USN-6952-1: Linux kernel vulnerabilities
9 August 2024
Several security issues were fixed in the Linux kernel.
Releases
Packages
- linux-nvidia-lowlatency - Linux low latency kernel for NVIDIA systems
- linux-oracle - Linux kernel for Oracle Cloud systems
Details
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde
discovered that an untrusted hypervisor could inject malicious #VC
interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw
is known as WeSee. A local attacker in control of the hypervisor could use
this to expose sensitive information or possibly execute arbitrary code in
the trusted execution environment. (CVE-2024-25742)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- M68K architecture;
- OpenRISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- x86 architecture;
- Block layer subsystem;
- Accessibility subsystem;
- Bluetooth drivers;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- DPLL subsystem;
- FireWire subsystem;
- EFI core;
- Qualcomm firmware drivers;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I2C subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Macintosh device drivers;
- Multiple devices driver;
- Media drivers;
- EEPROM drivers;
- MMC subsystem;
- Network drivers;
- STMicroelectronics network drivers;
- Device tree and open firmware driver;
- HiSilicon SoC PMU drivers;
- PHY drivers;
- Pin controllers subsystem;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI drivers;
- SPI subsystem;
- Media staging drivers;
- Thermal drivers;
- TTY drivers;
- Userspace I/O drivers;
- USB subsystem;
- DesignWare USB3 driver;
- ACRN Hypervisor Service Module driver;
- Virtio drivers;
- 9P distributed file system;
- BTRFS file system;
- eCrypt file system;
- EROFS file system;
- File systems infrastructure;
- GFS2 file system;
- JFFS2 file system;
- Network file systems library;
- Network file system client;
- Network file system server daemon;
- NILFS2 file system;
- Proc file system;
- SMB network file system;
- Tracing file system;
- Mellanox drivers;
- Memory management;
- Socket messages infrastructure;
- Slab allocator;
- Tracing infrastructure;
- User-space API (UAPI);
- Core kernel;
- BPF subsystem;
- DMA mapping infrastructure;
- RCU subsystem;
- Dynamic debug library;
- KUnit library;
- Maple Tree data structure library;
- Heterogeneous memory management;
- Amateur Radio drivers;
- Bluetooth subsystem;
- Ethernet bridge;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Netfilter;
- NET/ROM layer;
- NFC subsystem;
- NSH protocol;
- Open vSwitch;
- Phonet protocol;
- SMC sockets;
- TIPC protocol;
- Unix domain sockets;
- Wireless networking;
- Key management;
- ALSA framework;
- HD-audio driver;
- Kirkwood ASoC drivers;
- MediaTek ASoC drivers;
(CVE-2024-38601, CVE-2024-36935, CVE-2024-35991, CVE-2024-36032,
CVE-2024-35988, CVE-2024-36886, CVE-2024-36913, CVE-2024-36928,
CVE-2024-38553, CVE-2024-36927, CVE-2024-38615, CVE-2024-36958,
CVE-2024-36977, CVE-2024-36889, CVE-2024-38554, CVE-2024-38590,
