cvelistv5 - cve-2024-36962

cve-2024-36962

Vulnerability from cvelistv5

Published

2024-06-03 07:50

Modified

2024-12-19 09:03

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from netif_rx(). The net_rx_action() could trigger this driver .start_xmit callback, which is protected by the same lock as the IRQ handler, so calling the .start_xmit from netif_rx() from the IRQ handler critical section protected by the lock could lead to an attempt to claim the already claimed lock, and a hang. The local_bh_disable()/local_bh_enable() approach works only in case the IRQ handler is protected by a spinlock, but does not work if the IRQ handler is protected by mutex, i.e. this works for KS8851 with Parallel bus interface, but not for KS8851 with SPI bus interface. Remove the BH manipulation and instead of calling netif_rx() inside the IRQ handler code protected by the lock, queue all the received SKBs in the IRQ handler into a queue first, and once the IRQ handler exits the critical section protected by the lock, dequeue all the queued SKBs and push them all into netif_rx(). At this point, it is safe to trigger the net_rx_action() softirq, since the netif_rx() call is outside of the lock that protects the IRQ handler.

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49

Impacted products

Vendor

Product

Version

▼

Linux

Version: 492337a4fbd1421b42df684ee9b34be2a2722540
Version: cba376eb036c2c20077b41d47b317d8218fe754f
Version: 49d5d70538b6b8f2a3f8f1ac30c1f921d4a0929b
Version: be0384bf599cf1eb8d337517feeb732d71f75a6f

