Vulnerability-Lookup

CVE-2024-27069 (GCVE-0-2024-27069)

Vulnerability from cvelistv5 – Published: 2024-05-01 13:04 – Updated: 2025-05-04 09:03

Title

ovl: relax WARN_ON in ovl_verify_area()

Summary

In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARN_ON in ovl_verify_area() syzbot hit an assertion in copy up data loop which looks like it is the result of a lower file whose size is being changed underneath overlayfs. This type of use case is documented to cause undefined behavior, so returning EIO error for the copy up makes sense, but it should not be causing a WARN_ON assertion.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

CERTFR-2024-AVI-0546

Vulnerability from certfr_avis - Published: 2024-07-05 - Updated: 2024-07-05

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	N/A	Ubuntu 22.04 LTS
Ubuntu	N/A	Ubuntu 16.04 ESM
Ubuntu	N/A	Ubuntu 18.04 ESM
Ubuntu	N/A	Ubuntu 24.04 LTS
Ubuntu	N/A	Ubuntu 20.04 LTS
Ubuntu	N/A	Ubuntu 23.10

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6866-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6874-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6871-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6873-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6873-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6878-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6872-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6868-1	2024-07-03	vendor-advisory
Bulletin de sécurité Ubuntu USN-6864-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6875-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6870-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6870-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6864-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6872-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6863-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6869-1	2024-07-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-27024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27024"
    },
    {
      "name": "CVE-2024-26957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26957"
    },
    {
      "name": "CVE-2024-35797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35797"
    },
    {
      "name": "CVE-2024-27435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27435"
    },
    {
      "name": "CVE-2024-26601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26601"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2024-27391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27391"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2024-35810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
    },
    {
      "name": "CVE-2024-27051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27051"
    },
    {
      "name": "CVE-2024-26898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26898"
    },
    {
      "name": "CVE-2024-26654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26654"
    },
    {
      "name": "CVE-2024-26656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26656"
    },
    {
      "name": "CVE-2023-52663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
    },
    {
      "name": "CVE-2024-26816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26816"
    },
    {
      "name": "CVE-2024-27030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27030"
    },
    {
      "name": "CVE-2024-26896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
    },
    {
      "name": "CVE-2024-26897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
    },
    {
      "name": "CVE-2024-26866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26866"
    },
    {
      "name": "CVE-2024-26881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26881"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2024-27028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27028"
    },
    {
      "name": "CVE-2024-27052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
    },
    {
      "name": "CVE-2024-26950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26950"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2024-26961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
    },
    {
      "name": "CVE-2024-26754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26754"
    },
    {
      "name": "CVE-2024-26968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26968"
    },
    {
      "name": "CVE-2024-27078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27078"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-35828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35828"
    },
    {
      "name": "CVE-2023-52653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52653"
    },
    {
      "name": "CVE-2024-27063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27063"
    },
    {
      "name": "CVE-2024-26848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26848"
    },
    {
      "name": "CVE-2024-26883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26883"
    },
    {
      "name": "CVE-2024-27034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27034"
    },
    {
      "name": "CVE-2024-35805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35805"
    },
    {
      "name": "CVE-2024-27389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27389"
    },
    {
      "name": "CVE-2024-26790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
    },
    {
      "name": "CVE-2024-27392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27392"
    },
    {
      "name": "CVE-2024-27038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27038"
    },
    {
      "name": "CVE-2024-35799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35799"
    },
    {
      "name": "CVE-2024-35822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35822"
    },
    {
      "name": "CVE-2024-26977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26977"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-26953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
    },
    {
      "name": "CVE-2024-26750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26750"
    },
    {
      "name": "CVE-2024-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
    },
    {
      "name": "CVE-2024-26976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26976"
    },
    {
      "name": "CVE-2024-26964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
    },
    {
      "name": "CVE-2024-27437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27437"
    },
    {
      "name": "CVE-2024-26927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26927"
    },
    {
      "name": "CVE-2024-21823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
    },
    {
