The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7196-1 advisory.

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - ATM drivers;

    - Drivers core;

    - Ublk userspace block driver;

    - Bluetooth drivers;

    - Character device driver;

    - Hardware crypto device drivers;

    - Buffer Sharing and Synchronization framework;

    - DMA engine subsystem;

    - Qualcomm firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I2C subsystem;

    - I3C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - LED subsystem;

    - Mailbox framework;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Ethernet bonding driver;

    - Network drivers;

    - Mellanox network drivers;

    - Microsoft Azure Network Adapter (MANA) driver;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - Power supply drivers;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI subsystem;

    - QCOM SoC drivers;

    - SPI subsystem;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - UFS subsystem;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - Virtio Host (VHOST) subsystem;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - Network file systems library;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - NILFS2 file system;

    - File system notification infrastructure;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Tracing file system;

    - Bitmap API;

    - BPF subsystem;

    - Memory Management;

    - Objagg library;

    - Perf events;

    - Virtio network driver;

    - VMware vSockets driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - Control group (cgroup);

    - DMA mapping infrastructure;

    - Locking primitives;

    - Padata parallel execution mechanism;

    - Scheduler infrastructure;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - KUnit for arithmetic overflow checks;

    - Memory management;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - TIPC protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - SELinux security module;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - AMD SoC Alsa drivers;

    - Texas InstrumentS Audio (ASoC/HDA) drivers;

    - SoC Audio for Freescale CPUs drivers;

    - Intel ASoC drivers;

    - Amlogic Meson SoC drivers;

    - SoC audio core drivers;

    - USB sound devices;

