Vulnerability-Lookup

CVE-2024-35874 (GCVE-0-2024-35874)

Vulnerability from cvelistv5 – Published: 2024-05-19 08:34 – Updated: 2025-05-04 09:07

Title

aio: Fix null ptr deref in aio_complete() wakeup

Summary

In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aio_complete() wakeup list_del_init_careful() needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finish_wait() would see the empty list head and skip taking the lock, and then we'd return - but the completion path would still attempt to do the wakeup after the task_struct pointer had been overwritten.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

CERTFR-2024-AVI-0546

Vulnerability from certfr_avis - Published: 2024-07-05 - Updated: 2024-07-05

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	N/A	Ubuntu 22.04 LTS
Ubuntu	N/A	Ubuntu 16.04 ESM
Ubuntu	N/A	Ubuntu 18.04 ESM
Ubuntu	N/A	Ubuntu 24.04 LTS
Ubuntu	N/A	Ubuntu 20.04 LTS
Ubuntu	N/A	Ubuntu 23.10

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6866-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6874-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6871-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6873-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6873-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6878-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6872-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6868-1	2024-07-03	vendor-advisory
Bulletin de sécurité Ubuntu USN-6864-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6875-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6870-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6870-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6864-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6872-2	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6863-1	2024-07-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-6869-1	2024-07-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-27024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27024"
    },
    {
      "name": "CVE-2024-26957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26957"
    },
    {
      "name": "CVE-2024-35797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35797"
    },
    {
      "name": "CVE-2024-27435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27435"
    },
    {
      "name": "CVE-2024-26601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26601"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2024-27391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27391"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2024-35810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
    },
    {
      "name": "CVE-2024-27051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27051"
    },
    {
      "name": "CVE-2024-26898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26898"
    },
    {
      "name": "CVE-2024-26654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26654"
    },
    {
      "name": "CVE-2024-26656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26656"
    },
    {
      "name": "CVE-2023-52663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
    },
    {
      "name": "CVE-2024-26816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26816"
    },
    {
      "name": "CVE-2024-27030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27030"
    },
    {
      "name": "CVE-2024-26896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
    },
    {
      "name": "CVE-2024-26897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
    },
    {
      "name": "CVE-2024-26866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26866"
    },
    {
      "name": "CVE-2024-26881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26881"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2024-27028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27028"
    },
    {
      "name": "CVE-2024-27052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
    },
    {
      "name": "CVE-2024-26950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26950"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2024-26961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
    },
    {
      "name": "CVE-2024-26754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26754"
    },
    {
      "name": "CVE-2024-26968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26968"
    },
    {
      "name": "CVE-2024-27078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27078"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-35828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35828"
    },
    {
      "name": "CVE-2023-52653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52653"
    },
    {
      "name": "CVE-2024-27063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27063"
    },
    {
      "name": "CVE-2024-26848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26848"
    },
    {
      "name": "CVE-2024-26883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26883"
    },
    {
      "name": "CVE-2024-27034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27034"
    },
    {
      "name": "CVE-2024-35805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35805"
    },
    {
      "name": "CVE-2024-27389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27389"
    },
    {
      "name": "CVE-2024-26790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
    },
    {
      "name": "CVE-2024-27392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27392"
    },
    {
      "name": "CVE-2024-27038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27038"
    },
    {
      "name": "CVE-2024-35799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35799"
    },
    {
      "name": "CVE-2024-35822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35822"
    },
    {
      "name": "CVE-2024-26977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26977"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-26953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
    },
    {
      "name": "CVE-2024-26750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26750"
    },
    {
      "name": "CVE-2024-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
    },
    {
      "name": "CVE-2024-26976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26976"
    },
    {
      "name": "CVE-2024-26964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
    },
    {
      "name": "CVE-2024-27437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27437"
    },
    {
      "name": "CVE-2024-26927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26927"
    },
    {
      "name": "CVE-2024-21823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
    },
    {