      "name": "CVE-2024-26959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26959"
    },
    {
      "name": "CVE-2023-52640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52640"
    },
    {
      "name": "CVE-2024-27403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27403"
    },
    {
      "name": "CVE-2024-27041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27041"
    },
    {
      "name": "CVE-2024-35844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35844"
    },
    {
      "name": "CVE-2024-26802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26802"
    },
    {
      "name": "CVE-2024-26970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26970"
    },
    {
      "name": "CVE-2024-26815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
    },
    {
      "name": "CVE-2024-26805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
    },
    {
      "name": "CVE-2024-26891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26891"
    },
    {
      "name": "CVE-2024-27069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27069"
    },
    {
      "name": "CVE-2024-27032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27032"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-26774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26774"
    },
    {
      "name": "CVE-2024-26879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26879"
    },
    {
      "name": "CVE-2024-26903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26903"
    },
    {
      "name": "CVE-2024-27033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27033"
    },
    {
      "name": "CVE-2024-26859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26859"
    },
    {
      "name": "CVE-2024-26887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26887"
    },
    {
      "name": "CVE-2024-26839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26839"
    },
    {
      "name": "CVE-2023-52649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
    },
    {
      "name": "CVE-2024-26857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26857"
    },
    {
      "name": "CVE-2024-26937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26937"
    },
    {
      "name": "CVE-2024-35814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
    },
    {
      "name": "CVE-2024-26946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26946"
    },
    {
      "name": "CVE-2024-35803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35803"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-27413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27413"
    },
    {
      "name": "CVE-2024-27042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
    },
    {
      "name": "CVE-2024-26801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
    },
    {
      "name": "CVE-2024-27043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27043"
    },
    {
      "name": "CVE-2023-7042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
    },
    {
      "name": "CVE-2024-26963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26963"
    },
    {
      "name": "CVE-2024-27071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27071"
    },
    {
      "name": "CVE-2024-27419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27419"
    },
    {
      "name": "CVE-2024-26643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
    },
    {
      "name": "CVE-2024-26779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
    },
    {
      "name": "CVE-2024-26940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26940"
    },
    {
      "name": "CVE-2024-26969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26969"
    },
    {
      "name": "CVE-2024-26880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26880"
    },
    {
      "name": "CVE-2023-52650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52650"
    },
    {
      "name": "CVE-2024-26773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26773"
    },
    {
      "name": "CVE-2024-35813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35813"
    },
    {
      "name": "CVE-2024-27434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-26931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26931"
    },
    {
      "name": "CVE-2024-26763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26763"
    },
    {
      "name": "CVE-2024-26895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26895"
    },
    {
      "name": "CVE-2024-26749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26749"
    },
    {
      "name": "CVE-2024-26951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26951"
    },
    {
      "name": "CVE-2024-27048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27048"
    },
    {
      "name": "CVE-2024-35845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
    },
    {
      "name": "CVE-2024-26938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26938"
    },
    {
      "name": "CVE-2024-27072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27072"
    },
    {
      "name": "CVE-2024-26949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26949"
    },
    {
      "name": "CVE-2024-26862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26862"
    },
    {
      "name": "CVE-2024-27068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27068"
    },
    {
      "name": "CVE-2024-26900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
    },
    {
      "name": "CVE-2024-35821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35821"
    },
    {
      "name": "CVE-2024-26965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26965"
    },
    {
      "name": "CVE-2024-35829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35829"
    },
    {
      "name": "CVE-2024-26885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26885"
    },
    {
      "name": "CVE-2024-35798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35798"
    },
    {
      "name": "CVE-2021-47063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47063"
    },
    {
      "name": "CVE-2024-26804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26804"
    },
    {
      "name": "CVE-2024-26751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26751"
    },
    {
      "name": "CVE-2024-26941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26941"
    },
    {
      "name": "CVE-2024-27065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
    },
    {
      "name": "CVE-2023-6270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
    },
    {
      "name": "CVE-2024-27388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27388"
    },
    {
