Vulnerability-Lookup

CVE-2024-27394 (GCVE-0-2024-27394)

Vulnerability from cvelistv5 – Published: 2024-05-09 16:37 – Updated: 2025-05-04 09:04

Title

tcp: Fix Use-After-Free in tcp_ao_connect_init

Summary

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcp_ao_connect_init Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of tcp_ao_connect_init, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe.

Severity ?

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/ca4fb6c6764b3f75b…
	https://git.kernel.org/stable/c/80e679b352c3ce515…

Impacted products

Vendor

Product

Version

Linux

Affected: 7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f , < ca4fb6c6764b3f75b4f5aa81db1536291897ff7f (git)
Affected: 7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f , < 80e679b352c3ce5158f3f778cfb77eb767e586fb (git)

Linux

Affected: 6.7
Unaffected: 0 , < 6.7 (semver)
Unaffected: 6.8.9 , ≤ 6.8.* (semver)
Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "6.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "ca4fb6c6764b",
                "status": "affected",
                "version": "7c2ffaf21bd6",
                "versionType": "git"
              },
              {
                "lessThan": "80e679b352c3",
                "status": "affected",
                "version": "7c2ffaf21bd6",
                "versionType": "git"
              },
              {
                "lessThan": "6.7",
                "status": "unaffected",
                "version": "0",
                "versionType": "git"
              },
              {
                "lessThan": "6.9",
                "status": "unaffected",
                "version": "6.8.9",
                "versionType": "git"
              },
              {
                "lessThanOrEqual": "*",
                "status": "unaffected",
                "version": "6.9",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-27394",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T03:55:12.169Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:34:52.373Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_ao.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ca4fb6c6764b3f75b4f5aa81db1536291897ff7f",
              "status": "affected",
              "version": "7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f",
              "versionType": "git"
            },
            {
              "lessThan": "80e679b352c3ce5158f3f778cfb77eb767e586fb",
              "status": "affected",
              "version": "7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_ao.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.9",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix Use-After-Free in tcp_ao_connect_init\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof tcp_ao_connect_init, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:04:03.796Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f"
        },
        {
          "url": "https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb"
        }
      ],
      "title": "tcp: Fix Use-After-Free in tcp_ao_connect_init",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27394",
    "datePublished": "2024-05-09T16:37:11.495Z",
    "dateReserved": "2024-02-25T13:47:42.677Z",
    "dateUpdated": "2025-05-04T09:04:03.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:34:52.373Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27394\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-05T03:56:15.841644Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.7\"}], \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"7c2ffaf21bd6\", \"lessThan\": \"ca4fb6c6764b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"7c2ffaf21bd6\", \"lessThan\": \"80e679b352c3\", \"versionType\": \"git\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.7\", \"versionType\": \"git\"}, {\"status\": \"unaffected\", \"version\": \"6.8.9\", \"lessThan\": \"6.9\", \"versionType\": \"git\"}, {\"status\": \"unaffected\", \"version\": \"6.9\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-13T16:12:12.127Z\"}}], \"cna\": {\"title\": \"tcp: Fix Use-After-Free in tcp_ao_connect_init\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f\", \"lessThan\": \"ca4fb6c6764b3f75b4f5aa81db1536291897ff7f\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f\", \"lessThan\": \"80e679b352c3ce5158f3f778cfb77eb767e586fb\", \"versionType\": \"git\"}], \"programFiles\": [\"net/ipv4/tcp_ao.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.7\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.8.9\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.8.*\"}, {\"status\": \"unaffected\", \"version\": \"6.9\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/ipv4/tcp_ao.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f\"}, {\"url\": \"https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntcp: Fix Use-After-Free in tcp_ao_connect_init\\n\\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\\nof tcp_ao_connect_init, is not part of the RCU read critical section, it\\nis possible that the RCU grace period will pass during the traversal and\\nthe key will be free.\\n\\nTo prevent this, it should be changed to hlist_for_each_entry_safe.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8.9\", \"versionStartIncluding\": \"6.7\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.9\", \"versionStartIncluding\": \"6.7\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:04:03.796Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-27394\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T09:04:03.796Z\", \"dateReserved\": \"2024-02-25T13:47:42.677Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-09T16:37:11.495Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CVE-2024-27394

Vulnerability from fstec - Published: 23.04.2024

Title

Уязвимость функции tcp_ao_connect_init() реализации протокола IPv4 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции tcp_ao_connect_init() в модуле net/ipv4/tcp_ao.c реализации протокола IPv4 ядра операционной системы Linux связана с повторным использованием ранее освобожденной памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Linux

Software Version

1.7 (Astra Linux Special Edition), от 6.7 до 6.8.8 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27394-4277@gregkh/T/#u https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb https://git.kernel.org/linus/80e679b352c3ce5158f3f778cfb77eb767e586fb https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.9 Для ОС Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17

Reference

https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27394-4277@gregkh/T/#u https://www.cve.org/CVERecord?id=CVE-2024-27394 https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb https://git.kernel.org/linus/80e679b352c3ce5158f3f778cfb77eb767e586fb https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.9 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17

