The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3209-1 advisory.

    The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
    - CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
    - CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
    - CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
    - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
    - CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
    - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
    - CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
    - CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
    - CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820).
    - CVE-2024-41087: Fix double free on error (bsc#1228466).
    - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
    - CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
    - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
    - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
    - CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
    - CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
    - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
    - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
    - CVE-2024-26812: struct virqfd kABI workaround (bsc#1222808).
    - CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
    - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
    - CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
    - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
    - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
    - CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function     (bsc#1229569).
    - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
    - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
    - CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
    - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
    - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
    - CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
    - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
    - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
    - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
    - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
    - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
    - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
    - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
    - CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290).
    - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
    - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
    - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
    - CVE-2024-27016: Validate pppoe header (bsc#1223807).
    - CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
    - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
    - CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
    - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
    - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
    - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
    - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
    - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
    - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
    - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727).
    - CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number')     (bsc#1222387)
    - CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542)
    - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
    - CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
    - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
    - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
    - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
    - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
    - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
    - CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
    - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
    - CVE-2024-26669: Fix chain template offload (bsc#1222350).
    - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
    - CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
    - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
    - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
    - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
    - CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
    - CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
    - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
    - CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
    - CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
    - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
    - CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
    - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
    - CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
    - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
    - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
    - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
    - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
    - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
    - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
    - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
    - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
    - CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
    - CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
    - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
    - CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
    - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
    - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
    - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
    - CVE-2024-42139: Fix improper extts handling (bsc#1228503).
    - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
    - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
    - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
    - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
    - CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
    - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local     privilege escalation (bsc#1213580).
    - CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
    - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
    - CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (bsc#1226613).
    - CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
    - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
    - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
    - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3483-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
    - CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
    - CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
    - CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
    - CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if-IP-has-been-disabled-on.patch     (bsc#1226798)
    - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
    - CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
    - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
    - CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
    - CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
    - CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820).
    - CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
    - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
    - CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
    - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
    - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
    - CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
    - CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
    - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
    - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
    - CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
    - CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
    - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
    - CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
    - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
    - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
    - CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function     (bsc#1229569).
    - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
    - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
    - CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
    - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
    - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
    - CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
    - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
    - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
    - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
    - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
    - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
    - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
    - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
    - CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
    - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
    - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
    - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
    - CVE-2024-27016: Validate pppoe header (bsc#1223807).
    - CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
    - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
    - CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
    - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
    - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
    - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
    - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
    - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
    - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
    - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
    - CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number')     (bsc#1222387)
    - CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542)
    - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
    - CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
    - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
    - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
    - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
    - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
    - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
    - CVE-2024-42308: Update DRM patch reference (bsc#1229411)
    - CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
    - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
    - CVE-2024-26669: Fix chain template offload (bsc#1222350).
    - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
    - CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
    - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
    - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
    - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
    - CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
    - CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
    - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
    - CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
    - CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
    - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
    - CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
    - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
    - CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
    - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
    - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
    - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
    - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
    - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
    - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
    - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
    - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
    - CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
    - CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
    - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
    - CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
    - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
    - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
    - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
    - CVE-2024-42139: Fix improper extts handling (bsc#1228503).
    - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
    - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
    - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
    - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
    - CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
    - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local     privilege escalation (bsc#1213580).
    - CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
    - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
    - CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613).
    - CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
    - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
    - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
    - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the linux package has been released.

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12782 advisory.

    - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez)     [Orabug: 37037205] {CVE-2024-46738}
    - exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017]     {CVE-2024-43882}
    - drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969]     {CVE-2024-42259}
    - netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
    - netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug:
    36630432] {CVE-2024-27397}
    - x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
    - tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
    - serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009]     {CVE-2024-43893}
    - tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032]     {CVE-2024-44968}
    - usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
    - usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug:
    36992971] {CVE-2024-43883}
    - ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
    - drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014]     {CVE-2024-43894}
    - s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
    - drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
    - md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127]     {CVE-2024-43914}
    - net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959]     {CVE-2024-43861}
    - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147]     {CVE-2024-44935}
    - x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012]     {CVE-2024-44965}
    - protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808]     {CVE-2024-42265}
    - net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
    - drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
    - remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug:
    36964537] {CVE-2024-43860}
    - irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085]     {CVE-2024-42290}
    - devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991]     {CVE-2024-43871}
    - dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
    - mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
    - nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022]     {CVE-2024-42276}
    - mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
    - bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
    - net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044]     {CVE-2024-42283}
    - tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047]     {CVE-2024-42284}
    - dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
    - jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
    - nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203]     {CVE-2024-42295}
    - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054]     {CVE-2024-42285}
    - scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
    - scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
    - scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
    - scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080]     {CVE-2024-42289}
    - kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
    - f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
    - ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
    - ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237]     {CVE-2024-42305}
    - udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
    - drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
    - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253]     {CVE-2024-42309}
    - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260]     {CVE-2024-42310}
    - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265]     {CVE-2024-42311}
    - media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
    - netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755]     {CVE-2024-44944}
    - drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
    - leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug:
    36964459] {CVE-2024-43830}
    - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480]     {CVE-2024-43839}
    - wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487]     {CVE-2024-43841}
    - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug:
    36984010] {CVE-2024-43879}
    - mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
    - lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
    - tap: add missing verification for short frame (Si-Wei Liu)   [Orabug: 36660755] {CVE-2024-41090}
    - tun: add missing verification for short frame (Dongli Zhang)   [Orabug: 36660755] {CVE-2024-41091}
    - filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020}     {CVE-2024-41012}
    - jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
    - ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
    - hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
    - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994]     {CVE-2024-41063}
    - powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003]     {CVE-2024-41064}
    - powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009]     {CVE-2024-41065}
    - s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
    - KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug:
    36897048] {CVE-2024-41070}
    - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312]     {CVE-2024-41072}
    - ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
    - filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758]     {CVE-2024-41012} {CVE-2024-41020}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7088-1 advisory.

    Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer     overflow vulnerability. A local attacker could use this to cause a denial of service (system crash).
    (CVE-2022-36402)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - PowerPC architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - CPU frequency scaling framework;

    - Device frequency scaling framework;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - InfiniBand drivers;

    - Input Device core drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - EEPROM drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB subsystem;

    - BTRFS file system;

    - File systems infrastructure;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - BPF subsystem;

    - Core kernel;

    - DMA mapping infrastructure;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Simplified Mandatory Access Control Kernel framework;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-43894, CVE-2024-46737, CVE-2024-46828, CVE-2024-42244, CVE-2024-46723,     CVE-2024-41073, CVE-2024-46756, CVE-2024-42288, CVE-2024-46840, CVE-2024-46771, CVE-2024-46757,     CVE-2024-43860, CVE-2024-46747, CVE-2024-41017, CVE-2024-42246, CVE-2024-44988, CVE-2024-42281,     CVE-2024-36484, CVE-2024-43856, CVE-2024-47668, CVE-2024-46759, CVE-2024-46744, CVE-2024-42289,     CVE-2024-42131, CVE-2024-46679, CVE-2024-42304, CVE-2024-46818, CVE-2024-43858, CVE-2024-44960,     CVE-2024-45028, CVE-2024-26885, CVE-2024-46676, CVE-2024-46780, CVE-2024-42310, CVE-2024-44987,     CVE-2024-41090, CVE-2024-44954, CVE-2024-45026, CVE-2024-42285, CVE-2023-52614, CVE-2024-27051,     CVE-2024-43880, CVE-2024-43839, CVE-2024-43884, CVE-2024-42311, CVE-2024-43893, CVE-2024-41072,     CVE-2024-41091, CVE-2024-46758, CVE-2024-41022, CVE-2024-46745, CVE-2024-42305, CVE-2024-46673,     CVE-2024-42284, CVE-2024-46844, CVE-2024-46677, CVE-2024-45025, CVE-2024-43861, CVE-2024-43914,     CVE-2024-46783, CVE-2024-41012, CVE-2024-44999, CVE-2024-44946, CVE-2024-42276, CVE-2024-46740,     CVE-2024-42295, CVE-2024-44947, CVE-2024-41059, CVE-2024-26669, CVE-2024-38602, CVE-2024-42306,     CVE-2023-52918, CVE-2024-42297, CVE-2024-42229, CVE-2024-43853, CVE-2024-45006, CVE-2024-44998,     CVE-2024-42283, CVE-2024-44952, CVE-2024-46761, CVE-2024-43841, CVE-2024-44944, CVE-2024-42313,     CVE-2024-45008, CVE-2024-46714, CVE-2024-41065, CVE-2024-43883, CVE-2024-43867, CVE-2024-42286,     CVE-2024-43879, CVE-2024-43846, CVE-2024-42280, CVE-2024-43854, CVE-2021-47212, CVE-2024-35848,     CVE-2024-41020, CVE-2024-41068, CVE-2024-45021, CVE-2024-41098, CVE-2024-44965, CVE-2024-43890,     CVE-2024-45003, CVE-2024-44969, CVE-2024-41011, CVE-2024-46738, CVE-2024-41071, CVE-2024-26800,     CVE-2024-46721, CVE-2024-42292, CVE-2024-41081, CVE-2024-44948, CVE-2023-52531, CVE-2024-26891,     CVE-2024-26641, CVE-2024-42287, CVE-2024-46722, CVE-2024-41042, CVE-2024-46675, CVE-2024-46743,     CVE-2024-42259, CVE-2024-41015, CVE-2024-43908, CVE-2024-46719, CVE-2024-43871, CVE-2024-46739,     CVE-2024-42301, CVE-2024-47659, CVE-2024-42271, CVE-2024-26668, CVE-2024-43835, CVE-2024-46829,     CVE-2024-47667, CVE-2024-44995, CVE-2024-47669, CVE-2024-38611, CVE-2024-40929, CVE-2024-46815,     CVE-2024-43830, CVE-2024-42309, CVE-2024-41063, CVE-2024-46782, CVE-2024-46777, CVE-2024-42265,     CVE-2024-46781, CVE-2024-26607, CVE-2024-41064, CVE-2024-46685, CVE-2024-43882, CVE-2024-44935,     CVE-2024-46800, CVE-2024-46822, CVE-2024-46755, CVE-2024-46817, CVE-2024-43829, CVE-2024-46798,     CVE-2024-46689, CVE-2024-42290, CVE-2024-46750, CVE-2024-26640, CVE-2024-47663, CVE-2024-41070)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7123-1 advisory.

