According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    kernel:SUNRPC: fix a memleak in gss_import_v2_context(CVE-2023-52653)

    apparmor: Fix null pointer deref when receiving skb during sock creation(CVE-2023-52889)

    protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)

    tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc(CVE-2023-52880)

    padata: Fix possible divide-by-0 panic in padata_mt_helper()(CVE-2024-43889)

    dev/parport: fix the array out-of-bounds risk(CVE-2024-42301)

    netfilter: ctnetlink: use helper function to calculate expect ID(CVE-2024-44944)

    netns: Make get_net_ns() handle zero refcount net(CVE-2024-40958)

    ipv6: fix possible UAF in ip6_finish_output2()(CVE-2024-44986)

    kvm: s390: Reject memory region operations for ucontrol VMs(CVE-2024-43819)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)

    gpio: prevent potential speculation leaks in gpio_device_get_desc()(CVE-2024-44931)

    ipv6: prevent possible NULL deref in fib6_nh_init()(CVE-2024-40961)

    cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)

    drm/vmwgfx: Fix a deadlock in dma buf fence polling(CVE-2024-43863)

    io_uring: lock overflowing for IOPOLL(CVE-2023-52903)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    scsi: qla2xxx: Fix for possible memory corruption(CVE-2024-42288)

    dmaengine: idxd: Prevent use after free on completion memory(CVE-2022-48867)

    x86/mtrr: Check if fixed MTRRs exist before saving them(CVE-2024-44948)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    block: initialize integrity buffer to zero before writing it to media(CVE-2024-43854)

    media: xc2028: avoid use-after-free in load_firmware_cb()(CVE-2024-43900)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    lib: objagg: Fix general protection fault(CVE-2024-43846)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    drm/client: fix null pointer dereference in drm_client_modeset_probe(CVE-2024-43894)

    drm/qxl: Add check for drm_cvt_mode(CVE-2024-43829)

    userfaultfd: fix checks for huge PMDs(CVE-2024-46787)

    md: fix deadlock between mddev_suspend and flush bio(CVE-2024-43855)

    udf: Avoid excessive partition lengths(CVE-2024-46777)

    uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (CVE-2024-46739)

    In the Linux kernel, the following vulnerability has been resolved:memcg_write_event_control(): fix a     user-triggerable oops  we are *not* guaranteed that anything past the terminating NUL is mapped (let alone     initialized with anything sane).(CVE-2024-45021)

    scsi: aacraid: Fix double-free on probe failure(CVE-2024-46673)

    Squashfs: sanity check symbolic link size(CVE-2024-46744)

    apparmor: fix possible NULL pointer dereference(CVE-2024-46721)

    of/irq: Prevent device address out-of-bounds read in interrupt map walk(CVE-2024-46743)

    PCI: Add missing bridge lock to pci_bus_lock()(CVE-2024-46750)

    fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE(CVE-2024-45025)

    usb: typec: ucsi: Fix null pointer dereference in trace(CVE-2024-46719)

    thunderbolt: Mark XDomain as unplugged when router is removed(CVE-2024-46702)

    selinux,smack: don't bypass permissions check in inode_setsecctx hook(CVE-2024-46695)

    VMCI: Fix use-after-free when removing resource in vmci_resource_remove()(CVE-2024-46738)

    drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links(CVE-2024-46816)

    drm/amd/display: Check msg_id before processing transcation(CVE-2024-46814)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

    nvmet-tcp: fix kernel crash if commands allocation fails(CVE-2024-46737)

    drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[](CVE-2024-46815)

    ice: Add netif_device_attach/detach into PF reset flow(CVE-2024-46770)

    driver: iio: add missing checks on iio_info's callback access(CVE-2024-46715)

    pktgen: use cpus_read_lock() in pg_net_init()(CVE-2024-46681)

    drm/amd/display: Check link_index before accessing dc-links[](CVE-2024-46813)

    drm/amd/display: Assign linear_pitch_alignment even for VM(CVE-2024-46732)

    rtmutex: Drop rt_mutex::wait_lock before scheduling(CVE-2024-46829)

    perf/aux: Fix AUX buffer serialization(CVE-2024-46713)

    Input: MT - limit max slots(CVE-2024-45008)

    SUNRPC: lock against -sock changing during sysfs read(CVE-2022-48816)

    inet: inet_defrag: prevent sk release while still in use(CVE-2024-26921)

    rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation(CVE-2024-36017)

    xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING(CVE-2024-35976)

    netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()(CVE-2024-35898)

    net: atlantic: eliminate double free in error handling logic(CVE-2023-52664)

    In the Linux kernel, the following vulnerability has been resolved:USB: usbtmc: prevent kernel-usb-     infoleak  The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before     filling fields.(CVE-2024-47671)

    ELF: fix kernel.randomize_va_space double read(CVE-2024-46826)

    vfs: Don't evict inode under the inode lru traversing context(CVE-2024-45003)

    perf/x86/intel: Limit the period on Haswell(CVE-2024-46848)

    platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses(CVE-2024-46859)

    arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry(CVE-2024-46822)

    ethtool: fail closed if we can't get max channel used in indirection tables(CVE-2024-46834)

    netem: fix return value if duplicate enqueue fails(CVE-2024-45016)

    ethtool: check device is present when getting link settings(CVE-2024-46679)

    In the Linux kernel, the following vulnerability has been resolved:iommu: Return right value in     iommu_sva_bind_device()  iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR     value in error cases. Existing drivers (idxd and uacce) only check the return value with IS_ERR(). This     could potentially lead to a kernel NULL pointer dereference issue if the function returns NULL instead of     an error pointer.  In reality, this doesn't cause any problems because iommu_sva_bind_device() only     returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA. In this case,     iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) will return an error, and the device drivers won't call     iommu_sva_bind_device() at all.(CVE-2024-40945)

    xdp: fix invalid wait context of page_pool_destroy()(CVE-2024-43834)

    mlxsw: spectrum_acl_erp: Fix object nesting warning(CVE-2024-43880)

    virtio_net: Fix napi_skb_cache_put warning (CVE-2024-43835)

    tcp_bpf: fix return value of tcp_bpf_sendmsg()(CVE-2024-46783)

    drm/vmwgfx: Remove rcu locks from user resources(CVE-2022-48887)

    bonding: fix xfrm real_dev null pointer dereference(CVE-2024-44989)

    bonding: fix null pointer deref in bond_ipsec_offload_ok(CVE-2024-44990)

    net: core: reject skb_copy(_expand) for fraglist GSO skbs(CVE-2024-36929)

    block, bfq: fix possible UAF for bfqq-bic with merge chain(CVE-2024-47706)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    ipvlan: Dont Use skb-sk in ipvlan_process_v{4,6}_outbound(CVE-2024-33621)

    In the Linux kernel, the following vulnerability has been resolved:net: ena: Add validation for completion     descriptors consistency  Validate that `first` flag is set only for the first descriptor in multi-buffer     packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption     has been added.(CVE-2024-40999)

    net: hns3: fix kernel crash problem in concurrent scenario (CVE-2024-39507)

    net/mlx5: Fix bridge mode operations when there are no VFs(CVE-2024-46857)

    KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3(CVE-2024-46707)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    net: hns3: fix a deadlock problem when config TC during resetting(CVE-2024-44995)

    fsnotify: clear PARENT_WATCHED flags lazily(CVE-2024-47660)

    sctp: Fix null-ptr-deref in reuseport_add_sock()(CVE-2024-44935)

    bpf: Take return from set_memory_rox() into account with bpf_jit_binary_lock_ro()(CVE-2024-42067)

    In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from set_memory_ro()     into account with bpf_prog_lock_ro() set_memory_ro() can fail, leaving memory unprotected. Check its     return and take it into account as an error.(CVE-2024-42068)

    fuse: Initialize beyond-EOF page contents before setting uptodate(CVE-2024-44947)

    i2c: core: Run atomic i2c xfer when !preemptible(CVE-2023-52791)

    nvme: avoid double free special payload(CVE-2024-41073)

    drm/amd/display: Fix index out of bounds in degamma hardware format translation(CVE-2024-49894)

    drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error(CVE-2024-47698)

    cifs: Fix buffer overflow when parsing NFS reparse points(CVE-2024-49996)

    netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()(CVE-2024-47685)

    net: do not delay dst_entries_add() in dst_release()(CVE-2024-50036)

    ppp: fix ppp_async_encode() illegal access(CVE-2024-50035)

    ACPI: sysfs: validate return type of _STR method(CVE-2024-49860)

    nbd: fix race between timeout and normal completion(CVE-2024-49855)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46719 advisory.

  - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer     dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid.
    When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport returns NULL which causes a NULL     pointer dereference in trace. Rather than return NULL, call typec_port_register_altmode to register     DisplayPort alternate mode as a non-controllable mode when CONFIG_TYPEC_DP_ALTMODE is not enabled.
    (CVE-2024-46719)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7156-1 advisory.

    Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the     device to be enabled before writing. A local attacker could possibly use this to cause a denial of     service. (CVE-2024-25741)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM32 architecture;

    - ARM64 architecture;

    - MIPS architecture;

    - PA-RISC architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - S390 architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Ublk userspace block driver;

    - Bluetooth drivers;

    - Cdrom driver;

    - Character device driver;

    - Clock framework and drivers;

    - Hardware crypto device drivers;

    - CXL (Compute Express Link) drivers;

    - Buffer Sharing and Synchronization framework;

    - DMA engine subsystem;

    - Cirrus firmware drivers;

    - Qualcomm firmware drivers;

    - GPIO subsystem;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I2C subsystem;

    - I3C subsystem;

    - IIO subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Mailbox framework;

    - Multiple devices driver;

    - Media drivers;

    - Fastrpc Driver;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Ethernet bonding driver;

    - Network drivers;

    - Mellanox network drivers;

    - Microsoft Azure Network Adapter (MANA) driver;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - NVMEM (Non Volatile Memory) drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - x86 platform drivers;

    - Power supply drivers;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI subsystem;

    - QCOM SoC drivers;

    - SPI subsystem;

    - Direct Digital Synthesis drivers;

    - Thermal drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - UFS subsystem;

    - Userspace I/O drivers;

    - USB DSL drivers;

    - USB core drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Serial drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VFIO drivers;

    - Virtio Host (VHOST) subsystem;

    - Framebuffer layer;

    - Xen hypervisor drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - GFS2 file system;

    - JFFS2 file system;

    - JFS file system;

    - Network file systems library;

    - Network file system (NFS) client;

    - Network file system (NFS) server daemon;

    - NILFS2 file system;

    - File system notification infrastructure;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Tracing file system;

    - Bitmap API;

    - BPF subsystem;

    - Syscall compatibility layer;

    - Memory Management;

    - Memory management;

    - Objagg library;

    - Perf events;

    - Syscall interfaces;

    - Virtio network driver;

    - VMware vSockets driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - Netfilter;

    - Tracing infrastructure;

    - io_uring subsystem;

    - Control group (cgroup);

    - DMA mapping infrastructure;

    - Locking primitives;

    - Padata parallel execution mechanism;

    - Scheduler infrastructure;

    - Closures library;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - KUnit for arithmetic overflow checks;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Ceph Core library;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - SELinux security module;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - AMD SoC Alsa drivers;

    - Texas InstrumentS Audio (ASoC/HDA) drivers;

    - SoC Audio for Freescale CPUs drivers;

    - Intel ASoC drivers;

    - MediaTek ASoC drivers;

    - Amlogic Meson SoC drivers;

    - SoC audio core drivers;

    - SOF drivers;

    - Sound sequencer drivers;

    - USB sound devices;

    - Real-Time Linux Analysis tools; (CVE-2024-43911, CVE-2024-46762, CVE-2024-46794, CVE-2024-43843,     CVE-2024-42229, CVE-2024-43888, CVE-2024-44978, CVE-2024-46693, CVE-2024-46695, CVE-2024-42290,     CVE-2024-42067, CVE-2024-45012, CVE-2024-42316, CVE-2024-47665, CVE-2024-41052, CVE-2024-42074,     CVE-2024-41058, CVE-2024-44975, CVE-2024-46709, CVE-2024-46871, CVE-2024-42090, CVE-2024-42296,     CVE-2024-42096, CVE-2024-42146, CVE-2024-46855, CVE-2024-39487, CVE-2024-43825, CVE-2024-42066,     CVE-2024-42126, CVE-2024-41022, CVE-2024-41025, CVE-2023-52888, CVE-2024-46702, CVE-2024-42269,     CVE-2024-41082, CVE-2024-42284, CVE-2024-42227, CVE-2024-41017, CVE-2024-42250, CVE-2024-46778,     CVE-2024-47661, CVE-2024-46727, CVE-2024-46845, CVE-2024-44953, CVE-2024-47659, CVE-2024-42137,     CVE-2024-42245, CVE-2024-41096, CVE-2024-46829, CVE-2024-41053, CVE-2024-46782, CVE-2024-44972,     CVE-2024-41095, CVE-2024-42239, CVE-2024-42127, CVE-2024-42292, CVE-2024-46752, CVE-2024-46679,     CVE-2024-41076, CVE-2024-46784, CVE-2024-46786, CVE-2024-46678, CVE-2024-44957, CVE-2024-46755,     CVE-2024-47660, CVE-2024-41067, CVE-2024-46838, CVE-2024-43879, CVE-2024-45007, CVE-2024-45025,     CVE-2024-45001, CVE-2024-41009, CVE-2024-41051, CVE-2024-46836, CVE-2024-49984, CVE-2024-45028,     CVE-2024-43871, CVE-2024-46783, CVE-2024-42272, CVE-2024-42087, CVE-2024-46785, CVE-2024-42276,     CVE-2024-47658, CVE-2024-46761, CVE-2024-46715, CVE-2024-46676, CVE-2024-43824, CVE-2024-42100,     CVE-2024-46745, CVE-2024-41084, CVE-2024-41086, CVE-2024-45015, CVE-2024-46797, CVE-2024-42160,     CVE-2024-46706, CVE-2024-46803, CVE-2024-46708, CVE-2024-47669, CVE-2024-45009, CVE-2024-41021,     CVE-2024-42159, CVE-2024-42321, CVE-2024-46868, CVE-2024-41078, CVE-2024-42303, CVE-2024-45027,     CVE-2024-42309, CVE-2024-43849, CVE-2024-43907, CVE-2024-43899, CVE-2024-43823, CVE-2024-42232,     CVE-2024-44937, CVE-2024-41046, CVE-2024-42237, CVE-2024-42063, CVE-2024-42065, CVE-2024-42154,     CVE-2024-42259, CVE-2024-46698, CVE-2024-46741, CVE-2024-45020, CVE-2024-42151, CVE-2024-41073,     CVE-2024-46719, CVE-2024-42295, CVE-2024-46859, CVE-2024-41035, CVE-2024-46751, CVE-2024-47667,     CVE-2024-46728, CVE-2024-46824, CVE-2024-42121, CVE-2024-46776, CVE-2024-46768, CVE-2024-43908,     CVE-2024-43900, CVE-2024-46707, CVE-2024-44934, CVE-2024-41062, CVE-2024-42304, CVE-2024-42312,     CVE-2024-42157, CVE-2024-41092, CVE-2024-41041, CVE-2024-43832, CVE-2024-41039, CVE-2024-44962,     CVE-2024-46858, CVE-2024-43856, CVE-2024-41060, CVE-2024-45010, CVE-2024-41044, CVE-2024-44942,     CVE-2024-42307, CVE-2024-44984, CVE-2024-41075, CVE-2024-43817, CVE-2024-46791, CVE-2024-46853,     CVE-2024-42301, CVE-2024-44993, CVE-2024-41094, CVE-2024-27022, CVE-2024-41088, CVE-2024-43883,     CVE-2024-41087, CVE-2024-46780, CVE-2024-42070, CVE-2024-44965, CVE-2024-46823, CVE-2024-46737,     CVE-2024-44982, CVE-2024-46697, CVE-2024-45021, CVE-2024-44987, CVE-2024-41072, CVE-2024-41063,     CVE-2024-46757, CVE-2024-46831, CVE-2024-44966, CVE-2024-42322, CVE-2024-42231, CVE-2024-46717,     CVE-2024-41065, CVE-2024-44969, CVE-2023-52887, CVE-2024-42105, CVE-2024-44971, CVE-2024-46798,     CVE-2024-42262, CVE-2024-44938, CVE-2024-42088, CVE-2024-44970, CVE-2024-43876, CVE-2024-46800,     CVE-2024-42086, CVE-2024-43826, CVE-2024-46729, CVE-2024-46747, CVE-2024-46691, CVE-2024-46723,     CVE-2024-41018, CVE-2024-42258, CVE-2024-41081, CVE-2024-41049, CVE-2024-43837, CVE-2024-45008,     CVE-2024-41047, CVE-2024-41019, CVE-2024-42152, CVE-2024-41090, CVE-2024-46716, CVE-2024-42104,     CVE-2024-46804, CVE-2024-43852, CVE-2024-42129, CVE-2024-46870, CVE-2024-41093, CVE-2024-45011,     CVE-2024-41064, CVE-2024-46722, CVE-2024-42286, CVE-2024-45026, CVE-2024-46818, CVE-2024-42281,     CVE-2024-43854, CVE-2024-41037, CVE-2024-44946, CVE-2024-41012, CVE-2024-41098, CVE-2024-42263,     CVE-2024-42095, CVE-2024-46756, CVE-2024-43913, CVE-2024-46822, CVE-2024-44944, CVE-2024-42156,     CVE-2024-42073, CVE-2024-42093, CVE-2024-44931, CVE-2024-42223, CVE-2024-42264, CVE-2024-42278,     CVE-2024-46759, CVE-2024-46826, CVE-2024-43828, CVE-2024-42318, CVE-2024-42240, CVE-2024-45000,     CVE-2024-43909, CVE-2024-46792, CVE-2024-42109, CVE-2024-43867, CVE-2024-42130, CVE-2024-42244,     CVE-2024-44977, CVE-2024-46774, CVE-2024-41030, CVE-2024-42310, CVE-2024-42138, CVE-2024-42317,     CVE-2024-42224, CVE-2024-46694, CVE-2024-46815, CVE-2024-46677, CVE-2024-46763, CVE-2024-46860,     CVE-2024-46767, CVE-2024-42111, CVE-2024-41020, CVE-2024-46726, CVE-2024-42117, CVE-2024-43831,     CVE-2024-42285, CVE-2024-46842, CVE-2024-43857, CVE-2024-41031, CVE-2024-43834, CVE-2024-42135,     CVE-2024-42241, CVE-2024-46846, CVE-2024-44988, CVE-2024-43892, CVE-2024-44991, CVE-2024-46806,     CVE-2024-41015, CVE-2024-43906, CVE-2024-42238, CVE-2024-46779, CVE-2024-41010, CVE-2024-41068,     CVE-2024-46730, CVE-2024-46827, CVE-2024-42120, CVE-2024-41059, CVE-2024-46850, CVE-2023-52889,     CVE-2024-45017, CVE-2024-45003, CVE-2024-46844, CVE-2024-46816, CVE-2024-46811, CVE-2024-41023,     CVE-2024-44948, CVE-2024-46753, CVE-2024-45002, CVE-2024-42251, CVE-2024-46713, CVE-2024-42273,     CVE-2024-46733, CVE-2024-46739, CVE-2024-42108, CVE-2024-41085, CVE-2024-41033, CVE-2024-42298,     CVE-2024-46835, CVE-2024-39472, CVE-2024-47663, CVE-2024-43859, CVE-2024-43820, CVE-2024-42118,     CVE-2024-41036, CVE-2024-47683, CVE-2024-42161, CVE-2024-42235, CVE-2024-43861, CVE-2024-43863,     CVE-2024-47668, CVE-2024-46685, CVE-2024-43864, CVE-2024-46749, CVE-2024-44983, CVE-2024-46841,     CVE-2024-42082, CVE-2024-43818, CVE-2024-41071, CVE-2024-45006, CVE-2024-42080, CVE-2024-46825,     CVE-2024-46687, CVE-2024-44959, CVE-2024-43835, CVE-2024-43891, CVE-2024-46851, CVE-2024-42248,     CVE-2024-42103, CVE-2024-42079, CVE-2024-42068, CVE-2024-47664, CVE-2024-46854, CVE-2024-44973,     CVE-2024-42077, CVE-2024-46821, CVE-2024-43886, CVE-2024-41089, CVE-2024-43850, CVE-2024-44995,     CVE-2024-46809, CVE-2024-42084, CVE-2024-46758, CVE-2024-47662, CVE-2024-43839, CVE-2024-46738,     CVE-2024-41034, CVE-2024-42228, CVE-2024-42147, CVE-2024-43855, CVE-2024-41032, CVE-2024-46819,     CVE-2024-44989, CVE-2024-42265, CVE-2024-42110, CVE-2024-42155, CVE-2024-45005, CVE-2024-45016,     CVE-2024-42141, CVE-2024-43821, CVE-2024-42299, CVE-2024-44950, CVE-2024-42279, CVE-2024-44943,     CVE-2024-43904, CVE-2024-42268, CVE-2024-42089, CVE-2024-46807, CVE-2024-44996, CVE-2024-42069,     CVE-2024-46672, CVE-2024-44940, CVE-2024-42270, CVE-2024-46735, CVE-2024-42319, CVE-2024-46754,     CVE-2024-46861, CVE-2024-42277, CVE-2024-41054, CVE-2024-42131, CVE-2024-41056, CVE-2024-44963,     CVE-2024-42267, CVE-2024-42283, CVE-2024-42320, CVE-2024-46740, CVE-2024-46787, CVE-2024-43895,     CVE-2024-43881, CVE-2024-44961, CVE-2024-43910, CVE-2024-43875, CVE-2024-42289, CVE-2024-43853,     CVE-2024-42315, CVE-2024-43884, CVE-2024-46867, CVE-2024-43912, CVE-2024-41007, CVE-2024-46743,     CVE-2024-46675, CVE-2024-43877, CVE-2024-39486, CVE-2024-41050, CVE-2024-43858, CVE-2024-45018,     CVE-2024-46744, CVE-2024-46750, CVE-2024-46840, CVE-2024-42150, CVE-2024-41028, CVE-2024-42091,     CVE-2024-43894, CVE-2024-43869, CVE-2024-42132, CVE-2024-46777, CVE-2024-42106, CVE-2024-46848,     CVE-2024-41038, CVE-2024-46711, CVE-2024-43833, CVE-2024-46710, CVE-2024-46812, CVE-2024-42311,     CVE-2024-46701, CVE-2024-46683, CVE-2024-45029, CVE-2024-46830, CVE-2024-46857, CVE-2024-44979,     CVE-2024-44999, CVE-2024-44985, CVE-2024-46773, CVE-2024-45022, CVE-2024-46772, CVE-2024-44960,     CVE-2024-42243, CVE-2024-42158, CVE-2024-43819, CVE-2024-45030, CVE-2024-42085, CVE-2024-42274,     CVE-2024-44986, CVE-2024-41048, CVE-2024-42098, CVE-2024-46680, CVE-2023-52918, CVE-2024-46673,     CVE-2024-46834, CVE-2024-42288, CVE-2024-44998, CVE-2024-42113, CVE-2024-42094, CVE-2024-42225,     CVE-2024-42112, CVE-2024-42153, CVE-2024-43880, CVE-2024-43905, CVE-2024-43902, CVE-2024-46681,     CVE-2024-42236, CVE-2024-42294, CVE-2024-46793, CVE-2024-43882, CVE-2024-44947, CVE-2024-46849,     CVE-2024-44954, CVE-2024-46852, CVE-2024-41070, CVE-2024-41069, CVE-2024-46864, CVE-2024-46703,     CVE-2024-43829, CVE-2024-46802, CVE-2024-42101, CVE-2024-44990, CVE-2024-43830, CVE-2024-41029,     CVE-2024-43866, CVE-2024-43889, CVE-2024-42230, CVE-2024-46692, CVE-2024-42133, CVE-2024-45013,     CVE-2024-42076, CVE-2024-46810, CVE-2024-42128, CVE-2024-46718, CVE-2024-46814, CVE-2024-43841,     CVE-2024-43873, CVE-2024-42092, CVE-2024-41074, CVE-2024-41083, CVE-2024-46731, CVE-2024-43842,     CVE-2024-41077, CVE-2024-46720, CVE-2024-46795, CVE-2024-46813, CVE-2024-46805, CVE-2024-42142,     CVE-2024-42291, CVE-2024-43846, CVE-2024-41057, CVE-2024-43870, CVE-2024-44980, CVE-2024-46866,     CVE-2024-43827, CVE-2024-43840, CVE-2024-42280, CVE-2024-42261, CVE-2024-42246, CVE-2024-42115,     CVE-2024-46686, CVE-2024-43860, CVE-2024-46808, CVE-2024-42149, CVE-2024-46828, CVE-2024-44935,     CVE-2024-43847, CVE-2024-44967, CVE-2024-46817, CVE-2024-46721, CVE-2024-42305, CVE-2024-46766,     CVE-2024-43914, CVE-2024-46760, CVE-2024-41061, CVE-2024-41091, CVE-2024-43890, CVE-2024-42314,     CVE-2024-42064, CVE-2024-42302, CVE-2024-43887, CVE-2024-46832, CVE-2024-46765, CVE-2024-46770,     CVE-2024-41080, CVE-2024-42253, CVE-2024-44941, CVE-2024-42306, CVE-2024-41027, CVE-2024-46689,     CVE-2024-46781, CVE-2024-42247, CVE-2024-41066, CVE-2024-42287, CVE-2024-41097, CVE-2024-44939,     CVE-2024-45019, CVE-2024-47674, CVE-2024-46705, CVE-2024-42119, CVE-2024-46725, CVE-2024-46746,     CVE-2024-46732, CVE-2024-41042, CVE-2024-44958, CVE-2024-42114, CVE-2024-43893, CVE-2024-47666,     CVE-2024-46843, CVE-2024-42252, CVE-2024-42102, CVE-2024-42136, CVE-2024-41045, CVE-2024-42260,     CVE-2024-46771, CVE-2024-42124, CVE-2024-42297, CVE-2024-42271, CVE-2024-43845, CVE-2024-46775,     CVE-2024-41079, CVE-2024-43868, CVE-2024-42140, CVE-2024-42313, CVE-2024-42145, CVE-2024-46724,     CVE-2024-46788, CVE-2024-42234, CVE-2024-42144, CVE-2024-44974, CVE-2024-42097, CVE-2024-46714,     CVE-2024-41055, CVE-2024-44956)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3564-1 advisory.