CVE-2024-42134, CVE-2024-35857, CVE-2024-35850, CVE-2024-35986,
CVE-2024-36921, CVE-2024-38569, CVE-2024-36966, CVE-2024-38542,
CVE-2024-38585, CVE-2024-36884, CVE-2024-36006, CVE-2024-38577,
CVE-2024-36016, CVE-2024-38584, CVE-2024-36887, CVE-2024-38598,
CVE-2024-35994, CVE-2024-38603, CVE-2024-35998, CVE-2024-27401,
CVE-2024-35852, CVE-2024-36944, CVE-2024-38572, CVE-2024-36917,
CVE-2024-36943, CVE-2024-36009, CVE-2024-38587, CVE-2024-35949,
CVE-2024-36945, CVE-2024-36004, CVE-2024-36919, CVE-2024-27398,
CVE-2024-38582, CVE-2024-35847, CVE-2024-38580, CVE-2024-38602,
CVE-2024-36916, CVE-2024-36903, CVE-2024-38555, CVE-2024-36952,
CVE-2024-38589, CVE-2024-27394, CVE-2024-36933, CVE-2024-36975,
CVE-2024-38591, CVE-2024-38612, CVE-2024-36939, CVE-2024-35983,
CVE-2024-38607, CVE-2024-36929, CVE-2024-35849, CVE-2024-36941,
CVE-2024-35858, CVE-2024-38599, CVE-2024-35996, CVE-2024-36031,
CVE-2024-36931, CVE-2024-35990, CVE-2024-35851, CVE-2024-38556,
CVE-2024-36000, CVE-2024-36910, CVE-2024-38573, CVE-2024-36906,
CVE-2024-36951, CVE-2024-38604, CVE-2024-38613, CVE-2024-38547,
CVE-2024-36014, CVE-2024-36949, CVE-2024-36033, CVE-2024-38597,
CVE-2024-36880, CVE-2024-38594, CVE-2024-36894, CVE-2024-38546,
CVE-2024-36947, CVE-2024-38541, CVE-2024-35989, CVE-2024-27399,
CVE-2024-38550, CVE-2024-36922, CVE-2024-36008, CVE-2024-38540,
CVE-2024-36924, CVE-2024-36892, CVE-2024-38549, CVE-2024-36882,
CVE-2024-36908, CVE-2024-38566, CVE-2024-36005, CVE-2024-38583,
CVE-2024-36968, CVE-2024-36017, CVE-2024-38565, CVE-2024-36881,
CVE-2024-38611, CVE-2024-36897, CVE-2024-38560, CVE-2024-36923,
CVE-2024-38575, CVE-2024-36899, CVE-2024-38570, CVE-2024-36898,
CVE-2024-36896, CVE-2024-38559, CVE-2024-38588, CVE-2024-38606,
CVE-2024-38551, CVE-2024-36891, CVE-2024-38567, CVE-2024-36895,
CVE-2024-35993, CVE-2024-38552, CVE-2024-36925, CVE-2024-36964,
CVE-2024-36888, CVE-2024-36956, CVE-2024-36946, CVE-2024-38600,
CVE-2024-35997, CVE-2024-36912, CVE-2024-35984, CVE-2024-35848,
CVE-2024-38545, CVE-2024-38563, CVE-2024-36918, CVE-2024-36001,
CVE-2024-36957, CVE-2024-38576, CVE-2024-36030, CVE-2024-38574,
CVE-2024-36963, CVE-2024-36890, CVE-2024-36960, CVE-2024-36901,
CVE-2024-38614, CVE-2024-35859, CVE-2024-38593, CVE-2024-36904,
CVE-2024-36012, CVE-2024-38578, CVE-2024-36011, CVE-2024-36930,
CVE-2024-36938, CVE-2024-36893, CVE-2024-35987, CVE-2024-36905,
CVE-2024-35853, CVE-2024-36003, CVE-2024-38562, CVE-2024-38617,
CVE-2024-35855, CVE-2024-36965, CVE-2024-38596, CVE-2024-38558,
CVE-2024-38568, CVE-2024-36955, CVE-2024-36029, CVE-2024-36967,
CVE-2024-36940, CVE-2024-38595, CVE-2024-36028, CVE-2024-38610,
CVE-2024-36911, CVE-2024-35999, CVE-2024-35854, CVE-2024-38571,
CVE-2024-38548, CVE-2024-36948, CVE-2024-36002, CVE-2024-36961,
CVE-2024-36900, CVE-2024-36932, CVE-2024-36902, CVE-2024-35992,
CVE-2024-36914, CVE-2024-38592, CVE-2024-38616, CVE-2024-27400,
CVE-2024-36937, CVE-2024-36920, CVE-2024-38586, CVE-2024-36909,
CVE-2024-35846, CVE-2024-39482, CVE-2024-38579, CVE-2024-38539,
CVE-2024-27395, CVE-2024-36962, CVE-2024-36013, CVE-2024-27396,