    It was discovered that the CIFS network file system implementation in the Linux kernel did not properly     validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this     to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6610)

    Supraja Sridhara, Benedict Schlter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the     Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit     emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service     (guest crash) or possibly execute arbitrary code. (CVE-2024-25744)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Character device driver;

    - ARM SCMI message protocol;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I3C subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Core kernel;

    - DMA mapping infrastructure;

    - RCU subsystem;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2023-52751, CVE-2024-43902, CVE-2024-46791, CVE-2024-45018, CVE-2024-44987,     CVE-2024-46763, CVE-2024-46724, CVE-2024-26893, CVE-2024-42283, CVE-2024-46738, CVE-2024-46819,     CVE-2024-44982, CVE-2023-52889, CVE-2024-45025, CVE-2023-52918, CVE-2024-46800, CVE-2024-46756,     CVE-2024-46719, CVE-2024-39472, CVE-2024-42292, CVE-2024-45006, CVE-2024-46675, CVE-2024-44971,     CVE-2024-46731, CVE-2024-42286, CVE-2024-44954, CVE-2024-42274, CVE-2024-46746, CVE-2024-42276,     CVE-2024-43869, CVE-2024-43830, CVE-2024-42288, CVE-2024-41042, CVE-2024-42126, CVE-2024-43870,     CVE-2024-46805, CVE-2024-41078, CVE-2024-44966, CVE-2024-44989, CVE-2024-46795, CVE-2024-44988,     CVE-2024-38577, CVE-2024-43839, CVE-2024-43909, CVE-2024-46745, CVE-2024-42285, CVE-2024-43871,     CVE-2024-41081, CVE-2024-42289, CVE-2024-44965, CVE-2024-42271, CVE-2024-42284, CVE-2024-45009,     CVE-2024-41068, CVE-2024-44958, CVE-2024-46759, CVE-2024-42304, CVE-2024-43890, CVE-2024-41019,     CVE-2024-43846, CVE-2024-41012, CVE-2024-44983, CVE-2024-41072, CVE-2024-46702, CVE-2024-26800,     CVE-2024-42302, CVE-2023-52572, CVE-2024-46783, CVE-2024-43892, CVE-2024-45028, CVE-2024-44999,     CVE-2024-46814, CVE-2024-41022, CVE-2024-42281, CVE-2024-46679, CVE-2024-42290, CVE-2024-44960,     CVE-2024-41071, CVE-2024-41091, CVE-2024-44990, CVE-2024-46757, CVE-2024-38611, CVE-2024-47668,     CVE-2024-45008, CVE-2024-46707, CVE-2024-44935, CVE-2024-42299, CVE-2024-46771, CVE-2024-42265,     CVE-2024-43883, CVE-2024-46673, CVE-2024-46747, CVE-2024-43875, CVE-2024-44985, CVE-2024-42311,     CVE-2024-46798, CVE-2024-43884, CVE-2024-46725, CVE-2024-42318, CVE-2024-43873, CVE-2024-42296,     CVE-2024-43907, CVE-2024-43834, CVE-2024-46721, CVE-2024-47659, CVE-2024-45026, CVE-2024-47667,     CVE-2024-44986, CVE-2024-41020, CVE-2024-43849, CVE-2024-46744, CVE-2024-44946, CVE-2024-43861,     CVE-2024-42269, CVE-2024-46822, CVE-2024-46739, CVE-2024-44948, CVE-2024-46804, CVE-2024-41064,     CVE-2024-44995, CVE-2024-26669, CVE-2024-46781, CVE-2024-46732, CVE-2024-42246, CVE-2024-46780,     CVE-2024-46743, CVE-2024-44947, CVE-2024-47663, CVE-2024-46752, CVE-2024-43893, CVE-2024-45021,     CVE-2024-43856, CVE-2024-46714, CVE-2024-41011, CVE-2024-41070, CVE-2024-46832, CVE-2024-46737,     CVE-2024-43867, CVE-2024-42277, CVE-2024-44934, CVE-2024-46723, CVE-2024-43880, CVE-2024-43860,     CVE-2024-42297, CVE-2024-45003, CVE-2024-46810, CVE-2024-43889, CVE-2024-42287, CVE-2024-43854,     CVE-2024-42313, CVE-2024-42305, CVE-2024-41077, CVE-2024-38602, CVE-2024-46758, CVE-2024-46807,     CVE-2024-43853, CVE-2024-45007, CVE-2024-41090, CVE-2024-42280, CVE-2024-46844, CVE-2024-45011,     CVE-2024-47660, CVE-2024-47665, CVE-2024-46829, CVE-2024-44944, CVE-2024-41015, CVE-2024-42259,     CVE-2024-43914, CVE-2024-43829, CVE-2022-48666, CVE-2024-43828, CVE-2024-46755, CVE-2024-43858,     CVE-2024-46740, CVE-2024-46689, CVE-2024-42309, CVE-2024-42295, CVE-2024-41098, CVE-2023-52757,     CVE-2024-46782, CVE-2024-46777, CVE-2024-46685, CVE-2024-44969, CVE-2024-47669, CVE-2024-43882,     CVE-2024-42310, CVE-2024-43905, CVE-2024-44998, CVE-2024-42306, CVE-2024-40915, CVE-2024-46713,     CVE-2024-41059, CVE-2024-41017, CVE-2024-43879, CVE-2024-46677, CVE-2024-42312, CVE-2024-43908,     CVE-2024-46750, CVE-2024-46722, CVE-2024-42267, CVE-2024-46818, CVE-2024-26661, CVE-2024-43817,     CVE-2024-42272, CVE-2024-41065, CVE-2024-46828, CVE-2024-46840, CVE-2024-46676, CVE-2024-43841,     CVE-2024-46815, CVE-2024-26607, CVE-2023-52434, CVE-2024-46761, CVE-2024-42114, CVE-2024-41073,     CVE-2024-43894, CVE-2024-43835, CVE-2024-46817, CVE-2024-41060, CVE-2024-36484, CVE-2024-42301,     CVE-2024-44974, CVE-2024-43863, CVE-2024-41063)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7155-1 advisory.