CWE

CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.7 (Astra Linux Special Edition), \u043e\u0442 6.7 \u0434\u043e 6.8.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27394-4277@gregkh/T/#u\nhttps://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f\nhttps://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb\nhttps://git.kernel.org/linus/80e679b352c3ce5158f3f778cfb77eb767e586fb\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.9\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "23.04.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "12.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.05.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-03938",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-27394",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.7 \u0434\u043e 6.8.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 tcp_ao_connect_init() \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 IPv4 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 tcp_ao_connect_init() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 net/ipv4/tcp_ao.c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 IPv4 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u043d\u0435\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27394-4277@gregkh/T/#u\nhttps://www.cve.org/CVERecord?id=CVE-2024-27394\nhttps://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f\nhttps://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb\nhttps://git.kernel.org/linus/80e679b352c3ce5158f3f778cfb77eb767e586fb\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.9\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CERTFR-2024-AVI-0694

Vulnerability from certfr_avis - Published: 2024-08-16 - Updated: 2024-08-16

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6926-3	2024-08-09	vendor-advisory
Bulletin de sécurité Ubuntu USN-6950-2	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6955-1	2024-08-12	vendor-advisory
Bulletin de sécurité Ubuntu USN-6949-2	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6956-1	2024-08-12	vendor-advisory
Bulletin de sécurité Ubuntu USN-6957-1	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6950-3	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6951-2	2024-08-14	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-36903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
    },
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2024-36965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2023-52436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52436"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2024-36889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
    },
    {
      "name": "CVE-2024-36963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36963"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
    },
    {
      "name": "CVE-2024-37353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37353"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-36957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36957"
    },
    {
      "name": "CVE-2024-36921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
    },
    {
      "name": "CVE-2024-36939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36939"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2024-36909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36909"
    },
    {
      "name": "CVE-2024-35991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
    },
    {
      "name": "CVE-2024-35996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35996"
    },
    {
      "name": "CVE-2024-35949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35949"
    },
    {
      "name": "CVE-2024-35850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35850"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-35859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35859"
    },
    {
      "name": "CVE-2024-36900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36900"
    },
    {
      "name": "CVE-2024-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
    },
    {
      "name": "CVE-2024-36001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36001"
    },
    {
      "name": "CVE-2024-36931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36931"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2024-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
    },
    {
      "name": "CVE-2024-36936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
    },
    {
      "name": "CVE-2024-36895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36895"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2024-38539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38539"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
    },
    {
      "name": "CVE-2024-35854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35854"
    },
    {
      "name": "CVE-2024-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2024-38594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38594"
    },
    {
      "name": "CVE-2024-37356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-36912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36912"
    },
    {
      "name": "CVE-2024-36886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
    },
    {
      "name": "CVE-2024-35849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35849"
    },
    {
      "name": "CVE-2024-27400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27400"
    },
    {
      "name": "CVE-2024-36959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36959"
    },
    {
      "name": "CVE-2024-38595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38595"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-36892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36892"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2024-38596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
    },
    {
      "name": "CVE-2024-36929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
    },
    {
      "name": "CVE-2024-36883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
    },
    {
      "name": "CVE-2024-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
    },
    {
      "name": "CVE-2024-27395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27395"
    },
    {
      "name": "CVE-2024-39480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39480"
    },
    {
      "name": "CVE-2024-36004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
    },
    {
      "name": "CVE-2024-36944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36944"
    },
    {
      "name": "CVE-2024-39488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39488"
    },
    {
      "name": "CVE-2024-36897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36897"
    },
    {
      "name": "CVE-2024-36881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36881"
    },
    {
      "name": "CVE-2024-36031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36031"
    },
    {
      "name": "CVE-2024-26857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26857"
    },
    {
      "name": "CVE-2024-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38556"
    },
    {
      "name": "CVE-2024-36946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36946"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2024-36937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
    },
    {
      "name": "CVE-2023-52585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52585"
    },
    {
      "name": "CVE-2024-36911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36911"
    },
    {
      "name": "CVE-2024-38600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
    },
    {
      "name": "CVE-2024-35855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35855"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-38617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38617"
    },
    {
      "name": "CVE-2024-27398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27398"
    },
    {
      "name": "CVE-2024-36926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
    },
    {
      "name": "CVE-2024-36975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
    },
    {
      "name": "CVE-2024-38574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38574"
    },
    {
      "name": "CVE-2024-36913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36913"
    },
    {
      "name": "CVE-2024-36007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36007"
    },
    {
      "name": "CVE-2024-36918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2024-36033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36033"
    },
    {
      "name": "CVE-2024-36952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
    },
    {
      "name": "CVE-2024-36887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36887"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-38586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
    },
    {
      "name": "CVE-2024-38554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38554"
    },
    {
      "name": "CVE-2024-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38616"
    },
    {
      "name": "CVE-2024-24859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
    },
    {
      "name": "CVE-2024-38572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38572"
    },
    {
      "name": "CVE-2024-38606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
    },
    {
      "name": "CVE-2024-36898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36898"
    },
    {
      "name": "CVE-2024-38592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38592"
    },
    {
      "name": "CVE-2024-35852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2024-36966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36966"
    },
    {
      "name": "CVE-2024-36928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36928"
    },
    {
      "name": "CVE-2024-38558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
    },
    {
      "name": "CVE-2024-38613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38613"
    },
    {
      "name": "CVE-2024-35858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35858"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-27401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27401"
    },
    {
      "name": "CVE-2024-36962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
    },
    {
      "name": "CVE-2024-35999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35999"
    },
    {
      "name": "CVE-2024-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38557"
    },
    {
      "name": "CVE-2024-36286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
    },
    {
      "name": "CVE-2024-27396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27396"
    },
    {
      "name": "CVE-2024-36906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
    },
    {
      "name": "CVE-2024-26900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
    },
    {
      "name": "CVE-2024-27017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
    },
    {
      "name": "CVE-2024-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
    },
    {
      "name": "CVE-2024-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38571"
    },
    {
      "name": "CVE-2024-35984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35984"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36948"
    },
    {
      "name": "CVE-2024-36905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36905"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2024-38612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38612"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2024-36951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36951"
    },
    {
      "name": "CVE-2024-36011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
    },
    {
      "name": "CVE-2024-39467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39467"
    },
    {
      "name": "CVE-2024-24858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-36270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2024-35988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35988"
    },
    {
      "name": "CVE-2024-36956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
    },
    {
      "name": "CVE-2024-36955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36955"
    },
    {
      "name": "CVE-2024-27394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27394"
    },
    {
      "name": "CVE-2024-33621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
    },
