Vulnerability-Lookup

CVE-2024-35994 (GCVE-0-2024-35994)

Vulnerability from cvelistv5 – Published: 2024-05-20 09:47 – Updated: 2025-05-04 09:10

Title

firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

Summary

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APP_SEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory region. Failure to adhere to this has (so far) resulted in either no response being written to the response buffer (causing an EIO to be emitted down the line), the SCM call to fail with EINVAL (i.e., directly from TZ/firmware), or the device to be hard-reset. While this issue can be triggered deterministically, in the current form it seems to happen rather sporadically (which is why it has gone unnoticed during earlier testing). This is likely due to the two kzalloc() calls (for request and response) being directly after each other. Which means that those likely return consecutive regions most of the time, especially when not much else is going on in the system. Fix this by allocating a single memory region for both request and response buffers, properly aligning both structs inside it. This unfortunately also means that the qcom_scm_qseecom_app_send() interface needs to be restructured, as it should no longer map the DMA regions separately. Therefore, move the responsibility of DMA allocation (or mapping) to the caller.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/dd22b34fb53cb04b1…
	https://git.kernel.org/stable/c/ed09f81eeaa8f9265…

Impacted products

Vendor

Product

Version

Linux

Affected: 759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9 , < dd22b34fb53cb04b13b2f5eee5c9200bb091fc88 (git)
Affected: 759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9 , < ed09f81eeaa8f9265e1787282cb283f10285c259 (git)

Linux

Affected: 6.7
Unaffected: 0 , < 6.7 (semver)
Unaffected: 6.8.9 , ≤ 6.8.* (semver)
Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35994",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-20T14:05:44.255812Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:33:52.169Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:30:11.569Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/firmware/qcom/qcom_qseecom_uefisecapp.c",
            "drivers/firmware/qcom/qcom_scm.c",
            "include/linux/firmware/qcom/qcom_qseecom.h",
            "include/linux/firmware/qcom/qcom_scm.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dd22b34fb53cb04b13b2f5eee5c9200bb091fc88",
              "status": "affected",
              "version": "759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9",
              "versionType": "git"
            },
            {
              "lessThan": "ed09f81eeaa8f9265e1787282cb283f10285c259",
              "status": "affected",
              "version": "759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/firmware/qcom/qcom_qseecom_uefisecapp.c",
            "drivers/firmware/qcom/qcom_scm.c",
            "include/linux/firmware/qcom/qcom_qseecom.h",
            "include/linux/firmware/qcom/qcom_scm.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.9",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: uefisecapp: Fix memory related IO errors and crashes\n\nIt turns out that while the QSEECOM APP_SEND command has specific fields\nfor request and response buffers, uefisecapp expects them both to be in\na single memory region. Failure to adhere to this has (so far) resulted\nin either no response being written to the response buffer (causing an\nEIO to be emitted down the line), the SCM call to fail with EINVAL\n(i.e., directly from TZ/firmware), or the device to be hard-reset.\n\nWhile this issue can be triggered deterministically, in the current form\nit seems to happen rather sporadically (which is why it has gone\nunnoticed during earlier testing). This is likely due to the two\nkzalloc() calls (for request and response) being directly after each\nother. Which means that those likely return consecutive regions most of\nthe time, especially when not much else is going on in the system.\n\nFix this by allocating a single memory region for both request and\nresponse buffers, properly aligning both structs inside it. This\nunfortunately also means that the qcom_scm_qseecom_app_send() interface\nneeds to be restructured, as it should no longer map the DMA regions\nseparately. Therefore, move the responsibility of DMA allocation (or\nmapping) to the caller."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:10:07.514Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88"
        },
        {
          "url": "https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259"
        }
      ],
      "title": "firmware: qcom: uefisecapp: Fix memory related IO errors and crashes",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35994",
    "datePublished": "2024-05-20T09:47:58.396Z",
    "dateReserved": "2024-05-17T13:50:33.147Z",
    "dateUpdated": "2025-05-04T09:10:07.514Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T03:30:11.569Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-35994\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-20T14:05:44.255812Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:24.744Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"firmware: qcom: uefisecapp: Fix memory related IO errors and crashes\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9\", \"lessThan\": \"dd22b34fb53cb04b13b2f5eee5c9200bb091fc88\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9\", \"lessThan\": \"ed09f81eeaa8f9265e1787282cb283f10285c259\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/firmware/qcom/qcom_qseecom_uefisecapp.c\", \"drivers/firmware/qcom/qcom_scm.c\", \"include/linux/firmware/qcom/qcom_qseecom.h\", \"include/linux/firmware/qcom/qcom_scm.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.7\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.8.9\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.8.*\"}, {\"status\": \"unaffected\", \"version\": \"6.9\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/firmware/qcom/qcom_qseecom_uefisecapp.c\", \"drivers/firmware/qcom/qcom_scm.c\", \"include/linux/firmware/qcom/qcom_qseecom.h\", \"include/linux/firmware/qcom/qcom_scm.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88\"}, {\"url\": \"https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nfirmware: qcom: uefisecapp: Fix memory related IO errors and crashes\\n\\nIt turns out that while the QSEECOM APP_SEND command has specific fields\\nfor request and response buffers, uefisecapp expects them both to be in\\na single memory region. Failure to adhere to this has (so far) resulted\\nin either no response being written to the response buffer (causing an\\nEIO to be emitted down the line), the SCM call to fail with EINVAL\\n(i.e., directly from TZ/firmware), or the device to be hard-reset.\\n\\nWhile this issue can be triggered deterministically, in the current form\\nit seems to happen rather sporadically (which is why it has gone\\nunnoticed during earlier testing). This is likely due to the two\\nkzalloc() calls (for request and response) being directly after each\\nother. Which means that those likely return consecutive regions most of\\nthe time, especially when not much else is going on in the system.\\n\\nFix this by allocating a single memory region for both request and\\nresponse buffers, properly aligning both structs inside it. This\\nunfortunately also means that the qcom_scm_qseecom_app_send() interface\\nneeds to be restructured, as it should no longer map the DMA regions\\nseparately. Therefore, move the responsibility of DMA allocation (or\\nmapping) to the caller.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8.9\", \"versionStartIncluding\": \"6.7\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.9\", \"versionStartIncluding\": \"6.7\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:10:07.514Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-35994\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T09:10:07.514Z\", \"dateReserved\": \"2024-05-17T13:50:33.147Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-20T09:47:58.396Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2024-35994

