-41087, CVE-2024-46780, CVE-2024-42070, CVE-2024-44965, CVE-2024-46823, CVE-2024-46737,     CVE-2024-44982, CVE-2024-46697, CVE-2024-45021, CVE-2024-44987, CVE-2024-41072, CVE-2024-41063,     CVE-2024-46757, CVE-2024-46831, CVE-2024-44966, CVE-2024-42322, CVE-2024-42231, CVE-2024-46717,     CVE-2024-41065, CVE-2024-44969, CVE-2023-52887, CVE-2024-42105, CVE-2024-44971, CVE-2024-46798,     CVE-2024-42262, CVE-2024-44938, CVE-2024-42088, CVE-2024-44970, CVE-2024-43876, CVE-2024-46800,     CVE-2024-42086, CVE-2024-43826, CVE-2024-46729, CVE-2024-46747, CVE-2024-46691, CVE-2024-46723,     CVE-2024-41018, CVE-2024-42258, CVE-2024-41081, CVE-2024-41049, CVE-2024-43837, CVE-2024-45008,     CVE-2024-41047, CVE-2024-41019, CVE-2024-42152, CVE-2024-41090, CVE-2024-46716, CVE-2024-42104,     CVE-2024-46804, CVE-2024-43852, CVE-2024-42129, CVE-2024-46870, CVE-2024-41093, CVE-2024-45011,     CVE-2024-41064, CVE-2024-46722, CVE-2024-42286, CVE-2024-45026, CVE-2024-46818, CVE-2024-42281,     CVE-2024-43854, CVE-2024-41037, CVE-2024-44946, CVE-2024-41012, CVE-2024-41098, CVE-2024-42263,     CVE-2024-42095, CVE-2024-46756, CVE-2024-43913, CVE-2024-46822, CVE-2024-44944, CVE-2024-42156,     CVE-2024-42073, CVE-2024-42093, CVE-2024-44931, CVE-2024-42223, CVE-2024-42264, CVE-2024-42278,     CVE-2024-46759, CVE-2024-46826, CVE-2024-43828, CVE-2024-42318, CVE-2024-42240, CVE-2024-45000,     CVE-2024-43909, CVE-2024-46792, CVE-2024-42109, CVE-2024-43867, CVE-2024-42130, CVE-2024-42244,     CVE-2024-44977, CVE-2024-46774, CVE-2024-41030, CVE-2024-42310, CVE-2024-42138, CVE-2024-42317,     CVE-2024-42224, CVE-2024-46694, CVE-2024-46815, CVE-2024-46677, CVE-2024-46763, CVE-2024-46860,     CVE-2024-46767, CVE-2024-42111, CVE-2024-41020, CVE-2024-46726, CVE-2024-42117, CVE-2024-43831,     CVE-2024-42285, CVE-2024-46842, CVE-2024-43857, CVE-2024-41031, CVE-2024-43834, CVE-2024-42135,     CVE-2024-42241, CVE-2024-46846, CVE-2024-44988, CVE-2024-43892, CVE-2024-44991, CVE-2024-46806,     CVE-2024-41015, CVE-2024-43906, CVE-2024-42238, CVE-2024-46779, CVE-2024-41010, CVE-2024-41068,     CVE-2024-46730, CVE-2024-46827, CVE-2024-42120, CVE-2024-41059, CVE-2024-46850, CVE-2023-52889,     CVE-2024-45017, CVE-2024-45003, CVE-2024-46844, CVE-2024-46816, CVE-2024-46811, CVE-2024-41023,     CVE-2024-44948, CVE-2024-46753, CVE-2024-45002, CVE-2024-42251, CVE-2024-46713, CVE-2024-42273,     CVE-2024-46733, CVE-2024-46739, CVE-2024-42108, CVE-2024-41085, CVE-2024-41033, CVE-2024-42298,     CVE-2024-46835, CVE-2024-39472, CVE-2024-47663, CVE-2024-43859, CVE-2024-43820, CVE-2024-42118,     CVE-2024-41036, CVE-2024-47683, CVE-2024-42161, CVE-2024-42235, CVE-2024-43861, CVE-2024-43863,     