      "name": "CVE-2024-27047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27047"
    },
    {
      "name": "CVE-2024-26743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
    },
    {
      "name": "CVE-2024-35808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35808"
    },
    {
      "name": "CVE-2024-26948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26948"
    },
    {
      "name": "CVE-2024-35795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
    },
    {
      "name": "CVE-2024-27050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27050"
    },
    {
      "name": "CVE-2024-26929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26929"
    },
    {
      "name": "CVE-2024-26787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26787"
    },
    {
      "name": "CVE-2024-26943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26943"
    },
    {
      "name": "CVE-2024-27035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27035"
    },
    {
      "name": "CVE-2024-26814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26814"
    },
    {
      "name": "CVE-2024-35901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
    },
    {
      "name": "CVE-2024-27412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27412"
    },
    {
      "name": "CVE-2024-26935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26935"
    },
    {
      "name": "CVE-2024-26978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26978"
    },
    {
      "name": "CVE-2024-26865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26865"
    },
    {
      "name": "CVE-2024-26846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26846"
    },
    {
      "name": "CVE-2024-27053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27053"
    },
    {
      "name": "CVE-2024-27040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27040"
    },
    {
      "name": "CVE-2024-27026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
    },
    {
      "name": "CVE-2024-27077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27077"
    },
    {
      "name": "CVE-2024-35809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35809"
    },
    {
      "name": "CVE-2024-35827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
    },
    {
      "name": "CVE-2024-26748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26748"
    },
    {
      "name": "CVE-2024-27070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27070"
    },
    {
      "name": "CVE-2024-27037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27037"
    },
    {
      "name": "CVE-2024-26782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26782"
    },
    {
      "name": "CVE-2024-26833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26833"
    },
    {
      "name": "CVE-2023-52647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52647"
    },
    {
      "name": "CVE-2024-35793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35793"
    },
    {
      "name": "CVE-2024-26877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26877"
    },
    {
      "name": "CVE-2024-27064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27064"
    },
    {
      "name": "CVE-2023-52645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52645"
    },
    {
      "name": "CVE-2024-35806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35806"
    },
    {
      "name": "CVE-2024-26792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26792"
    },
    {
      "name": "CVE-2024-26915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26915"
    },
    {
      "name": "CVE-2024-26803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
    },
    {
      "name": "CVE-2024-26947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26947"
    },
    {
      "name": "CVE-2024-27073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27073"
    },
    {
      "name": "CVE-2024-26583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2024-27431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27431"
    },
    {
      "name": "CVE-2024-26922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26922"
    },
    {
      "name": "CVE-2024-26733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
    },
    {
      "name": "CVE-2024-27027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
    },
    {
      "name": "CVE-2024-26851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26851"
    },
    {
      "name": "CVE-2024-26812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26812"
    },
    {
      "name": "CVE-2024-26688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26688"
    },
    {
      "name": "CVE-2024-35831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
    },
    {
      "name": "CVE-2024-26955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26955"
    },
    {
      "name": "CVE-2024-26888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26888"
    },
    {
      "name": "CVE-2024-26861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26861"
    },
    {
      "name": "CVE-2024-26906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26906"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-26889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26889"
    },
    {
      "name": "CVE-2024-26584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
    },
    {
      "name": "CVE-2024-27076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27076"
    },
    {
      "name": "CVE-2024-35830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35830"
    },
    {
      "name": "CVE-2023-52662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
    },
    {
      "name": "CVE-2024-27417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
    },
    {
      "name": "CVE-2024-27029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27029"
    },
    {
      "name": "CVE-2024-35796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35796"
    },
    {
      "name": "CVE-2024-26952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26952"
    },
    {
      "name": "CVE-2024-27058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27058"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2024-26651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26651"
    },
    {
      "name": "CVE-2024-26871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26871"
    },
    {
      "name": "CVE-2024-26958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26958"
    },
    {
      "name": "CVE-2024-27436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27436"
    },
    {
      "name": "CVE-2024-26956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26956"
    },
    {