      "name": "CVE-2024-26959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26959"
    },
    {
      "name": "CVE-2023-52640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52640"
    },
    {
      "name": "CVE-2024-27403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27403"
    },
    {
      "name": "CVE-2024-27041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27041"
    },
    {
      "name": "CVE-2024-35844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35844"
    },
    {
      "name": "CVE-2024-26802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26802"
    },
    {
      "name": "CVE-2024-26970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26970"
    },
    {
      "name": "CVE-2024-26815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
    },
    {
      "name": "CVE-2024-26805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
    },
    {
      "name": "CVE-2024-26891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26891"
    },
    {
      "name": "CVE-2024-27069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27069"
    },
    {
      "name": "CVE-2024-27032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27032"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-26774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26774"
    },
    {
      "name": "CVE-2024-26879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26879"
    },
    {
      "name": "CVE-2024-26903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26903"
    },
    {
      "name": "CVE-2024-27033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27033"
    },
    {
      "name": "CVE-2024-26859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26859"
    },
    {
      "name": "CVE-2024-26887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26887"
    },
    {
      "name": "CVE-2024-26839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26839"
    },
    {
      "name": "CVE-2023-52649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
    },
    {
      "name": "CVE-2024-26857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26857"
    },
    {
      "name": "CVE-2024-26937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26937"
    },
    {
      "name": "CVE-2024-35814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
    },
    {
      "name": "CVE-2024-26946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26946"
    },
    {
      "name": "CVE-2024-35803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35803"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-27413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27413"
    },
    {
      "name": "CVE-2024-27042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
    },
    {
      "name": "CVE-2024-26801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
    },
    {
      "name": "CVE-2024-27043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27043"
    },
    {
      "name": "CVE-2023-7042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
    },
    {
      "name": "CVE-2024-26963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26963"
    },
    {
      "name": "CVE-2024-27071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27071"
    },
    {
      "name": "CVE-2024-27419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27419"
    },
    {
      "name": "CVE-2024-26643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
    },
    {
      "name": "CVE-2024-26779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
    },
    {
      "name": "CVE-2024-26940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26940"
    },
    {
      "name": "CVE-2024-26969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26969"
    },
    {
      "name": "CVE-2024-26880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26880"
    },
    {
      "name": "CVE-2023-52650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52650"
    },
    {
      "name": "CVE-2024-26773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26773"
    },
    {
      "name": "CVE-2024-35813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35813"
    },
    {
      "name": "CVE-2024-27434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-26931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26931"
    },
    {
      "name": "CVE-2024-26763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26763"
    },
    {
      "name": "CVE-2024-26895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26895"
    },
    {
      "name": "CVE-2024-26749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26749"
    },
    {
      "name": "CVE-2024-26951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26951"
    },
    {
      "name": "CVE-2024-27048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27048"
    },
    {
      "name": "CVE-2024-35845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
    },
    {
      "name": "CVE-2024-26938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26938"
    },
    {
      "name": "CVE-2024-27072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27072"
    },
    {
      "name": "CVE-2024-26949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26949"
    },
    {
      "name": "CVE-2024-26862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26862"
    },
    {
      "name": "CVE-2024-27068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27068"
    },
    {
      "name": "CVE-2024-26900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
    },
    {
      "name": "CVE-2024-35821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35821"
    },
    {
      "name": "CVE-2024-26965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26965"
    },
    {
      "name": "CVE-2024-35829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35829"
    },
    {
      "name": "CVE-2024-26885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26885"
    },
    {
      "name": "CVE-2024-35798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35798"
    },
    {
      "name": "CVE-2021-47063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47063"
    },
    {
      "name": "CVE-2024-26804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26804"
    },
    {
      "name": "CVE-2024-26751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26751"
    },
    {
      "name": "CVE-2024-26941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26941"
    },
    {
      "name": "CVE-2024-27065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
    },
    {
      "name": "CVE-2023-6270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
    },
    {
      "name": "CVE-2024-27388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27388"
    },
    {
      "name": "CVE-2024-27047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27047"
