Ubuntu update for linux-azure-5.4



Risk Critical
Patch available YES
Number of vulnerabilities 83
CVE-ID CVE-2024-36934
CVE-2024-38578
CVE-2024-38600
CVE-2024-27399
CVE-2024-39276
CVE-2024-38596
CVE-2024-36933
CVE-2024-36919
CVE-2024-35976
CVE-2024-37356
CVE-2023-52585
CVE-2024-38558
CVE-2024-38560
CVE-2024-38634
CVE-2024-36959
CVE-2024-38633
CVE-2024-36886
CVE-2024-27398
CVE-2024-39493
CVE-2024-26886
CVE-2024-31076
CVE-2024-38559
CVE-2024-38615
CVE-2024-36971
CVE-2024-38627
CVE-2024-36964
CVE-2024-38780
CVE-2024-37353
CVE-2024-38621
CVE-2024-36883
CVE-2024-39488
CVE-2024-38661
CVE-2024-36939
CVE-2024-38589
CVE-2024-38565
CVE-2024-38381
CVE-2024-35947
CVE-2024-36905
CVE-2022-48772
CVE-2024-36017
CVE-2024-36946
CVE-2024-27401
CVE-2024-38579
CVE-2024-38612
CVE-2024-38598
CVE-2024-38635
CVE-2024-38587
CVE-2024-38567
CVE-2024-38549
CVE-2024-36960
CVE-2023-52752
CVE-2024-27019
CVE-2024-38601
CVE-2024-39489
CVE-2024-39467
CVE-2023-52882
CVE-2024-38583
CVE-2024-39480
CVE-2024-38607
CVE-2024-36940
CVE-2024-38659
CVE-2023-52434
CVE-2024-36015
CVE-2024-38582
CVE-2024-36950
CVE-2024-38552
CVE-2024-33621
CVE-2024-36954
CVE-2024-39475
CVE-2024-39301
CVE-2024-38599
CVE-2024-36902
CVE-2024-36286
CVE-2024-38613
CVE-2024-38637
CVE-2024-36941
CVE-2024-36014
CVE-2024-38618
CVE-2024-36904
CVE-2024-36270
CVE-2024-39292
CVE-2024-39471
CVE-2022-48674
CWE-ID CWE-125
CWE-667
CWE-476
CWE-401
CWE-366
CWE-908
CWE-20
CWE-200
CWE-416
CWE-415
CWE-269
CWE-399
CWE-388
CWE-362
CWE-119
CWE-835
CWE-252
CWE-369
Exploitation vector Network
Public exploit Vulnerability #24 is being exploited in the wild.
Vulnerable software
Subscribe
Ubuntu
Operating systems & Components / Operating system

linux-image-5.4.0-1135-azure (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-azure (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 83 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU90266

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36934

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU92322

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38578

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the write_tag_66_packet() function in fs/ecryptfs/keystore.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper locking

EUVDB-ID: #VU92360

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38600

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_card_disconnect() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU89673

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27399

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU93320

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39276

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Race condition within a thread

EUVDB-ID: #VU92380

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38596

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the unix_stream_sendmsg() function in net/unix/af_unix.c. A local user can manipulate data.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use of uninitialized resource

EUVDB-ID: #VU90862

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36933

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and nsh_gso_segment() functions in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper locking

EUVDB-ID: #VU92010

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36919

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds read

EUVDB-ID: #VU90305

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35976

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the xsk_setsockopt() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU93024

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-37356

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net/ipv4/tcp_dctcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) NULL pointer dereference

EUVDB-ID: #VU91241

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52585

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_ras_query_error_status_helper() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Input validation error

EUVDB-ID: #VU94117

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38558

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when parsing ICMPv6 packets within the parse_icmpv6() function in net/openvswitch/flow.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU92327

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38560

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bfad_debugfs_write_regrd() and bfad_debugfs_write_regwr() functions in drivers/scsi/bfa/bfad_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Improper locking

EUVDB-ID: #VU93038

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38634

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the max3100_sr() and max3100_handlerx() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Information disclosure

EUVDB-ID: #VU91321

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36959

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU93032

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38633

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the max3100_probe() and max3100_remove() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU90049

Risk: High

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36886

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU89672

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27398

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory leak

EUVDB-ID: #VU94086

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39493

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU90200

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26886

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bt_sock_recvmsg() and bt_sock_ioctl() functions in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Memory leak

EUVDB-ID: #VU93016

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-31076

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Out-of-bounds read

EUVDB-ID: #VU92328

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38559

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the qedf_dbg_debug_cmd_write() function in drivers/scsi/qedf/qedf_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Input validation error

EUVDB-ID: #VU94120

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38615

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __cpufreq_offline() and cpufreq_remove_dev() functions in drivers/cpufreq/cpufreq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU91597

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2024-36971

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

25) Double free

EUVDB-ID: #VU93040

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38627

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the stm_register_device() function in drivers/hwtracing/stm/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Improper privilege management

EUVDB-ID: #VU93734

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36964

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper locking

EUVDB-ID: #VU93034

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38780

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Resource management error

EUVDB-ID: #VU93179

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-37353

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the vp_find_vqs_msix() function in drivers/virtio/virtio_pci_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU93025

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38621

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the stk1160_buffer_done() and stk1160_copy_video() functions in drivers/media/usb/stk1160/stk1160-video.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Out-of-bounds read

EUVDB-ID: #VU90272

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36883

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper error handling

EUVDB-ID: #VU94087

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39488

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the arch/arm64/include/asm/asm-bug.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Improper locking

EUVDB-ID: #VU93333

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38661

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hex2bitmap() function in drivers/s390/crypto/ap_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Improper error handling