      "name": "CVE-2024-26776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26776"
    },
    {
      "name": "CVE-2024-26892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
    },
    {
      "name": "CVE-2023-52497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
    },
    {
      "name": "CVE-2024-35787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
    },
    {
      "name": "CVE-2024-26939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26939"
    },
    {
      "name": "CVE-2024-26960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26960"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2023-47233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47233"
    },
    {
      "name": "CVE-2024-26882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26882"
    },
    {
      "name": "CVE-2023-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
    },
    {
      "name": "CVE-2024-26975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
    },
    {
      "name": "CVE-2024-26653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26653"
    },
    {
      "name": "CVE-2024-27036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27036"
    },
    {
      "name": "CVE-2024-26884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26884"
    },
    {
      "name": "CVE-2024-26771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26771"
    },
    {
      "name": "CVE-2022-38096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
    },
    {
      "name": "CVE-2024-26769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26769"
    },
    {
      "name": "CVE-2024-26737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26737"
    },
    {
      "name": "CVE-2024-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26868"
    },
    {
      "name": "CVE-2023-52661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
    },
    {
      "name": "CVE-2024-26899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
    },
    {
      "name": "CVE-2024-26966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26966"
    },
    {
      "name": "CVE-2024-22099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
    },
    {
      "name": "CVE-2024-27044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27044"
    },
    {
      "name": "CVE-2024-35874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35874"
    },
    {
      "name": "CVE-2024-27039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
    },
    {
      "name": "CVE-2024-27416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27416"
    },
    {
      "name": "CVE-2024-26747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26747"
    },
    {
      "name": "CVE-2024-26843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26843"
    },
    {
      "name": "CVE-2024-26971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26971"
    },
    {
      "name": "CVE-2023-52620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2024-26933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
    },
    {
      "name": "CVE-2024-26793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26793"
    },
    {
      "name": "CVE-2024-26972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26972"
    },
    {
      "name": "CVE-2024-35817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35817"
    },
    {
      "name": "CVE-2024-26869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26869"
    },
    {
      "name": "CVE-2024-26932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26932"
    },
    {
      "name": "CVE-2024-26874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26874"
    },
    {
      "name": "CVE-2024-27390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
    },
    {
      "name": "CVE-2024-26838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
    },
    {
      "name": "CVE-2021-33631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
    },
    {
      "name": "CVE-2024-26752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26752"
    },
    {
      "name": "CVE-2024-26876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26876"
    },
    {
      "name": "CVE-2024-26875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26875"
    },
    {
      "name": "CVE-2024-26736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
    },
    {
      "name": "CVE-2024-27074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27074"
    },
    {
      "name": "CVE-2024-26967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26967"
    },
    {
      "name": "CVE-2023-52447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52447"
    },
    {
      "name": "CVE-2024-35794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35794"
    },
    {
      "name": "CVE-2023-52644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52644"
    },
    {
      "name": "CVE-2024-26894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26894"
    },
    {
      "name": "CVE-2024-26820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26820"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2024-35801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
    },
    {
      "name": "CVE-2024-27414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27414"
    },
    {
      "name": "CVE-2024-26777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26777"
    },
    {
      "name": "CVE-2024-26764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26764"
    },
    {
      "name": "CVE-2024-35826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35826"
    },
    {
      "name": "CVE-2024-26878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26878"
    },
    {
      "name": "CVE-2024-27067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27067"
    },
    {
      "name": "CVE-2024-26778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26778"
    },
    {
      "name": "CVE-2024-26657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26657"
    },
    {
      "name": "CVE-2024-27054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27054"
    },
    {
      "name": "CVE-2024-27045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27045"
    },
    {
      "name": "CVE-2024-26872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26872"
    },
    {
      "name": "CVE-2024-26944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26944"
    },
    {
      "name": "CVE-2024-27066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27066"
    },
    {
      "name": "CVE-2024-27075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27075"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-26945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26945"
    },
    {
      "name": "CVE-2024-35819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35819"