    {
      "name": "CVE-2024-35994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35994"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2024-38593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38593"
    },
    {
      "name": "CVE-2024-36927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
    },
    {
      "name": "CVE-2024-35993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35993"
    },
    {
      "name": "CVE-2024-39475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
    },
    {
      "name": "CVE-2024-36922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
    },
    {
      "name": "CVE-2024-36882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
    },
    {
      "name": "CVE-2024-36003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36003"
    },
    {
      "name": "CVE-2024-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38568"
    },
    {
      "name": "CVE-2024-36891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
    },
    {
      "name": "CVE-2024-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
    },
    {
      "name": "CVE-2024-35847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35847"
    },
    {
      "name": "CVE-2024-36977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
    },
    {
      "name": "CVE-2022-48674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48674"
    },
    {
      "name": "CVE-2024-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38610"
    },
    {
      "name": "CVE-2024-35978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35978"
    },
    {
      "name": "CVE-2024-39489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39489"
    },
    {
      "name": "CVE-2024-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
    },
    {
      "name": "CVE-2024-31076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
    },
    {
      "name": "CVE-2024-36901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36901"
    },
    {
      "name": "CVE-2024-27013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27013"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2024-35846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35846"
    },
    {
      "name": "CVE-2024-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
    },
    {
      "name": "CVE-2024-38585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38585"
    },
    {
      "name": "CVE-2024-24857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
    },
    {
      "name": "CVE-2023-52882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
    },
    {
      "name": "CVE-2024-36930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-35983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
    },
    {
      "name": "CVE-2024-38633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
    },
    {
      "name": "CVE-2024-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38550"
    },
    {
      "name": "CVE-2024-36943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36943"
    },
    {
      "name": "CVE-2024-36002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
    },
    {
      "name": "CVE-2024-36961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-36013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36013"
    },
    {
      "name": "CVE-2024-26952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26952"
    },
    {
      "name": "CVE-2024-35982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35982"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-36896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36896"
    },
    {
      "name": "CVE-2024-36902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36902"
    },
    {
      "name": "CVE-2024-36014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
    },
    {
      "name": "CVE-2024-36924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36924"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-38570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38570"
    },
    {
      "name": "CVE-2024-36015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
    },
    {
      "name": "CVE-2024-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
    },
    {
      "name": "CVE-2024-38562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38562"
    },
    {
      "name": "CVE-2024-39471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
    },
    {
      "name": "CVE-2024-26882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26882"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2023-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2024-35857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35857"
    },
    {
      "name": "CVE-2024-35989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35989"
    },
    {
      "name": "CVE-2024-36030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36030"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2024-26884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26884"
    },
    {
      "name": "CVE-2024-36932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2024-27020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27020"
    },
    {
      "name": "CVE-2024-36969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2024-38611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-38569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38569"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-26980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26980"
    },
    {
      "name": "CVE-2024-36925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36925"
    },
    {
      "name": "CVE-2024-35856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35856"
    },
    {
      "name": "CVE-2024-38603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38603"
    },
    {
      "name": "CVE-2024-35986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35986"
    },
    {
      "name": "CVE-2024-36890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36890"
    },
    {
      "name": "CVE-2024-36884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-27019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
    },
    {
      "name": "CVE-2024-35987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35987"
    },
    {
      "name": "CVE-2024-36888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36888"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2024-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38584"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2023-52620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
    },
    {
      "name": "CVE-2024-38576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38576"
    },
    {
      "name": "CVE-2024-36947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36947"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-38588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38588"
    },
    {
      "name": "CVE-2024-36009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36009"
    },
    {
      "name": "CVE-2024-38614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38614"
    },
    {
      "name": "CVE-2024-36958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36958"
    },
    {
      "name": "CVE-2024-36893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36893"
    },
    {
      "name": "CVE-2024-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38637"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-39276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
    },
    {
      "name": "CVE-2024-36032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36032"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
    },
    {
      "name": "CVE-2024-36910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36910"
    },
    {
      "name": "CVE-2024-38542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38542"
    },
    {
      "name": "CVE-2024-36914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36914"
    },
    {
      "name": "CVE-2024-38589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38589"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2024-38381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2024-39493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
    },
    {
      "name": "CVE-2024-36920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
    },
    {
      "name": "CVE-2024-38551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38551"
    },
    {
      "name": "CVE-2024-36968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36968"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38620"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-36935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36935"
    },
    {
      "name": "CVE-2024-42134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42134"
    },
    {
      "name": "CVE-2024-36916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
    },
    {
      "name": "CVE-2024-39482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39482"
    },
    {
      "name": "CVE-2024-26936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26936"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2024-36979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979"
    },
    {
      "name": "CVE-2024-36006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36006"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-39292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39292"
    },
    {
      "name": "CVE-2024-38607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38607"
    },
    {
      "name": "CVE-2024-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
    },
    {
      "name": "CVE-2024-36954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36954"
    },
    {
      "name": "CVE-2023-52443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52443"
    },
    {
      "name": "CVE-2024-36933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36933"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-36000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
    },
    {
      "name": "CVE-2024-41011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
    },
    {
      "name": "CVE-2024-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
    },
    {
      "name": "CVE-2024-38563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38563"
    },
    {
      "name": "CVE-2024-35851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35851"
    },
    {
      "name": "CVE-2024-38591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38591"
    },
    {
      "name": "CVE-2024-36953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-38543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38543"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2024-36012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
    },
    {
      "name": "CVE-2024-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-36028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
    },
    {
      "name": "CVE-2024-36029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36029"
    },
    {
      "name": "CVE-2024-35853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35853"
    },
    {
      "name": "CVE-2023-52449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52449"
    },
    {
      "name": "CVE-2023-52444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52444"
    }
  ],
  "initial_release_date": "2024-08-16T00:00:00",
  "last_revision_date": "2024-08-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0694",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6926-3",
      "url": "https://ubuntu.com/security/notices/USN-6926-3"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-2",
      "url": "https://ubuntu.com/security/notices/USN-6950-2"
    },
    {
      "published_at": "2024-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6955-1",
      "url": "https://ubuntu.com/security/notices/USN-6955-1"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6949-2",
      "url": "https://ubuntu.com/security/notices/USN-6949-2"
    },
    {
      "published_at": "2024-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6956-1",
      "url": "https://ubuntu.com/security/notices/USN-6956-1"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6957-1",
      "url": "https://ubuntu.com/security/notices/USN-6957-1"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-3",
      "url": "https://ubuntu.com/security/notices/USN-6950-3"
    },
    {
      "published_at": "2024-08-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6951-2",
      "url": "https://ubuntu.com/security/notices/USN-6951-2"
    }
  ]
}