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - ATM drivers;

    - Drivers core;

    - Ublk userspace block driver;

    - Bluetooth drivers;

    - Character device driver;

    - Hardware crypto device drivers;

    - Buffer Sharing and Synchronization framework;

    - DMA engine subsystem;

    - Qualcomm firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I2C subsystem;

    - I3C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - LED subsystem;

    - Mailbox framework;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Ethernet bonding driver;

    - Network drivers;

    - Mellanox network drivers;

    - Microsoft Azure Network Adapter (MANA) driver;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - Power supply drivers;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI subsystem;

    - QCOM SoC drivers;

    - SPI subsystem;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - UFS subsystem;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - Virtio Host (VHOST) subsystem;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - Network file systems library;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - NILFS2 file system;

    - File system notification infrastructure;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Tracing file system;

    - Bitmap API;

    - BPF subsystem;

    - Memory Management;

    - Objagg library;

    - Perf events;

    - Virtio network driver;

    - VMware vSockets driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - Control group (cgroup);

    - DMA mapping infrastructure;

    - Locking primitives;

    - Padata parallel execution mechanism;

    - Scheduler infrastructure;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - KUnit for arithmetic overflow checks;

    - Memory management;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - TIPC protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - SELinux security module;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - AMD SoC Alsa drivers;

    - Texas InstrumentS Audio (ASoC/HDA) drivers;

    - SoC Audio for Freescale CPUs drivers;

    - Intel ASoC drivers;

    - Amlogic Meson SoC drivers;

    - SoC audio core drivers;

    - USB sound devices;