    },
    {
      "name": "CVE-2024-26743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
    },
    {
      "name": "CVE-2024-35808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35808"
    },
    {
      "name": "CVE-2024-26948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26948"
    },
    {
      "name": "CVE-2024-35795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
    },
    {
      "name": "CVE-2024-27050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27050"
    },
    {
      "name": "CVE-2024-26929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26929"
    },
    {
      "name": "CVE-2024-26787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26787"
    },
    {
      "name": "CVE-2024-26943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26943"
    },
    {
      "name": "CVE-2024-27035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27035"
    },
    {
      "name": "CVE-2024-26814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26814"
    },
    {
      "name": "CVE-2024-35901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
    },
    {
      "name": "CVE-2024-27412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27412"
    },
    {
      "name": "CVE-2024-26935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26935"
    },
    {
      "name": "CVE-2024-26978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26978"
    },
    {
      "name": "CVE-2024-26865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26865"
    },
    {
      "name": "CVE-2024-26846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26846"
    },
    {
      "name": "CVE-2024-27053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27053"
    },
    {
      "name": "CVE-2024-27040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27040"
    },
    {
      "name": "CVE-2024-27026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
    },
    {
      "name": "CVE-2024-27077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27077"
    },
    {
      "name": "CVE-2024-35809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35809"
    },
    {
      "name": "CVE-2024-35827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
    },
    {
      "name": "CVE-2024-26748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26748"
    },
    {
      "name": "CVE-2024-27070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27070"
    },
    {
      "name": "CVE-2024-27037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27037"
    },
    {
      "name": "CVE-2024-26782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26782"
    },
    {
      "name": "CVE-2024-26833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26833"
    },
    {
      "name": "CVE-2023-52647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52647"
    },
    {
      "name": "CVE-2024-35793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35793"
    },
    {
      "name": "CVE-2024-26877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26877"
    },
    {
      "name": "CVE-2024-27064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27064"
    },
    {
      "name": "CVE-2023-52645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52645"
    },
    {
      "name": "CVE-2024-35806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35806"
    },
    {
      "name": "CVE-2024-26792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26792"
    },
    {
      "name": "CVE-2024-26915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26915"
    },
    {
      "name": "CVE-2024-26803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
    },
    {
      "name": "CVE-2024-26947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26947"
    },
    {
      "name": "CVE-2024-27073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27073"
    },
    {
      "name": "CVE-2024-26583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2024-27431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27431"
    },
    {
      "name": "CVE-2024-26922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26922"
    },
    {
      "name": "CVE-2024-26733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
    },
    {
      "name": "CVE-2024-27027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
    },
    {
      "name": "CVE-2024-26851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26851"
    },
    {
      "name": "CVE-2024-26812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26812"
    },
    {
      "name": "CVE-2024-26688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26688"
    },
    {
      "name": "CVE-2024-35831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
    },
    {
      "name": "CVE-2024-26955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26955"
    },
    {
      "name": "CVE-2024-26888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26888"
    },
    {
      "name": "CVE-2024-26861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26861"
    },
    {
      "name": "CVE-2024-26906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26906"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-26889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26889"
    },
    {
      "name": "CVE-2024-26584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
    },
    {
      "name": "CVE-2024-27076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27076"
    },
    {
      "name": "CVE-2024-35830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35830"
    },
    {
      "name": "CVE-2023-52662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
    },
    {
      "name": "CVE-2024-27417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
    },
    {
      "name": "CVE-2024-27029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27029"
    },
    {
      "name": "CVE-2024-35796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35796"
    },
    {
      "name": "CVE-2024-26952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26952"
    },
    {
      "name": "CVE-2024-27058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27058"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2024-26651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26651"
    },
    {
      "name": "CVE-2024-26871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26871"
    },
    {
      "name": "CVE-2024-26958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26958"
    },
    {
      "name": "CVE-2024-27436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27436"
    },
    {
      "name": "CVE-2024-26956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26956"
    },
    {
      "name": "CVE-2024-26776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26776"