    - Real-Time Linux Analysis tools; (CVE-2024-44979, CVE-2024-47658, CVE-2024-44970, CVE-2024-43913,     CVE-2024-46816, CVE-2024-46738, CVE-2024-46777, CVE-2024-46730, CVE-2024-46811, CVE-2024-44954,     CVE-2024-42317, CVE-2024-42279, CVE-2024-45002, CVE-2024-43826, CVE-2024-44967, CVE-2024-46721,     CVE-2024-46763, CVE-2024-43856, CVE-2024-42284, CVE-2024-42289, CVE-2024-46806, CVE-2024-46776,     CVE-2024-43843, CVE-2024-42298, CVE-2024-43832, CVE-2024-42321, CVE-2024-42292, CVE-2024-44982,     CVE-2024-43842, CVE-2024-46772, CVE-2024-46702, CVE-2024-45017, CVE-2024-43888, CVE-2024-47683,     CVE-2024-46714, CVE-2024-43899, CVE-2024-45025, CVE-2024-46751, CVE-2024-45020, CVE-2024-44977,     CVE-2024-46853, CVE-2024-46753, CVE-2024-46792, CVE-2024-46675, CVE-2024-46805, CVE-2024-43890,     CVE-2024-46703, CVE-2024-43841, CVE-2024-44960, CVE-2024-46846, CVE-2024-46798, CVE-2024-44965,     CVE-2024-46812, CVE-2024-43835, CVE-2024-43839, CVE-2024-43886, CVE-2024-46843, CVE-2024-50264,     CVE-2024-46706, CVE-2024-46851, CVE-2024-46758, CVE-2024-45027, CVE-2024-43887, CVE-2024-42278,     CVE-2024-46701, CVE-2024-46708, CVE-2024-46817, CVE-2024-46871, CVE-2024-46771, CVE-2024-42304,     CVE-2024-43877, CVE-2024-44996, CVE-2024-46741, CVE-2024-46842, CVE-2024-43902, CVE-2024-43818,     CVE-2024-47662, CVE-2024-44931, CVE-2024-46793, CVE-2024-46746, CVE-2024-46782, CVE-2024-43914,     CVE-2024-43824, CVE-2024-46767, CVE-2024-43871, CVE-2024-44971, CVE-2024-47666, CVE-2024-45008,     CVE-2024-42263, CVE-2024-46815, CVE-2024-46824, CVE-2024-45015, CVE-2024-45000, CVE-2024-46841,     CVE-2024-46770, CVE-2024-44942, CVE-2024-46679, CVE-2024-46724, CVE-2024-46759, CVE-2024-43845,     CVE-2024-46795, CVE-2024-46818, CVE-2024-44988, CVE-2024-46807, CVE-2024-46787, CVE-2024-43894,     CVE-2024-46803, CVE-2024-44947, CVE-2024-46786, CVE-2024-46689, CVE-2024-46686, CVE-2024-42290,     CVE-2024-46868, CVE-2024-43857, CVE-2024-43909, CVE-2023-52889, CVE-2024-44944, CVE-2024-44973,     CVE-2024-43905, CVE-2024-44938, CVE-2024-43864, CVE-2024-46850, CVE-2024-43867, CVE-2024-43819,     CVE-2024-46691, CVE-2024-47664, CVE-2024-46821, CVE-2024-46867, CVE-2024-46716, CVE-2024-43881,     CVE-2024-46788, CVE-2024-43912, CVE-2024-43904, CVE-2024-46727, CVE-2024-46680, CVE-2024-44985,     CVE-2024-46813, CVE-2024-47668, CVE-2024-42277, CVE-2024-42291, CVE-2024-45003, CVE-2024-42309,     CVE-2024-44937, CVE-2024-44953, CVE-2024-46718, CVE-2024-42276, CVE-2024-45028, CVE-2024-43863,     CVE-2024-46866, CVE-2024-42258, CVE-2024-42273, CVE-2024-46717, CVE-2024-46797, CVE-2024-46854,     CVE-2024-44972, CVE-2024-46791, CVE-2024-45010, CVE-2024-43825, CVE-2024-46775, CVE-2024-46745,     CVE-2024-46808, CVE-2024-46831, CVE-2024-45018, CVE-2024-42319, CVE-2024-46822, CVE-2024-43883,     CVE-2024-46722, CVE-2024-46694, CVE-2024-45009, CVE-2024-42320, CVE-2024-46825, CVE-2024-43821,     CVE-2024-46749, CVE-2024-45006, CVE-2024-43895, CVE-2024-44950, CVE-2024-43827, CVE-2024-43876,     CVE-2024-47659, CVE-2024-44989, CVE-2024-46804, CVE-2024-46754, CVE-2024-46766, CVE-2024-46728,     CVE-2024-46828, CVE-2024-46826, CVE-2024-46810, CVE-2024-44963, CVE-2024-44934, CVE-2024-43829,     CVE-2024-42268, CVE-2024-43850, CVE-2024-43853, CVE-2024-43854, CVE-2024-43892, CVE-2024-43859,     CVE-2024-42285, CVE-2024-44962, CVE-2024-46725, CVE-2024-46814, CVE-2024-44935, CVE-2024-42264,     CVE-2024-42260, CVE-2024-46858, CVE-2024-46778, CVE-2024-46774, CVE-2024-46848, CVE-2024-45013,     CVE-2024-43837, CVE-2024-46683, CVE-2024-46757, CVE-2024-46726, CVE-2024-43831, CVE-2024-46737,     CVE-2024-43893, CVE-2024-46823, CVE-2024-42302, CVE-2024-44990, CVE-2024-46755, CVE-2024-46707,     CVE-2024-43833, CVE-2024-44940, CVE-2024-42259, CVE-2024-46855, CVE-2024-46827, CVE-2024-46809,     CVE-2024-46836, CVE-2024-43907, CVE-2024-42312, CVE-2024-46692, CVE-2024-42297, CVE-2024-46864,     CVE-2024-42299, CVE-2024-45011, CVE-2024-46838, CVE-2024-44993, CVE-2024-46802, CVE-2024-44966,     CVE-2024-46739, CVE-2024-46780, CVE-2024-44961, CVE-2024-42316, CVE-2024-47660, CVE-2024-46859,     CVE-2024-46762, CVE-2024-43861, CVE-2024-45012, CVE-2024-46784, CVE-2024-43908, CVE-2024-46832,     CVE-2024-44969, CVE-2024-46750, CVE-2024-44958, CVE-2024-46740, CVE-2024-46829, CVE-2024-43873,     CVE-2024-49984, CVE-2024-44983, CVE-2024-42288, CVE-2024-46735, CVE-2024-46676, CVE-2024-43823,     CVE-2024-46779, CVE-2024-46744, CVE-2024-42310, CVE-2024-44980, CVE-2024-46870, CVE-2024-42307,     CVE-2024-46768, CVE-2024-44984, CVE-2024-45007, CVE-2024-46710, CVE-2024-44978, CVE-2024-46723,     CVE-2024-46845, CVE-2024-44999, CVE-2024-42311, CVE-2024-43884, CVE-2024-44939, CVE-2024-44974,     CVE-2024-42314, CVE-2024-42318, CVE-2024-39472, CVE-2024-46693, CVE-2024-46794, CVE-2024-46844,     CVE-2024-46695, CVE-2024-46720, CVE-2024-46860, CVE-2024-46835, CVE-2024-47665, CVE-2024-46715,     CVE-2024-42305, CVE-2024-46773, CVE-2024-45030, CVE-2024-46697, CVE-2024-46705, CVE-2024-42286,     CVE-2024-46834, CVE-2024-46681, CVE-2024-53057, CVE-2024-42303, CVE-2024-46678, CVE-2024-46756,     CVE-2023-52918, CVE-2024-43860, CVE-2024-43911, CVE-2024-43880, CVE-2024-43910, CVE-2024-44975,     CVE-2024-44959, CVE-2024-46747, CVE-2024-43846, CVE-2024-42274, CVE-2024-46672, CVE-2024-43852,     CVE-2024-46709, CVE-2024-42306, CVE-2024-42281, CVE-2024-46849, CVE-2024-46719, CVE-2024-43830,     CVE-2024-46685, CVE-2024-44998, CVE-2024-42313, CVE-2024-43820, CVE-2024-44991, CVE-2024-47674,     CVE-2024-46785, CVE-2024-45021, CVE-2024-46677, CVE-2024-43870, CVE-2024-46698, CVE-2024-43900,     CVE-2024-44956, CVE-2024-43849, CVE-2024-46687, CVE-2024-42296, CVE-2024-46830, CVE-2024-47669,     CVE-2024-46732, CVE-2024-46733, CVE-2024-46852, CVE-2024-43906, CVE-2024-43847, CVE-2024-42294,     CVE-2024-46731, CVE-2024-45029, CVE-2024-47667, CVE-2024-42272, CVE-2024-45022, CVE-2024-43879,     CVE-2024-46765, CVE-2024-45026, CVE-2024-44986, CVE-2024-44995, CVE-2024-47663, CVE-2024-42262,     CVE-2024-43889, CVE-2024-44987, CVE-2024-43866, CVE-2024-42265, CVE-2024-46847, CVE-2024-46673,     CVE-2024-46783, CVE-2024-46761, CVE-2024-46840, CVE-2024-42301, CVE-2024-43868, CVE-2024-45005,     CVE-2024-42322, CVE-2024-43828, CVE-2024-43834, CVE-2024-43891, CVE-2024-46861, CVE-2024-42261,     CVE-2024-43875, CVE-2024-43840, CVE-2024-42287, CVE-2024-46752, CVE-2024-46711, CVE-2024-46713,     CVE-2024-44943, CVE-2024-46743, CVE-2024-43869, CVE-2024-46781, CVE-2024-44946, CVE-2024-42283,     CVE-2024-47661, CVE-2024-43817, CVE-2024-46819, CVE-2024-42267, CVE-2024-46729, CVE-2024-46857,     CVE-2024-42295, CVE-2024-46760, CVE-2024-42315, CVE-2024-45019, CVE-2024-44948, CVE-2024-44941,     CVE-2024-42269, CVE-2024-44957, CVE-2024-49967)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46750 advisory.