    - Real-Time Linux Analysis tools; (CVE-2024-43845, CVE-2024-42311, CVE-2024-46757, CVE-2024-46738,     CVE-2024-44961, CVE-2024-44935, CVE-2024-46845, CVE-2024-46783, CVE-2024-42315, CVE-2023-52918,     CVE-2024-46708, CVE-2024-44934, CVE-2024-42298, CVE-2024-46786, CVE-2024-46778, CVE-2024-44960,     CVE-2024-42295, CVE-2024-43881, CVE-2024-44971, CVE-2024-43849, CVE-2024-43914, CVE-2024-44962,     CVE-2024-43841, CVE-2024-46794, CVE-2024-46752, CVE-2024-46853, CVE-2024-46861, CVE-2024-47664,     CVE-2024-46717, CVE-2024-46806, CVE-2024-46797, CVE-2024-42261, CVE-2024-46828, CVE-2024-45013,     CVE-2024-46870, CVE-2024-42258, CVE-2024-46689, CVE-2024-43818, CVE-2024-46762, CVE-2024-46825,     CVE-2024-46698, CVE-2024-46816, CVE-2024-46728, CVE-2024-46726, CVE-2024-43835, CVE-2024-45000,     CVE-2024-43850, CVE-2024-43840, CVE-2024-46846, CVE-2024-43846, CVE-2024-46725, CVE-2024-46867,     CVE-2024-42310, CVE-2024-42274, CVE-2024-46760, CVE-2024-46683, CVE-2024-42304, CVE-2024-43839,     CVE-2024-44954, CVE-2024-43895, CVE-2024-44967, CVE-2024-43889, CVE-2024-46854, CVE-2024-46860,     CVE-2024-45029, CVE-2024-44938, CVE-2024-46785, CVE-2024-46713, CVE-2024-46715, CVE-2024-46731,     CVE-2024-42297, CVE-2024-43912, CVE-2024-46751, CVE-2024-46711, CVE-2024-46695, CVE-2024-42317,     CVE-2024-44957, CVE-2024-46792, CVE-2024-45020, CVE-2024-44985, CVE-2024-46746, CVE-2024-43868,     CVE-2024-45017, CVE-2024-46824, CVE-2024-46787, CVE-2024-42288, CVE-2024-46681, CVE-2024-42306,     CVE-2024-46755, CVE-2024-46826, CVE-2024-46777, CVE-2024-46844, CVE-2024-44972, CVE-2024-43883,     CVE-2024-43909, CVE-2024-46676, CVE-2024-46798, CVE-2024-42273, CVE-2024-44990, CVE-2024-46744,     CVE-2024-42305, CVE-2024-45006, CVE-2024-42309, CVE-2024-46722, CVE-2024-44956, CVE-2024-46739,     CVE-2024-46680, CVE-2024-46765, CVE-2024-46714, CVE-2024-46771, CVE-2024-46847, CVE-2024-43879,     CVE-2024-46703, CVE-2024-46733, CVE-2024-46815, CVE-2024-46802, CVE-2024-45027, CVE-2024-42281,     CVE-2024-43891, CVE-2024-45030, CVE-2024-47662, CVE-2024-43887, CVE-2024-46836, CVE-2024-46782,     CVE-2024-46835, CVE-2024-43907, CVE-2024-46779, CVE-2024-43869, CVE-2024-43821, CVE-2024-44978,     CVE-2024-42286, CVE-2023-52889, CVE-2024-43852, CVE-2024-42320, CVE-2024-44931, CVE-2024-44993,     CVE-2024-46829, CVE-2024-46701, CVE-2024-42272, CVE-2024-47660, CVE-2024-49984, CVE-2024-44973,     CVE-2024-43817, CVE-2024-42322, CVE-2024-43830, CVE-2024-42301, CVE-2024-44969, CVE-2024-47674,     CVE-2024-46702, CVE-2024-45025, CVE-2024-46710, CVE-2024-43866, CVE-2024-46718, CVE-2024-46773,     CVE-2024-43834, CVE-2024-46754, CVE-2024-46871, CVE-2024-44942, CVE-2024-43913, CVE-2024-46818,     CVE-2024-42318, CVE-2024-43831, CVE-2024-43832, CVE-2024-43908, CVE-2024-43827, CVE-2024-46737,     CVE-2024-47665, CVE-2024-43854, CVE-2024-46707, CVE-2024-42303, CVE-2024-43860, CVE-2024-43824,     CVE-2024-45019, CVE-2024-44984, CVE-2024-46813, CVE-2024-45022, CVE-2024-44970, CVE-2024-46791,     CVE-2024-45012, CVE-2024-43829, CVE-2024-46850, CVE-2024-44987, CVE-2024-44940, CVE-2024-43864,     CVE-2024-46723, CVE-2024-44999, CVE-2024-43884, CVE-2024-42287, CVE-2024-46675, CVE-2024-44974,     CVE-2024-46721, CVE-2024-44937, CVE-2024-45008, CVE-2024-43853, CVE-2024-46697, CVE-2024-43899,     CVE-2024-43823, CVE-2024-46747, CVE-2024-45007, CVE-2024-46822, CVE-2024-42262, CVE-2024-47661,     