Sign-up

ID

VAR-202405-2291


CVE

CVE-2024-35976


TITLE

Linux  of  Linux Kernel  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-021930

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING syzbot reported an illegal copy in xsk_setsockopt() [1] Make sure to validate setsockopt() @optlen parameter. [1] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline] BUG: KASAN: slab-out-of-bounds in xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420 Read of size 4 at addr ffff888028c6cde3 by task syz-executor.0/7549 CPU: 0 PID: 7549 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 copy_from_sockptr_offset include/linux/sockptr.h:49 [inline] copy_from_sockptr include/linux/sockptr.h:55 [inline] xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420 do_sock_setsockopt+0x3af/0x720 net/socket.c:2311 __sys_setsockopt+0x1ae/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [inline] __se_sys_setsockopt net/socket.c:2340 [inline] __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340 do_syscall_64+0xfb/0x240 entry_SYSCALL_64_after_hwframe+0x6d/0x75 RIP: 0033:0x7fb40587de69 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fb40665a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007fb4059abf80 RCX: 00007fb40587de69 RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000006 RBP: 00007fb4058ca47a R08: 0000000000000002 R09: 0000000000000000 R10: 0000000020001980 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007fb4059abf80 R15: 00007fff57ee4d08 </TASK> Allocated by task 7549: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:370 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387 kasan_kmalloc include/linux/kasan.h:211 [inline] __do_kmalloc_node mm/slub.c:3966 [inline] __kmalloc+0x233/0x4a0 mm/slub.c:3979 kmalloc include/linux/slab.h:632 [inline] __cgroup_bpf_run_filter_setsockopt+0xd2f/0x1040 kernel/bpf/cgroup.c:1869 do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293 __sys_setsockopt+0x1ae/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [inline] __se_sys_setsockopt net/socket.c:2340 [inline] __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340 do_syscall_64+0xfb/0x240 entry_SYSCALL_64_after_hwframe+0x6d/0x75 The buggy address belongs to the object at ffff888028c6cde0 which belongs to the cache kmalloc-8 of size 8 The buggy address is located 1 bytes to the right of allocated 2-byte region [ffff888028c6cde0, ffff888028c6cde2) The buggy address belongs to the physical page: page:ffffea0000a31b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888028c6c9c0 pfn:0x28c6c anon flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff) page_type: 0xffffffff() raw: 00fff00000000800 ffff888014c41280 0000000000000000 dead000000000001 raw: ffff888028c6c9c0 0000000080800057 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 6648, tgid 6644 (syz-executor.0), ts 133906047828, free_ts 133859922223 set_page_owner include/linux/page_owner.h:31 [inline] post_alloc_hook+0x1ea/0x210 mm/page_alloc.c:1533 prep_new_page mm/page_alloc.c: ---truncated---. Linux of Linux Kernel Exists in an out-of-bounds write vulnerability.Information may be obtained and information may be tampered with. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server. ========================================================================== Ubuntu Security Notice USN-6951-1 August 08, 2024 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-iot: Linux kernel for IoT platforms - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-5.4: Linux hardware enablement (HWE) kernel - linux-ibm-5.4: Linux kernel for IBM cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - GPU drivers; - HW tracing; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399, CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919, CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558, CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633, CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886, CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971, CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353, CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661, CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381, CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017, CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612, CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567, CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019, CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882, CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940, CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582, CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954, CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902, CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941, CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270, CVE-2024-39292, CVE-2024-39471, CVE-2022-48674) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1042-iot 