CERTFR-2024-AVI-0667

Vulnerability from certfr_avis - Published: 2024-08-09 - Updated: 2024-08-09

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	N/A	Ubuntu 22.04 LTS
Ubuntu	N/A	Ubuntu 18.04 ESM
Ubuntu	N/A	Ubuntu 24.04 LTS
Ubuntu	N/A	Ubuntu 14.04 ESM
Ubuntu	N/A	Ubuntu 20.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6895-4	2024-08-02	vendor-advisory
Bulletin de sécurité Ubuntu USN-6951-1	2024-08-08	vendor-advisory
Bulletin de sécurité Ubuntu USN-6926-2	2024-08-01	vendor-advisory
Bulletin de sécurité Ubuntu USN-6952-1	2024-08-09	vendor-advisory
Bulletin de sécurité Ubuntu USN-6949-1	2024-08-08	vendor-advisory
Bulletin de sécurité Ubuntu USN-6922-2	2024-08-01	vendor-advisory
Bulletin de sécurité Ubuntu USN-6950-1	2024-08-08	vendor-advisory
Bulletin de sécurité Ubuntu USN-6953-1	2024-08-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-52436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52436"
    },
    {
      "name": "CVE-2023-52443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52443"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2023-52449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52449"
    },
    {
      "name": "CVE-2023-52444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52444"
    },
    {
      "name": "CVE-2024-26601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26601"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2024-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
    },
    {
      "name": "CVE-2024-1151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
    },
    {
      "name": "CVE-2023-6270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2023-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2024-26667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26667"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2024-26695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
    },
    {
      "name": "CVE-2024-26717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-26584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
    },
    {
      "name": "CVE-2024-26707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-26689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
    },
    {
      "name": "CVE-2024-26748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26748"
    },
    {
      "name": "CVE-2023-52638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52638"
    },
    {
      "name": "CVE-2024-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
    },
    {
      "name": "CVE-2024-26718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26718"
    },
    {
      "name": "CVE-2024-26702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
    },
    {
      "name": "CVE-2024-26685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
    },
    {
      "name": "CVE-2024-26583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
    },
    {
      "name": "CVE-2024-26710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26710"
    },
    {
      "name": "CVE-2024-26803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
    },
    {
      "name": "CVE-2024-26798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26798"
    },
    {
      "name": "CVE-2024-26663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
    },
    {
      "name": "CVE-2024-26675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
    },
    {
      "name": "CVE-2023-52631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52631"
    },
    {
      "name": "CVE-2024-26712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26712"
    },
    {
      "name": "CVE-2024-24858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2024-26723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26723"
    },
    {
      "name": "CVE-2024-26684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
    },
    {
      "name": "CVE-2024-24857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
    },
    {
      "name": "CVE-2024-26660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
    },
    {
      "name": "CVE-2024-26789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26789"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2024-26726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
    },
    {
      "name": "CVE-2024-26676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26676"
    },
    {
      "name": "CVE-2024-26688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26688"
    },
    {
      "name": "CVE-2024-26802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26802"
    },
    {
      "name": "CVE-2024-26722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
    },
    {
      "name": "CVE-2024-26681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
    },
    {
      "name": "CVE-2024-26733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
    },
    {
      "name": "CVE-2023-52620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
    },
    {
      "name": "CVE-2024-26700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
    },
    {
      "name": "CVE-2024-26665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26665"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
    },
    {
      "name": "CVE-2024-26790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
    },
    {
      "name": "CVE-2024-26715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26715"
    },
    {
      "name": "CVE-2024-26714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
    },
    {
      "name": "CVE-2024-26792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26792"
    },
    {
      "name": "CVE-2024-26680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26680"
    },
    {
      "name": "CVE-2024-26736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
    },
    {
      "name": "CVE-2024-26782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26782"
    },
    {
      "name": "CVE-2024-26980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26980"
    },
    {
      "name": "CVE-2024-26917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26917"
    },
    {
      "name": "CVE-2024-27013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27013"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-26910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26910"
    },
    {
      "name": "CVE-2024-26907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2024-26889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26889"
    },
    {
      "name": "CVE-2024-26882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26882"
    },
    {
      "name": "CVE-2024-27020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27020"
    },
    {
      "name": "CVE-2024-26820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26820"
    },
    {
      "name": "CVE-2024-26936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26936"
    },
    {
      "name": "CVE-2024-24861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24861"
    },
    {
      "name": "CVE-2024-26920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26920"
    },
    {
      "name": "CVE-2024-26857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26857"
    },
    {
      "name": "CVE-2024-26898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26898"
    },
    {
      "name": "CVE-2023-52642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52642"
    },
    {
      "name": "CVE-2024-26922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26922"
    },
    {
      "name": "CVE-2024-26884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26884"
    },
    {
      "name": "CVE-2024-26825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-27019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2024-26926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26926"
    },
    {
      "name": "CVE-2024-26826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
    },
    {
      "name": "CVE-2024-26916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26916"
    },
    {
      "name": "CVE-2023-52643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
    },
    {
      "name": "CVE-2024-26829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26829"
    },
    {
      "name": "CVE-2024-26830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26830"
