Test ID:	1.3.6.1.4.1.25623.1.1.12.2024.6923.2
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-6923-2)
Summary:	The remote host is missing an update for the 'linux-aws-5.15, linux-ibm, linux-ibm-5.15, linux-raspi' package(s) announced via the USN-6923-2 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-aws-5.15, linux-ibm, linux-ibm-5.15, linux-raspi' package(s) announced via the USN-6923-2 advisory. Vulnerability Insight: Benedict Schluter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers, - SMB network file system, - Netfilter, - Bluetooth subsystem, (CVE-2024-26886, CVE-2023-52752, CVE-2024-36016, CVE-2024-26952, CVE-2024-27017) Affected Software/OS: 'linux-aws-5.15, linux-ibm, linux-ibm-5.15, linux-raspi' package(s) on Ubuntu 20.04, Ubuntu 22.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-52752 https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7 https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09 https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62 Common Vulnerability Exposure (CVE) ID: CVE-2024-25742 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e3ef461af35a8c74f2f4ce6616491ddb355a208f https://github.com/torvalds/linux/commit/e3ef461af35a8c74f2f4ce6616491ddb355a208f Common Vulnerability Exposure (CVE) ID: CVE-2024-26886 https://git.kernel.org/stable/c/2c9e2df022ef8b9d7fac58a04a2ef4ed25288955 https://git.kernel.org/stable/c/64be3c6154886200708da0dfe259705fb992416c https://git.kernel.org/stable/c/817e8138ce86001b2fa5c63d6ede756e205a01f7 https://git.kernel.org/stable/c/cb8adca52f306563d958a863bb0cbae9c184d1ae https://git.kernel.org/stable/c/f7b94bdc1ec107c92262716b073b3e816d4784fb Common Vulnerability Exposure (CVE) ID: CVE-2024-26952 https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5 https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63 https://git.kernel.org/stable/c/39bdc4197acf2ed13269167ccf093ee28cfa2a4e https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da Common Vulnerability Exposure (CVE) ID: CVE-2024-27017 https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73 https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed Common Vulnerability Exposure (CVE) ID: CVE-2024-36016 https://git.kernel.org/stable/c/0fb736c9931e02dbc7d9a75044c8e1c039e50f04 https://git.kernel.org/stable/c/46f52c89a7e7d2691b97a9728e4591d071ca8abc https://git.kernel.org/stable/c/47388e807f85948eefc403a8a5fdc5b406a65d5a https://git.kernel.org/stable/c/4c267110fc110390704cc065edb9817fdd10ff54 https://git.kernel.org/stable/c/774d83b008eccb1c48c14dc5486e7aa255731350 https://git.kernel.org/stable/c/9513d4148950b05bc99fa7314dc883cc0e1605e5 https://git.kernel.org/stable/c/b229bc6c6ea9fe459fc3fa94fd0a27a2f32aca56 https://git.kernel.org/stable/c/b890d45aaf02b564e6cae2d2a590f9649330857d https://git.kernel.org/stable/c/f126ce7305fe88f49cdabc6db4168b9318898ea3
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.