Vulnerability from fkie_nvd - Published: 2024-05-20 10:15 - Updated: 2025-09-23 18:07

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	6.9
linux	linux_kernel	6.9
linux	linux_kernel	6.9
linux	linux_kernel	6.9
linux	linux_kernel	6.9

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612",
              "versionEndExcluding": "6.8.9",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: uefisecapp: Fix memory related IO errors and crashes\n\nIt turns out that while the QSEECOM APP_SEND command has specific fields\nfor request and response buffers, uefisecapp expects them both to be in\na single memory region. Failure to adhere to this has (so far) resulted\nin either no response being written to the response buffer (causing an\nEIO to be emitted down the line), the SCM call to fail with EINVAL\n(i.e., directly from TZ/firmware), or the device to be hard-reset.\n\nWhile this issue can be triggered deterministically, in the current form\nit seems to happen rather sporadically (which is why it has gone\nunnoticed during earlier testing). This is likely due to the two\nkzalloc() calls (for request and response) being directly after each\nother. Which means that those likely return consecutive regions most of\nthe time, especially when not much else is going on in the system.\n\nFix this by allocating a single memory region for both request and\nresponse buffers, properly aligning both structs inside it. This\nunfortunately also means that the qcom_scm_qseecom_app_send() interface\nneeds to be restructured, as it should no longer map the DMA regions\nseparately. Therefore, move the responsibility of DMA allocation (or\nmapping) to the caller."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: qcom: uefisecapp: corrige errores y bloqueos de E/S relacionados con la memoria. Resulta que, si bien el comando QSEECOM APP_SEND tiene campos espec\u00edficos para los buffers de solicitud y respuesta, uefisecapp espera que ambos est\u00e9n en una \u00fanica regi\u00f3n de memoria. El incumplimiento de esto ha dado como resultado (hasta ahora) que no se escriba ninguna respuesta en el b\u00fafer de respuesta (lo que provoca que se emita un EIO en el futuro), que la llamada SCM falle con EINVAL (es decir, directamente desde TZ/firmware), o el dispositivo para ser reiniciado. Si bien este problema puede desencadenarse de manera determinista, en la forma actual parece ocurrir de manera bastante espor\u00e1dica (raz\u00f3n por la cual pas\u00f3 desapercibido durante las pruebas anteriores). Es probable que esto se deba a que las dos llamadas a kzalloc() (para solicitud y respuesta) est\u00e1n directamente una detr\u00e1s de la otra. Lo que significa que es probable que regresen a regiones consecutivas la mayor parte del tiempo, especialmente cuando no sucede mucho m\u00e1s en el sistema. Solucione este problema asignando una \u00fanica regi\u00f3n de memoria para los b\u00faferes de solicitud y respuesta, alineando adecuadamente ambas estructuras dentro de ella. Lamentablemente, esto tambi\u00e9n significa que la interfaz qcom_scm_qseecom_app_send() debe reestructurarse, ya que ya no deber\u00eda asignar las regiones DMA por separado. Por lo tanto, traslade la responsabilidad de la asignaci\u00f3n (o mapeo) de DMA a la persona que llama."
    }
  ],
  "id": "CVE-2024-35994",
  "lastModified": "2025-09-23T18:07:18.640",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-20T10:15:13.530",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-5JJ7-RMFX-38VV

Vulnerability from github – Published: 2024-05-20 12:30 – Updated: 2025-09-23 18:30

Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

It turns out that while the QSEECOM APP_SEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory region. Failure to adhere to this has (so far) resulted in either no response being written to the response buffer (causing an EIO to be emitted down the line), the SCM call to fail with EINVAL (i.e., directly from TZ/firmware), or the device to be hard-reset.

While this issue can be triggered deterministically, in the current form it seems to happen rather sporadically (which is why it has gone unnoticed during earlier testing). This is likely due to the two kzalloc() calls (for request and response) being directly after each other. Which means that those likely return consecutive regions most of the time, especially when not much else is going on in the system.

