The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7100-2 advisory.

    Supraja Sridhara, Benedict Schlter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the     Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit     emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service     (guest crash) or possibly execute arbitrary code. (CVE-2024-25744)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Character device driver;

    - ARM SCMI message protocol;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I3C subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Core kernel;

    - DMA mapping infrastructure;

    - RCU subsystem;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-42288, CVE-2024-41098, CVE-2024-43849, CVE-2024-46689, CVE-2024-44987,     CVE-2024-40915, CVE-2024-46844, CVE-2024-45009, CVE-2024-46780, CVE-2024-41081, CVE-2024-43817,     CVE-2024-44965, CVE-2024-46832, CVE-2024-41072, CVE-2024-45011, CVE-2024-46814, CVE-2024-45026,     CVE-2024-44982, CVE-2024-46723, CVE-2024-46771, CVE-2024-46759, CVE-2024-41063, CVE-2024-46673,     CVE-2023-52889, CVE-2024-41020, CVE-2024-46677, CVE-2024-46798, CVE-2024-45021, CVE-2024-46676,     CVE-2024-47668, CVE-2024-42289, CVE-2024-45018, CVE-2024-46724, CVE-2024-41090, CVE-2024-43853,     CVE-2024-42272, CVE-2024-43828, CVE-2024-42292, CVE-2024-26800, CVE-2024-43871, CVE-2024-46758,     CVE-2024-36484, CVE-2024-46755, CVE-2024-46782, CVE-2024-43889, CVE-2024-46763, CVE-2024-41015,     CVE-2024-43858, CVE-2024-41012, CVE-2024-44960, CVE-2024-46747, CVE-2024-42311, CVE-2024-47660,     CVE-2024-42267, CVE-2024-44998, CVE-2024-43839, CVE-2024-43914, CVE-2024-46783, CVE-2024-47659,     CVE-2024-46725, CVE-2024-46840, CVE-2024-43873, CVE-2024-46737, CVE-2024-44946, CVE-2024-43841,     CVE-2024-26669, CVE-2024-42306, CVE-2024-26661, CVE-2024-42259, CVE-2024-41011, CVE-2024-46822,     CVE-2024-42287, CVE-2024-46746, CVE-2024-43860, CVE-2024-42246, CVE-2024-46800, CVE-2024-45007,     CVE-2024-42296, CVE-2024-47669, CVE-2024-44983, CVE-2024-43880, CVE-2024-42284, CVE-2022-48666,     CVE-2024-44990, CVE-2024-43894, CVE-2024-44989, CVE-2023-52918, CVE-2024-42295, CVE-2024-43869,     CVE-2024-42277, CVE-2024-46818, CVE-2024-42270, CVE-2024-45025, CVE-2024-42301, CVE-2024-43883,     CVE-2024-46714, CVE-2024-46815, CVE-2024-41073, CVE-2024-43905, CVE-2024-43882, CVE-2024-46719,     CVE-2024-42286, CVE-2024-44952, CVE-2024-42297, CVE-2024-41022, CVE-2024-46743, CVE-2024-43829,     CVE-2024-43909, CVE-2024-42265, CVE-2024-44944, CVE-2024-46807, CVE-2024-46739, CVE-2024-43867,     CVE-2024-44958, CVE-2024-44969, CVE-2024-42271, CVE-2024-46745, CVE-2024-42299, CVE-2024-45006,     CVE-2024-43908, CVE-2024-44966, CVE-2024-41065, CVE-2024-46777, CVE-2024-42309, CVE-2024-38602,     CVE-2024-44947, CVE-2024-43884, CVE-2024-43902, CVE-2024-47667, CVE-2024-46750, CVE-2024-41070,     CVE-2024-26893, CVE-2024-41017, CVE-2024-46810, CVE-2024-46828, CVE-2024-43893, CVE-2024-41077,     CVE-2024-46756, CVE-2024-46740, CVE-2024-42269, CVE-2024-43890, CVE-2024-45008, CVE-2024-46795,     CVE-2024-43854, CVE-2024-46713, CVE-2024-47663, CVE-2024-46702, CVE-2024-46781, CVE-2024-46722,     CVE-2024-42114, CVE-2024-44948, CVE-2024-44988, CVE-2024-42302, CVE-2024-41019, CVE-2024-46731,     CVE-2024-46819, CVE-2024-44995, CVE-2024-41059, CVE-2024-43856, CVE-2024-44954, CVE-2024-43863,     CVE-2024-38577, CVE-2024-43870, CVE-2024-41068, CVE-2024-41071, CVE-2024-38611, CVE-2024-46761,     CVE-2024-42304, CVE-2024-42310, CVE-2024-46707, CVE-2024-42290, CVE-2024-42276, CVE-2024-44935,     CVE-2024-46721, CVE-2024-46817, CVE-2024-46791, CVE-2024-44934, CVE-2024-45028, CVE-2024-46757,     CVE-2024-43879, CVE-2024-43907, CVE-2024-43846, CVE-2024-42280, CVE-2024-44999, CVE-2024-43861,     CVE-2024-42126, CVE-2024-26607, CVE-2024-46752, CVE-2024-42305, CVE-2024-43835, CVE-2024-41042,     CVE-2024-46675, CVE-2024-46804, CVE-2024-41091, CVE-2024-41060, CVE-2024-46744, CVE-2024-47665,     CVE-2024-39472, CVE-2024-46829, CVE-2024-42285, CVE-2024-42281, CVE-2024-43830, CVE-2024-42274,     CVE-2024-46679, CVE-2024-44985, CVE-2024-46805, CVE-2024-42312, CVE-2024-42283, CVE-2024-45003,     CVE-2024-44971, CVE-2024-42313, CVE-2024-46685, CVE-2024-46738, CVE-2024-44986, CVE-2024-43834,     CVE-2024-46732, CVE-2024-43875, CVE-2024-42318, CVE-2024-41064, CVE-2024-44974, CVE-2024-43892,     CVE-2024-41078)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3195-1 advisory.

