English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2024.6866.3
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-6866-3)
Summary:The remote host is missing an update for the 'linux-azure' package(s) announced via the USN-6866-3 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-azure' package(s) announced via the USN-6866-3 advisory.

Vulnerability Insight:
It was discovered that the ext4 file system implementation in the Linux
kernel did not properly validate data state on write operations. An
attacker could use this to construct a malicious ext4 file system image
that, when mounted, could cause a denial of service (system crash).
(CVE-2021-33631)

It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6270)

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Block layer subsystem,
- Hardware random number generator core,
- GPU drivers,
- AFS file system,
- Memory management,
- Netfilter,
(CVE-2024-26642, CVE-2024-26922, CVE-2024-26720, CVE-2024-26736,
CVE-2024-26898, CVE-2021-47063, CVE-2023-52615)

Affected Software/OS:
'linux-azure' package(s) on Ubuntu 14.04.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2021-33631
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8
https://gitee.com/src-openeuler/kernel/pulls/1389
https://gitee.com/src-openeuler/kernel/pulls/1396
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035
http://www.openwall.com/lists/oss-security/2024/01/30/3
http://www.openwall.com/lists/oss-security/2024/01/30/10
http://www.openwall.com/lists/oss-security/2024/01/30/4
http://www.openwall.com/lists/oss-security/2024/01/30/5
http://www.openwall.com/lists/oss-security/2024/01/30/9
http://www.openwall.com/lists/oss-security/2024/01/31/2
http://www.openwall.com/lists/oss-security/2024/01/31/3
http://www.openwall.com/lists/oss-security/2024/02/02/6
http://www.openwall.com/lists/oss-security/2024/02/02/9
http://www.openwall.com/lists/oss-security/2024/02/03/1
Common Vulnerability Exposure (CVE) ID: CVE-2021-47063
https://git.kernel.org/stable/c/18149b420c9bd93c443e8d1f48a063d71d9f6aa1
https://git.kernel.org/stable/c/4d906839d321c2efbf3fed4bc31ffd9ff55b75c0
https://git.kernel.org/stable/c/98d7d76a74e48ec3ddf2e23950adff7edcab9327
https://git.kernel.org/stable/c/ce450934a00cf896e648fde08d0bd1426653d7a2
Common Vulnerability Exposure (CVE) ID: CVE-2023-52615
https://git.kernel.org/stable/c/26cc6d7006f922df6cc4389248032d955750b2a0
https://git.kernel.org/stable/c/5030d4c798863ccb266563201b341a099e8cdd48
https://git.kernel.org/stable/c/6822a14271786150e178869f1495cc03e74c5029
https://git.kernel.org/stable/c/78aafb3884f6bc6636efcc1760c891c8500b9922
https://git.kernel.org/stable/c/aa8aa16ed9adf1df05bb339d588cf485a011839e
https://git.kernel.org/stable/c/c6a8111aacbfe7a8a70f46cc0de8eed00561693c
https://git.kernel.org/stable/c/eafd83b92f6c044007a3591cbd476bcf90455990
https://git.kernel.org/stable/c/ecabe8cd456d3bf81e92c53b074732f3140f170d
Common Vulnerability Exposure (CVE) ID: CVE-2023-6270
RHBZ#2256786
https://bugzilla.redhat.com/show_bug.cgi?id=2256786
https://access.redhat.com/security/cve/CVE-2023-6270
Common Vulnerability Exposure (CVE) ID: CVE-2024-2201
Common Vulnerability Exposure (CVE) ID: CVE-2024-23307
https://bugzilla.openanolis.cn/show_bug.cgi?id=7975
Common Vulnerability Exposure (CVE) ID: CVE-2024-24861
https://bugzilla.openanolis.cn/show_bug.cgi?id=8150
Common Vulnerability Exposure (CVE) ID: CVE-2024-26642
https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1
https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a
https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199
https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7
https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12
https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9
https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f
https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351
Common Vulnerability Exposure (CVE) ID: CVE-2024-26720
https://git.kernel.org/stable/c/16b1025eaa8fc223ab4273ece20d1c3a4211a95d
https://git.kernel.org/stable/c/1f12e4b3284d6c863f272eb2de0d4248ed211cf4
https://git.kernel.org/stable/c/5099871b370335809c0fd1abad74d9c7c205d43f
https://git.kernel.org/stable/c/65977bed167a92e87085e757fffa5798f7314c9f
https://git.kernel.org/stable/c/81e7d2530d458548b90a5c5e76b77ad5e5d1c0df
https://git.kernel.org/stable/c/9319b647902cbd5cc884ac08a8a6d54ce111fc78
https://git.kernel.org/stable/c/c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e
https://git.kernel.org/stable/c/ec18ec230301583395576915d274b407743d8f6c
Common Vulnerability Exposure (CVE) ID: CVE-2024-26736
https://git.kernel.org/stable/c/5c27d85a69fa16a08813ba37ddfb4bbc9a1ed6b5
https://git.kernel.org/stable/c/6e6065dd25b661420fac19c34282b6c626fcd35e
https://git.kernel.org/stable/c/6ea38e2aeb72349cad50e38899b0ba6fbcb2af3d
https://git.kernel.org/stable/c/d34a5e57632bb5ff825196ddd9a48ca403626dfa
https://git.kernel.org/stable/c/d9b5e2b7a8196850383c70d099bfd39e81ab6637
https://git.kernel.org/stable/c/e56662160fc24d28cb75ac095cc6415ae1bda43e
https://git.kernel.org/stable/c/e8530b170e464017203e3b8c6c49af6e916aece1
Common Vulnerability Exposure (CVE) ID: CVE-2024-26898
https://git.kernel.org/stable/c/079cba4f4e307c69878226fdf5228c20aa1c969c
https://git.kernel.org/stable/c/1a54aa506b3b2f31496731039e49778f54eee881
https://git.kernel.org/stable/c/74ca3ef68d2f449bc848c0a814cefc487bf755fa
https://git.kernel.org/stable/c/7dd09fa80b0765ce68bfae92f4e2f395ccf0fba4
https://git.kernel.org/stable/c/a16fbb80064634b254520a46395e36b87ca4731e
https://git.kernel.org/stable/c/ad80c34944d7175fa1f5c7a55066020002921a99
https://git.kernel.org/stable/c/eb48680b0255a9e8a9bdc93d6a55b11c31262e62
https://git.kernel.org/stable/c/f98364e926626c678fb4b9004b75cacf92ff0662
https://git.kernel.org/stable/c/faf0b4c5e00bb680e8e43ac936df24d3f48c8e65
Common Vulnerability Exposure (CVE) ID: CVE-2024-26922
https://git.kernel.org/stable/c/1fd7db5c16028dc07b2ceec190f2e895dddb532d
https://git.kernel.org/stable/c/212e3baccdb1939606420d88f7f52d346b49a284
https://git.kernel.org/stable/c/6fef2d4c00b5b8561ad68dd2b68173f5c6af1e75
https://git.kernel.org/stable/c/8b12fc7b032633539acdf7864888b0ebd49e90f2
https://git.kernel.org/stable/c/b1f04b9b1c5317f562a455384c5f7473e46bdbaa
https://git.kernel.org/stable/c/d4da6b084f1c5625937d49bb6722c5b4aef11b8d
https://git.kernel.org/stable/c/ef13eeca7c79136bc38e21eb67322c1cbd5c40ee
https://git.kernel.org/stable/c/f68039375d4d6d67303674c0ab2d06b7295c0ec9
CopyrightCopyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.