CVE-2024-38557, CVE-2024-36953, CVE-2024-41011, CVE-2023-52882,
CVE-2024-36969, CVE-2024-36007, CVE-2024-35856, CVE-2024-38605,
CVE-2024-36915, CVE-2024-36979, CVE-2024-36954, CVE-2024-38538,
CVE-2024-36950, CVE-2024-36926, CVE-2024-38544, CVE-2024-36959,
CVE-2024-38561, CVE-2024-36883, CVE-2024-36936, CVE-2024-38564,
CVE-2024-38543, CVE-2024-36934, CVE-2024-35947, CVE-2024-38620)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04
-
linux-image-6.8.0-1010-oracle
-
6.8.0-1010.10
-
linux-image-6.8.0-1010-oracle-64k
-
6.8.0-1010.10
-
linux-image-6.8.0-1011-nvidia-lowlatency
-
6.8.0-1011.11.1
-
linux-image-6.8.0-1011-nvidia-lowlatency-64k
-
6.8.0-1011.11.1
-
linux-image-nvidia-lowlatency
-
6.8.0-1011.11.1
-
linux-image-nvidia-lowlatency-64k
-
6.8.0-1011.11.1
-
linux-image-oracle
-
6.8.0-1010.10
-
linux-image-oracle-64k
-
6.8.0-1010.10
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
- CVE-2024-36029
- CVE-2024-35990
- CVE-2024-36004
- CVE-2024-36001
- CVE-2024-36891
- CVE-2024-38615
- CVE-2024-35984
- CVE-2024-38549
- CVE-2024-36969
- CVE-2024-38588
- CVE-2024-38605
- CVE-2024-36900
- CVE-2024-36959
- CVE-2024-38600
- CVE-2024-38603
- CVE-2024-35988
- CVE-2024-35991
- CVE-2024-36918
- CVE-2024-38565
- CVE-2024-38575
- CVE-2024-41011
- CVE-2024-36920
- CVE-2024-36938
- CVE-2024-38553
- CVE-2024-36928
- CVE-2024-36946
- CVE-2024-36916
- CVE-2024-36952
- CVE-2024-38577
- CVE-2024-38548
- CVE-2024-36911
- CVE-2024-36932
- CVE-2024-35987
- CVE-2024-36949
- CVE-2024-38617
- CVE-2024-38610
- CVE-2024-38570
- CVE-2024-38540
- CVE-2024-38595
- CVE-2024-36934
- CVE-2024-36881
- CVE-2024-38593
- CVE-2024-35846
- CVE-2024-36017
- CVE-2024-36931
- CVE-2024-38539
- CVE-2024-38597
- CVE-2024-36884
- CVE-2024-36880
- CVE-2024-35848
- CVE-2024-36960
- CVE-2024-42134
- CVE-2024-36977
- CVE-2024-36961
- CVE-2024-36012
- CVE-2024-38573
- CVE-2024-35947
- CVE-2024-38616
- CVE-2024-27399
- CVE-2024-38572
- CVE-2024-36917
- CVE-2024-38590
- CVE-2024-38544
- CVE-2024-36951
- CVE-2024-38607
- CVE-2024-36965
- CVE-2024-36975
- CVE-2024-36958
- CVE-2024-38568
- CVE-2024-38580
- CVE-2024-36890
- CVE-2024-36892
- CVE-2024-36929
- CVE-2024-36921
- CVE-2024-38571
- CVE-2024-38599
- CVE-2024-36011
- CVE-2024-36944
- CVE-2024-35992
- CVE-2024-38614
- CVE-2024-35854
- CVE-2024-38564
- CVE-2024-27395
- CVE-2024-36912
- CVE-2024-38576
- CVE-2024-35989
- CVE-2024-36028
- CVE-2024-36939
- CVE-2024-36898
- CVE-2024-38545
- CVE-2024-36923
- CVE-2024-35949
- CVE-2024-38598
- CVE-2024-36924
- CVE-2024-38582
- CVE-2024-36919
- CVE-2024-36957
- CVE-2024-36000
- CVE-2024-36007
- CVE-2024-38587
- CVE-2024-38585
- CVE-2024-38567
- CVE-2024-38541
- CVE-2024-38602
- CVE-2024-36937
- CVE-2024-36031
- CVE-2024-36883
- CVE-2024-36894
- CVE-2024-36910
- CVE-2024-36936
- CVE-2024-36945
- CVE-2024-38579
- CVE-2024-36002
- CVE-2024-36953
- CVE-2024-38542
- CVE-2024-38596
- CVE-2024-38562
- CVE-2024-36893
- CVE-2024-35858
- CVE-2024-38546
- CVE-2023-52882
- CVE-2024-36886
- CVE-2024-38574
- CVE-2024-36033