    },
    {
      "name": "CVE-2024-26863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26863"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2024-26655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26655"
    },
    {
      "name": "CVE-2024-26954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26954"
    },
    {
      "name": "CVE-2024-26860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26860"
    },
    {
      "name": "CVE-2024-26873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26873"
    },
    {
      "name": "CVE-2024-26813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2024-26798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26798"
    },
    {
      "name": "CVE-2024-26856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26856"
    },
    {
      "name": "CVE-2024-26925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26925"
    },
    {
      "name": "CVE-2024-26744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
    },
    {
      "name": "CVE-2024-26870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26870"
    },
    {
      "name": "CVE-2024-26930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930"
    },
    {
      "name": "CVE-2024-26893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26893"
    },
    {
      "name": "CVE-2024-26835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26835"
    },
    {
      "name": "CVE-2024-27080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27080"
    },
    {
      "name": "CVE-2024-26791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26791"
    },
    {
      "name": "CVE-2024-27415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27415"
    },
    {
      "name": "CVE-2024-26962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26962"
    },
    {
      "name": "CVE-2023-52641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52641"
    },
    {
      "name": "CVE-2024-27079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
    },
    {
      "name": "CVE-2024-26810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
    },
    {
      "name": "CVE-2024-27049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27049"
    },
    {
      "name": "CVE-2024-26772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26772"
    },
    {
      "name": "CVE-2022-48669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48669"
    },
    {
      "name": "CVE-2024-27405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27405"
    },
    {
      "name": "CVE-2024-26855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26855"
    },
    {
      "name": "CVE-2023-52648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-27432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27432"
    },
    {
      "name": "CVE-2024-26795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26795"
    },
    {
      "name": "CVE-2024-35843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35843"
    },
    {
      "name": "CVE-2023-52656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52656"
    },
    {
      "name": "CVE-2024-26864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26864"
    },
    {
      "name": "CVE-2024-26809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26809"
    },
    {
      "name": "CVE-2024-35800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35800"
    },
    {
      "name": "CVE-2024-26924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26924"
    },
    {
      "name": "CVE-2024-27433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27433"
    },
    {
      "name": "CVE-2024-26942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26942"
    },
    {
      "name": "CVE-2024-27031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
    },
    {
      "name": "CVE-2024-26788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26788"
    },
    {
      "name": "CVE-2023-52659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
    },
    {
      "name": "CVE-2023-52652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52652"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-24861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24861"
    },
    {
      "name": "CVE-2024-26890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26890"
    },
    {
      "name": "CVE-2024-26907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
    },
    {
      "name": "CVE-2024-27046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27046"
    },
    {
      "name": "CVE-2024-35811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35811"
    }
  ],
  "initial_release_date": "2024-07-05T00:00:00",
  "last_revision_date": "2024-07-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0546",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6866-2",
      "url": "https://ubuntu.com/security/notices/USN-6866-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6874-1",
      "url": "https://ubuntu.com/security/notices/USN-6874-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6871-1",
      "url": "https://ubuntu.com/security/notices/USN-6871-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6873-2",
      "url": "https://ubuntu.com/security/notices/USN-6873-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6873-1",
      "url": "https://ubuntu.com/security/notices/USN-6873-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6878-1",
      "url": "https://ubuntu.com/security/notices/USN-6878-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6872-1",
      "url": "https://ubuntu.com/security/notices/USN-6872-1"
    },
    {
      "published_at": "2024-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6868-1",
      "url": "https://ubuntu.com/security/notices/USN-6868-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6864-1",
      "url": "https://ubuntu.com/security/notices/USN-6864-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6875-1",
      "url": "https://ubuntu.com/security/notices/USN-6875-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6870-1",
      "url": "https://ubuntu.com/security/notices/USN-6870-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6870-2",
      "url": "https://ubuntu.com/security/notices/USN-6870-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6864-2",
      "url": "https://ubuntu.com/security/notices/USN-6864-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6872-2",
      "url": "https://ubuntu.com/security/notices/USN-6872-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6863-1",
      "url": "https://ubuntu.com/security/notices/USN-6863-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6869-1",
      "url": "https://ubuntu.com/security/notices/USN-6869-1"
    }
  ]
}

