SB2024073035 - Ubuntu update for linux-lowlatency

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024073035

SB2024073035 - Ubuntu update for linux-lowlatency

Published: July 30, 2024

Security Bulletin ID SB2024073035
Severity
Low
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Code Injection (CVE-ID: CVE-2024-25742)

The vulnerability allows a malicious hypervisor to escalate privileges on the system.

The vulnerability exists due to improper input validation when handling interrupts. A malicious hypervisor can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.


2) Infinite loop (CVE-ID: CVE-2024-35997)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the __i2c_hid_command() and i2c_hid_irq() functions in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can perform a denial of service (DoS) attack.


3) Out-of-bounds write (CVE-ID: CVE-2024-36016)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


4) Improper locking (CVE-ID: CVE-2024-35990)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the xilinx_dpdma_chan_vsync_irq(), xilinx_dpdma_issue_pending() and xilinx_dpdma_chan_err_task() functions in drivers/dma/xilinx/xilinx_dpdma.c. A local user can perform a denial of service (DoS) attack.


5) NULL pointer dereference (CVE-ID: CVE-2024-35984)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i2c_check_for_quirks() function in drivers/i2c/i2c-core-base.c. A local user can perform a denial of service (DoS) attack.


6) Out-of-bounds read (CVE-ID: CVE-2024-35992)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the comphy_gbe_phy_init() function in drivers/phy/marvell/phy-mvebu-a3700-comphy.c. A local user can perform a denial of service (DoS) attack.


7) NULL pointer dereference (CVE-ID: CVE-2024-36008)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ip_route_use_hint() function in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References