    The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
    - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
    - CVE-2024-43911: Fix NULL dereference at band check in starting tx ba session (bsc#1229827).
    - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
    - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
    - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
    - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
    - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
    - CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
    - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
    - CVE-2024-36881: Fix reset ptes when close() for wr-protected (bsc#1225718).
    - CVE-2024-42316: Fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
    - CVE-2024-43855: Fix deadlock between mddev_suspend and flush bio (bsc#1229342).
    - CVE-2024-43864: Fix CT entry update leaks of modify header context (bsc#1229496).
    - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
    - CVE-2024-42109: Unconditionally flush pending work before notifier (bsc#1228505).
    - CVE-2024-41084: Avoid null pointer dereference in region lookup (bsc#1228472).
    - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
    - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
    - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
    - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
    - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
    - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
    - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
    - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
    - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
    - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
    - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
    - CVE-2024-26809: Release elements in clone only from destroy path (bsc#1222633).
    - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
    - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
    - CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
    - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
    - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
    - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
    - CVE-2024-27433: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711).
    - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
    - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
    - CVE-2024-40920: Fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
    - CVE-2024-40921: Pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
    - CVE-2024-36979: Fix vlan use-after-free (bsc#1226604).
    - CVE-2024-26590: Fix inconsistent per-file compression format (bsc#1220252).
    - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
    - CVE-2024-42270: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404).
    - CVE-2024-42269: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402).
    - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
    - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
    - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
    - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
    - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
    - CVE-2024-42290: Handle runtime power management correctly (bsc#1229379).
    - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
    - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
    - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
    - CVE-2024-43850: Fix refcount imbalance seen during bwmon_remove (bsc#1229316).
    - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
    - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
    - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
    - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
    - CVE-2024-26669: Fix chain template offload (bsc#1222350).
    - CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number')     (bsc#1222387)
    - CVE-2024-41050: Cyclic allocation of msg_id to avoid reuse (bsc#1228499).
    - CVE-2024-41051: Wait for ondemand_object_worker to finish when dropping object (bsc#1228468).
    - CVE-2024-41074: Set object to close if ondemand_id < 0 in copen (bsc#1228643).
    - CVE-2024-41075: Add consistency check for copen/cread (bsc#1228646).
    - CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
    - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
    - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
    - CVE-2024-42159: Fix sanitise num_phys (bsc#1228754).
    - CVE-2024-42241: Disable PMD-sized page cache if needed (bsc#1228986).
    - CVE-2024-42245: Revert 'sched/fair: Make sure to try to detach at least one movable task' (bsc#1228978).
    - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
    - CVE-2024-26837: Race between creation of new group memberships and generation of the list of MDB events     to replay (bsc#1222973).
    - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
    - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
    - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727).
    - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
    - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
    - CVE-2024-40938: Fix d_parent walk (bsc#1227840).
    - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
    - CVE-2024-41010: Fix too early release of tcx_entry (bsc#1228021).
    - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
    - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
    - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
    - CVE-2024-42138: Fix double memory deallocation in case of invalid INI file (bsc#1228500).
    - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
    - CVE-2024-42139: Fix improper extts handling (bsc#1228503).
    - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
    - CVE-2024-42113: Initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568).
    - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
    - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
    - CVE-2024-42073: Fix memory corruptions on Spectrum-4 systems (bsc#1228457).
    - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
    - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
    - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
    - CVE-2024-41000: Prefer different overflow check (bsc#1227867).
    - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
    - CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
    - CVE-2024-41069: Fix route memory corruption (bsc#1228644).
    - CVE-2024-39506: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
    - CVE-2024-42145: Implement a limit on UMAD receive List (bsc#1228743).
    - CVE-2024-40994: Fix integer overflow in max_vclocks_store (bsc#1227829).
    - CVE-2024-42124: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
    - CVE-2024-42096: Stop playing stack games in profile_pc() (bsc#1228633).
    - CVE-2024-42224: Correct check for empty list (bsc#1228723).
    - CVE-2024-41048: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
    - CVE-2024-40958: Make get_net_ns() handle zero refcount net (bsc#1227812).
    - CVE-2024-40939: Fix tainted pointer delete is case of region creation fail (bsc#1227799).
    - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
    - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
    - CVE-2024-41044: Reject claimed-as-LCP but actually malformed packets (bsc#1228530).
    - CVE-2024-41066: Add tx check to prevent skb leak (bsc#1228640).
    - CVE-2024-42093: Avoid explicit cpumask var allocation on stack (bsc#1228680).
    - CVE-2024-42122: Add NULL pointer check for kzalloc (bsc#1228591).
    - CVE-2024-41078: Fix quota root leak after quota disable failure (bsc#1228655).
    - CVE-2024-40989: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
    - CVE-2024-41064: Avoid possible crash when edev->pdev changes (bsc#1228599).
    - CVE-2024-41036: Fix deadlock with the SPI chip variant (bsc#1228496).
    - CVE-2024-41040: Fix UAF when resolving a clash (bsc#1228518).
    - CVE-2024-35949: Make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
    - CVE-2024-41081: Block BH in ila_output() (bsc#1228617).
    - CVE-2024-41076: Fix memory leak in nfs4_set_security_label (bsc#1228649).
    - CVE-2024-42079: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
    - CVE-2024-41057: Fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
    - CVE-2024-41058: Fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
    - CVE-2024-41015: Add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
    - CVE-2024-40956: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
    - CVE-2024-27437: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
    - CVE-2024-41032: Check if a hash-index is in cpu_possible_mask (bsc#1228460).
    - CVE-2024-40957: Fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors     (bsc#1227811).
    - CVE-2024-41041: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
    - CVE-2024-40954: Do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
    - CVE-2024-42070: Fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
    - CVE-2024-41070: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
    - CVE-2024-40959: Check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
    - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
    - CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
    - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
210775	Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7100-2)	Nessus	Ubuntu Local Security Checks	11/12/2024	11/12/2024	high
206955	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3195-1)	Nessus	SuSE Local Security Checks	9/11/2024	10/28/2024	high
213470	Debian dla-4008 : linux-config-6.1 - security update	Nessus	Debian Local Security Checks	1/3/2025	3/6/2025	critical

Detections

Analytics

Plugins Search

high

high

critical