CVE-2024-27069

Vulnerability from fstec - Published: 17.03.2024

Title

Уязвимость функции ovl_verify_area() компонента fs/overlayfs/copy_up.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции ovl_verify_area() компонента fs/overlayfs/copy_up.c ядра операционной системы Linux связана с недостатком использования функции assert(). Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра»

Software Name

Debian GNU/Linux, Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369)

Software Version

11 (Debian GNU/Linux), 12 (Debian GNU/Linux), от 6.8 до 6.8.2 (Linux), 1.8 (Astra Linux Special Edition), до 6.9-rc1 (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27069-5b70@gregkh/ Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2024-27069 Для ОС Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18

Reference

https://git.kernel.org/linus/77a28aa476873048024ad56daf8f4f17d58ee48e https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27069-5b70@gregkh/ https://nvd.nist.gov/vuln/detail/CVE-2024-27069 https://security-tracker.debian.org/tracker/CVE-2024-27069 https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18

CWE

CWE-617

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "11 (Debian GNU/Linux), 12 (Debian GNU/Linux), \u043e\u0442 6.8 \u0434\u043e 6.8.2 (Linux), 1.8 (Astra Linux Special Edition), \u0434\u043e 6.9-rc1 (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27069-5b70@gregkh/\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2024-27069\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.03.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "07.07.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "07.07.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-08090",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-27069",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.8 \u0434\u043e 6.8.2 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u0434\u043e 6.9-rc1 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ovl_verify_area() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 fs/overlayfs/copy_up.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f assert() (CWE-617)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ovl_verify_area() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 fs/overlayfs/copy_up.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 assert(). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/linus/77a28aa476873048024ad56daf8f4f17d58ee48e\nhttps://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e\nhttps://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca\nhttps://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27069-5b70@gregkh/\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27069\nhttps://security-tracker.debian.org/tracker/CVE-2024-27069\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-617",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

GSD-2024-27069

Vulnerability from gsd - Updated: 2024-02-20 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-27069

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-27069"
      ],
      "id": "GSD-2024-27069",
      "modified": "2024-02-20T06:02:29.347225Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-27069",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

FKIE_CVE-2024-27069

Vulnerability from fkie_nvd - Published: 2024-05-01 13:15 - Updated: 2025-09-18 16:52

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca	Patch

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1",
              "versionEndExcluding": "6.8.2",
              "versionStartIncluding": "6.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: relax WARN_ON in ovl_verify_area()\n\nsyzbot hit an assertion in copy up data loop which looks like it is\nthe result of a lower file whose size is being changed underneath\noverlayfs.\n\nThis type of use case is documented to cause undefined behavior, so\nreturning EIO error for the copy up makes sense, but it should not be\ncausing a WARN_ON assertion."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ovl: relax WARN_ON en ovl_verify_area() syzbot alcanz\u00f3 una afirmaci\u00f3n en el bucle de copia de datos que parece ser el resultado de un archivo inferior cuyo tama\u00f1o se est\u00e1 cambiando debajo de overlayfs. Est\u00e1 documentado que este tipo de caso de uso causa un comportamiento indefinido, por lo que devolver un error EIO para la copia tiene sentido, pero no deber\u00eda causar una afirmaci\u00f3n WARN_ON."
    }
  ],
  "id": "CVE-2024-27069",
  "lastModified": "2025-09-18T16:52:04.713",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-01T13:15:50.987",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-8GPF-QJ7V-HP3F

Vulnerability from github – Published: 2024-05-01 15:30 – Updated: 2025-09-18 18:30

Details

In the Linux kernel, the following vulnerability has been resolved:

ovl: relax WARN_ON in ovl_verify_area()

syzbot hit an assertion in copy up data loop which looks like it is the result of a lower file whose size is being changed underneath overlayfs.

This type of use case is documented to cause undefined behavior, so returning EIO error for the copy up makes sense, but it should not be causing a WARN_ON assertion.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-27069"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-01T13:15:50Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: relax WARN_ON in ovl_verify_area()\n\nsyzbot hit an assertion in copy up data loop which looks like it is\nthe result of a lower file whose size is being changed underneath\noverlayfs.\n\nThis type of use case is documented to cause undefined behavior, so\nreturning EIO error for the copy up makes sense, but it should not be\ncausing a WARN_ON assertion.",
  "id": "GHSA-8gpf-qj7v-hp3f",
  "modified": "2025-09-18T18:30:21Z",
  "published": "2024-05-01T15:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27069"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-27069 (GCVE-0-2024-27069)

CERTFR-2024-AVI-0546

Solutions

CVE-2024-27069

GSD-2024-27069

FKIE_CVE-2024-27069

GHSA-8GPF-QJ7V-HP3F

Tags

Sightings

Nomenclature