| Description: | Summary:
The remote host is missing an update for the 'linux, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4' package(s) announced via the USN-7088-1 advisory.
Vulnerability Insight:
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an integer overflow vulnerability. A local attacker could
use this to cause a denial of service (system crash). (CVE-2022-36402)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture,
- PowerPC architecture,
- User-Mode Linux (UML),
- x86 architecture,
- Block layer subsystem,
- Cryptographic API,
- Android drivers,
- Serial ATA and Parallel ATA drivers,
- ATM drivers,
- Drivers core,
- CPU frequency scaling framework,
- Device frequency scaling framework,
- GPU drivers,
- HID subsystem,
- Hardware monitoring drivers,
- InfiniBand drivers,
- Input Device core drivers,
- IOMMU subsystem,
- IRQ chip drivers,
- ISDN/mISDN subsystem,
- LED subsystem,
- Multiple devices driver,
- Media drivers,
- EEPROM drivers,
- VMware VMCI Driver,
- MMC subsystem,
- Network drivers,
- Near Field Communication (NFC) drivers,
- NVME drivers,
- Device tree and open firmware driver,
- Parport drivers,
- PCI subsystem,
- Pin controllers subsystem,
- Remote Processor subsystem,
- S/390 drivers,
- SCSI drivers,
- QCOM SoC drivers,
- Direct Digital Synthesis drivers,
- TTY drivers,
- Userspace I/O drivers,
- DesignWare USB3 driver,
- USB subsystem,
- BTRFS file system,
- File systems infrastructure,
- Ext4 file system,
- F2FS file system,
- JFS file system,
- NILFS2 file system,
- BPF subsystem,
- Core kernel,
- DMA mapping infrastructure,
- Tracing infrastructure,
- Radix Tree data structure library,
- Kernel userspace event delivery library,
- Objagg library,
- Memory management,
- Amateur Radio drivers,
- Bluetooth subsystem,
- CAN network layer,
- Networking core,
- Ethtool driver,
- IPv4 networking,
- IPv6 networking,
- IUCV driver,
- KCM (Kernel Connection Multiplexor) sockets driver,
- MAC80211 subsystem,
- Netfilter,
- Network traffic control,
- SCTP protocol,
- Sun RPC protocol,
- TIPC protocol,
- TLS protocol,
- Wireless networking,
- AppArmor security module,
- Simplified Mandatory Access Control Kernel framework,
- SoC audio core drivers,
- USB sound devices,
(CVE-2024-43894, CVE-2024-46737, CVE-2024-46828, CVE-2024-42244,
CVE-2024-46723, CVE-2024-41073, CVE-2024-46756, CVE-2024-42288,
CVE-2024-46840, CVE-2024-46771, CVE-2024-46757, CVE-2024-43860,
CVE-2024-46747, CVE-2024-41017, CVE-2024-42246, CVE-2024-44988,
CVE-2024-42281, CVE-2024-36484, CVE-2024-43856, CVE-2024-47668,
CVE-2024-46759, CVE-2024-46744, CVE-2024-42289, CVE-2024-42131,
CVE-2024-46679, CVE-2024-42304, CVE-2024-46818, CVE-2024-43858,
CVE-2024-44960, CVE-2024-45028, CVE-2024-26885, CVE-2024-46676,
CVE-2024-46780, CVE-2024-42310, CVE-2024-44987, CVE-2024-41090,
CVE-2024-44954, CVE-2024-45026, CVE-2024-42285, ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'linux, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4' package(s) on Ubuntu 18.04, Ubuntu 20.04.
Solution:
Please install the updated package(s).
CVSS Score:
9.0
CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