    },
    {
      "name": "CVE-2023-52645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52645"
    },
    {
      "name": "CVE-2021-47131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47131"
    },
    {
      "name": "CVE-2023-52585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52585"
    },
    {
      "name": "CVE-2022-48655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48655"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2024-26693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26693"
    },
    {
      "name": "CVE-2024-26694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26694"
    },
    {
      "name": "CVE-2024-26919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26919"
    },
    {
      "name": "CVE-2023-52882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
    },
    {
      "name": "CVE-2024-26900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
    },
    {
      "name": "CVE-2024-27398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27398"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-27401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27401"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-36031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36031"
    },
    {
      "name": "CVE-2024-36883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
    },
    {
      "name": "CVE-2024-36886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
    },
    {
      "name": "CVE-2024-36889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
    },
    {
      "name": "CVE-2024-36902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36902"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-36905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36905"
    },
    {
      "name": "CVE-2024-36916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2024-36929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
    },
    {
      "name": "CVE-2024-36933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36933"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2024-36939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36939"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-36946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36946"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2024-36953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
    },
    {
      "name": "CVE-2024-36954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36954"
    },
    {
      "name": "CVE-2024-36957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36957"
    },
    {
      "name": "CVE-2024-36959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36959"
    },
    {
      "name": "CVE-2023-52880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52880"
    },
    {
      "name": "CVE-2024-26822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
    },
    {
      "name": "CVE-2024-26838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
    },
    {
      "name": "CVE-2024-27395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27395"
    },
    {
      "name": "CVE-2024-27396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27396"
    },
    {
      "name": "CVE-2024-27400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27400"
    },
    {
      "name": "CVE-2024-27416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27416"
    },
    {
      "name": "CVE-2024-35833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35833"
    },
    {
      "name": "CVE-2024-35847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35847"
    },
    {
      "name": "CVE-2024-35849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35849"
    },
    {
      "name": "CVE-2024-35851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35851"
    },
    {
      "name": "CVE-2024-35852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
    },
    {
      "name": "CVE-2024-35854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35854"
    },
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2024-35978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35978"
    },
    {
      "name": "CVE-2024-35982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35982"
    },
    {
      "name": "CVE-2024-35984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35984"
    },
    {
      "name": "CVE-2024-35989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35989"
    },
    {
      "name": "CVE-2024-35990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35990"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2024-35999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35999"
    },
    {
      "name": "CVE-2024-36006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36006"
    },
    {
      "name": "CVE-2024-36007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36007"
    },
    {
      "name": "CVE-2024-36012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
    },
    {
      "name": "CVE-2024-36014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
    },
    {
      "name": "CVE-2024-36015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-36029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36029"
    },
    {
      "name": "CVE-2024-36032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36032"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-36893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36893"
    },
    {
      "name": "CVE-2024-36896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36896"
    },
    {
      "name": "CVE-2024-36897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36897"
    },
    {
      "name": "CVE-2024-36906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
    },
    {
      "name": "CVE-2024-36918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
    },
    {
      "name": "CVE-2024-36924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36924"
    },
    {
      "name": "CVE-2024-36926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
    },
    {
      "name": "CVE-2024-36928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36928"
    },
    {
      "name": "CVE-2024-36931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36931"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2024-36944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36944"
    },
    {
      "name": "CVE-2024-36947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36947"
    },
    {
      "name": "CVE-2024-36952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
    },
    {
      "name": "CVE-2024-36955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36955"
    },
    {
      "name": "CVE-2024-26674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
    },
    {
      "name": "CVE-2024-35850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35850"
    },
    {
      "name": "CVE-2024-35986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35986"
    },
    {
      "name": "CVE-2024-35991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
    },
    {
      "name": "CVE-2024-35992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35992"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2024-36002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
    },
    {
      "name": "CVE-2024-36009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36009"
    },
    {
      "name": "CVE-2024-36011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
    },
    {
      "name": "CVE-2024-36013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36013"
    },
    {
      "name": "CVE-2024-36030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36030"
    },
    {
      "name": "CVE-2024-36890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36890"
    },
    {
      "name": "CVE-2024-36891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-36895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36895"
    },
    {
      "name": "CVE-2024-36898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36898"
    },
    {
      "name": "CVE-2024-36921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
    },
    {
      "name": "CVE-2024-36922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
    },
    {