    },
    {
      "name": "CVE-2024-26892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
    },
    {
      "name": "CVE-2023-52497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
    },
    {
      "name": "CVE-2024-35787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
    },
    {
      "name": "CVE-2024-26939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26939"
    },
    {
      "name": "CVE-2024-26960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26960"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2023-47233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47233"
    },
    {
      "name": "CVE-2024-26882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26882"
    },
    {
      "name": "CVE-2023-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
    },
    {
      "name": "CVE-2024-26975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
    },
    {
      "name": "CVE-2024-26653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26653"
    },
    {
      "name": "CVE-2024-27036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27036"
    },
    {
      "name": "CVE-2024-26884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26884"
    },
    {
      "name": "CVE-2024-26771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26771"
    },
    {
      "name": "CVE-2022-38096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
    },
    {
      "name": "CVE-2024-26769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26769"
    },
    {
      "name": "CVE-2024-26737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26737"
    },
    {
      "name": "CVE-2024-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26868"
    },
    {
      "name": "CVE-2023-52661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
    },
    {
      "name": "CVE-2024-26899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
    },
    {
      "name": "CVE-2024-26966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26966"
    },
    {
      "name": "CVE-2024-22099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
    },
    {
      "name": "CVE-2024-27044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27044"
    },
    {
      "name": "CVE-2024-35874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35874"
    },
    {
      "name": "CVE-2024-27039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
    },
    {
      "name": "CVE-2024-27416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27416"
    },
    {
      "name": "CVE-2024-26747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26747"
    },
    {
      "name": "CVE-2024-26843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26843"
    },
    {
      "name": "CVE-2024-26971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26971"
    },
    {
      "name": "CVE-2023-52620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2024-26933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
    },
    {
      "name": "CVE-2024-26793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26793"
    },
    {
      "name": "CVE-2024-26972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26972"
    },
    {
      "name": "CVE-2024-35817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35817"
    },
    {
      "name": "CVE-2024-26869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26869"
    },
    {
      "name": "CVE-2024-26932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26932"
    },
    {
      "name": "CVE-2024-26874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26874"
    },
    {
      "name": "CVE-2024-27390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
    },
    {
      "name": "CVE-2024-26838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
    },
    {
      "name": "CVE-2021-33631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
    },
    {
      "name": "CVE-2024-26752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26752"
    },
    {
      "name": "CVE-2024-26876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26876"
    },
    {
      "name": "CVE-2024-26875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26875"
    },
    {
      "name": "CVE-2024-26736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
    },
    {
      "name": "CVE-2024-27074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27074"
    },
    {
      "name": "CVE-2024-26967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26967"
    },
    {
      "name": "CVE-2023-52447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52447"
    },
    {
      "name": "CVE-2024-35794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35794"
    },
    {
      "name": "CVE-2023-52644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52644"
    },
    {
      "name": "CVE-2024-26894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26894"
    },
    {
      "name": "CVE-2024-26820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26820"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2024-35801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
    },
    {
      "name": "CVE-2024-27414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27414"
    },
    {
      "name": "CVE-2024-26777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26777"
    },
    {
      "name": "CVE-2024-26764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26764"
    },
    {
      "name": "CVE-2024-35826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35826"
    },
    {
      "name": "CVE-2024-26878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26878"
    },
    {
      "name": "CVE-2024-27067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27067"
    },
    {
      "name": "CVE-2024-26778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26778"
    },
    {
      "name": "CVE-2024-26657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26657"
    },
    {
      "name": "CVE-2024-27054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27054"
    },
    {
      "name": "CVE-2024-27045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27045"
    },
    {
      "name": "CVE-2024-26872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26872"
    },
    {
      "name": "CVE-2024-26944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26944"
    },
    {
      "name": "CVE-2024-27066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27066"
    },
    {
      "name": "CVE-2024-27075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27075"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-26945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26945"
    },
    {
      "name": "CVE-2024-35819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35819"
    },
    {