CVE-2024-47668, CVE-2024-46685, CVE-2024-43864, CVE-2024-46749, CVE-2024-44983, CVE-2024-46841,     CVE-2024-42082, CVE-2024-43818, CVE-2024-41071, CVE-2024-45006, CVE-2024-42080, CVE-2024-46825,     CVE-2024-46687, CVE-2024-44959, CVE-2024-43835, CVE-2024-43891, CVE-2024-46851, CVE-2024-42248,     CVE-2024-42103, CVE-2024-42079, CVE-2024-42068, CVE-2024-47664, CVE-2024-46854, CVE-2024-44973,     CVE-2024-42077, CVE-2024-46821, CVE-2024-43886, CVE-2024-41089, CVE-2024-43850, CVE-2024-44995,     CVE-2024-46809, CVE-2024-42084, CVE-2024-46758, CVE-2024-47662, CVE-2024-43839, CVE-2024-46738,     CVE-2024-41034, CVE-2024-42228, CVE-2024-42147, CVE-2024-43855, CVE-2024-41032, CVE-2024-46819,     CVE-2024-44989, CVE-2024-42265, CVE-2024-42110, CVE-2024-42155, CVE-2024-45005, CVE-2024-45016,     CVE-2024-42141, CVE-2024-43821, CVE-2024-42299, CVE-2024-44950, CVE-2024-42279, CVE-2024-44943,     CVE-2024-43904, CVE-2024-42268, CVE-2024-42089, CVE-2024-46807, CVE-2024-44996, CVE-2024-42069,     CVE-2024-46672, CVE-2024-44940, CVE-2024-42270, CVE-2024-46735, CVE-2024-42319, CVE-2024-46754,     CVE-2024-46861, CVE-2024-42277, CVE-2024-41054, CVE-2024-42131, CVE-2024-41056, CVE-2024-44963,     CVE-2024-42267, CVE-2024-42283, CVE-2024-42320, CVE-2024-46740, CVE-2024-46787, CVE-2024-43895,     CVE-2024-43881, CVE-2024-44961, CVE-2024-43910, CVE-2024-43875, CVE-2024-42289, CVE-2024-43853,     CVE-2024-42315, CVE-2024-43884, CVE-2024-46867, CVE-2024-43912, CVE-2024-41007, CVE-2024-46743,     CVE-2024-46675, CVE-2024-43877, CVE-2024-39486, CVE-2024-41050, CVE-2024-43858, CVE-2024-45018,     CVE-2024-46744, CVE-2024-46750, CVE-2024-46840, CVE-2024-42150, CVE-2024-41028, CVE-2024-42091,     CVE-2024-43894, CVE-2024-43869, CVE-2024-42132, CVE-2024-46777, CVE-2024-42106, CVE-2024-46848,     CVE-2024-41038, CVE-2024-46711, CVE-2024-43833, CVE-2024-46710, CVE-2024-46812, CVE-2024-42311,     CVE-2024-46701, CVE-2024-46683, CVE-2024-45029, CVE-2024-46830, CVE-2024-46857, CVE-2024-44979,     CVE-2024-44999, CVE-2024-44985, CVE-2024-46773, CVE-2024-45022, CVE-2024-46772, CVE-2024-44960,     CVE-2024-42243, CVE-2024-42158, CVE-2024-43819, CVE-2024-45030, CVE-2024-42085, CVE-2024-42274,     CVE-2024-44986, CVE-2024-41048, CVE-2024-42098, CVE-2024-46680, CVE-2023-52918, CVE-2024-46673,     CVE-2024-46834, CVE-2024-42288, CVE-2024-44998, CVE-2024-42113, CVE-2024-42094, CVE-2024-42225,     CVE-2024-42112, CVE-2024-42153, CVE-2024-43880, CVE-2024-43905, CVE-2024-43902, CVE-2024-46681,     CVE-2024-42236, CVE-2024-42294, CVE-2024-46793, CVE-2024-43882, CVE-2024-44947, CVE-2024-46849,     