5.4.0-1042.43 linux-image-5.4.0-1049-xilinx-zynqmp 5.4.0-1049.53 linux-image-5.4.0-1077-ibm 5.4.0-1077.82 linux-image-5.4.0-1097-gkeop 5.4.0-1097.101 linux-image-5.4.0-1114-raspi 5.4.0-1114.126 linux-image-5.4.0-1118-kvm 5.4.0-1118.125 linux-image-5.4.0-1130-aws 5.4.0-1130.140 linux-image-5.4.0-1134-gcp 5.4.0-1134.143 linux-image-5.4.0-192-generic 5.4.0-192.212 linux-image-5.4.0-192-generic-lpae 5.4.0-192.212 linux-image-5.4.0-192-lowlatency 5.4.0-192.212 linux-image-aws-lts-20.04 5.4.0.1130.127 linux-image-gcp-lts-20.04 5.4.0.1134.136 linux-image-generic 5.4.0.192.190 linux-image-generic-lpae 5.4.0.192.190 linux-image-gkeop 5.4.0.1097.95 linux-image-gkeop-5.4 5.4.0.1097.95 linux-image-ibm-lts-20.04 5.4.0.1077.106 linux-image-kvm 5.4.0.1118.114 linux-image-lowlatency 5.4.0.192.190 linux-image-oem 5.4.0.192.190 linux-image-oem-osp1 5.4.0.192.190 linux-image-raspi 5.4.0.1114.144 linux-image-raspi2 5.4.0.1114.144 linux-image-virtual 5.4.0.192.190 linux-image-xilinx-zynqmp 5.4.0.1049.49 Ubuntu 18.04 LTS linux-image-5.4.0-1077-ibm 5.4.0-1077.82~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1130-aws 5.4.0-1130.140~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1134-gcp 5.4.0-1134.143~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-192-generic 5.4.0-192.212~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-192-lowlatency 5.4.0-192.212~18.04.1 Available with Ubuntu Pro linux-image-aws 5.4.0.1130.140~18.04.1 Available with Ubuntu Pro linux-image-gcp 5.4.0.1134.143~18.04.1 Available with Ubuntu Pro linux-image-generic-hwe-18.04 5.4.0.192.212~18.04.1 Available with Ubuntu Pro linux-image-ibm 5.4.0.1077.82~18.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-18.04 5.4.0.192.212~18.04.1 Available with Ubuntu Pro linux-image-oem 5.4.0.192.212~18.04.1 Available with Ubuntu Pro linux-image-oem-osp1 5.4.0.192.212~18.04.1 Available with Ubuntu Pro linux-image-snapdragon-hwe-18.04 5.4.0.192.212~18.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-18.04 5.4.0.192.212~18.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6951-1 CVE-2022-48674, CVE-2022-48772, CVE-2023-52434, CVE-2023-52585, CVE-2023-52752, CVE-2023-52882, CVE-2024-26886, CVE-2024-27019, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-31076, CVE-2024-33621, CVE-2024-35947, CVE-2024-35976, CVE-2024-36014, CVE-2024-36015, CVE-2024-36017, CVE-2024-36270, CVE-2024-36286, CVE-2024-36883, CVE-2024-36886, CVE-2024-36902, CVE-2024-36904, CVE-2024-36905, CVE-2024-36919, CVE-2024-36933, CVE-2024-36934, CVE-2024-36939, CVE-2024-36940, CVE-2024-36941, CVE-2024-36946, CVE-2024-36950, CVE-2024-36954, CVE-2024-36959, CVE-2024-36960, CVE-2024-36964, CVE-2024-36971, CVE-2024-37353, CVE-2024-37356, CVE-2024-38381, CVE-2024-38549, CVE-2024-38552, CVE-2024-38558, CVE-2024-38559, CVE-2024-38560, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38589, CVE-2024-38596, CVE-2024-38598, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38607, CVE-2024-38612, CVE-2024-38613, CVE-2024-38615, CVE-2024-38618, CVE-2024-38621, CVE-2024-38627, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39276, CVE-2024-39292, CVE-2024-39301, CVE-2024-39467, CVE-2024-39471, CVE-2024-39475, CVE-2024-39480, CVE-2024-39488, CVE-2024-39489, CVE-2024-39493 Package Information: https://launchpad.net/ubuntu/+source/linux/5.4.0-192.212 https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1130.140 https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1134.143 https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1097.101 https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1077.82 https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1042.43 https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1118.125 https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1114.126 https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1049.53