Fix this by allocating a single memory region for both request and response buffers, properly aligning both structs inside it. This unfortunately also means that the qcom_scm_qseecom_app_send() interface needs to be restructured, as it should no longer map the DMA regions separately. Therefore, move the responsibility of DMA allocation (or mapping) to the caller.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-35994"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-20T10:15:13Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: uefisecapp: Fix memory related IO errors and crashes\n\nIt turns out that while the QSEECOM APP_SEND command has specific fields\nfor request and response buffers, uefisecapp expects them both to be in\na single memory region. Failure to adhere to this has (so far) resulted\nin either no response being written to the response buffer (causing an\nEIO to be emitted down the line), the SCM call to fail with EINVAL\n(i.e., directly from TZ/firmware), or the device to be hard-reset.\n\nWhile this issue can be triggered deterministically, in the current form\nit seems to happen rather sporadically (which is why it has gone\nunnoticed during earlier testing). This is likely due to the two\nkzalloc() calls (for request and response) being directly after each\nother. Which means that those likely return consecutive regions most of\nthe time, especially when not much else is going on in the system.\n\nFix this by allocating a single memory region for both request and\nresponse buffers, properly aligning both structs inside it. This\nunfortunately also means that the qcom_scm_qseecom_app_send() interface\nneeds to be restructured, as it should no longer map the DMA regions\nseparately. Therefore, move the responsibility of DMA allocation (or\nmapping) to the caller.",
  "id": "GHSA-5jj7-rmfx-38vv",
  "modified": "2025-09-23T18:30:19Z",
  "published": "2024-05-20T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35994"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2024-AVI-0694