      "name": "CVE-2024-36930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
    },
    {
      "name": "CVE-2024-36936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2024-36951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36951"
    },
    {
      "name": "CVE-2024-31076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
    },
    {
      "name": "CVE-2024-33621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
    },
    {
      "name": "CVE-2024-35853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35853"
    },
    {
      "name": "CVE-2024-35855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35855"
    },
    {
      "name": "CVE-2024-35983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
    },
    {
      "name": "CVE-2024-35988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35988"
    },
    {
      "name": "CVE-2024-35996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35996"
    },
    {
      "name": "CVE-2024-36004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36008"
    },
    {
      "name": "CVE-2024-36286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-37353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37353"
    },
    {
      "name": "CVE-2024-37356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
    },
    {
      "name": "CVE-2024-38381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2024-38558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2024-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
    },
    {
      "name": "CVE-2024-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
    },
    {
      "name": "CVE-2024-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
    },
    {
      "name": "CVE-2024-38589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38589"
    },
    {
      "name": "CVE-2024-38596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2024-38599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-38612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38612"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
    },
    {
      "name": "CVE-2024-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
    },
    {
      "name": "CVE-2024-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38637"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2024-39292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39292"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2024-26890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26890"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2024-35857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35857"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-36900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36900"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-36937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
    },
    {
      "name": "CVE-2024-36967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
    },
    {
      "name": "CVE-2024-36969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
    },
    {
      "name": "CVE-2024-36975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2024-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
    },
    {
      "name": "CVE-2024-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
    },
    {
      "name": "CVE-2024-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38550"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38556"
    },
    {
      "name": "CVE-2024-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38557"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2024-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38568"
    },
    {
      "name": "CVE-2024-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38571"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
    },
    {
      "name": "CVE-2024-38591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38591"
    },
    {
      "name": "CVE-2024-38594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38594"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-38600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
    },
    {
      "name": "CVE-2024-38603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38603"
    },
    {
      "name": "CVE-2024-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
    },
    {
      "name": "CVE-2024-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38616"
    },
    {
      "name": "CVE-2024-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2024-39471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
    },
    {
      "name": "CVE-2024-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38610"
    },
    {
      "name": "CVE-2024-39475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
    },
    {
      "name": "CVE-2024-24859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
    },
    {
      "name": "CVE-2024-26661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
    },
    {
      "name": "CVE-2024-26662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26662"
    },
    {
      "name": "CVE-2024-26666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26666"
    },
    {
      "name": "CVE-2024-26677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26677"
    },
    {
      "name": "CVE-2024-26691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26691"
    },
    {
      "name": "CVE-2024-26703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26703"
    },
    {
      "name": "CVE-2024-26708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26708"
    },
    {
      "name": "CVE-2024-26711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26711"
    },
    {
      "name": "CVE-2024-26716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26716"
    },
    {
      "name": "CVE-2024-26719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26719"
    },
    {
      "name": "CVE-2024-26734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
    },
    {
      "name": "CVE-2024-26818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
    },
    {
      "name": "CVE-2024-26824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26824"
    },
    {
      "name": "CVE-2024-26831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
    },
    {
      "name": "CVE-2024-36270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
    },
    {
      "name": "CVE-2024-38543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38543"
    },
    {
      "name": "CVE-2024-38586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
    },
    {
      "name": "CVE-2024-38593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38593"
    },
    {
      "name": "CVE-2024-38607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38607"
    },
    {
      "name": "CVE-2024-38613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38613"
    },
    {
      "name": "CVE-2024-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
    },
    {
      "name": "CVE-2024-39276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
    },
    {
      "name": "CVE-2024-39467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39467"
    },
    {
      "name": "CVE-2024-39480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39480"
    },
    {
      "name": "CVE-2024-39482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39482"
    },
    {
      "name": "CVE-2024-39488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39488"
    },
    {
      "name": "CVE-2024-39489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39489"
    },
    {
      "name": "CVE-2024-39493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
    },
    {
      "name": "CVE-2024-36882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
    },
    {
      "name": "CVE-2024-36887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36887"
    },
    {
      "name": "CVE-2024-36903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
    },
    {
      "name": "CVE-2024-36935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36935"
    },
    {
      "name": "CVE-2024-36962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
    },
    {
      "name": "CVE-2024-36977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
    },
    {
      "name": "CVE-2024-38539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38539"