CVE-2024-44953, CVE-2024-46859, CVE-2024-46694, CVE-2024-42279, CVE-2024-43873, CVE-2024-43828,     CVE-2024-46851, CVE-2024-42296, CVE-2024-46719, CVE-2024-46677, CVE-2024-42259, CVE-2024-44941,     CVE-2024-44946, CVE-2024-46745, CVE-2024-42299, CVE-2024-46724, CVE-2024-46749, CVE-2024-46706,     CVE-2024-42267, CVE-2024-46774, CVE-2024-46685, CVE-2024-42292, CVE-2024-47667, CVE-2024-42319,     CVE-2024-43888, CVE-2024-46729, CVE-2024-44947, CVE-2024-45003, CVE-2024-46827, CVE-2024-46693,     CVE-2024-46705, CVE-2024-46767, CVE-2024-46838, CVE-2024-46805, CVE-2024-43904, CVE-2024-43906,     CVE-2024-42265, CVE-2024-42278, CVE-2024-46750, CVE-2024-46692, CVE-2024-43847, CVE-2024-44995,     CVE-2024-43825, CVE-2024-46803, CVE-2024-47669, CVE-2024-46830, CVE-2024-46784, CVE-2024-46840,     CVE-2024-44939, CVE-2024-46848, CVE-2024-42313, CVE-2024-46823, CVE-2024-44989, CVE-2024-42270,     CVE-2024-43856, CVE-2024-46716, CVE-2024-43859, CVE-2024-46841, CVE-2024-47658, CVE-2024-46811,     CVE-2024-45028, CVE-2024-46781, CVE-2024-42290, CVE-2024-44991, CVE-2024-43894, CVE-2024-44979,     CVE-2024-46804, CVE-2024-43826, CVE-2024-43877, CVE-2024-42284, CVE-2024-43876, CVE-2024-45011,     CVE-2024-43819, CVE-2024-46709, CVE-2024-43867, CVE-2024-44963, CVE-2024-45010, CVE-2024-46753,     CVE-2024-46759, CVE-2024-43880, CVE-2024-44977, CVE-2024-46772, CVE-2024-44950, CVE-2024-46687,     CVE-2024-46834, CVE-2024-43911, CVE-2024-45015, CVE-2024-46819, CVE-2024-43875, CVE-2024-44996,     CVE-2024-44988, CVE-2024-46673, CVE-2024-44943, CVE-2024-42316, CVE-2024-47683, CVE-2024-42307,     CVE-2024-46788, CVE-2024-43892, CVE-2024-47659, CVE-2024-46857, CVE-2024-43820, CVE-2024-46832,     CVE-2024-42312, CVE-2024-43910, CVE-2024-43886, CVE-2024-43905, CVE-2024-46766, CVE-2024-42263,     CVE-2024-46821, CVE-2024-43842, CVE-2024-43857, CVE-2024-42276, CVE-2024-42268, CVE-2024-46740,     CVE-2024-46843, CVE-2024-46807, CVE-2024-46780, CVE-2024-46678, CVE-2024-44944, CVE-2024-42264,     CVE-2024-43863, CVE-2024-39472, CVE-2024-46691, CVE-2024-44959, CVE-2024-44958, CVE-2024-46679,     CVE-2024-43843, CVE-2024-43900, CVE-2024-45021, CVE-2024-44982, CVE-2024-46793, CVE-2024-42260,     CVE-2024-43890, CVE-2024-43871, CVE-2024-42269, CVE-2024-42277, CVE-2024-46720, CVE-2024-45005,     CVE-2024-46727, CVE-2024-46808, CVE-2024-46852, CVE-2024-47668, CVE-2024-42321, CVE-2024-46743,     CVE-2024-45002, CVE-2024-46763, CVE-2024-46817, CVE-2024-42285, CVE-2024-46770, CVE-2024-45026,     CVE-2024-46768, CVE-2024-42314, CVE-2024-42291, CVE-2024-46756, CVE-2024-42283, CVE-2024-45018,     CVE-2024-44966, CVE-2024-42289, CVE-2024-42294, CVE-2024-46814, CVE-2024-44986, CVE-2024-43870,     CVE-2024-44980, CVE-2024-43902, CVE-2024-47666, CVE-2024-46864, CVE-2024-46761, CVE-2024-46831,     CVE-2024-46758, CVE-2024-46735, CVE-2024-46858, CVE-2024-46795, CVE-2024-46810, CVE-2024-46849,     CVE-2024-46775, CVE-2024-46868, CVE-2024-46809, CVE-2024-46776, CVE-2024-46866, CVE-2024-44983,     CVE-2024-46741, CVE-2024-43837, CVE-2024-43833, CVE-2024-46672, CVE-2024-43861, CVE-2024-42302,     CVE-2024-47663, CVE-2024-46812, CVE-2024-43893, CVE-2024-46686, CVE-2024-44948, CVE-2024-46732,     CVE-2024-44965, CVE-2024-46855, CVE-2024-45009, CVE-2024-46842, CVE-2024-46730, CVE-2024-44975,     CVE-2024-44998)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