Vulnerability from certfr_avis - Published: 2024-08-16 - Updated: 2024-08-16

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6926-3	2024-08-09	vendor-advisory
Bulletin de sécurité Ubuntu USN-6950-2	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6955-1	2024-08-12	vendor-advisory
Bulletin de sécurité Ubuntu USN-6949-2	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6956-1	2024-08-12	vendor-advisory
Bulletin de sécurité Ubuntu USN-6957-1	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6950-3	2024-08-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-6951-2	2024-08-14	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-36903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
    },
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2024-36965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2023-52436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52436"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2024-36889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
    },
    {
      "name": "CVE-2024-36963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36963"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
    },
    {
      "name": "CVE-2024-37353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37353"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-36957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36957"
    },
    {
      "name": "CVE-2024-36921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
    },
    {
      "name": "CVE-2024-36939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36939"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2024-36909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36909"
    },
    {
      "name": "CVE-2024-35991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
    },
    {
      "name": "CVE-2024-35996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35996"
    },
    {
      "name": "CVE-2024-35949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35949"
    },
    {
      "name": "CVE-2024-35850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35850"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-35859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35859"
    },
    {
      "name": "CVE-2024-36900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36900"
    },
    {
      "name": "CVE-2024-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
    },
    {
      "name": "CVE-2024-36001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36001"
    },
    {
      "name": "CVE-2024-36931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36931"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2024-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
    },
    {
      "name": "CVE-2024-36936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
    },
    {
      "name": "CVE-2024-36895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36895"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2024-38539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38539"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
    },
    {
      "name": "CVE-2024-35854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35854"
    },
    {
      "name": "CVE-2024-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2024-38594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38594"
    },
    {
      "name": "CVE-2024-37356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-36912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36912"
    },
    {
      "name": "CVE-2024-36886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
    },
    {
      "name": "CVE-2024-35849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35849"
    },
    {
      "name": "CVE-2024-27400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27400"
    },
    {
      "name": "CVE-2024-36959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36959"
    },
    {
      "name": "CVE-2024-38595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38595"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-36892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36892"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2024-38596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
    },
    {
      "name": "CVE-2024-36929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
    },
    {
      "name": "CVE-2024-36883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
    },
    {
      "name": "CVE-2024-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
    },
    {
      "name": "CVE-2024-27395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27395"
    },
    {
      "name": "CVE-2024-39480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39480"
    },
    {
      "name": "CVE-2024-36004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
    },
    {
      "name": "CVE-2024-36944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36944"
    },
    {
      "name": "CVE-2024-39488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39488"
    },
    {
      "name": "CVE-2024-36897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36897"
    },
    {
      "name": "CVE-2024-36881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36881"
    },
    {
      "name": "CVE-2024-36031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36031"
    },
    {
      "name": "CVE-2024-26857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26857"
    },
    {
      "name": "CVE-2024-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38556"
    },
    {
      "name": "CVE-2024-36946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36946"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2024-36937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
    },
    {
      "name": "CVE-2023-52585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52585"
    },
    {
      "name": "CVE-2024-36911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36911"
    },
    {
      "name": "CVE-2024-38600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
    },
    {
      "name": "CVE-2024-35855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35855"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-38617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38617"
    },
    {
      "name": "CVE-2024-27398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27398"
    },
    {
      "name": "CVE-2024-36926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
    },
    {
      "name": "CVE-2024-36975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
    },
    {
      "name": "CVE-2024-38574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38574"
    },
    {
      "name": "CVE-2024-36913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36913"
    },
    {
      "name": "CVE-2024-36007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36007"
    },
    {
      "name": "CVE-2024-36918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2024-36033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36033"
    },
    {
      "name": "CVE-2024-36952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
    },
    {
      "name": "CVE-2024-36887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36887"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-38586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
    },
    {
      "name": "CVE-2024-38554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38554"
    },
    {
      "name": "CVE-2024-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38616"
    },
    {
      "name": "CVE-2024-24859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
    },
    {
      "name": "CVE-2024-38572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38572"
    },
    {
      "name": "CVE-2024-38606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
    },
    {
      "name": "CVE-2024-36898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36898"
    },
    {
      "name": "CVE-2024-38592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38592"
    },
    {
      "name": "CVE-2024-35852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2024-36966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36966"
    },
    {
      "name": "CVE-2024-36928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36928"
    },
    {
      "name": "CVE-2024-38558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
    },
    {
      "name": "CVE-2024-38613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38613"
    },
    {
      "name": "CVE-2024-35858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35858"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-27401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27401"
    },
    {
      "name": "CVE-2024-36962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
    },
    {
      "name": "CVE-2024-35999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35999"
    },
    {
      "name": "CVE-2024-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38557"
    },
    {
      "name": "CVE-2024-36286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
    },
    {
      "name": "CVE-2024-27396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27396"
    },
    {
      "name": "CVE-2024-36906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
    },
    {
      "name": "CVE-2024-26900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
    },
    {
      "name": "CVE-2024-27017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
    },
    {
      "name": "CVE-2024-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
    },
    {
      "name": "CVE-2024-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38571"
    },
    {
      "name": "CVE-2024-35984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35984"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36948"
    },
    {
      "name": "CVE-2024-36905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36905"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2024-38612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38612"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2024-36951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36951"
    },
    {
      "name": "CVE-2024-36011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
    },
    {
      "name": "CVE-2024-39467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39467"
    },
    {
      "name": "CVE-2024-24858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-36270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2024-35988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35988"
    },
    {
      "name": "CVE-2024-36956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
    },
    {
      "name": "CVE-2024-36955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36955"
    },
    {
      "name": "CVE-2024-27394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27394"
    },
    {
      "name": "CVE-2024-33621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
    },
    {
      "name": "CVE-2024-35994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35994"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2024-38593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38593"
    },
    {
      "name": "CVE-2024-36927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
    },
    {
      "name": "CVE-2024-35993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35993"
    },
    {
      "name": "CVE-2024-39475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
    },
    {
      "name": "CVE-2024-36922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
    },
    {
      "name": "CVE-2024-36882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
    },
    {
      "name": "CVE-2024-36003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36003"
    },
    {