    },
    {
      "name": "CVE-2024-38551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38551"
    },
    {
      "name": "CVE-2024-38554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38554"
    },
    {
      "name": "CVE-2024-38562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38562"
    },
    {
      "name": "CVE-2024-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
    },
    {
      "name": "CVE-2024-38569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38569"
    },
    {
      "name": "CVE-2024-38570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38570"
    },
    {
      "name": "CVE-2024-38572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38572"
    },
    {
      "name": "CVE-2024-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
    },
    {
      "name": "CVE-2024-38588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38588"
    },
    {
      "name": "CVE-2024-38592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38592"
    },
    {
      "name": "CVE-2024-38595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38595"
    },
    {
      "name": "CVE-2024-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
    },
    {
      "name": "CVE-2024-38611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
    },
    {
      "name": "CVE-2024-38617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38617"
    },
    {
      "name": "CVE-2022-48674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48674"
    },
    {
      "name": "CVE-2024-27394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27394"
    },
    {
      "name": "CVE-2024-35846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35846"
    },
    {
      "name": "CVE-2024-35856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35856"
    },
    {
      "name": "CVE-2024-35858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35858"
    },
    {
      "name": "CVE-2024-35859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35859"
    },
    {
      "name": "CVE-2024-35949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35949"
    },
    {
      "name": "CVE-2024-35987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35987"
    },
    {
      "name": "CVE-2024-35993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35993"
    },
    {
      "name": "CVE-2024-35994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35994"
    },
    {
      "name": "CVE-2024-36000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
    },
    {
      "name": "CVE-2024-36001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36001"
    },
    {
      "name": "CVE-2024-36003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36003"
    },
    {
      "name": "CVE-2024-36028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
    },
    {
      "name": "CVE-2024-36033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36033"
    },
    {
      "name": "CVE-2024-36881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36881"
    },
    {
      "name": "CVE-2024-36884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
    },
    {
      "name": "CVE-2024-36888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36888"
    },
    {
      "name": "CVE-2024-36892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36892"
    },
    {
      "name": "CVE-2024-36901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36901"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2024-36909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36909"
    },
    {
      "name": "CVE-2024-36910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36910"
    },
    {
      "name": "CVE-2024-36911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36911"
    },
    {
      "name": "CVE-2024-36912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36912"
    },
    {
      "name": "CVE-2024-36913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36913"
    },
    {
      "name": "CVE-2024-36914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36914"
    },
    {
      "name": "CVE-2024-36920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
    },
    {
      "name": "CVE-2024-36925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36925"
    },
    {
      "name": "CVE-2024-36927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
    },
    {
      "name": "CVE-2024-36932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
    },
    {
      "name": "CVE-2024-36943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36943"
    },
    {
      "name": "CVE-2024-36948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36948"
    },
    {
      "name": "CVE-2024-36956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
    },
    {
      "name": "CVE-2024-36958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36958"
    },
    {
      "name": "CVE-2024-36961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
    },
    {
      "name": "CVE-2024-36963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36963"
    },
    {
      "name": "CVE-2024-36966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36966"
    },
    {
      "name": "CVE-2024-36968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36968"
    },
    {
      "name": "CVE-2024-36979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979"
    },
    {
      "name": "CVE-2024-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
    },
    {
      "name": "CVE-2024-38542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38542"
    },
    {
      "name": "CVE-2024-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
    },
    {
      "name": "CVE-2024-38563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38563"
    },
    {
      "name": "CVE-2024-38574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38574"
    },
    {
      "name": "CVE-2024-38576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38576"
    },
    {
      "name": "CVE-2024-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
    },
    {
      "name": "CVE-2024-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38584"
    },
    {
      "name": "CVE-2024-38585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38585"
    },
    {
      "name": "CVE-2024-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
    },
    {
      "name": "CVE-2024-38606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
    },
    {
      "name": "CVE-2024-38614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38614"
    },
    {
      "name": "CVE-2024-38620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38620"
    },
    {
      "name": "CVE-2024-41011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
    },
    {
      "name": "CVE-2024-42134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42134"
    }
  ],
  "initial_release_date": "2024-08-09T00:00:00",
  "last_revision_date": "2024-08-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0667",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-08-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6895-4",
      "url": "https://ubuntu.com/security/notices/USN-6895-4"
    },
    {
      "published_at": "2024-08-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6951-1",
      "url": "https://ubuntu.com/security/notices/USN-6951-1"
    },
    {
      "published_at": "2024-08-01",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6926-2",
      "url": "https://ubuntu.com/security/notices/USN-6926-2"
    },
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6952-1",
      "url": "https://ubuntu.com/security/notices/USN-6952-1"
    },
    {
      "published_at": "2024-08-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6949-1",
      "url": "https://ubuntu.com/security/notices/USN-6949-1"
    },
    {
      "published_at": "2024-08-01",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6922-2",
      "url": "https://ubuntu.com/security/notices/USN-6922-2"
    },
    {
      "published_at": "2024-08-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-1",
      "url": "https://ubuntu.com/security/notices/USN-6950-1"
    },
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6953-1",
      "url": "https://ubuntu.com/security/notices/USN-6953-1"
    }
  ]
}