In the Linux kernel, the following vulnerability has been resolved:
dma: fix call order in dmam_free_coherent  dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to track the DMA allocation. Between the two calls, it is possible for a concurrent task to make an allocation with the same vaddr and add it to the devres list.  If this happens, there will be two entries in the devres list with the same vaddr and devres_destroy() can free the wrong entry, triggering the WARN_ON() in dmam_match.  Fix by destroying the devres entry before freeing the DMA allocation.
kokonut //net/encryption http://sponge2/b9145fe6-0f72-4325-ac2f-a84d81075b03

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	Name	Product	Family	Published	Updated	Severity
207050	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3209-1)	Nessus	SuSE Local Security Checks	9/12/2024	9/24/2025	high
207884	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3483-1)	Nessus	SuSE Local Security Checks	9/28/2024	9/26/2025	high
206730	Photon OS 5.0: Linux PHSA-2024-5.0-0359	Nessus	PhotonOS Local Security Checks	9/6/2024	10/17/2025	high
209005	Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12782)	Nessus	Oracle Linux Local Security Checks	10/14/2024	9/9/2025	high
210006	Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7088-1)	Nessus	Ubuntu Local Security Checks	10/31/2024	9/24/2025	high
211654	Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7123-1)	Nessus	Ubuntu Local Security Checks	11/20/2024	9/24/2025	high
210815	RHEL 9 : kernel (RHSA-2024:9315)	Nessus	Red Hat Local Security Checks	11/12/2024	10/28/2025	high
212723	Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-7155-1)	Nessus	Ubuntu Local Security Checks	12/12/2024	9/24/2025	high
503585	Siemens SIMATIC Devices Allocation of Resources Without Limits or Throttling (CVE-2024-43856)	Tenable OT Security	Tenable.ot	10/27/2025	10/29/2025	medium

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high

high

medium