      "name": "CVE-2024-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38568"
    },
    {
      "name": "CVE-2024-36891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
    },
    {
      "name": "CVE-2024-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
    },
    {
      "name": "CVE-2024-35847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35847"
    },
    {
      "name": "CVE-2024-36977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
    },
    {
      "name": "CVE-2022-48674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48674"
    },
    {
      "name": "CVE-2024-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38610"
    },
    {
      "name": "CVE-2024-35978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35978"
    },
    {
      "name": "CVE-2024-39489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39489"
    },
    {
      "name": "CVE-2024-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
    },
    {
      "name": "CVE-2024-31076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
    },
    {
      "name": "CVE-2024-36901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36901"
    },
    {
      "name": "CVE-2024-27013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27013"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2024-35846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35846"
    },
    {
      "name": "CVE-2024-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
    },
    {
      "name": "CVE-2024-38585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38585"
    },
    {
      "name": "CVE-2024-24857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
    },
    {
      "name": "CVE-2023-52882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
    },
    {
      "name": "CVE-2024-36930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-35983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
    },
    {
      "name": "CVE-2024-38633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
    },
    {
      "name": "CVE-2024-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38550"
    },
    {
      "name": "CVE-2024-36943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36943"
    },
    {
      "name": "CVE-2024-36002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
    },
    {
      "name": "CVE-2024-36961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-36013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36013"
    },
    {
      "name": "CVE-2024-26952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26952"
    },
    {
      "name": "CVE-2024-35982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35982"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-36896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36896"
    },
    {
      "name": "CVE-2024-36902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36902"
    },
    {
      "name": "CVE-2024-36014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
    },
    {
      "name": "CVE-2024-36924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36924"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-38570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38570"
    },
    {
      "name": "CVE-2024-36015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
    },
    {
      "name": "CVE-2024-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
    },
    {
      "name": "CVE-2024-38562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38562"
    },
    {
      "name": "CVE-2024-39471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
    },
    {
      "name": "CVE-2024-26882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26882"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2023-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2024-35857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35857"
    },
    {
      "name": "CVE-2024-35989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35989"
    },
    {
      "name": "CVE-2024-36030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36030"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2024-26884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26884"
    },
    {
      "name": "CVE-2024-36932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2024-27020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27020"
    },
    {
      "name": "CVE-2024-36969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2024-38611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-38569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38569"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-26980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26980"
    },
    {
      "name": "CVE-2024-36925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36925"
    },
    {
      "name": "CVE-2024-35856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35856"
    },
    {
      "name": "CVE-2024-38603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38603"
    },
    {
      "name": "CVE-2024-35986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35986"
    },
    {
      "name": "CVE-2024-36890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36890"
    },
    {
      "name": "CVE-2024-36884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-27019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
    },
    {
      "name": "CVE-2024-35987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35987"
    },
    {
      "name": "CVE-2024-36888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36888"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2024-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38584"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2023-52620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
    },
    {
      "name": "CVE-2024-38576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38576"
    },
    {
      "name": "CVE-2024-36947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36947"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-38588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38588"
    },
    {
      "name": "CVE-2024-36009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36009"
    },
    {
      "name": "CVE-2024-38614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38614"
    },
    {
      "name": "CVE-2024-36958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36958"
    },
    {
      "name": "CVE-2024-36893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36893"
    },
    {
      "name": "CVE-2024-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38637"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-39276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
    },
    {
      "name": "CVE-2024-36032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36032"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
    },
    {
      "name": "CVE-2024-36910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36910"
    },
    {
      "name": "CVE-2024-38542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38542"
    },
    {
      "name": "CVE-2024-36914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36914"
    },
    {
      "name": "CVE-2024-38589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38589"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2024-38381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2024-39493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
    },
    {
      "name": "CVE-2024-36920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
    },
    {
      "name": "CVE-2024-38551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38551"
    },
    {
      "name": "CVE-2024-36968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36968"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38620"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-36935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36935"
    },
    {
      "name": "CVE-2024-42134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42134"
    },
    {
      "name": "CVE-2024-36916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
    },
    {
      "name": "CVE-2024-39482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39482"
    },
    {
      "name": "CVE-2024-26936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26936"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2024-36979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979"
    },
    {
      "name": "CVE-2024-36006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36006"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-39292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39292"
    },
    {
      "name": "CVE-2024-38607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38607"
    },
    {
      "name": "CVE-2024-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
    },
    {
      "name": "CVE-2024-36954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36954"
    },
    {
      "name": "CVE-2023-52443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52443"
    },
    {
      "name": "CVE-2024-36933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36933"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-36000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
    },
    {
      "name": "CVE-2024-41011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
    },
    {
      "name": "CVE-2024-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
    },
    {
      "name": "CVE-2024-38563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38563"
    },
    {
      "name": "CVE-2024-35851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35851"
    },
    {
      "name": "CVE-2024-38591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38591"
    },
    {
      "name": "CVE-2024-36953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-38543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38543"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2024-36012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
    },
    {
      "name": "CVE-2024-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-36028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
    },
    {
      "name": "CVE-2024-36029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36029"
    },
    {
      "name": "CVE-2024-35853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35853"
    },
    {
      "name": "CVE-2023-52449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52449"
    },
    {
      "name": "CVE-2023-52444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52444"
    }
  ],
  "initial_release_date": "2024-08-16T00:00:00",
  "last_revision_date": "2024-08-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0694",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6926-3",
      "url": "https://ubuntu.com/security/notices/USN-6926-3"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-2",
      "url": "https://ubuntu.com/security/notices/USN-6950-2"
    },
    {
      "published_at": "2024-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6955-1",
      "url": "https://ubuntu.com/security/notices/USN-6955-1"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6949-2",
      "url": "https://ubuntu.com/security/notices/USN-6949-2"
    },
    {
      "published_at": "2024-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6956-1",
      "url": "https://ubuntu.com/security/notices/USN-6956-1"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6957-1",
      "url": "https://ubuntu.com/security/notices/USN-6957-1"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-3",
      "url": "https://ubuntu.com/security/notices/USN-6950-3"
    },
    {
      "published_at": "2024-08-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6951-2",
      "url": "https://ubuntu.com/security/notices/USN-6951-2"
    }
  ]
}