Linux

Version: 6.1.87   ≤
Version: 6.6.28   ≤
Version: 6.8.7   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-36962",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T18:04:06.438716Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T16:21:03.956Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:43:50.389Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/micrel/ks8851_common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545",
              "status": "affected",
              "version": "492337a4fbd1421b42df684ee9b34be2a2722540",
              "versionType": "git"
            },
            {
              "lessThan": "ae87f661f3c1a3134a7ed86ab69bf9f12af88993",
              "status": "affected",
              "version": "cba376eb036c2c20077b41d47b317d8218fe754f",
              "versionType": "git"
            },
            {
              "lessThan": "7e2901a2a9195da76111f351584bf77552a038f0",
              "status": "affected",
              "version": "49d5d70538b6b8f2a3f8f1ac30c1f921d4a0929b",
              "versionType": "git"
            },
            {
              "lessThan": "e0863634bf9f7cf36291ebb5bfa2d16632f79c49",
              "status": "affected",
              "version": "be0384bf599cf1eb8d337517feeb732d71f75a6f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/micrel/ks8851_common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.1.91",
              "status": "affected",
              "version": "6.1.87",
              "versionType": "semver"
            },
            {
              "lessThan": "6.6.31",
              "status": "affected",
              "version": "6.6.28",
              "versionType": "semver"
            },
            {
              "lessThan": "6.8.10",
              "status": "affected",
              "version": "6.8.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\n\nCurrently the driver uses local_bh_disable()/local_bh_enable() in its\nIRQ handler to avoid triggering net_rx_action() softirq on exit from\nnetif_rx(). The net_rx_action() could trigger this driver .start_xmit\ncallback, which is protected by the same lock as the IRQ handler, so\ncalling the .start_xmit from netif_rx() from the IRQ handler critical\nsection protected by the lock could lead to an attempt to claim the\nalready claimed lock, and a hang.\n\nThe local_bh_disable()/local_bh_enable() approach works only in case\nthe IRQ handler is protected by a spinlock, but does not work if the\nIRQ handler is protected by mutex, i.e. this works for KS8851 with\nParallel bus interface, but not for KS8851 with SPI bus interface.\n\nRemove the BH manipulation and instead of calling netif_rx() inside\nthe IRQ handler code protected by the lock, queue all the received\nSKBs in the IRQ handler into a queue first, and once the IRQ handler\nexits the critical section protected by the lock, dequeue all the\nqueued SKBs and push them all into netif_rx(). At this point, it is\nsafe to trigger the net_rx_action() softirq, since the netif_rx()\ncall is outside of the lock that protects the IRQ handler."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:03:23.904Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545"
        },
        {
          "url": "https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993"
        },
        {
          "url": "https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0"
        },
        {
          "url": "https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49"
        }
      ],
      "title": "net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-36962",
    "datePublished": "2024-06-03T07:50:00.425Z",
    "dateReserved": "2024-05-30T15:25:07.081Z",
    "dateUpdated": "2024-12-19T09:03:23.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-36962\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-06-03T08:15:09.740\",\"lastModified\":\"2024-11-21T09:22:55.130\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\\n\\nCurrently the driver uses local_bh_disable()/local_bh_enable() in its\\nIRQ handler to avoid triggering net_rx_action() softirq on exit from\\nnetif_rx(). The net_rx_action() could trigger this driver .start_xmit\\ncallback, which is protected by the same lock as the IRQ handler, so\\ncalling the .start_xmit from netif_rx() from the IRQ handler critical\\nsection protected by the lock could lead to an attempt to claim the\\nalready claimed lock, and a hang.\\n\\nThe local_bh_disable()/local_bh_enable() approach works only in case\\nthe IRQ handler is protected by a spinlock, but does not work if the\\nIRQ handler is protected by mutex, i.e. this works for KS8851 with\\nParallel bus interface, but not for KS8851 with SPI bus interface.\\n\\nRemove the BH manipulation and instead of calling netif_rx() inside\\nthe IRQ handler code protected by the lock, queue all the received\\nSKBs in the IRQ handler into a queue first, and once the IRQ handler\\nexits the critical section protected by the lock, dequeue all the\\nqueued SKBs and push them all into netif_rx(). At this point, it is\\nsafe to trigger the net_rx_action() softirq, since the netif_rx()\\ncall is outside of the lock that protects the IRQ handler.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ks8851: Cola de paquetes RX en el controlador IRQ en lugar de deshabilitar los BH Actualmente, el controlador usa local_bh_disable()/local_bh_enable() en su controlador IRQ para evitar activar el softirq net_rx_action() al salir de netif_rx(). net_rx_action() podr\u00eda activar esta devoluci\u00f3n de llamada del controlador .start_xmit, que est\u00e1 protegido por el mismo candado que el controlador IRQ, por lo que llamar al .start_xmit desde netif_rx() desde la secci\u00f3n cr\u00edtica del controlador IRQ protegido por el bloqueo podr\u00eda llevar a un intento de reclamar el candado ya reclamado y un colgado. El enfoque local_bh_disable()/local_bh_enable() funciona s\u00f3lo en caso de que el controlador IRQ est\u00e9 protegido por un spinlock, pero no funciona si el controlador IRQ est\u00e1 protegido por mutex, es decir, esto funciona para KS8851 con interfaz de bus paralelo, pero no para KS8851 con Interfaz de bus SPI. Elimine la manipulaci\u00f3n de BH y en lugar de llamar a netif_rx() dentro del c\u00f3digo del controlador IRQ protegido por el bloqueo, primero ponga en cola todos los SKB recibidos en el controlador IRQ y, una vez que el controlador IRQ salga de la secci\u00f3n cr\u00edtica protegida por el bloqueo, retire la cola. todos los SKB en cola y env\u00edelos todos a netif_rx(). En este punto, es seguro activar el softirq net_rx_action(), ya que la llamada netif_rx() est\u00e1 fuera del bloqueo que protege el controlador IRQ.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6}]},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T03:43:50.389Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-36962\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-03T18:04:06.438716Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-03T18:04:50.628Z\"}}], \"cna\": {\"title\": \"net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"492337a4fbd1\", \"lessThan\": \"8a3ff43dcbab\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"cba376eb036c\", \"lessThan\": \"ae87f661f3c1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"49d5d70538b6\", \"lessThan\": \"7e2901a2a919\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"be0384bf599c\", \"lessThan\": \"e0863634bf9f\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/net/ethernet/micrel/ks8851_common.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.87\", \"lessThan\": \"6.1.91\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"6.6.28\", \"lessThan\": \"6.6.31\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"6.8.7\", \"lessThan\": \"6.8.10\", \"versionType\": \"semver\"}], \"programFiles\": [\"drivers/net/ethernet/micrel/ks8851_common.c\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545\"}, {\"url\": \"https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993\"}, {\"url\": \"https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0\"}, {\"url\": \"https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49\"}], \"x_generator\": {\"engine\": \"bippy-9e1c9544281a\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\\n\\nCurrently the driver uses local_bh_disable()/local_bh_enable() in its\\nIRQ handler to avoid triggering net_rx_action() softirq on exit from\\nnetif_rx(). The net_rx_action() could trigger this driver .start_xmit\\ncallback, which is protected by the same lock as the IRQ handler, so\\ncalling the .start_xmit from netif_rx() from the IRQ handler critical\\nsection protected by the lock could lead to an attempt to claim the\\nalready claimed lock, and a hang.\\n\\nThe local_bh_disable()/local_bh_enable() approach works only in case\\nthe IRQ handler is protected by a spinlock, but does not work if the\\nIRQ handler is protected by mutex, i.e. this works for KS8851 with\\nParallel bus interface, but not for KS8851 with SPI bus interface.\\n\\nRemove the BH manipulation and instead of calling netif_rx() inside\\nthe IRQ handler code protected by the lock, queue all the received\\nSKBs in the IRQ handler into a queue first, and once the IRQ handler\\nexits the critical section protected by the lock, dequeue all the\\nqueued SKBs and push them all into netif_rx(). At this point, it is\\nsafe to trigger the net_rx_action() softirq, since the netif_rx()\\ncall is outside of the lock that protects the IRQ handler.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-11-05T09:28:53.585Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-36962\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-05T09:28:53.585Z\", \"dateReserved\": \"2024-05-30T15:25:07.081Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-06-03T07:50:00.425Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-1268