      "name": "CVE-2024-26863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26863"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2024-26655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26655"
    },
    {
      "name": "CVE-2024-26954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26954"
    },
    {
      "name": "CVE-2024-26860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26860"
    },
    {
      "name": "CVE-2024-26873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26873"
    },
    {
      "name": "CVE-2024-26813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2024-26798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26798"
    },
    {
      "name": "CVE-2024-26856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26856"
    },
    {
      "name": "CVE-2024-26925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26925"
    },
    {
      "name": "CVE-2024-26744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
    },
    {
      "name": "CVE-2024-26870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26870"
    },
    {
      "name": "CVE-2024-26930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930"
    },
    {
      "name": "CVE-2024-26893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26893"
    },
    {
      "name": "CVE-2024-26835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26835"
    },
    {
      "name": "CVE-2024-27080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27080"
    },
    {
      "name": "CVE-2024-26791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26791"
    },
    {
      "name": "CVE-2024-27415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27415"
    },
    {
      "name": "CVE-2024-26962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26962"
    },
    {
      "name": "CVE-2023-52641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52641"
    },
    {
      "name": "CVE-2024-27079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
    },
    {
      "name": "CVE-2024-26810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
    },
    {
      "name": "CVE-2024-27049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27049"
    },
    {
      "name": "CVE-2024-26772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26772"
    },
    {
      "name": "CVE-2022-48669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48669"
    },
    {
      "name": "CVE-2024-27405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27405"
    },
    {
      "name": "CVE-2024-26855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26855"
    },
    {
      "name": "CVE-2023-52648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-27432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27432"
    },
    {
      "name": "CVE-2024-26795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26795"
    },
    {
      "name": "CVE-2024-35843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35843"
    },
    {
      "name": "CVE-2023-52656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52656"
    },
    {
      "name": "CVE-2024-26864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26864"
    },
    {
      "name": "CVE-2024-26809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26809"
    },
    {
      "name": "CVE-2024-35800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35800"
    },
    {
      "name": "CVE-2024-26924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26924"
    },
    {
      "name": "CVE-2024-27433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27433"
    },
    {
      "name": "CVE-2024-26942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26942"
    },
    {
      "name": "CVE-2024-27031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
    },
    {
      "name": "CVE-2024-26788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26788"
    },
    {
      "name": "CVE-2023-52659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
    },
    {
      "name": "CVE-2023-52652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52652"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-24861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24861"
    },
    {
      "name": "CVE-2024-26890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26890"
    },
    {
      "name": "CVE-2024-26907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
    },
    {
      "name": "CVE-2024-27046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27046"
    },
    {
      "name": "CVE-2024-35811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35811"
    }
  ],
  "initial_release_date": "2024-07-05T00:00:00",
  "last_revision_date": "2024-07-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0546",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6866-2",
      "url": "https://ubuntu.com/security/notices/USN-6866-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6874-1",
      "url": "https://ubuntu.com/security/notices/USN-6874-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6871-1",
      "url": "https://ubuntu.com/security/notices/USN-6871-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6873-2",
      "url": "https://ubuntu.com/security/notices/USN-6873-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6873-1",
      "url": "https://ubuntu.com/security/notices/USN-6873-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6878-1",
      "url": "https://ubuntu.com/security/notices/USN-6878-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6872-1",
      "url": "https://ubuntu.com/security/notices/USN-6872-1"
    },
    {
      "published_at": "2024-07-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6868-1",
      "url": "https://ubuntu.com/security/notices/USN-6868-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6864-1",
      "url": "https://ubuntu.com/security/notices/USN-6864-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6875-1",
      "url": "https://ubuntu.com/security/notices/USN-6875-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6870-1",
      "url": "https://ubuntu.com/security/notices/USN-6870-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6870-2",
      "url": "https://ubuntu.com/security/notices/USN-6870-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6864-2",
      "url": "https://ubuntu.com/security/notices/USN-6864-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6872-2",
      "url": "https://ubuntu.com/security/notices/USN-6872-2"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6863-1",
      "url": "https://ubuntu.com/security/notices/USN-6863-1"
    },
    {
      "published_at": "2024-07-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6869-1",
      "url": "https://ubuntu.com/security/notices/USN-6869-1"
    }
  ]
}