CERTFR-2024-AVI-0667

Vulnerability from certfr_avis - Published: 2024-08-09 - Updated: 2024-08-09

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	N/A	Ubuntu 22.04 LTS
Ubuntu	N/A	Ubuntu 18.04 ESM
Ubuntu	N/A	Ubuntu 24.04 LTS
Ubuntu	N/A	Ubuntu 14.04 ESM
Ubuntu	N/A	Ubuntu 20.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6895-4	2024-08-02	vendor-advisory
Bulletin de sécurité Ubuntu USN-6951-1	2024-08-08	vendor-advisory
Bulletin de sécurité Ubuntu USN-6926-2	2024-08-01	vendor-advisory
Bulletin de sécurité Ubuntu USN-6952-1	2024-08-09	vendor-advisory
Bulletin de sécurité Ubuntu USN-6949-1	2024-08-08	vendor-advisory
Bulletin de sécurité Ubuntu USN-6922-2	2024-08-01	vendor-advisory
Bulletin de sécurité Ubuntu USN-6950-1	2024-08-08	vendor-advisory
Bulletin de sécurité Ubuntu USN-6953-1	2024-08-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-52436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52436"
    },
    {
      "name": "CVE-2023-52443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52443"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2023-52449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52449"
    },
    {
      "name": "CVE-2023-52444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52444"
    },
    {
      "name": "CVE-2024-26601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26601"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2024-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
    },
    {
      "name": "CVE-2024-1151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
    },
    {
      "name": "CVE-2023-6270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2023-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2024-26667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26667"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2024-26695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
    },
    {
      "name": "CVE-2024-26717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-26584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
    },
    {
      "name": "CVE-2024-26707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-26689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
    },
    {
      "name": "CVE-2024-26748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26748"
    },
    {
      "name": "CVE-2023-52638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52638"
    },
    {
      "name": "CVE-2024-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
    },
    {
      "name": "CVE-2024-26718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26718"
    },
    {
      "name": "CVE-2024-26702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
    },
    {
      "name": "CVE-2024-26685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
    },
    {
      "name": "CVE-2024-26583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
    },
    {
      "name": "CVE-2024-26710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26710"
    },
    {
      "name": "CVE-2024-26803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
    },
    {
      "name": "CVE-2024-26798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26798"
    },
    {
      "name": "CVE-2024-26663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
    },
    {
      "name": "CVE-2024-26675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
    },
    {
      "name": "CVE-2023-52631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52631"
    },
    {
      "name": "CVE-2024-26712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26712"
    },
    {
      "name": "CVE-2024-24858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2024-26723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26723"
    },
    {
      "name": "CVE-2024-26684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
    },
    {
      "name": "CVE-2024-24857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
    },
    {
      "name": "CVE-2024-26660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
    },
    {
      "name": "CVE-2024-26789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26789"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2024-26726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
    },
    {
      "name": "CVE-2024-26676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26676"
    },
    {
      "name": "CVE-2024-26688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26688"
    },
    {
      "name": "CVE-2024-26802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26802"
    },
    {
      "name": "CVE-2024-26722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
    },
    {
      "name": "CVE-2024-26681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
    },
    {
      "name": "CVE-2024-26733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
    },
    {
      "name": "CVE-2023-52620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
    },
    {
      "name": "CVE-2024-26700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
    },
    {
      "name": "CVE-2024-26665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26665"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
    },
    {
      "name": "CVE-2024-26790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
    },
    {
      "name": "CVE-2024-26715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26715"
    },
    {
      "name": "CVE-2024-26714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
    },
    {
      "name": "CVE-2024-26792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26792"
    },
    {
      "name": "CVE-2024-26680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26680"
    },
    {
      "name": "CVE-2024-26736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
    },
    {
      "name": "CVE-2024-26782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26782"
    },
    {
      "name": "CVE-2024-26980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26980"
    },
    {
      "name": "CVE-2024-26917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26917"
    },
    {
      "name": "CVE-2024-27013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27013"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-26910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26910"
    },
    {
      "name": "CVE-2024-26907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2024-26889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26889"
    },
    {
      "name": "CVE-2024-26882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26882"
    },
    {
      "name": "CVE-2024-27020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27020"
    },
    {
      "name": "CVE-2024-26820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26820"
    },
    {
      "name": "CVE-2024-26936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26936"
    },
    {
      "name": "CVE-2024-24861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24861"
    },
    {
      "name": "CVE-2024-26920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26920"
    },
    {
      "name": "CVE-2024-26857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26857"
    },
    {
      "name": "CVE-2024-26898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26898"
    },
    {
      "name": "CVE-2023-52642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52642"
    },
    {
      "name": "CVE-2024-26922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26922"
    },
    {
      "name": "CVE-2024-26884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26884"
    },
    {
      "name": "CVE-2024-26825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-27019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2024-26926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26926"
    },
    {
      "name": "CVE-2024-26826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
    },
    {
      "name": "CVE-2024-26916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26916"
    },
    {
      "name": "CVE-2023-52643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
    },
    {
      "name": "CVE-2024-26829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26829"
    },
    {
      "name": "CVE-2024-26830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26830"
    },
    {
      "name": "CVE-2023-52645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52645"
    },
    {
      "name": "CVE-2021-47131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47131"
    },
    {
      "name": "CVE-2023-52585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52585"
    },
    {
      "name": "CVE-2022-48655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48655"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2024-26693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26693"
    },
    {
      "name": "CVE-2024-26694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26694"
    },
    {
      "name": "CVE-2024-26919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26919"
    },
    {
      "name": "CVE-2023-52882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
    },
    {
      "name": "CVE-2024-26900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
    },
    {
      "name": "CVE-2024-27398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27398"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-27401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27401"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-36031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36031"
    },
    {
      "name": "CVE-2024-36883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
    },
    {
      "name": "CVE-2024-36886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
    },
    {
      "name": "CVE-2024-36889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
    },
    {
      "name": "CVE-2024-36902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36902"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-36905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36905"
    },
    {
      "name": "CVE-2024-36916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2024-36929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
    },
    {
      "name": "CVE-2024-36933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36933"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2024-36939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36939"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-36946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36946"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2024-36953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
    },
    {
      "name": "CVE-2024-36954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36954"
    },
    {
      "name": "CVE-2024-36957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36957"
    },
    {
      "name": "CVE-2024-36959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36959"
    },
    {
      "name": "CVE-2023-52880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52880"
    },
    {