EUVDB-ID: #VU92054

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36939

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Improper locking

EUVDB-ID: #VU92365

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38589

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nr_add_node() and nr_del_node() functions in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Resource management error

EUVDB-ID: #VU93836

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38565

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Use of uninitialized resource

EUVDB-ID: #VU93042

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38381

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the nci_core_ntf_packet() and nci_rx_work() functions in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Improper error handling

EUVDB-ID: #VU93468

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35947

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error within the ddebug_tokenize() function in lib/dynamic_debug.c. A local user can crash the OS kernel.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Race condition

EUVDB-ID: #VU93375

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36905

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) NULL pointer dereference

EUVDB-ID: #VU93327

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48772

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lgdt3306a_probe() function in drivers/media/dvb-frontends/lgdt3306a.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Out-of-bounds read

EUVDB-ID: #VU93081

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36017

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Buffer overflow

EUVDB-ID: #VU93469

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36946

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Buffer overflow

EUVDB-ID: #VU89675

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27401

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Buffer overflow

EUVDB-ID: #VU92953

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38579

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the spu2_dump_omd() function in drivers/crypto/bcm/spu2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU92314

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38612

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the IS_ENABLED() function in net/ipv6/seg6.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Out-of-bounds read

EUVDB-ID: #VU92320

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38598

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Out-of-bounds read

EUVDB-ID: #VU93027

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38635

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sdw_cdns_alloc_pdi() function in drivers/soundwire/cadence_master.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

EUVDB-ID: #VU92321

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38587

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the get_word() function in drivers/staging/speakup/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Input validation error

EUVDB-ID: #VU92370

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38567

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the carl9170_usb_probe() function in drivers/net/wireless/ath/carl9170/usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Resource management error

EUVDB-ID: #VU93390

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38549

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mtk_drm_gem_init() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU90819

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36960

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_event_fence_action_create() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Use-after-free

EUVDB-ID: #VU90068

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Race condition within a thread

EUVDB-ID: #VU91431

Risk: Low

CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27019

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Infinite loop

EUVDB-ID: #VU93063

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38601

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the rb_check_list() and ring_buffer_resize() functions in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Memory leak

EUVDB-ID: #VU94084

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39489

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the seg6_hmac_init_algo() and seg6_hmac_net_init() functions in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Out-of-bounds read

EUVDB-ID: #VU93325

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39467

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sanity_check_inode() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Input validation error

EUVDB-ID: #VU93673

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52882

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Use-after-free

EUVDB-ID: #VU92311

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38583

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nilfs_segctor_start_timer(), nilfs_construct_dsync_segment(), nilfs_segctor_notify(), nilfs_segctor_thread(), nilfs_segctor_new() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Buffer overflow

EUVDB-ID: #VU93827

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39480

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the kdb_printf() function in kernel/debug/kdb/kdb_io.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Resource management error

EUVDB-ID: #VU93181

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38607

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the macii_probe() function in drivers/macintosh/via-macii.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Double Free

EUVDB-ID: #VU90885

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36940

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

EUVDB-ID: #VU93080

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38659

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the enic_set_vf_port() function in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Buffer overflow

EUVDB-ID: #VU88283

Risk: Medium

CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52434

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the smb2_parse_contexts() function when parsing SMB packets. A remote user can send specially crafted SMB traffic to the affected system, trigger memory corruption and execute arbitrary code.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Unchecked Return Value

EUVDB-ID: #VU89896

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36015

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Improper locking

EUVDB-ID: #VU92366

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38582

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nilfs_segctor_sync(), nilfs_segctor_wakeup(), nilfs_segctor_notify() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Improper error handling

EUVDB-ID: #VU92055

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36950

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Out-of-bounds read

EUVDB-ID: #VU92330

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38552

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Resource management error

EUVDB-ID: #VU93043

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-33621

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ipvlan_process_v4_outbound() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU90431

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36954

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Division by zero

EUVDB-ID: #VU93828

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39475

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Use of uninitialized resource

EUVDB-ID: #VU93337

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39301

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the p9_fcall_init() function in net/9p/client.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Out-of-bounds read

EUVDB-ID: #VU92319

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38599

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) NULL pointer dereference

EUVDB-ID: #VU91222

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36902

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Improper locking

EUVDB-ID: #VU93036

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36286

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the instance_destroy_rcu() function in net/netfilter/nfnetlink_queue.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Improper locking

EUVDB-ID: #VU92359

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38613

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the arch/m68k/kernel/entry.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) NULL pointer dereference

EUVDB-ID: #VU93046

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38637

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __gb_lights_flash_brightness_set() and gb_lights_light_v4l2_register() functions in drivers/staging/greybus/light.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) NULL pointer dereference

EUVDB-ID: #VU90528

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36941

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) NULL pointer dereference

EUVDB-ID: #VU89897

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36014

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the malidp_mw_connector_reset() function in drivers/gpu/drm/arm/malidp_mw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Input validation error

EUVDB-ID: #VU92371

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38618

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the snd_timer_start1() function in sound/core/timer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Use-after-free

EUVDB-ID: #VU90047

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36904

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU93028

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36270

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nf_tproxy_laddr4() function in net/ipv4/netfilter/nf_tproxy_ipv4.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Resource management error

EUVDB-ID: #VU93178

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39292

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the register_winch_irq() function in arch/um/drivers/line.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Out-of-bounds read

EUVDB-ID: #VU93326

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39471

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Use-after-free

EUVDB-ID: #VU90174

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48674

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the fs/erofs/internal.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-azure-5.4 to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-5.4.0-1135-azure (Ubuntu package): before Ubuntu Pro

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6951-3


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###