    The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3561-1 advisory.

    The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7088-4 advisory.

    Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer     overflow vulnerability. A local attacker could use this to cause a denial of service (system crash).
    (CVE-2022-36402)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - PowerPC architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - CPU frequency scaling framework;

    - Device frequency scaling framework;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - EEPROM drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Serial drivers;

    - BTRFS file system;

    - File systems infrastructure;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - BPF subsystem;

    - Core kernel;

    - DMA mapping infrastructure;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Simplified Mandatory Access Control Kernel framework;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-35848, CVE-2024-43853, CVE-2024-41017, CVE-2024-26607, CVE-2024-43839,     CVE-2024-41072, CVE-2024-46815, CVE-2023-52614, CVE-2024-46798, CVE-2024-46676, CVE-2024-43914,     CVE-2024-43841, CVE-2024-41012, CVE-2024-27051, CVE-2024-46738, CVE-2024-47663, CVE-2024-46723,     CVE-2024-46740, CVE-2024-42287, CVE-2024-46750, CVE-2024-43894, CVE-2023-52531, CVE-2024-47668,     CVE-2024-47669, CVE-2024-46685, CVE-2024-41011, CVE-2024-41064, CVE-2024-42305, CVE-2024-41073,     CVE-2024-46829, CVE-2024-43860, CVE-2024-46679, CVE-2024-44999, CVE-2024-46817, CVE-2024-26800,     CVE-2024-46689, CVE-2024-43908, CVE-2024-46739, CVE-2024-43893, CVE-2024-46828, CVE-2024-46777,     CVE-2024-46721, CVE-2024-36484, CVE-2024-46822, CVE-2024-46840, CVE-2024-43880, CVE-2024-46781,     CVE-2024-46673, CVE-2024-26669, CVE-2024-41098, CVE-2024-46737, CVE-2024-43871, CVE-2024-42281,     CVE-2024-42301, CVE-2024-44995, CVE-2024-43879, CVE-2024-26668, CVE-2024-44965, CVE-2024-41068,     CVE-2024-41059, CVE-2024-42229, CVE-2024-44987, CVE-2024-46745, CVE-2024-26891, CVE-2024-46719,     CVE-2024-42292, CVE-2024-44952, CVE-2024-46756, CVE-2024-45028, CVE-2024-42283, CVE-2024-45025,     CVE-2024-46743, CVE-2024-43867, CVE-2024-46771, CVE-2024-41081, CVE-2024-42244, CVE-2024-42284,     CVE-2024-43858, CVE-2024-44998, CVE-2024-46758, CVE-2024-46800, CVE-2024-45003, CVE-2024-44935,     CVE-2024-38611, CVE-2024-46844, CVE-2024-44954, CVE-2024-42313, CVE-2024-46783, CVE-2024-42311,     CVE-2024-46761, CVE-2024-41022, CVE-2024-43829, CVE-2024-43835, CVE-2024-43846, CVE-2024-46755,     CVE-2024-47667, CVE-2024-42259, CVE-2024-41090, CVE-2024-42310, CVE-2024-42265, CVE-2024-42295,     CVE-2024-46818, CVE-2024-46780, CVE-2024-44948, CVE-2024-44960, CVE-2024-44988, CVE-2024-46757,     CVE-2024-45021, CVE-2024-46747, CVE-2024-43854, CVE-2024-42304, CVE-2021-47212, CVE-2024-42309,     CVE-2024-44946, CVE-2024-46744, CVE-2024-42285, CVE-2024-46782, CVE-2024-43856, CVE-2024-41091,     CVE-2024-42131, CVE-2024-43830, CVE-2024-42290, CVE-2024-45008, CVE-2024-42276, CVE-2024-47659,     CVE-2024-40929, CVE-2024-46714, CVE-2023-52918, CVE-2024-44947, CVE-2024-42289, CVE-2024-42246,     CVE-2024-41071, CVE-2024-43883, CVE-2024-46722, CVE-2024-38602, CVE-2024-43882, CVE-2024-42280,     CVE-2024-46759, CVE-2024-42271, CVE-2024-44969, CVE-2024-44944, CVE-2024-46675, CVE-2024-41020,     CVE-2024-41042, CVE-2024-42306, CVE-2024-46677, CVE-2024-42288, CVE-2024-41070, CVE-2024-45026,     CVE-2024-41065, CVE-2024-26885, CVE-2024-42286, CVE-2024-41063, CVE-2024-43884, CVE-2024-42297,     CVE-2024-43890, CVE-2024-43861, CVE-2024-45006, CVE-2024-26640, CVE-2024-26641, CVE-2024-41015)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