      "name": "CVE-2024-26822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
    },
    {
      "name": "CVE-2024-26838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
    },
    {
      "name": "CVE-2024-27395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27395"
    },
    {
      "name": "CVE-2024-27396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27396"
    },
    {
      "name": "CVE-2024-27400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27400"
    },
    {
      "name": "CVE-2024-27416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27416"
    },
    {
      "name": "CVE-2024-35833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35833"
    },
    {
      "name": "CVE-2024-35847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35847"
    },
    {
      "name": "CVE-2024-35849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35849"
    },
    {
      "name": "CVE-2024-35851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35851"
    },
    {
      "name": "CVE-2024-35852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
    },
    {
      "name": "CVE-2024-35854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35854"
    },
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2024-35978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35978"
    },
    {
      "name": "CVE-2024-35982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35982"
    },
    {
      "name": "CVE-2024-35984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35984"
    },
    {
      "name": "CVE-2024-35989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35989"
    },
    {
      "name": "CVE-2024-35990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35990"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2024-35999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35999"
    },
    {
      "name": "CVE-2024-36006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36006"
    },
    {
      "name": "CVE-2024-36007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36007"
    },
    {
      "name": "CVE-2024-36012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
    },
    {
      "name": "CVE-2024-36014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
    },
    {
      "name": "CVE-2024-36015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-36029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36029"
    },
    {
      "name": "CVE-2024-36032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36032"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-36893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36893"
    },
    {
      "name": "CVE-2024-36896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36896"
    },
    {
      "name": "CVE-2024-36897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36897"
    },
    {
      "name": "CVE-2024-36906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
    },
    {
      "name": "CVE-2024-36918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
    },
    {
      "name": "CVE-2024-36924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36924"
    },
    {
      "name": "CVE-2024-36926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
    },
    {
      "name": "CVE-2024-36928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36928"
    },
    {
      "name": "CVE-2024-36931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36931"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2024-36944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36944"
    },
    {
      "name": "CVE-2024-36947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36947"
    },
    {
      "name": "CVE-2024-36952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
    },
    {
      "name": "CVE-2024-36955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36955"
    },
    {
      "name": "CVE-2024-26674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
    },
    {
      "name": "CVE-2024-35850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35850"
    },
    {
      "name": "CVE-2024-35986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35986"
    },
    {
      "name": "CVE-2024-35991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
    },
    {
      "name": "CVE-2024-35992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35992"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2024-36002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
    },
    {
      "name": "CVE-2024-36009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36009"
    },
    {
      "name": "CVE-2024-36011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
    },
    {
      "name": "CVE-2024-36013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36013"
    },
    {
      "name": "CVE-2024-36030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36030"
    },
    {
      "name": "CVE-2024-36890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36890"
    },
    {
      "name": "CVE-2024-36891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-36895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36895"
    },
    {
      "name": "CVE-2024-36898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36898"
    },
    {
      "name": "CVE-2024-36921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
    },
    {
      "name": "CVE-2024-36922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
    },
    {
      "name": "CVE-2024-36930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
    },
    {
      "name": "CVE-2024-36936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2024-36951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36951"
    },
    {
      "name": "CVE-2024-31076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
    },
    {
      "name": "CVE-2024-33621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
    },
    {
      "name": "CVE-2024-35853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35853"
    },
    {
      "name": "CVE-2024-35855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35855"
    },
    {
      "name": "CVE-2024-35983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
    },
    {
      "name": "CVE-2024-35988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35988"
    },
    {
      "name": "CVE-2024-35996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35996"
    },
    {
      "name": "CVE-2024-36004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36008"
    },
    {
      "name": "CVE-2024-36286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-37353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37353"
    },
    {
      "name": "CVE-2024-37356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
    },
    {
      "name": "CVE-2024-38381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2024-38558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2024-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
    },
    {
      "name": "CVE-2024-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
    },
    {
      "name": "CVE-2024-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
    },
    {
      "name": "CVE-2024-38589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38589"
    },
    {
      "name": "CVE-2024-38596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2024-38599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-38612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38612"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
    },
    {
      "name": "CVE-2024-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
    },
    {
      "name": "CVE-2024-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38637"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2024-39292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39292"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2024-26890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26890"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2024-35857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35857"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-36900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36900"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-36937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
    },
    {
      "name": "CVE-2024-36967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
    },
    {
      "name": "CVE-2024-36969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
    },
    {
      "name": "CVE-2024-36975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2024-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
    },
    {
      "name": "CVE-2024-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
    },
    {
      "name": "CVE-2024-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38550"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38556"
    },
    {
      "name": "CVE-2024-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38557"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2024-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38568"
    },
    {
      "name": "CVE-2024-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38571"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
    },
    {
      "name": "CVE-2024-38591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38591"
    },
    {
      "name": "CVE-2024-38594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38594"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-38600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
    },
    {
      "name": "CVE-2024-38603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38603"
    },
    {
      "name": "CVE-2024-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
    },
    {
      "name": "CVE-2024-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38616"
    },
    {
      "name": "CVE-2024-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2024-39471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
    },
    {
      "name": "CVE-2024-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38610"
    },
    {
      "name": "CVE-2024-39475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
    },
    {
      "name": "CVE-2024-24859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
    },
    {
      "name": "CVE-2024-26661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
    },
    {
      "name": "CVE-2024-26662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26662"
    },
    {
      "name": "CVE-2024-26666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26666"
    },
    {
      "name": "CVE-2024-26677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26677"
    },
    {
      "name": "CVE-2024-26691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26691"
    },
    {
      "name": "CVE-2024-26703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26703"
    },
    {
      "name": "CVE-2024-26708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26708"
    },
    {
      "name": "CVE-2024-26711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26711"
    },
    {