Trust: 2.61

sources: NVD: CVE-2024-35976 // JVNDB: JVNDB-2024-021930 // CNVD: CNVD-2025-19346 // PACKETSTORM: 180032 // PACKETSTORM: 180030 // PACKETSTORM: 180320 // PACKETSTORM: 180155 // PACKETSTORM: 180257

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19346

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.9

Trust: 1.8

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.18

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.317

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.8.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.216

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.278

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.87

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.156

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.28

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.8.7

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.5 that's all 5.10.216

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:4.20 that's all 5.4.278

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.156

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:4.18 that's all 4.19.317

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.28

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.87

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.1

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-021930 // NVD: CVE-2024-35976

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-35976
value: MEDIUM

Trust: 1.0

OTHER: JVNDB-2024-021930
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-19346
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19346
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-35976
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.4
impactScore: 5.2
version: 3.1

Trust: 1.0

OTHER: JVNDB-2024-021930
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-021930 // NVD: CVE-2024-35976

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-021930 // NVD: CVE-2024-35976

PATCH

title:Linux Kernel Archivesurl:https://git.kernel.org/stable/c/0b45c25d60e38f5c2cb6823f886773a34323306d

Trust: 0.8

title:Patch for Multiple vulnerabilities in Siemens SINEC OS third-party componentsurl:https://www.cnvd.org.cn/patchInfo/show/723071

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-021930

EXTERNAL IDS

db:NVDid:CVE-2024-35976

Trust: 3.1

db:SIEMENSid:SSA-613116

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:JVNDBid:JVNDB-2024-021930

Trust: 0.8

db:CNVDid:CNVD-2025-19346

Trust: 0.6

db:PACKETSTORMid:180032

Trust: 0.1

db:PACKETSTORMid:180030

Trust: 0.1

db:PACKETSTORMid:180320

Trust: 0.1

db:PACKETSTORMid:180155

Trust: 0.1

db:PACKETSTORMid:180257

Trust: 0.1

sources: CNVD: CNVD-2025-19346 // PACKETSTORM: 180032 // PACKETSTORM: 180030 // PACKETSTORM: 180320 // PACKETSTORM: 180155 // PACKETSTORM: 180257 // JVNDB: JVNDB-2024-021930 // NVD: CVE-2024-35976

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2024-35976

Trust: 1.3

url:https://git.kernel.org/stable/c/a82984b3c6a7e8c7937dba6e857ddf829d149417

Trust: 1.0

url:https://git.kernel.org/stable/c/2eb979fbb2479bcd7e049f2f9978b6590dd8a0e6

Trust: 1.0

url:https://git.kernel.org/stable/c/f0a068de65d5b7358e9aff792716afa9333f3922

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Trust: 1.0

url:https://git.kernel.org/stable/c/2a523f14a3f53b46ff0e1fafd215b0bc5f6783aa

Trust: 1.0

url:https://git.kernel.org/stable/c/beb99266830520e15fbc6ca8cc5a5240d76851fd

Trust: 1.0

url:https://git.kernel.org/stable/c/0b45c25d60e38f5c2cb6823f886773a34323306d

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://git.kernel.org/stable/c/237f3cf13b20db183d3706d997eedc3c49eacd44

Trust: 1.0

url:https://git.kernel.org/stable/c/b143e19dc28c3211f050f7848d87d9b0a170e10c

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2023-52434

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2024-33621

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-48674

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2024-27398

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2024-27401

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2024-36883

Trust: 0.4

url:https://ubuntu.com/security/notices/usn-6951-1

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2023-52752

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2024-36014

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2024-31076

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2024-36015

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2024-35947

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2024-36886

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2024-36286

Trust: 0.4

url:https://ubuntu.com/security/notices/usn-6951-2

Trust: 0.3

url:https://ubuntu.com/security/notices/usn-6951-3

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2024-36016

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-26583

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-36017

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-47131

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1129.138

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6953-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-52882

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-36270

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-26907

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-48655

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1077.82

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1042.43

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1049.53

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1130.140

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1114.126

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1097.101

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1134.143

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1118.125

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.4.0-192.212

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1090.97

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6951-4

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1135.142

Trust: 0.1

sources: CNVD: CNVD-2025-19346 // PACKETSTORM: 180032 // PACKETSTORM: 180030 // PACKETSTORM: 180320 // PACKETSTORM: 180155 // PACKETSTORM: 180257 // JVNDB: JVNDB-2024-021930 // NVD: CVE-2024-35976

CREDITS

Ubuntu

Trust: 0.5

sources: PACKETSTORM: 180032 // PACKETSTORM: 180030 // PACKETSTORM: 180320 // PACKETSTORM: 180155 // PACKETSTORM: 180257

SOURCES

db:CNVDid:CNVD-2025-19346
db:PACKETSTORMid:180032
db:PACKETSTORMid:180030
db:PACKETSTORMid:180320
db:PACKETSTORMid:180155
db:PACKETSTORMid:180257
db:JVNDBid:JVNDB-2024-021930
db:NVDid:CVE-2024-35976

LAST UPDATE DATE

2026-06-19T21:55:28.452000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19346date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-021930date:2025-04-11T08:58:00
db:NVDid:CVE-2024-35976date:2026-05-12T12:16:44.980

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19346date:2025-08-12T00:00:00
db:PACKETSTORMid:180032date:2024-08-09T14:52:12
db:PACKETSTORMid:180030date:2024-08-09T14:49:35
db:PACKETSTORMid:180320date:2024-08-22T14:41:08
db:PACKETSTORMid:180155date:2024-08-15T15:14:06
db:PACKETSTORMid:180257date:2024-08-20T14:55:21
db:JVNDBid:JVNDB-2024-021930date:2025-04-11T00:00:00
db:NVDid:CVE-2024-35976date:2024-05-20T10:15:12.273