Test ID:	1.3.6.1.4.1.25623.1.1.12.2024.6922.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-6922-1)
Summary:	The remote host is missing an update for the 'linux-nvidia-6.5' package(s) announced via the USN-6922-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-nvidia-6.5' package(s) announced via the USN-6922-1 advisory. Vulnerability Insight: It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Affected Software/OS: 'linux-nvidia-6.5' package(s) on Ubuntu 22.04. Solution: Please install the updated package(s). CVSS Score: 6.2 CVSS Vector: AV:A/AC:H/Au:N/C:N/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-24857 https://bugzilla.openanolis.cn/show_bug.cgi?id=8155 Common Vulnerability Exposure (CVE) ID: CVE-2024-24858 https://bugzilla.openanolis.cn/show_bug.cgi?id=8154 Common Vulnerability Exposure (CVE) ID: CVE-2024-24859 https://bugzilla.openanolis.cn/show_bug.cgi?id=8153 Common Vulnerability Exposure (CVE) ID: CVE-2024-25739 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=68a24aba7c593eafa8fd00f2f76407b9b32b47a9 https://groups.google.com/g/syzkaller/c/Xl97YcQA4hg https://www.spinics.net/lists/kernel/msg5074816.html
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.