Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-7020-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.12.2024.7020.1

Category: Ubuntu Local Security Checks

Title: Ubuntu: Security Advisory (USN-7020-1)

Summary: The remote host is missing an update for the 'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) announced via the USN-7020-1 advisory.

Description: Summary:
The remote host is missing an update for the 'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) announced via the USN-7020-1 advisory.

Vulnerability Insight:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers,
- Network drivers,
- SCSI drivers,
- F2FS file system,
- BPF subsystem,
- IPv4 networking,
(CVE-2024-42160, CVE-2024-42159, CVE-2024-42154, CVE-2024-41009,
CVE-2024-42228, CVE-2024-42224)

Affected Software/OS:
'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) on Ubuntu 22.04, Ubuntu 24.04.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2024-41009
Common Vulnerability Exposure (CVE) ID: CVE-2024-42154
Common Vulnerability Exposure (CVE) ID: CVE-2024-42159
Common Vulnerability Exposure (CVE) ID: CVE-2024-42160
Common Vulnerability Exposure (CVE) ID: CVE-2024-42224
Common Vulnerability Exposure (CVE) ID: CVE-2024-42228

Copyright Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.12.2024.7020.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-7020-1)
Summary:	The remote host is missing an update for the 'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) announced via the USN-7020-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) announced via the USN-7020-1 advisory. Vulnerability Insight: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers, - Network drivers, - SCSI drivers, - F2FS file system, - BPF subsystem, - IPv4 networking, (CVE-2024-42160, CVE-2024-42159, CVE-2024-42154, CVE-2024-41009, CVE-2024-42228, CVE-2024-42224) Affected Software/OS: 'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) on Ubuntu 22.04, Ubuntu 24.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-41009 Common Vulnerability Exposure (CVE) ID: CVE-2024-42154 Common Vulnerability Exposure (CVE) ID: CVE-2024-42159 Common Vulnerability Exposure (CVE) ID: CVE-2024-42160 Common Vulnerability Exposure (CVE) ID: CVE-2024-42224 Common Vulnerability Exposure (CVE) ID: CVE-2024-42228
Copyright	Copyright (C) 2024 Greenbone AG