  - In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to     pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is this     sequence: WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pci_bridge_secondary_bus_reset+0x5d/0x70 RIP:
    0010:pci_bridge_secondary_bus_reset+0x5d/0x70 Call Trace: <TASK> ? __warn+0x8c/0x190 ?     pci_bridge_secondary_bus_reset+0x5d/0x70 ? report_bug+0x1f8/0x200 ? handle_bug+0x3c/0x70 ?     exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? pci_bridge_secondary_bus_reset+0x5d/0x70     pci_reset_bus+0x1d8/0x270 vmd_probe+0x778/0xa10 pci_device_probe+0x95/0x120 Where pci_reset_bus() users     are triggering unlocked secondary bus resets. Ironically pci_bus_reset(), several calls down from     pci_reset_bus(), uses pci_bus_lock() before issuing the reset which locks everything *but* the bridge     itself. For the same motivation as adding: bridge = pci_upstream_bridge(dev); if (bridge)     pci_dev_lock(bridge); to pci_reset_function() for the bus and cxl_bus reset cases, add pci_dev_lock()     for @bus->self to pci_bus_lock(). [bhelgaas: squash in recursive locking deadlock fix from Keith Busch:
    https://lore.kernel.org/r/20240711193650.701834-1-kbusch@meta.com] (CVE-2024-46750)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    In the Linux kernel, the following vulnerability has been resolved:ntb: intel: Fix the NULL vs IS_ERR()     bug for debugfs_create_dir()  The debugfs_create_dir() function returns error pointers. It never returns     NULL. So use IS_ERR() to check it.(CVE-2023-52917)

    tracing: Free buffers when a used dynamic event is removed(CVE-2022-49006)

    block, bfq: fix possible UAF for bfqq-bic with merge chain(CVE-2024-47706)