遠端 Ubuntu 20.04 LTS 主機上安裝的一個套件受到 USN-7194-1 公告中所提及的多個弱點影響。

    Andy Nguyen 發現，Linux 核心中的藍牙 L2CAP 實作包含類型混淆錯誤。實際位置靠近的遠端攻擊者可利用此錯誤造成拒絕服務 (系統當機)，或可能執行任意程式碼。(CVE-2020-12351)

    Andy Nguyen 發現，Linux 核心中的 Bluetooth A2MP 實作在某些情況下未正確初始化記憶體。實際位置靠近的遠端攻擊者可利用此弱點洩漏敏感資訊 (核心記憶體)。(CVE-2020-12352)

    Andy Nguyen 發現，Linux 核心中的 Bluetooth HCI 事件封包剖析器未正確處理特定大小的事件公告，進而導致堆積型緩衝區溢位。實際位置靠近的遠端攻擊者可利用此錯誤造成拒絕服務 (系統當機)，或可能執行任意程式碼。(CVE-2020-24490)

    據發現，Linux 核心中的 CIFS 網路檔案系統實作未正確驗證特定的 SMB 訊息，進而導致超出邊界讀取弱點。攻擊者可利用此問題造成拒絕服務 (系統當機)，或可能洩漏敏感資訊。(CVE-2023-6610)

    Supraja Sridhara、Benedict Schlter、Mark Kuhne、Andrin Bertschi 和 Shweta Shinde 發現 x86 平台 Linux 核心中的機密運算架構未妥善處理 TDX 和 SEV 上的 32 位元模擬。具有 VMM 存取權的攻擊者可利用此弱點造成拒絕服務 (客體當機)，或可能執行任意程式碼 (CVE-2024-25744)。

    在 Linux 核心中發現數個安全性問題。攻擊者可能會利用這些弱點入侵系統。此更新可更正下列子系統中的瑕疵：

    - ARM32 架構 ;

    - ARM64 架構 ;

    - MIPS 架構 ;

    - PowerPC 架構 ;

    - RISC-V 架構 ;

    - S390 架構 ;

    - 使用者模式 Linux (UML) ;

    - x86 架構 ;

    - 區塊層子系統 ;

    - ACPI 驅動程式 ;

    - Android 驅動程式 ;

    - Serial ATA 和 Parallel ATA 驅動程式 ;

    - ATM 驅動程式 ;

    - 驅動程式核心 ;

    - ATA over ethernet (AOE) 驅動程式 ;

    - Null 區塊裝置驅動程式 ;

    - TPM 裝置驅動程式 ;

    - 字元裝置驅動程式 ;

    - 時鐘架構和驅動程式 ;

    - 緩衝區共用和同步處理架構 ;

    - ARM SCMI 訊息通訊協定 ;

    - EFI 核心 ;

    - GPIO 子系統 ;

    - GPU 驅動程式 ;

    - HID 子系統 ;

    - 硬體監控驅動程式 ;

    - I2C 子系統 ;

    - I3C 子系統 ;

    - InfiniBand 驅動程式 ;

    - 輸入裝置核心驅動程式 ;

    - 輸入裝置 (其他) 驅動程式 ;

    - IOMMU 子系統 ;

    - IRQ 晶片驅動程式 ;

    - ISDN/mISDN 子系統 ;

    - LED 子系統 ;

    - 信箱架構 ;

    - 多個裝置驅動程式 ;

    - 媒體驅動程式 ;

    - VMware VMCI 驅動程式 ;

    - MMC 子系統 ;

    - 乙太網路綁定驅動程式 ;

    - 網路驅動程式 ;

    - Mellanox 網路驅動程式 ;

    - Microsoft Azure 網路介面卡 (MANA) 驅動程式 ;

    - STMicroelectronics 網路驅動程式 ;

    - 近距離無線通訊 (NFC) 驅動程式 ;

    - NTB 驅動程式 ;

    - Virtio pmem 驅動程式 ;

    - NVME 驅動程式 ;

    - 裝置樹狀結構和開放韌體驅動程式 ;

    - Parport 驅動程式 ;

    - PCI 子系統 ;

    - 針腳控制器子系統 ;

    - x86 平台驅動程式 ;

    - Remote Processor 子系統 ;

    - S/390 驅動程式 ;

    - SCSI 子系統 ;

    - QCOM SoC 驅動程式 ;

    - SPI 子系統 ;

    - Direct Digital Synthesis 驅動程式 ;

    - 熱驅動程式 ;

    - Thunderbolt 和 USB4 驅動程式 ;

    - TTY 驅動程式 ;

    - 使用者空間 I/O 驅動程式 ;

    - USB 裝置類別驅動程式 ;

    - DesignWare USB3 驅動程式 ;

    - USB Gadget 驅動程式 ;

    - USB 主機控制器驅動程式 ;

    - USB Type-C Port Controller Manager 驅動程式 ;

    - USB Type-C Connector System Software Interface 驅動程式 ;

    - USB over IP 驅動程式 ;

    - VFIO 驅動程式 ;

    - Virtio Host (VHOST) 子系統 ;

    - Framebuffer 層 ;

    - 9P 分散式檔案系統 ;

    - 檔案系統基礎架構 ;

    - BTRFS 檔案系統 ;

    - Ceph 分散式檔案系統 ;

    - Ext4 檔案系統 ;

    - F2FS 檔案系統 ;

    - GFS2 檔案系統 ;

    - JFS 檔案系統 ;

    - 網路檔案系統 (NFS) 用戶端 ;

    - 網路檔案系統 (NFS) 伺服器程序 ;

    - NILFS2 檔案系統 ;

    - 檔案系統通知基礎架構 ;

    - NTFS3 檔案系統 ;

    - Proc 檔案系統 ;

    - SMB 網路檔案系統 ;

    - 點陣圖 API ;

    - 網路檔案系統 (NFS) superblock ;

    - Objagg 程式庫 ;

    - Perf 事件 ;

    - Virtio 網路驅動程式 ;

    - 藍牙子系統 ;

    - KCM (核心連線多工器) 通訊端驅動程式 ;

    - 網路流量控制 ;

    - 網路通訊端 ;

    - TCP 網路通訊協定 ;

    - BPF 子系統 ;

    - 控制群組 (cgroup) ;

    - DMA 對應基礎架構 ;

    - 核心執行緒協助程式 (kthread) ;

    - 鎖定基元 ;

    - Padata 平行執行機制 ;

    - RCU 子系統 ;

    - 任意資源管理 ;

    - 排程器基礎架構 ;

    - 靜態呼叫機制 ;

    - 追蹤基礎架構 ;

    - Radix Tree 資料結構程式庫 ;

    - 核心使用者空間事件遞送程式庫 ;

    - 記憶體管理 ;

    - Amateur Radio 驅動程式 ;

    - 乙太網路橋接器 ;

    - CAN 網路層

    - 網路核心 ;

    - Ethtool 驅動程式 ;

    - IPv4 網路 ;

    - IPv6 網路 ;

    - IUCV 驅動程式 ;

    - MAC80211 子系統 ;

    - 多重路徑 TCP ;

    - Netfilter ;

    - Netlink ;

    - SCTP 通訊協定 ;

    - Sun RPC 通訊協定 ;

    - TIPC 通訊協定 ;

    - TLS 通訊協定 ;

    - VMware vSockets 驅動程式 ;

    - 無線網路 ;

    - AppArmor 安全性模組 ;

    - Landlock 安全性 ;

    - SELinux 安全性模組 ;

    - 簡化強制存取控制核心架構 ;

    - FireWire 音效驅動程式 ;

    - AudioScience HPI 驅動程式 ;

    - Amlogic Meson SoC 驅動程式 ;

    - SoC 音訊核心驅動程式 ;