Vulnerability from csaf_certbund

Published

2024-06-02 22:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1268 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1268.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1268 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1268"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060344-CVE-2024-36961-58bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060344-CVE-2024-36962-c630@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060344-CVE-2024-36963-b8cc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060345-CVE-2024-36964-d557@gregkh/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3843 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2385-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018920.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2495-1 vom 2024-07-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5066 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:5066"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5067 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:5067"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5101 vom 2024-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:5101"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5102 vom 2024-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:5102"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6950-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6953-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6953-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6949-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6949-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6952-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6952-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6951-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-5101 vom 2024-08-09",
        "url": "https://linux.oracle.com/errata/ELSA-2024-5101.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6957-1 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6957-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-2 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6950-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6956-1 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6956-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6955-1 vom 2024-08-12",
        "url": "https://ubuntu.com/security/notices/USN-6955-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2895-1 vom 2024-08-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019186.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-3 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6950-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6949-2 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6949-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2896-1 vom 2024-08-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019185.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6952-2 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6952-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-2 vom 2024-08-14",
        "url": "https://ubuntu.com/security/notices/USN-6951-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2939-1 vom 2024-08-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019211.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-3 vom 2024-08-19",
        "url": "https://ubuntu.com/security/notices/USN-6951-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2973-1 vom 2024-08-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019280.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-4 vom 2024-08-21",
        "url": "https://ubuntu.com/security/notices/USN-6951-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-4 vom 2024-08-21",
        "url": "https://ubuntu.com/security/notices/USN-6950-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6979-1 vom 2024-08-22",
        "url": "https://ubuntu.com/security/notices/USN-6979-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12606 vom 2024-09-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12606.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2024-0011 vom 2024-09-04",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2024-September/001099.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-422 vom 2024-10-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3625-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XCWDJ4VQNWRMZU52FZIMVKO3ZX7QR3L7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3623-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TF6OKVTF5VSUGWWYIUXLV2YZK7NYELIN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3624-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/V4GVQWREKLT3NIX5GMPMO26GXLKRGTXJ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3628-1 vom 2024-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019596.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3639-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QREDIZHMC5MCDU7XHJHAPFFVPPIKTHWD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3640-1 vom 2024-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019609.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3632-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IMA2L435Y3DOAG6IL6IEIK2SUGPOUZXD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3631-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VBN5S6CN75ZWGV3ZNRLZRMQ5DF3HMBZE/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3638-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G5I2ZVAM4BJDGCYJE64AKFTDGHVIU5SH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3642-1 vom 2024-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019612.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3635-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BL3RXEW5VDVX6HS5GR4KUH6GDRT5OFQF/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3643-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VPMT5STAWY6BTO5OI2PZ7CG4AXOIQKZN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3663-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019624.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3696-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YYPGEHXE3QJ5NBRD57VSRTM36AC5DISM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3697-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/A6BRGXRVSUAODD2ZZSX5GJCV46W4N5YB/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3666-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EUYMTMU2SZQY2ZOCLHCYEZ2A2LJUYBHS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3661-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LI6Q2FNQZMLDTI4OK3SIOBF2CXJW5I56/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3700-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G3EDKBVPHAPKDJ45CNEJLJ4KGJAHJ4R7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3670-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JVBPTC5SNYDIYERI2QA3SDI56HZRXTU4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3672-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MGSVPDAL2ET3FWE6YAGBX3UOQOVXTPXB/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3674-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019642.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3695-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MOG44NUGCSJS6Q3AKMCV3X4IK2DN6CLL/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3655-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/P4LIA2SNUYEEYDFH7Q72CHUMA7X4NIY3/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3676-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019641.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3679-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RDWWWR2VCADWSQCCZNNFB4VWOMZDOC63/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3685-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S7NJHO236TM7NPYYRIFT2WLSXRC4WECV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3701-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SVZDNTNDPAUIILRXFRA47BDSDZ3IUQTH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3690-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TJEVBYA7IDQFKVP2IAJ5BZJLYZD7EOVP/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3687-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019637.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3660-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019627.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3662-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019625.