    In the Linux kernel, the following vulnerability has been resolved:iommu: Return right value in     iommu_sva_bind_device()  iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR     value in error cases. Existing drivers (idxd and uacce) only check the return value with IS_ERR(). This     could potentially lead to a kernel NULL pointer dereference issue if the function returns NULL instead of     an error pointer.  In reality, this doesn't cause any problems because iommu_sva_bind_device() only     returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA. In this case,     iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) will return an error, and the device drivers won't call     iommu_sva_bind_device() at all.(CVE-2024-40945)

    net: hns3: void array out of bound when loop tnl_num(CVE-2024-46833)

    KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3(CVE-2024-46707)

    net/mlx5: Fix bridge mode operations when there are no VFs(CVE-2024-46857)

    In the Linux kernel, the following vulnerability has been resolved:netfilter: nft_socket: fix sk refcount     leaks  We must put 'sk' reference before returning.(CVE-2024-46855)

    fsnotify: clear PARENT_WATCHED flags lazily(CVE-2024-47660)

    tcp_bpf: fix return value of tcp_bpf_sendmsg()(CVE-2024-46783)

    mlxsw: spectrum_acl_erp: Fix object nesting warning(CVE-2024-43880)

    xdp: fix invalid wait context of page_pool_destroy()(CVE-2024-43834)

    virtio_net: Fix napi_skb_cache_put warning (CVE-2024-43835)

    net: hns3: fix kernel crash problem in concurrent scenario (CVE-2024-39507)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    In the Linux kernel, the following vulnerability has been resolved:net: ena: Add validation for completion     descriptors consistency  Validate that `first` flag is set only for the first descriptor in multi-buffer     packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption     has been added.(CVE-2024-40999)

    ipvlan: Dont Use skb-sk in ipvlan_process_v{4,6}_outbound(CVE-2024-33621)

    net: relax socket state check at accept time(CVE-2024-36484)

    net: fix information leakage in /proc/ net/ptype(CVE-2022-48757)

    net: bridge: vlan: fix memory leak in __allowed_ingress(CVE-2022-48748)

    In the Linux kernel, the following vulnerability has been resolved:USB: usbtmc: prevent kernel-usb-     infoleak  The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before     filling fields.(CVE-2024-47671)

    hv_netvsc: Register VF in netvsc_probe(CVE-2024-26820)

    vfs: Don't evict inode under the inode lru traversing context(CVE-2024-45003)

    perf/x86/intel: Limit the period on Haswell(CVE-2024-46848)

    ethtool: fail closed if we can't get max channel used in indirection tables(CVE-2024-46834)

    ELF: fix kernel.randomize_va_space double read(CVE-2024-46826)

    arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry(CVE-2024-46822)

    sched/smt: Fix unbalance sched_smt_present dec/inc(CVE-2024-44958)

    platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses(CVE-2024-46859)

    rtmutex: Drop rt_mutex::wait_lock before scheduling(CVE-2024-46829)

    drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[](CVE-2024-46815)

    drm/amd/display: Check link_index before accessing dc-links[](CVE-2024-46813)

    drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links(CVE-2024-46816)

    drm/amd/display: Check msg_id before processing transcation(CVE-2024-46814)

    thunderbolt: Mark XDomain as unplugged when router is removed(CVE-2024-46702)

    nvmet-tcp: fix kernel crash if commands allocation fails(CVE-2024-46737)

    of/irq: Prevent device address out-of-bounds read in interrupt map walk(CVE-2024-46743)

    VMCI: Fix use-after-free when removing resource in vmci_resource_remove()(CVE-2024-46738)

    usb: typec: ucsi: Fix null pointer dereference in trace(CVE-2024-46719)

    pktgen: use cpus_read_lock() in pg_net_init()(CVE-2024-46681)

    ethtool: check device is present when getting link settings(CVE-2024-46679)

    apparmor: fix possible NULL pointer dereference(CVE-2024-46721)

    selinux,smack: don't bypass permissions check in inode_setsecctx hook(CVE-2024-46695)

    bonding: change ipsec_lock from spin lock to mutex(CVE-2024-46678)

    PCI: Add missing bridge lock to pci_bus_lock()(CVE-2024-46750)

    ice: Add netif_device_attach/detach into PF reset flow(CVE-2024-46770)

    md: fix deadlock between mddev_suspend and flush bio(CVE-2024-43855)

    driver: iio: add missing checks on iio_info's callback access(CVE-2024-46715)

    uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (CVE-2024-46739)

    btrfs: fix qgroup reserve leaks in cow_file_range(CVE-2024-46733)

    Squashfs: sanity check symbolic link size(CVE-2024-46744)