      "name": "CVE-2024-26716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26716"
    },
    {
      "name": "CVE-2024-26719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26719"
    },
    {
      "name": "CVE-2024-26734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
    },
    {
      "name": "CVE-2024-26818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
    },
    {
      "name": "CVE-2024-26824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26824"
    },
    {
      "name": "CVE-2024-26831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
    },
    {
      "name": "CVE-2024-36270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
    },
    {
      "name": "CVE-2024-38543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38543"
    },
    {
      "name": "CVE-2024-38586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
    },
    {
      "name": "CVE-2024-38593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38593"
    },
    {
      "name": "CVE-2024-38607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38607"
    },
    {
      "name": "CVE-2024-38613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38613"
    },
    {
      "name": "CVE-2024-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
    },
    {
      "name": "CVE-2024-39276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
    },
    {
      "name": "CVE-2024-39467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39467"
    },
    {
      "name": "CVE-2024-39480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39480"
    },
    {
      "name": "CVE-2024-39482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39482"
    },
    {
      "name": "CVE-2024-39488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39488"
    },
    {
      "name": "CVE-2024-39489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39489"
    },
    {
      "name": "CVE-2024-39493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
    },
    {
      "name": "CVE-2024-36882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
    },
    {
      "name": "CVE-2024-36887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36887"
    },
    {
      "name": "CVE-2024-36903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
    },
    {
      "name": "CVE-2024-36935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36935"
    },
    {
      "name": "CVE-2024-36962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
    },
    {
      "name": "CVE-2024-36977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
    },
    {
      "name": "CVE-2024-38539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38539"
    },
    {
      "name": "CVE-2024-38551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38551"
    },
    {
      "name": "CVE-2024-38554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38554"
    },
    {
      "name": "CVE-2024-38562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38562"
    },
    {
      "name": "CVE-2024-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
    },
    {
      "name": "CVE-2024-38569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38569"
    },
    {
      "name": "CVE-2024-38570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38570"
    },
    {
      "name": "CVE-2024-38572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38572"
    },
    {
      "name": "CVE-2024-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
    },
    {
      "name": "CVE-2024-38588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38588"
    },
    {
      "name": "CVE-2024-38592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38592"
    },
    {
      "name": "CVE-2024-38595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38595"
    },
    {
      "name": "CVE-2024-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
    },
    {
      "name": "CVE-2024-38611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
    },
    {
      "name": "CVE-2024-38617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38617"
    },
    {
      "name": "CVE-2022-48674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48674"
    },
    {
      "name": "CVE-2024-27394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27394"
    },
    {
      "name": "CVE-2024-35846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35846"
    },
    {
      "name": "CVE-2024-35856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35856"
    },
    {
      "name": "CVE-2024-35858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35858"
    },
    {
      "name": "CVE-2024-35859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35859"
    },
    {
      "name": "CVE-2024-35949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35949"
    },
    {
      "name": "CVE-2024-35987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35987"
    },
    {
      "name": "CVE-2024-35993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35993"
    },
    {
      "name": "CVE-2024-35994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35994"
    },
    {
      "name": "CVE-2024-36000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
    },
    {
      "name": "CVE-2024-36001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36001"
    },
    {
      "name": "CVE-2024-36003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36003"
    },
    {
      "name": "CVE-2024-36028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
    },
    {
      "name": "CVE-2024-36033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36033"
    },
    {
      "name": "CVE-2024-36881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36881"
    },
    {
      "name": "CVE-2024-36884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
    },
    {
      "name": "CVE-2024-36888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36888"
    },
    {
      "name": "CVE-2024-36892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36892"
    },
    {
      "name": "CVE-2024-36901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36901"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2024-36909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36909"
    },
    {
      "name": "CVE-2024-36910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36910"
    },
    {
      "name": "CVE-2024-36911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36911"
    },
    {
      "name": "CVE-2024-36912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36912"
    },
    {
      "name": "CVE-2024-36913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36913"
    },
    {
      "name": "CVE-2024-36914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36914"
    },
    {
      "name": "CVE-2024-36920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
    },
    {
      "name": "CVE-2024-36925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36925"
    },
    {
      "name": "CVE-2024-36927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36927"
    },
    {
      "name": "CVE-2024-36932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
    },
    {
      "name": "CVE-2024-36943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36943"
    },
    {
      "name": "CVE-2024-36948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36948"
    },
    {
      "name": "CVE-2024-36956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
    },
    {
      "name": "CVE-2024-36958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36958"
    },
    {
      "name": "CVE-2024-36961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
    },
    {
      "name": "CVE-2024-36963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36963"
    },
    {
      "name": "CVE-2024-36966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36966"
    },
    {
      "name": "CVE-2024-36968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36968"
    },
    {
      "name": "CVE-2024-36979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979"
    },
    {
      "name": "CVE-2024-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38538"
    },
    {
      "name": "CVE-2024-38542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38542"
    },
    {
      "name": "CVE-2024-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
    },
    {
      "name": "CVE-2024-38563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38563"
    },
    {
      "name": "CVE-2024-38574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38574"
    },
    {
      "name": "CVE-2024-38576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38576"
    },
    {
      "name": "CVE-2024-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
    },
    {
      "name": "CVE-2024-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38584"
    },
    {
      "name": "CVE-2024-38585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38585"
    },
    {
      "name": "CVE-2024-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
    },
    {
      "name": "CVE-2024-38606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
    },
    {
      "name": "CVE-2024-38614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38614"
    },
    {
      "name": "CVE-2024-38620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38620"
    },
    {
      "name": "CVE-2024-41011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
    },
    {
      "name": "CVE-2024-42134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42134"
    }
  ],
  "initial_release_date": "2024-08-09T00:00:00",
  "last_revision_date": "2024-08-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0667",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-08-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6895-4",
      "url": "https://ubuntu.com/security/notices/USN-6895-4"
    },
    {
      "published_at": "2024-08-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6951-1",
      "url": "https://ubuntu.com/security/notices/USN-6951-1"
    },
    {
      "published_at": "2024-08-01",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6926-2",
      "url": "https://ubuntu.com/security/notices/USN-6926-2"
    },
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6952-1",
      "url": "https://ubuntu.com/security/notices/USN-6952-1"
    },
    {
      "published_at": "2024-08-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6949-1",
      "url": "https://ubuntu.com/security/notices/USN-6949-1"
    },
    {
      "published_at": "2024-08-01",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6922-2",
      "url": "https://ubuntu.com/security/notices/USN-6922-2"
    },
    {
      "published_at": "2024-08-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-1",
      "url": "https://ubuntu.com/security/notices/USN-6950-1"
    },
    {
      "published_at": "2024-08-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6953-1",
      "url": "https://ubuntu.com/security/notices/USN-6953-1"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-35994 (GCVE-0-2024-35994)

FKIE_CVE-2024-35994

GHSA-5JJ7-RMFX-38VV

CERTFR-2024-AVI-0694

Solutions

CERTFR-2024-AVI-0667

Solutions

Tags

Sightings

Nomenclature