    - USB 音效裝置 ; (CVE-2024-41091、CVE-2024-46800、CVE-2024-49924、CVE-2024-47659、CVE-2024-42295、CVE-2024-42284、CVE-2024-38577、CVE-2024-49902、CVE-2024-45011、CVE-2024-47673、CVE-2024-38538、CVE-2024-45008、CVE-2024-47667、CVE-2024-46832、CVE-2024-43879、CVE-2024-41059、CVE-2024-43853、CVE-2024-44940、CVE-2024-44947、CVE-2024-43828、CVE-2024-41090、CVE-2024-44944、CVE-2024-43834、CVE-2024-46777、CVE-2024-46689、CVE-2024-35965、CVE-2024-42276、CVE-2024-50264、CVE-2024-44965、CVE-2024-49977、CVE-2024-42079、CVE-2024-46744、CVE-2024-42299、CVE-2024-43909、CVE-2024-41098、CVE-2024-46731、CVE-2024-44946、CVE-2024-50024、CVE-2024-49858、CVE-2024-49892、CVE-2024-44989、CVE-2024-47663、CVE-2024-49983、CVE-2024-42286、CVE-2024-42310、CVE-2024-44974、CVE-2024-43892、CVE-2024-46840、CVE-2024-47695、CVE-2024-46780、CVE-2024-46757、CVE-2024-46707、CVE-2024-49894、CVE-2024-50007、CVE-2024-47705、CVE-2024-49890、CVE-2024-46815、CVE-2024-36968、CVE-2024-40915、CVE-2024-44995、CVE-2024-49871、CVE-2024-42265、CVE-2024-42283、CVE-2024-50000、CVE-2024-42309、CVE-2024-47748、CVE-2024-35967、CVE-2023-52904、CVE-2024-46745、CVE-2024-41016、CVE-2024-49868、CVE-2024-41011、CVE-2024-50186、CVE-2024-50033、CVE-2024-38545、CVE-2024-42267、CVE-2024-46852、CVE-2024-44987、CVE-2024-46783、CVE-2024-47671、CVE-2024-46721、CVE-2024-46853、CVE-2024-43914、CVE-2024-43907、CVE-2024-47734、CVE-2024-36484、CVE-2024-46781、CVE-2024-47693、CVE-2024-46791、CVE-2024-49913、CVE-2024-49900、CVE-2024-50191、CVE-2024-43860、CVE-2024-45018、CVE-2024-46854、CVE-2024-42246、CVE-2024-42156、CVE-2024-47660、CVE-2024-49878、CVE-2024-44982、CVE-2024-43867、CVE-2024-49938、CVE-2024-47737、CVE-2024-46743、CVE-2024-42292、CVE-2024-50181、CVE-2024-41020、CVE-2024-43863、CVE-2024-46817、CVE-2024-42281、CVE-2023-52621、CVE-2024-47749、CVE-2024-46804、CVE-2024-47747、CVE-2024-50045、CVE-2024-41065、CVE-2023-52434、CVE-2024-50095、CVE-2024-45025、CVE-2024-50179、CVE-2024-49946、CVE-2024-46782、CVE-2024-43839、CVE-2024-43904、CVE-2024-44958、CVE-2024-44934、CVE-2024-45006、CVE-2024-49969、CVE-2024-44986、CVE-2024-46752、CVE-2024-35966、CVE-2024-39463、CVE-2024-49883、CVE-2024-46805、CVE-2024-44935、CVE-2023-52532、CVE-2024-41071、CVE-2024-46807、CVE-2024-43846、CVE-2024-50015、CVE-2024-26661、CVE-2024-43841、CVE-2024-46819、CVE-2024-44931、CVE-2024-53057、CVE-2024-49982、CVE-2023-52757、CVE-2024-47735、CVE-2024-49866、CVE-2024-46763、CVE-2024-45021、CVE-2024-46814、CVE-2024-46673、CVE-2024-43873、CVE-2024-49997、CVE-2024-38602、CVE-2024-46795、CVE-2024-26822、CVE-2024-47670、CVE-2024-46755、CVE-2024-43902、CVE-2024-46859、CVE-2024-43883、CVE-2024-49966、CVE-2024-42305、CVE-2024-49959、CVE-2024-42280、CVE-2024-49965、CVE-2024-47674、CVE-2024-46723、CVE-2024-50031、CVE-2024-50184、CVE-2024-36893、CVE-2024-43875、CVE-2023-52918、CVE-2024-49867、CVE-2024-49981、CVE-2024-43861、CVE-2024-49895、CVE-2024-26669、CVE-2024-38544、CVE-2024-49973、CVE-2024-41015、CVE-2024-42296、CVE-2024-46722、CVE-2024-42158、CVE-2024-49881、CVE-2024-27072、CVE-2024-47739、CVE-2024-46828、CVE-2024-46724、CVE-2024-44999、CVE-2024-44971、CVE-2024-40973、CVE-2023-52572、CVE-2024-47709、CVE-2024-47742、CVE-2024-46818、CVE-2024-50035、CVE-2024-50188、CVE-2024-47679、CVE-2024-38667、CVE-2024-41078、CVE-2024-46844、CVE-2024-47672、CVE-2024-42306、CVE-2024-46758、CVE-2024-43869、CVE-2024-50062、CVE-2024-49875、CVE-2024-41017、CVE-2024-41077、CVE-2024-50038、CVE-2024-50013、CVE-2024-46746、CVE-2024-49962、CVE-2024-50049、CVE-2023-52751、CVE-2024-47684、CVE-2024-47701、CVE-2024-41070、CVE-2024-44942、CVE-2024-35904、CVE-2024-26607、CVE-2024-50019、CVE-2024-46714、CVE-2024-46738、CVE-2024-42312、CVE-2024-44948、CVE-2024-43890、CVE-2024-43893、CVE-2024-26800、CVE-2024-35963、CVE-2024-49884、CVE-2024-49930、CVE-2024-46829、CVE-2024-50046、CVE-2024-49985、CVE-2024-41022、CVE-2024-43894、CVE-2024-43830、CVE-2024-45009、CVE-2024-35951、CVE-2024-49889、CVE-2024-42301、CVE-2024-38632、CVE-2024-42114、CVE-2024-42290、CVE-2024-43858、CVE-2024-50002、CVE-2024-41060、CVE-2024-47696、CVE-2024-43870、CVE-2024-49948、CVE-2024-46759、CVE-2024-26947、CVE-2024-46713、CVE-2024-47740、CVE-2024-44960、CVE-2024-46756、CVE-2024-46737、CVE-2024-41068、CVE-2024-46677、CVE-2024-41063、CVE-2024-41019、CVE-2023-52917、CVE-2024-38611、CVE-2024-49852、CVE-2024-49863、CVE-2024-46739、CVE-2024-43908、CVE-2024-47697、CVE-2024-46810、CVE-2024-41072、CVE-2024-42302、CVE-2024-50003、CVE-2024-45026、CVE-2024-45028、CVE-2024-42259、CVE-2022-48666、CVE-2024-49995、CVE-2024-50093、CVE-2024-46865、CVE-2024-49886、CVE-2024-43889、CVE-2024-42285、CVE-2024-50006、CVE-2024-42271、CVE-2024-42274、CVE-2024-49957、CVE-2024-42289、CVE-2024-46719、CVE-2024-46858、CVE-2024-49958、CVE-2024-50041、CVE-2024-46675、CVE-2024-41064、CVE-2024-39472、CVE-2024-42287、CVE-2024-46822、CVE-2024-49877、CVE-2024-43849、CVE-2024-50040、CVE-2024-49879、CVE-2024-46798、CVE-2024-46855、CVE-2024-49944、CVE-2024-46676、CVE-2024-26893、CVE-2024-43835、CVE-2024-47665、CVE-2024-47669、CVE-2024-43882、CVE-2024-46740、CVE-2024-49851、CVE-2024-46849、CVE-2024-42311、CVE-2024-44985、CVE-2024-47757、CVE-2024-50001、CVE-2024-46750、CVE-2024-47706、CVE-2024-50039、CVE-2024-46702、CVE-2024-46725、CVE-2024-43817、CVE-2024-49907、CVE-2024-46695、CVE-2024-38553、CVE-2024-42272、CVE-2024-49882、CVE-2024-42269、CVE-2024-44954、CVE-2024-42318、CVE-2024-42297、CVE-2024-49975、CVE-2024-44988、CVE-2024-49963、CVE-2024-47692、CVE-2024-41042、CVE-2024-41081、CVE-2024-43854、CVE-2024-46771、CVE-2024-46732、CVE-2024-47712、CVE-2024-47699、CVE-2024-49927、CVE-2024-49860、CVE-2024-45003、CVE-2024-49954、CVE-2024-42304、CVE-2024-49933、CVE-2024-42277、CVE-2024-49955、CVE-2024-47710、CVE-2024-43905、CVE-2024-49903、CVE-2024-43856、CVE-2024-50180、CVE-2024-44966、CVE-2024-46685、CVE-2024-49935、CVE-2024-44990、CVE-2023-52889、CVE-2024-49896、CVE-2024-44969、CVE-2024-50189、CVE-2024-50008、CVE-2024-47720、CVE-2024-42313、CVE-2024-44983、CVE-2024-49949、CVE-2024-46761、CVE-2024-47690、CVE-2024-50059、CVE-2024-41073、CVE-2024-47723、CVE-2024-46747、CVE-2024-49952、CVE-2024-50096、CVE-2024-42288、CVE-2024-43871、CVE-2024-42126、CVE-2024-44998、CVE-2024-47685、CVE-2024-46679、CVE-2024-43884、CVE-2024-47668、CVE-2024-49936、CVE-2024-43829、CVE-2024-47756、CVE-2024-43880、CVE-2024-45007、CVE-2024-40910、CVE-2024-50044、CVE-2023-52639、CVE-2024-47698、CVE-2024-41012、CVE-2024-49856、CVE-2024-47713、CVE-2024-47718、CVE-2024-49967)

Tenable 已直接從 Ubuntu 安全公告擷取前置描述區塊。

請注意，Nessus 並未測試這些問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

遠端 Azure Linux 3.0 主機上安裝的核心版本比測試版舊。因此，此版本會受到 CVE-2024-46719 公告中提及的一個弱點影響。

  - 已解決 Linux 核心中的下列弱點：usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid.
    When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport returns NULL which causes a NULL pointer dereference in trace. Rather than return NULL, call typec_port_register_altmode to register DisplayPort alternate mode as a non-controllable mode when CONFIG_TYPEC_DP_ALTMODE is not enabled.
    (CVE-2024-46719)

請注意，Nessus 並未測試此問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

遠端 Ubuntu 18.04 LTS/20.04 LTS 主機上安裝的一個套件受到 USN-7088-4 公告中所提及的多個弱點影響。

    Ziming Zhang 發現，Linux 核心中的 VMware Virtual GPU DRM 驅動程式含有一個整數溢位弱點。本機攻擊者可利用此弱點造成拒絕服務 (系統當機)。
    (CVE-2022-36402)