    Input: MT - limit max slots(CVE-2024-45008)

    drm/amd/display: Assign linear_pitch_alignment even for VM(CVE-2024-46732)

    netem: fix return value if duplicate enqueue fails(CVE-2024-45016)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

    userfaultfd: fix checks for huge PMDs(CVE-2024-46787)

    netfilter: flowtable: initialise extack before use(CVE-2024-45018)

    rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back(CVE-2024-27414)

    xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING(CVE-2024-35976)

    net: atlantic: eliminate double free in error handling logic(CVE-2023-52664)

    netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()(CVE-2024-35898)

    net/ipv6: avoid possible UAF in ip6_route_mpath_notify()(CVE-2024-26852)

    udf: Avoid excessive partition lengths(CVE-2024-46777)

    scsi: aacraid: Fix double-free on probe failure(CVE-2024-46673)

    In the Linux kernel, the following vulnerability has been resolved:memcg_write_event_control(): fix a     user-triggerable oops  we are *not* guaranteed that anything past the terminating NUL is mapped (let alone     initialized with anything sane).(CVE-2024-45021)

    drm/client: fix null pointer dereference in drm_client_modeset_probe(CVE-2024-43894)

    drm/qxl: Add check for drm_cvt_mode(CVE-2024-43829)

    rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation(CVE-2024-36017)

    net: core: reject skb_copy(_expand) for fraglist GSO skbs(CVE-2024-36929)

    perf/aux: Fix AUX buffer serialization(CVE-2024-46713)

    fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE(CVE-2024-45025)

    driver core: Fix uevent_show() vs driver detach race(CVE-2024-44952)

    x86/mtrr: Check if fixed MTRRs exist before saving them(CVE-2024-44948)

    bonding: fix null pointer deref in bond_ipsec_offload_ok(CVE-2024-44990)

    net: hns3: fix a deadlock problem when config TC during resetting(CVE-2024-44995)

    bonding: fix xfrm real_dev null pointer dereference(CVE-2024-44989)

    scsi: qla2xxx: Fix for possible memory corruption(CVE-2024-42288)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    dmaengine: idxd: Prevent use after free on completion memory(CVE-2022-48867)

    drm/vmwgfx: Remove rcu locks from user resources(CVE-2022-48887)

    RDMA/hns: Fix soft lockup under heavy CEQE load(CVE-2024-43872)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    kvm: s390: Reject memory region operations for ucontrol VMs(CVE-2024-43819)

    ipv6: fix possible UAF in ip6_finish_output2()(CVE-2024-44986)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    drm/vmwgfx: Fix a deadlock in dma buf fence polling(CVE-2024-43863)

    media: xc2028: avoid use-after-free in load_firmware_cb()(CVE-2024-43900)

    gpio: prevent potential speculation leaks in gpio_device_get_desc()(CVE-2024-44931)

    netns: Make get_net_ns() handle zero refcount net(CVE-2024-40958)

    tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc(CVE-2023-52880)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    netfilter: ctnetlink: use helper function to calculate expect ID(CVE-2024-44944)

    udf: Fix bogus checksum computation in udf_rename()(CVE-2024-43845)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    padata: Fix possible divide-by-0 panic in padata_mt_helper()(CVE-2024-43889)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    sctp: Fix null-ptr-deref in reuseport_add_sock()(CVE-2024-44935)

    scsi: qla2xxx: Complete command early within lock(CVE-2024-42287)

    net: bridge: mcast: wait for previous gc cycles when removing port(CVE-2024-44934)

    bpf: Add schedule points in batch ops(CVE-2022-48939)

    apparmor: Fix null pointer deref when receiving skb during sock creation(CVE-2023-52889)

    dev/parport: fix the array out-of-bounds risk(CVE-2024-42301)

    block: initialize integrity buffer to zero before writing it to media(CVE-2024-43854)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    ipv6: prevent possible NULL deref in fib6_nh_init()(CVE-2024-40961)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious     actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL     pointer dereference in the NVMe driver and causing kernel panic and a denial of service.(CVE-2023-6356)

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious     actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL     pointer dereference in the NVMe driver, causing kernel panic and a denial of service.(CVE-2023-6535)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
213655	Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7196-1)	Nessus	Ubuntu Local Security Checks	1/9/2025	1/9/2025	high
215376	Azure Linux 3.0 Security Update: kernel (CVE-2024-46750)	Nessus	Azure Linux Local Security Checks	2/10/2025	2/10/2025	medium
212622	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2938)	Nessus	Huawei Local Security Checks	12/12/2024	12/12/2024	high

Detections

Analytics

Plugins Search

high

medium

high