CVE-2024-44954, CVE-2024-46852, CVE-2024-41070, CVE-2024-41069, CVE-2024-46864, CVE-2024-46703,     CVE-2024-43829, CVE-2024-46802, CVE-2024-42101, CVE-2024-44990, CVE-2024-43830, CVE-2024-41029,     CVE-2024-43866, CVE-2024-43889, CVE-2024-42230, CVE-2024-46692, CVE-2024-42133, CVE-2024-45013,     CVE-2024-42076, CVE-2024-46810, CVE-2024-42128, CVE-2024-46718, CVE-2024-46814, CVE-2024-43841,     CVE-2024-43873, CVE-2024-42092, CVE-2024-41074, CVE-2024-41083, CVE-2024-46731, CVE-2024-43842,     CVE-2024-41077, CVE-2024-46720, CVE-2024-46795, CVE-2024-46813, CVE-2024-46805, CVE-2024-42142,     CVE-2024-42291, CVE-2024-43846, CVE-2024-41057, CVE-2024-43870, CVE-2024-44980, CVE-2024-46866,     CVE-2024-43827, CVE-2024-43840, CVE-2024-42280, CVE-2024-42261, CVE-2024-42246, CVE-2024-42115,     CVE-2024-46686, CVE-2024-43860, CVE-2024-46808, CVE-2024-42149, CVE-2024-46828, CVE-2024-44935,     CVE-2024-43847, CVE-2024-44967, CVE-2024-46817, CVE-2024-46721, CVE-2024-42305, CVE-2024-46766,     CVE-2024-43914, CVE-2024-46760, CVE-2024-41061, CVE-2024-41091, CVE-2024-43890, CVE-2024-42314,     CVE-2024-42064, CVE-2024-42302, CVE-2024-43887, CVE-2024-46832, CVE-2024-46765, CVE-2024-46770,     CVE-2024-41080, CVE-2024-42253, CVE-2024-44941, CVE-2024-42306, CVE-2024-41027, CVE-2024-46689,     CVE-2024-46781, CVE-2024-42247, CVE-2024-41066, CVE-2024-42287, CVE-2024-41097, CVE-2024-44939,     CVE-2024-45019, CVE-2024-47674, CVE-2024-46705, CVE-2024-42119, CVE-2024-46725, CVE-2024-46746,     CVE-2024-46732, CVE-2024-41042, CVE-2024-44958, CVE-2024-42114, CVE-2024-43893, CVE-2024-47666,     CVE-2024-46843, CVE-2024-42252, CVE-2024-42102, CVE-2024-42136, CVE-2024-41045, CVE-2024-42260,     CVE-2024-46771, CVE-2024-42124, CVE-2024-42297, CVE-2024-42271, CVE-2024-43845, CVE-2024-46775,     CVE-2024-41079, CVE-2024-43868, CVE-2024-42140, CVE-2024-42313, CVE-2024-42145, CVE-2024-46724,     CVE-2024-46788, CVE-2024-42234, CVE-2024-42144, CVE-2024-44974, CVE-2024-42097, CVE-2024-46714,     CVE-2024-41055, CVE-2024-44956)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
210696	EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2815)	Nessus	Huawei Local Security Checks	11/8/2024	11/8/2024	high
210893	Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12815)	Nessus	Oracle Linux Local Security Checks	11/13/2024	9/9/2025	high
212605	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2983)	Nessus	Huawei Local Security Checks	12/12/2024	12/12/2024	critical
212721	Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7156-1)	Nessus	Ubuntu Local Security Checks	12/12/2024	9/24/2025	high

Detections

Analytics

Plugins Search

high

high

critical

high