    在 Linux 核心中發現數個安全性問題。攻擊者可能會利用這些弱點入侵系統。此更新可更正下列子系統中的瑕疵：

    - ARM64 架構；

    - PowerPC 架構；

    - 使用者模式 Linux (UML)；

    - x86 架構；

    - 區塊層子系統；

    - 密碼編譯 API；

    - Android 驅動程式；

    - Serial ATA 和 Parallel ATA 驅動程式；

    - ATM 驅動程式；

    - 驅動程式核心；

    - CPU 頻率縮放架構；

    - 裝置頻率縮放架構；

    - GPU 驅動程式；

    - HID 子系統；

    - 硬體監控驅動程式；

    - InfiniBand 驅動程式；

    - 輸入裝置核心驅動程式；

    - 輸入裝置 (其他) 驅動程式；

    - IOMMU 子系統；

    - IRQ 晶片驅動程式；

    - ISDN/mISDN 子系統；

    - LED 子系統；

    - 多個裝置驅動程式；

    - 媒體驅動程式；

    - EEPROM 驅動程式；

    - VMware VMCI 驅動程式；

    - MMC 子系統；

    - 網路驅動程式；

    - 近距離無線通訊 (NFC) 驅動程式；

    - NVME 驅動程式；

    - 裝置樹狀結構和開放韌體驅動程式；

    - Parport 驅動程式；

    - PCI 子系統；

    - 針腳控制器子系統；

    - Remote Processor 子系統；

    - S/390 驅動程式；

    - SCSI 驅動程式；

    - QCOM SoC 驅動程式；

    - Direct Digital Synthesis 驅動程式；

    - TTY 驅動程式；

    - 使用者空間 I/O 驅動程式；

    - DesignWare USB3 驅動程式；

    - USB Gadget 驅動程式；

    - USB 序列驅動程式；

    - BTRFS 檔案系統；

    - 檔案系統基礎架構；

    - Ext4 檔案系統；

    - F2FS 檔案系統；

    - JFS 檔案系統；

    - NILFS2 檔案系統；

    - BPF 子系統；

    - Core 核心；

    - DMA 對應基礎架構；

    - 追蹤基礎架構；

    - Radix Tree 資料結構程式庫；

    - 核心使用者空間事件遞送程式庫；

    - Objagg 程式庫；

    - 記憶體管理；

    - Amateur Radio 驅動程式；

    - 藍牙子系統；

    - CAN 網路層；

    - 網路核心；

    - Ethtool 驅動程式；

    - IPv4 網路；

    - IPv6 網路；

    - IUCV 驅動程式；

    - KCM (核心連線多工器) 通訊端驅動程式；

    - MAC80211 子系統；

    - Netfilter；

    - 網路流量控制；

    - SCTP 通訊協定；

    - Sun RPC 通訊協定；

    - TIPC 通訊協定；

    - TLS 通訊協定；

    - 無線網路；

    - AppArmor 安全性模組；

    - 簡化強制存取控制核心架構；

    - SoC 音訊核心驅動程式；

    - USB 音效裝置；(CVE-2024-35848、CVE-2024-43853、CVE-2024-41017、CVE-2024-26607、CVE-2024-43839、CVE-2024-41072、CVE-2024-46815、CVE-2023-52614、CVE-2024-46798、CVE-2024-46676、CVE-2024-43914、CVE-2024-43841、CVE-2024-41012、CVE-2024-27051、CVE-2024-46738、CVE-2024-47663、CVE-2024-46723、CVE-2024-46740、CVE-2024-42287、CVE-2024-46750、CVE-2024-43894、CVE-2023-52531、CVE-2024-47668、CVE-2024-47669、CVE-2024-46685、CVE-2024-41011、CVE-2024-41064、CVE-2024-42305、CVE-2024-41073、CVE-2024-46829、CVE-2024-43860、CVE-2024-46679、CVE-2024-44999、CVE-2024-46817、CVE-2024-26800、CVE-2024-46689、CVE-2024-43908、CVE-2024-46739、CVE-2024-43893、CVE-2024-46828、CVE-2024-46777、CVE-2024-46721、CVE-2024-36484、CVE-2024-46822、CVE-2024-46840、CVE-2024-43880、CVE-2024-46781、CVE-2024-46673、CVE-2024-26669、CVE-2024-41098、CVE-2024-46737、CVE-2024-43871、CVE-2024-42281、CVE-2024-42301、CVE-2024-44995、CVE-2024-43879、CVE-2024-26668、CVE-2024-44965、CVE-2024-41068、CVE-2024-41059、CVE-2024-42229、CVE-2024-44987、CVE-2024-46745、CVE-2024-26891、CVE-2024-46719、CVE-2024-42292、CVE-2024-44952、CVE-2024-46756、CVE-2024-45028、CVE-2024-42283、CVE-2024-45025、CVE-2024-46743、CVE-2024-43867、CVE-2024-46771、CVE-2024-41081、CVE-2024-42244、CVE-2024-42284、CVE-2024-43858、CVE-2024-44998、CVE-2024-46758、CVE-2024-46800、CVE-2024-45003、CVE-2024-44935、CVE-2024-38611、CVE-2024-46844、CVE-2024-44954、CVE-2024-42313、CVE-2024-46783、CVE-2024-42311、CVE-2024-46761、CVE-2024-41022、CVE-2024-43829、CVE-2024-43835、CVE-2024-43846、CVE-2024-46755、CVE-2024-47667、CVE-2024-42259、CVE-2024-41090、CVE-2024-42310、CVE-2024-42265、CVE-2024-42295、CVE-2024-46818、CVE-2024-46780、CVE-2024-44948、CVE-2024-44960、CVE-2024-44988、CVE-2024-46757、CVE-2024-45021、CVE-2024-46747、CVE-2024-43854、CVE-2024-42304、CVE-2021-47212、CVE-2024-42309、CVE-2024-44946、CVE-2024-46744、CVE-2024-42285、CVE-2024-46782、CVE-2024-43856、CVE-2024-41091、CVE-2024-42131、CVE-2024-43830、CVE-2024-42290、CVE-2024-45008、CVE-2024-42276、CVE-2024-47659、CVE-2024-40929、CVE-2024-46714、CVE-2023-52918、CVE-2024-44947、CVE-2024-42289、CVE-2024-42246、CVE-2024-41071、CVE-2024-43883、CVE-2024-46722、CVE-2024-38602、CVE-2024-43882、CVE-2024-42280、CVE-2024-46759、CVE-2024-42271、CVE-2024-44969、CVE-2024-44944、CVE-2024-46675、CVE-2024-41020、CVE-2024-41042、CVE-2024-42306、CVE-2024-46677、CVE-2024-42288、CVE-2024-41070、CVE-2024-45026、CVE-2024-41065、CVE-2024-26885、CVE-2024-42286、CVE-2024-41063、CVE-2024-43884、CVE-2024-42297、CVE-2024-43890、CVE-2024-43861、CVE-2024-45006、CVE-2024-26640、CVE-2024-26641、CVE-2024-41015)

Tenable 已直接從 Ubuntu 安全公告擷取前置描述區塊。

請注意，Nessus 並未測試這些問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

遠端 Ubuntu 24.04 LTS 主機上安裝的一個套件受到 USN-7156-1 公告中所提及的多個弱點影響。

    Chenyuan Yang 發現，Linux 核心中的 USB Gadget 子系統在寫入前未正確檢查要啟用的裝置。本機攻擊者可能利用此弱點造成拒絕服務。(CVE-2024-25741)