FKIE_CVE-2024-27394

Vulnerability from fkie_nvd - Published: 2024-05-14 15:12 - Updated: 2025-04-08 19:41

Severity ?

7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	6.9
linux	linux_kernel	6.9
linux	linux_kernel	6.9
linux	linux_kernel	6.9
linux	linux_kernel	6.9

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612",
              "versionEndExcluding": "6.8.9",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix Use-After-Free in tcp_ao_connect_init\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof tcp_ao_connect_init, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp: Fix Use-After-Free en tcp_ao_connect_init Dado que call_rcu, que se llama en el recorrido hlist_for_each_entry_rcu de tcp_ao_connect_init, no forma parte de la secci\u00f3n cr\u00edtica de lectura de RCU, es posible que el El per\u00edodo de gracia de RCU transcurrir\u00e1 durante el recorrido y la clave quedar\u00e1 gratuita. Para evitar esto, se debe cambiar a hlist_for_each_entry_safe."
    }
  ],
  "id": "CVE-2024-27394",
  "lastModified": "2025-04-08T19:41:12.423",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.4,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-14T15:12:27.363",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GSD-2024-27394

Vulnerability from gsd - Updated: 2024-02-26 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-27394

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-27394"
      ],
      "id": "GSD-2024-27394",
      "modified": "2024-02-26T06:02:26.767400Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-27394",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

GHSA-Q3RG-6598-285V

Vulnerability from github – Published: 2024-05-14 15:32 – Updated: 2024-07-03 18:40

Details

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix Use-After-Free in tcp_ao_connect_init

Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of tcp_ao_connect_init, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free.

To prevent this, it should be changed to hlist_for_each_entry_safe.

Severity ?

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-27394"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T15:12:27Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix Use-After-Free in tcp_ao_connect_init\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof tcp_ao_connect_init, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
  "id": "GHSA-q3rg-6598-285v",
  "modified": "2024-07-03T18:40:10Z",
  "published": "2024-05-14T15:32:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27394"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-27394 (GCVE-0-2024-27394)

CVE-2024-27394

CERTFR-2024-AVI-0694

Solutions

CERTFR-2024-AVI-0667

Solutions

FKIE_CVE-2024-27394

GSD-2024-27394

GHSA-Q3RG-6598-285V

Tags

Sightings

Nomenclature