GHSA-MCF7-H35P-C29H

Vulnerability from github – Published: 2024-05-19 09:34 – Updated: 2024-12-30 18:30

Details

In the Linux kernel, the following vulnerability has been resolved:

aio: Fix null ptr deref in aio_complete() wakeup

list_del_init_careful() needs to be the last access to the wait queue entry - it effectively unlocks access.

Previously, finish_wait() would see the empty list head and skip taking the lock, and then we'd return - but the completion path would still attempt to do the wakeup after the task_struct pointer had been overwritten.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-35874"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-19T09:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: Fix null ptr deref in aio_complete() wakeup\n\nlist_del_init_careful() needs to be the last access to the wait queue\nentry - it effectively unlocks access.\n\nPreviously, finish_wait() would see the empty list head and skip taking\nthe lock, and then we\u0027d return - but the completion path would still\nattempt to do the wakeup after the task_struct pointer had been\noverwritten.",
  "id": "GHSA-mcf7-h35p-c29h",
  "modified": "2024-12-30T18:30:41Z",
  "published": "2024-05-19T09:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35874"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-35874

Vulnerability from fkie_nvd - Published: 2024-05-19 09:15 - Updated: 2024-12-30 17:37

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	6.9
linux	linux_kernel	6.9

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7733C2C9-77AB-41F9-BE33-99FF60A64DBB",
              "versionEndExcluding": "6.8.5",
              "versionStartIncluding": "6.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: Fix null ptr deref in aio_complete() wakeup\n\nlist_del_init_careful() needs to be the last access to the wait queue\nentry - it effectively unlocks access.\n\nPreviously, finish_wait() would see the empty list head and skip taking\nthe lock, and then we\u0027d return - but the completion path would still\nattempt to do the wakeup after the task_struct pointer had been\noverwritten."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: aio: corrige el ptr deref null en aio_complete() wakeup list_del_init_careful() debe ser el \u00faltimo acceso a la entrada de la cola de espera; efectivamente desbloquea el acceso. Anteriormente, Finish_wait() ve\u00eda el encabezado de la lista vac\u00eda y omit\u00eda tomar el bloqueo, y luego regresabamos, pero la ruta de finalizaci\u00f3n a\u00fan intentar\u00eda realizar la reactivaci\u00f3n despu\u00e9s de que se hubiera sobrescrito el puntero task_struct."
    }
  ],
  "id": "CVE-2024-35874",
  "lastModified": "2024-12-30T17:37:18.307",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-19T09:15:08.767",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2024-35874

Vulnerability from fstec - Published: 31.03.2024

Title

Уязвимость функции aio_complete() модуля fs/aio.c файловой системы ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции aio_complete() модуля fs/aio.c файловой системы ядра операционной системы Linux связана с разыменованием указателей. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения

Software Name

Linux

Software Version

от 6.8 до 6.8.4 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2024051942-CVE-2024-35874-c494@gregkh/ https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da https://git.kernel.org/linus/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.5

Reference

https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da https://www.cve.org/CVERecord?id=CVE-2024-35874 https://lore.kernel.org/linux-cve-announce/2024051942-CVE-2024-35874-c494@gregkh/ https://git.kernel.org/linus/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd https://ubuntu.com/security/notices/USN-6816-1 https://ubuntu.com/security/notices/USN-6817-1 https://ubuntu.com/security/notices/USN-6817-2 https://ubuntu.com/security/notices/USN-6817-3 https://ubuntu.com/security/notices/USN-6878-1 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.5

CWE

CWE-476

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 6.8 \u0434\u043e 6.8.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2024051942-CVE-2024-35874-c494@gregkh/\nhttps://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da\nhttps://git.kernel.org/linus/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.5",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "31.03.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.03.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.03.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-03080",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-35874",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.8 \u0434\u043e 6.8.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 aio_complete() \u043c\u043e\u0434\u0443\u043b\u044f fs/aio.c \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 aio_complete() \u043c\u043e\u0434\u0443\u043b\u044f fs/aio.c \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da\nhttps://www.cve.org/CVERecord?id=CVE-2024-35874\nhttps://lore.kernel.org/linux-cve-announce/2024051942-CVE-2024-35874-c494@gregkh/\nhttps://git.kernel.org/linus/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd\nhttps://ubuntu.com/security/notices/USN-6816-1\nhttps://ubuntu.com/security/notices/USN-6817-1\nhttps://ubuntu.com/security/notices/USN-6817-2\nhttps://ubuntu.com/security/notices/USN-6817-3\nhttps://ubuntu.com/security/notices/USN-6878-1\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.5",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-35874 (GCVE-0-2024-35874)

CERTFR-2024-AVI-0546

Solutions

GHSA-MCF7-H35P-C29H

FKIE_CVE-2024-35874

CVE-2024-35874

Tags

Sightings

Nomenclature