- CVE-2024-36904
- CVE-2024-36908
- CVE-2024-36954
- CVE-2024-36930
- CVE-2024-38583
- CVE-2024-35994
- CVE-2024-36895
- CVE-2024-35986
- CVE-2024-35850
- CVE-2024-35855
- CVE-2024-35996
- CVE-2024-35997
- CVE-2024-36933
- CVE-2024-35999
- CVE-2024-36955
- CVE-2024-36896
- CVE-2024-38543
- CVE-2024-35847
- CVE-2024-36913
- CVE-2024-38552
- CVE-2024-38594
- CVE-2024-35859
- CVE-2024-36926
- CVE-2024-38620
- CVE-2024-38551
- CVE-2024-38550
- CVE-2024-35856
- CVE-2024-38554
- CVE-2024-38561
- CVE-2024-36032
- CVE-2024-38559
- CVE-2024-38611
- CVE-2024-27396
- CVE-2024-38566
- CVE-2024-36922
- CVE-2024-36963
- CVE-2024-36966
- CVE-2024-38569
- CVE-2024-36013
- CVE-2024-38613
- CVE-2024-36905
- CVE-2024-38612
- CVE-2024-36887
- CVE-2024-38589
- CVE-2024-36967
- CVE-2024-36950
- CVE-2024-38578
- CVE-2024-38591
- CVE-2024-36009
- CVE-2024-38604
- CVE-2024-36915
- CVE-2024-36008
- CVE-2024-36962
- CVE-2024-36947
- CVE-2024-38555
- CVE-2024-36882
- CVE-2024-36979
- CVE-2024-25742
- CVE-2024-35852
- CVE-2024-35857
- CVE-2024-36888
- CVE-2024-36889
- CVE-2024-38557
- CVE-2024-36006
- CVE-2024-35993
- CVE-2024-27394
- CVE-2024-35998
- CVE-2024-36897
- CVE-2024-35853
- CVE-2024-36940
- CVE-2024-38547
- CVE-2024-36927
- CVE-2024-36030
- CVE-2024-38586
- CVE-2024-38606
- CVE-2024-36914
- CVE-2024-35983
- CVE-2024-36903
- CVE-2024-36943
- CVE-2024-35851
- CVE-2024-36968
- CVE-2024-38556
- CVE-2024-36901
- CVE-2024-36902
- CVE-2024-36909
- CVE-2024-38601
- CVE-2024-36964
- CVE-2024-38538
- CVE-2024-38592
- CVE-2024-35849
- CVE-2024-36899
- CVE-2024-39482
- CVE-2024-36906
- CVE-2024-38584
- CVE-2024-36003
- CVE-2024-27398
- CVE-2024-36016
- CVE-2024-36956
- CVE-2024-27401
- CVE-2024-36014
- CVE-2024-38563
- CVE-2024-27400
- CVE-2024-36925
- CVE-2024-36948
- CVE-2024-36941
- CVE-2024-38560
- CVE-2024-36935
- CVE-2024-38558
- CVE-2024-36005
Related notices
- USN-6898-1
- USN-6898-2
- USN-6898-3
- USN-6898-4
- USN-6917-1
- USN-6919-1
- USN-6927-1
- USN-6949-1
- USN-6955-1
- USN-6949-2
- USN-7019-1
- USN-6921-1
- USN-6921-2
- USN-6896-1
- USN-6896-2
- USN-6896-3
- USN-6896-4
- USN-6896-5
- USN-6951-1
- USN-6953-1
- USN-6951-2
- USN-6951-3
- USN-6951-4
- USN-6979-1
- USN-7007-1
- USN-7009-1
- USN-7007-2
- USN-7007-3
- USN-7009-2
- USN-6926-1
- USN-6938-1
- USN-6926-2
- USN-6926-3
- USN-6950-1
- USN-6950-2
- USN-6957-1
- USN-6956-1
- USN-6950-3
- USN-6950-4
- USN-7088-1
- USN-7088-2
- USN-7088-3
- USN-7088-4
- USN-7100-1
- USN-7100-2
- USN-7088-5
- USN-7119-1
- USN-7123-1
- USN-7144-1
- USN-7159-1
- USN-7021-1
- USN-7022-1
- USN-7028-1
- USN-7021-2
- USN-7021-3
- USN-7039-1
- USN-7022-2
- USN-7021-4
- USN-7022-3
- USN-7028-2
- USN-7021-5
- USN-7069-1
- USN-7069-2
- USN-7110-1
- USN-7003-1
- USN-7003-2
- USN-7006-1
- USN-7003-3
- USN-7003-4
- USN-7003-5
- USN-7121-1
- USN-7121-2
- USN-7121-3
- USN-6923-1
- USN-6923-2
- USN-6972-1
- USN-6972-2
- USN-6972-3
- USN-6972-4
- USN-6974-1
- USN-6973-1
- USN-6973-2
- USN-6974-2
- USN-6973-3
- USN-6973-4
- USN-7148-1
- LSN-0107-1
- USN-6924-1
- USN-6924-2
- LSN-0106-1