    在 Linux 核心中發現數個安全性問題。攻擊者可能會利用這些弱點入侵系統。此更新可更正下列子系統中的瑕疵：

    - ARM32 架構；

    - ARM64 架構；

    - MIPS 架構；

    - PA-RISC 架構；

    - PowerPC 架構；

    - RISC-V 架構；

    - S390 架構；

    - 使用者模式 Linux (UML)；

    - x86 架構；

    - 區塊層子系統；

    - 密碼編譯 API；

    - Android 驅動程式；

    - Serial ATA 和 Parallel ATA 驅動程式；

    - ATM 驅動程式；

    - 驅動程式核心；

    - Null 區塊裝置驅動程式；

    - Ublk 使用者空間區塊驅動程式；

    - 藍牙驅動程式；

    - Cdrom 驅動程式；

    - 字元裝置驅動程式；

    - 時鐘架構和驅動程式；

    - 硬體加密裝置驅動程式；

    - CXL (Compute Express Link) 驅動程式；

    - 緩衝區共用和同步處理架構；

    - DMA 引擎子系統；

    - Cirrus 韌體驅動程式；

    - Qualcomm 韌體驅動程式；

    - GPIO 子系統；

    - GPU 驅動程式；

    - HID 子系統；

    - 硬體監控驅動程式；

    - I2C 子系統；

    - I3C 子系統；

    - IIO 子系統；

    - InfiniBand 驅動程式；

    - 輸入裝置核心驅動程式；

    - 輸入裝置 (其他) 驅動程式；

    - IOMMU 子系統；

    - IRQ 晶片驅動程式；

    - ISDN/mISDN 子系統；

    - LED 子系統；

    - 信箱架構；

    - 多個裝置驅動程式；

    - 媒體驅動程式；

    - Fastrpc 驅動程式；

    - VMware VMCI 驅動程式；

    - MMC 子系統；

    - 乙太網路綁定驅動程式；

    - 網路驅動程式；

    - Mellanox 網路驅動程式；

    - Microsoft Azure 網路介面卡 (MANA) 驅動程式；

    - 近距離無線通訊 (NFC) 驅動程式；

    - NVME 驅動程式；

    - NVMEM (非易失性記憶體) 驅動程式；

    - 裝置樹狀結構和開放韌體驅動程式；

    - Parport 驅動程式；

    - PCI 子系統；

    - 針腳控制器子系統；

    - x86 平台驅動程式；

    - 電源驅動程式；

    - Remote Processor 子系統；

    - S/390 驅動程式；

    - SCSI 子系統；

    - QCOM SoC 驅動程式；

    - SPI 子系統；

    - Direct Digital Synthesis 驅動程式；

    - 熱驅動程式；

    - Thunderbolt 和 USB4 驅動程式；

    - TTY 驅動程式；

    - UFS 子系統；

    - 使用者空間 I/O 驅動程式；

    - USB DSL 驅動程式；

    - USB 核心驅動程式；

    - DesignWare USB3 驅動程式；

    - USB Gadget 驅動程式；

    - USB 主機控制器驅動程式；

    - USB 序列驅動程式；

    - USB Type-C Connector System Software Interface 驅動程式；

    - USB over IP 驅動程式；

    - VFIO 驅動程式；

    - Virtio Host (VHOST) 子系統；

    - Framebuffer 層；

    - Xen Hypervisor 驅動程式；

    - 檔案系統基礎架構；

    - BTRFS 檔案系統；

    - Ext4 檔案系統；

    - F2FS 檔案系統；

    - GFS2 檔案系統；

    - JFFS2 檔案系統；

    - JFS 檔案系統；

    - 網路檔案系統程式庫；

    - 網路檔案系統 (NFS) 用戶端；

    - 網路檔案系統 (NFS) 伺服器程序；

    - NILFS2 檔案系統；

    - 檔案系統通知基礎架構；

    - NTFS3 檔案系統；

    - Proc 檔案系統；

    - SMB 網路檔案系統；

    - 追蹤檔案系統；

    - 點陣圖 API；

    - BPF 子系統；

    - Syscall 相容性層級；

    - 記憶體管理；

    - 記憶體管理；

    - Objagg 程式庫；

    - Perf 事件；

    - Syscall 介面；

    - Virtio 網路驅動程式；

    - VMware vSockets 驅動程式；

    - KCM (核心連線多工器) 通訊端驅動程式；

    - Netfilter；

    - 追蹤基礎架構；

    - io_uring 子系統；

    - 控制群組 (cgroup)；

    - DMA 對應基礎架構；

    - 鎖定基元；

    - Padata 平行執行機制；

    - 排程器基礎架構；

    - Closures 程式庫；

    - Radix Tree 資料結構程式庫；

    - 核心使用者空間事件遞送程式庫；

    - 用於算術溢位檢查的 KUnit；

    - 藍牙子系統；

    - 乙太網路橋接器；

    - CAN 網路層

    - Ceph Core 程式庫；

    - 網路核心；

    - Ethtool 驅動程式；

    - IPv4 網路；

    - IPv6 網路；

    - IUCV 驅動程式；

    - MAC80211 子系統；

    - 多重路徑 TCP；

    - 網路流量控制；

    - SCTP 通訊協定；

    - Sun RPC 通訊協定；

    - TIPC 通訊協定；

    - 無線網路；

    - AppArmor 安全性模組；

    - Landlock 安全性；

    - SELinux 安全性模組；

    - 簡化強制存取控制核心架構；

    - FireWire 音效驅動程式；

    - AMD SoC Alsa 驅動程式；

    - Texas InstrumentS Audio (ASoC/HDA) 驅動程式；

    - 適用於 Freescale CPU 的 SoC Audio 驅動程式；

    - Intel ASoC 驅動程式；

    - MediaTek ASoC 驅動程式；

    - Amlogic Meson SoC 驅動程式；

    - SoC 音訊核心驅動程式；

    - SOF 驅動程式；

    - 聲音序列器驅動程式；

    - USB 音效裝置；

    - 即時 Linux 分析工具；(CVE-2024-43911、CVE-2024-46762、CVE-2024-46794、CVE-2024-43843、CVE-2024-42229、CVE-2024-43888、CVE-2024-44978、CVE-2024-46693、CVE-2024-46695、CVE-2024-42290、CVE-2024-42067、CVE-2024-45012、CVE-2024-42316、CVE-2024-47665、CVE-2024-41052、CVE-2024-42074、CVE-2024-41058、CVE-2024-44975、CVE-2024-46709、CVE-2024-46871、CVE-2024-42090、CVE-2024-42296、CVE-2024-42096、CVE-2024-42146、CVE-2024-46855、CVE-2024-39487、CVE-2024-43825、CVE-2024-42066、CVE-2024-42126、CVE-2024-41022、CVE-2024-41025、CVE-2023-52888、CVE-2024-46702、CVE-2024-42269、CVE-2024-41082、CVE-2024-42284、CVE-2024-42227、CVE-2024-41017、CVE-2024-42250、CVE-2024-46778、CVE-2024-47661、CVE-2024-46727、CVE-2024-46845、CVE-2024-44953、CVE-2024-47659、CVE-2024-42137、CVE-2024-42245、CVE-2024-41096、CVE-2024-46829、CVE-2024-41053、CVE-2024-46782、CVE-2024-44972、CVE-2024-41095、CVE-2024-42239、CVE-2024-42127、CVE-2024-42292、CVE-2024-46752、CVE-2024-46679、CVE-2024-41076、CVE-2024-46784、CVE-2024-46786、CVE-2024-46678、CVE-2024-44957、CVE-2024-46755、CVE-2024-47660、CVE-2024-41067、CVE-2024-46838、CVE-2024-43879、CVE-2024-45007、CVE-2024-45025、CVE-2024-45001、CVE-2024-41009、CVE-2024-41051、CVE-2024-46836、CVE-2024-49984、CVE-2024-45028、CVE-2024-43871、CVE-2024-46783、CVE-2024-42272、CVE-2024-42087、CVE-2024-46785、CVE-2024-42276、CVE-2024-47658、CVE-2024-46761、CVE-2024-46715、CVE-2024-46676、CVE-2024-43824、CVE-2024-42100、CVE-2024-46745、CVE-2024-41084、CVE-2024-41086、CVE-2024-45015、CVE-2024-46797、CVE-2024-42160、CVE-2024-46706、CVE-2024-46803、CVE-2024-46708、CVE-2024-47669、CVE-2024-45009、CVE-2024-41021、CVE-2024-42159、 CVE-2024-42321、 CVE-2024-46868、 CVE-2024-41078、 CVE-2024-42303、 CVE-2024-45027、 CVE-2024-42309、 CVE-2024-43849、 CVE-2024-43907、 CVE-2024-43899、 CVE-2024-43823、 CVE-2024-42232、 CVE-2024-44937、 CVE-2024-41046、 CVE-2024-42237、 CVE-2024-42063、 CVE-2024-42065、 CVE-2024-42154、 CVE-2024-42259、 CVE-2024-46698、 CVE-2024-46741、 CVE-2024-45020、 CVE-2024-42151、 CVE-2024-41073、 CVE-2024-46719、 CVE-2024-42295、 CVE-2024-46859、 CVE-2024-41035、 CVE-2024-46751、 CVE-2024-47667、 CVE-2024-46728、 CVE-2024-46824、 CVE-2024-42121、 CVE-2024-46776、 CVE-2024-46768、 CVE-2024-43908、 CVE-2024-43900、 CVE-2024-46707、 CVE-2024-44934、 CVE-2024-41062、 CVE-2024-42304、 CVE-2024-42312、 CVE-2024-42157、 CVE-2024-41092、 CVE-2024-41041、 CVE-2024-43832、 CVE-2024-41039、 CVE-2024-44962、 CVE-2024-46858、 CVE-2024-46847、 CVE-2024-43856、 CVE-2024-41060、 CVE-2024-45010、 CVE-2024-41044、 CVE-2024-44942、 CVE-2024-42307、 CVE-2024-44984、 CVE-2024-41075、 CVE-2024-43817、 CVE-2024-46791、 CVE-2024-46853、 CVE-2024-42301、 CVE-2024-44993、 CVE-2024-41094、 CVE-2024-27022、 CVE-2024-41088、 CVE-2024-43883、 CVE-2024-41087、 CVE-2024-46780、 CVE-2024-42070、 CVE-2024-44965、 CVE-2024-46823、 CVE-2024-46737、 CVE-2024-44982、 CVE-2024-46697、 CVE-2024-45021、 CVE-2024-44987、 CVE-2024-41072、 CVE-2024-41063、 CVE-2024-46757、 CVE-2024-46831、 CVE-2024-44966、 CVE-2024-42322、 CVE-2024-42231、 CVE-2024-46717、 CVE-2024-41065、 CVE-2024-44969、 CVE-2023-52887、 CVE-2024-42105、 CVE-2024-44971、 CVE-2024-46798、 CVE-2024-42262、 CVE-2024-44938、 CVE-2024-42088、 CVE-2024-44970、 CVE-2024-43876、 CVE-2024-46800、 CVE-2024-42086、 CVE-2024-43826、 CVE-2024-46729、 CVE-2024-46747、 CVE-2024-46691、 CVE-2024-46723、 CVE-2024-41018、 CVE-2024-42258、 CVE-2024-41081、 CVE-2024-41049、 CVE-2024-43837、 CVE-2024-45008、 CVE-2024-41047、 CVE-2024-41019、 CVE-2024-42152、 CVE-2024-41090、 CVE-2024-46716、 CVE-2024-42104、 CVE-2024-46804、 CVE-2024-43852、 CVE-2024-42129、 CVE-2024-46870、 CVE-2024-41093、 CVE-2024-45011、 CVE-2024-41064、 CVE-2024-46722、 CVE-2024-42286、 CVE-2024-45026、 CVE-2024-46818、 CVE-2024-42281、 CVE-2024-43854、 CVE-2024-41037、 CVE-2024-44946、 CVE-2024-41012、 CVE-2024-41098、 CVE-2024-42263、 CVE-2024-42095、 CVE-2024-46756、 CVE-2024-43913、 CVE-2024-46822、 CVE-2024-44944、 CVE-2024-42156、 CVE-2024-42073、 CVE-2024-42093、 CVE-2024-44931、 CVE-2024-42223、 CVE-2024-42264、 CVE-2024-42278、 CVE-2024-46759、 CVE-2024-46826、 CVE-2024-43828、 CVE-2024-42318、 CVE-2024-42240、 CVE-2024-45000、 CVE-2024-43909、 CVE-2024-46792、 CVE-2024-42109、 CVE-2024-43867、 CVE-2024-42130、 CVE-2024-42244、 CVE-2024-44977、 CVE-2024-46774、 CVE-2024-41030、 CVE-2024-42310、 CVE-2024-42138、 CVE-2024-42317、 CVE-2024-42224、 CVE-2024-46694、 CVE-2024-46815、 CVE-2024-46677、 CVE-2024-46763、 CVE-2024-46860、 CVE-2024-46767、 CVE-2024-42111、 CVE-2024-41020、 CVE-2024-46726、 CVE-2024-42117、 CVE-2024-43831、 CVE-2024-42285、 CVE-2024-46842、 CVE-2024-43857、 CVE-2024-41031、 CVE-2024-43834、 CVE-2024-42135、 CVE-2024-42241、 CVE-2024-46846、 CVE-2024-44988、 CVE-2024-43892、 CVE-2024-44991、 CVE-2024-46806、 CVE-2024-41015、 CVE-2024-43906、 CVE-2024-42238、 CVE-2024-46779、 CVE-2024-41010、 CVE-2024-41068、 CVE-2024-46730、 CVE-2024-46827、 CVE-2024-42120、 CVE-2024-41059、 CVE-2024-46850、 CVE-2023-52889、 CVE-2024-45017、 CVE-2024-45003、 CVE-2024-46844、 CVE-2024-46816、 CVE-2024-46811、 CVE-2024-41023、 CVE-2024-44948、 CVE-2024-46753、 CVE-2024-45002、 CVE-2024-42251、 CVE-2024-46713、 CVE-2024-42273、 CVE-2024-46733、 CVE-2024-46739、 CVE-2024-42108、 CVE-2024-41085、 CVE-2024-41033、 CVE-2024-42298、 CVE-2024-46835、 CVE-2024-39472、 CVE-2024-47663、 CVE-2024-43859、 CVE-2024-43820、 CVE-2024-42118、 CVE-2024-41036、 CVE-2024-47683、 CVE-2024-42161、 CVE-2024-42235、 CVE-2024-43861、 CVE-2024-43863、 CVE-2024-47668、 CVE-2024-46685、 CVE-2024-43864、 CVE-2024-46749、 CVE-2024-44983、 CVE-2024-46841、 CVE-2024-42082、 CVE-2024-43818、 CVE-2024-41071、 CVE-2024-45006、 CVE-2024-42080、 CVE-2024-46825、 CVE-2024-46687、 CVE-2024-44959、 CVE-2024-43835、 CVE-2024-43891、 CVE-2024-46851、 CVE-2024-42248、 CVE-2024-42103、 CVE-2024-42079、 CVE-2024-42068、 CVE-2024-47664、 CVE-2024-46854、 CVE-2024-44973、 CVE-2024-42077、 CVE-2024-46821、 CVE-2024-43886、 CVE-2024-41089、 CVE-2024-43850、 CVE-2024-44995、 CVE-2024-46809、 CVE-2024-42084、 CVE-2024-46758、 CVE-2024-47662、 CVE-2024-43839、 CVE-2024-46738、 CVE-2024-41034、 CVE-2024-42228、 CVE-2024-42147、 CVE-2024-43855、 CVE-2024-41032、 CVE-2024-46819、 CVE-2024-44989、 CVE-2024-42265、 CVE-2024-42110、 CVE-2024-42155、 CVE-2024-45005、 CVE-2024-45016、 CVE-2024-42141、 CVE-2024-43821、 CVE-2024-42299、 CVE-2024-44950、 CVE-2024-42279、 CVE-2024-44943、 CVE-2024-43904、 CVE-2024-42268、 CVE-2024-42089、 CVE-2024-46807、 CVE-2024-44996、 CVE-2024-42069、 CVE-2024-46672、 CVE-2024-44940、 CVE-2024-42270、 CVE-2024-46735、 CVE-2024-42319、 CVE-2024-46754、 CVE-2024-46861、 CVE-2024-42277、 CVE-2024-41054、 CVE-2024-42131、 CVE-2024-41056、 CVE-2024-44963、 CVE-2024-42267、 CVE-2024-42283、 CVE-2024-42320、 CVE-2024-46740、 CVE-2024-46787、 CVE-2024-43895、 CVE-2024-43881、 CVE-2024-44961、 CVE-2024-43910、 CVE-2024-43875、 CVE-2024-42289、 CVE-2024-43853、 CVE-2024-42315、 CVE-2024-43884、 CVE-2024-46867、 CVE-2024-43912、 CVE-2024-41007、 CVE-2024-46743、 CVE-2024-46675、 CVE-2024-43877、 CVE-2024-39486、 CVE-2024-41050、 CVE-2024-43858、 CVE-2024-45018、 CVE-2024-46744、 CVE-2024-46750、 CVE-2024-46840、 CVE-2024-42150、 CVE-2024-41028、 CVE-2024-42091、 CVE-2024-43894、 CVE-2024-43869、 CVE-2024-42132、 CVE-2024-46777、 CVE-2024-42106、 CVE-2024-46848、 CVE-2024-41038、 CVE-2024-46711、 CVE-2024-43833、 CVE-2024-46710、 CVE-2024-46812、 CVE-2024-42311、 CVE-2024-46701、 CVE-2024-46683、 CVE-2024-45029、 CVE-2024-46830、 CVE-2024-46857、 CVE-2024-44979、 CVE-2024-44999、 CVE-2024-44985、 CVE-2024-46773、 CVE-2024-45022、 CVE-2024-46772、 CVE-2024-44960、 CVE-2024-42243、 CVE-2024-42158、 CVE-2024-43819、 CVE-2024-45030、 CVE-2024-42085、 CVE-2024-42274、 CVE-2024-44986、 CVE-2024-41048、 CVE-2024-42098、 CVE-2024-46680、 CVE-2023-52918、 CVE-2024-46673、 CVE-2024-46834、 CVE-2024-42288、 CVE-2024-44998、 CVE-2024-42113、 CVE-2024-42094、 CVE-2024-42225、 CVE-2024-42112、CVE-2024-42153、 CVE-2024-43880、 CVE-2024-43905、 CVE-2024-43902、 CVE-2024-46681、 CVE-2024-42236、 CVE-2024-42294、 CVE-2024-46793、 CVE-2024-43882、 CVE-2024-44947、 CVE-2024-46849、CVE-2024-44954、CVE-2024-46852、CVE-2024-41070、CVE-2024-41069、CVE-2024-46864、CVE-2024-46703、CVE-2024-43829、 CVE-2024-46802、 CVE-2024-42101、 CVE-2024-44990、 CVE-2024-43830、CVE-2024-41029、CVE-2024-43866、CVE-2024-43889、CVE-2024-42230、CVE-2024-46692、CVE-2024-42133、CVE-2024-45013、 CVE-2024-42076、 CVE-2024-46810、 CVE-2024-42128、 CVE-2024-46718、CVE-2024-46814、CVE-2024-43841、CVE-2024-43873、CVE-2024-42092、CVE-2024-41074、CVE-2024-41083、CVE-2024-46731、 CVE-2024-43842、 CVE-2024-41077、 CVE-2024-46720、 CVE-2024-46795、CVE-2024-46813、CVE-2024-46805、CVE-2024-42142、CVE-2024-42291、CVE-2024-43846、CVE-2024-41057、CVE-2024-43870、 CVE-2024-44980、 CVE-2024-46866、 CVE-2024-43827、 CVE-2024-43840、CVE-2024-42280、CVE-2024-42261、CVE-2024-42246、CVE-2024-42115、CVE-2024-46686、CVE-2024-43860、CVE-2024-46808、 CVE-2024-42149、 CVE-2024-46828、 CVE-2024-44935、 CVE-2024-43847、CVE-2024-44967、CVE-2024-46817、CVE-2024-46721、CVE-2024-42305、CVE-2024-46766、CVE-2024-43914、CVE-2024-46760、 CVE-2024-41061、 CVE-2024-41091、 CVE-2024-43890、 CVE-2024-42314、CVE-2024-42064、CVE-2024-42302、CVE-2024-43887、CVE-2024-46832、CVE-2024-46765、CVE-2024-46770、CVE-2024-41080、 CVE-2024-42253、 CVE-2024-44941、 CVE-2024-42306、 CVE-2024-41027、CVE-2024-46689、CVE-2024-46781、CVE-2024-42247、CVE-2024-41066、CVE-2024-42287、CVE-2024-41097、CVE-2024-44939、 CVE-2024-45019、 CVE-2024-47674、 CVE-2024-46705、 CVE-2024-42119、CVE-2024-46725、CVE-2024-46746、CVE-2024-46732、CVE-2024-41042、CVE-2024-44958、CVE-2024-42114、CVE-2024-43893、 CVE-2024-47666、 CVE-2024-46843、 CVE-2024-42252、 CVE-2024-42102、CVE-2024-42136、CVE-2024-41045、CVE-2024-42260、CVE-2024-46771、CVE-2024-42124、CVE-2024-42297、CVE-2024-42271、CVE-2024-43845、CVE-2024-46775、 CVE-2024-41079、 CVE-2024-43868、CVE-2024-42140、CVE-2024-42313、CVE-2024-42145、CVE-2024-46724、CVE-2024-46788、CVE-2024-42234、 CVE-2024-42144、 CVE-2024-44974、 CVE-2024-42097、 CVE-2024-46714、 CVE-2024-41055、CVE-2024-44956)

Tenable 已直接從 Ubuntu 安全公告擷取前置描述區塊。

請注意，Nessus 並未測試這些問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

ID	Name	Product	Family	Published	Updated	Severity
212605	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2983)	Nessus	Huawei Local Security Checks	12/12/2024	12/12/2024	critical
208893	CBL Mariner 2.0 Security Update: kernel (CVE-2024-46719)	Nessus	MarinerOS Local Security Checks	10/13/2024	2/10/2025	medium
212721	Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7156-1)	Nessus	Ubuntu Local Security Checks	12/12/2024	12/14/2024	high
208667	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3564-1)	Nessus	SuSE Local Security Checks	10/10/2024	10/10/2024	high
208668	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3561-1)	Nessus	SuSE Local Security Checks	10/10/2024	10/10/2024	high
210534	Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7088-4)	Nessus	Ubuntu Local Security Checks	11/7/2024	11/7/2024	high
213658	Ubuntu 20.04 LTS：Linux 核心 (Azure) 弱點 (USN-7194-1)	Nessus	Ubuntu Local Security Checks	1/9/2025	1/9/2025	critical
215766	Azure Linux 3.0 安全性更新核心 (CVE-2024-46719)	Nessus	Azure Linux Local Security Checks	2/10/2025	2/10/2025	medium
210893	Oracle Linux 8/9：Unbreakable Enterprise 核心 (ELSA-2024-12815)	Nessus	Oracle Linux Local Security Checks	11/13/2024	11/13/2024	high
210534	Ubuntu 18.04 LTS/20.04 LTS：Linux 核心弱點 (USN-7088-4)	Nessus	Ubuntu Local Security Checks	11/7/2024	11/7/2024	high
212721	Ubuntu 24.04 LTS：Linux 核心 (GKE) 弱點 (USN-7156-1)	Nessus	Ubuntu Local Security Checks	12/12/2024	12/14/2024	high

Detections

Analytics

Plugins Search

critical

medium

high

high

high

high

critical

medium

high

high

high