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3651-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VLAP2QXVEHLNNWBLHF53IAVX5KBCFJGW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3652-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XAOP5G7ENALTQ2BLIJROCRJ3STRXQOFY/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3649-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019619.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3694-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Y2P3R5HQ4Z7AYZLBXUGXBJMITFENT5NV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3648-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YCRSFR3VCO3HMO5RI5MPP5LW6AJRWVBW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3710-1 vom 2024-10-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CLMHYECK5YKZDDXZ7XKEL3G5JXCF5QRM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3706-1 vom 2024-10-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IUM757WJ43K7PF2K6A3UQHWG2QALK24F/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3780-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZRFC54YJNAIE647NXDXGDHFV6UDF5EPM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3780-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZRFC54YJNAIE647NXDXGDHFV6UDF5EPM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3774-1 vom 2024-10-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019686.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3814-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QW54KPSGGX7Q3N4CIMSAGZRZY4WGZV2D/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3822-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019728.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3815-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JIUM76237NQIAK3CP7ENKHD5EOEBDHZH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3820-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019730.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3793-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019702.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3798-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019698.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3821-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019729.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3796-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019700.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3830-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5FIXDPPFE66BKRWS3X45YHODJJ57FQRT/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3806-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/I22FOLEFZIBTJBTIPHH5GXPKMIXVDSDI/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3803-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019712.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3837-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VHXZ2BQRCVWQY2AVSULS6AN56SITZ273/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3829-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RMOWLUMWUZKBWNWZRVPCJY43YUOMCMJ7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3800-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019714.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3831-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QK6PZZGVJB6TX4W6LKJNJW74SGTITNGD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3842-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VVJDY73ZQLYG6XTLPXQKV6DOXIBCWQNH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3860-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/UFUASUPHAEZFWXKIMGZLIZD4LHGMJ5YW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3854-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6DKQ4KINQ5TXHK6JA63O3YINMJXE2QVJ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3851-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/7YDAYBSAUUUZVVIKYWRRX5O6ZCOQ2K46/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3852-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CJCHUFTBOJTQRE24NTRP6WMCK5BGPZ3N/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3857-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DM3QIZHKHG7AW6EAKKMMWCCUOYK4JU3R/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3855-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/HVT4PHTMBZOBVPW2CI26GVIVJNWCBTVN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3849-1 vom 2024-10-31",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019742.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7174634"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3880-1 vom 2024-11-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4FKA7N5AUZ6CDGAARMRU76MNKUZHMPAH/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9315"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4122-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019885.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4123-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019884.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4125-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019882.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4124-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019883.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10771 vom 2024-12-04",
        "url": "https://access.redhat.com/errata/RHSA-2024:10771"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4180-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3ACAYSLQECATBMYSIXEOONW3SJQYVWGD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4197-1 vom 2024-12-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019927.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4207-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KHOJJYPB3I2C5FKMLHD5WFCQI342KAXA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4216-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KZC5ZXKVE5JSNEKEAICAO52WN7SOJCTX/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4214-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/P4UZ4KLYIQHACIYR7LE2ANITUCPLWFYS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4218-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4UVNDL3CU4NHVPE7QELR2N5HRCDSMYEV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4234-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/B6RMLGICBLD3BNXSBS7J23W3GCEJMFJA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4256-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/34BVCDIDBQSXQ6Y3TVDGD4FSZ7N3D3LI/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4250-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019952.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4231-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019946.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4243-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GDL3TRRFKGYVQIW7MMTUJS76GCW7B3JZ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4242-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019958.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4235-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LIMMCWFWYJUMJTABZZ7ZEYXOOVE5BZY7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4246-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LFFLGXO55CBY4WD74GYLL6CL2HWJM2Q/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4226-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019950.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4249-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019953.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4236-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ODASOBSBN3UUGHNO44MK2K4MC35CPLXJ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4263-1 vom 2024-12-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019971.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4266-1 vom 2024-12-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RRJRAM3LFR4MNOHCFB2XIOS6OJUDNUPE/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4264-1 vom 2024-12-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SZPUHL7SUZ57L3OJFO25IHYVDJ76ONGC/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4275-1 vom 2024-12-10",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YTZ2WGLML4Q6E3IG32UCJ6NFIDUTWN22/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4275-1 vom 2024-12-10",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YTZ2WGLML4Q6E3IG32UCJ6NFIDUTWN22/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0091-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020100.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0107-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020112.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0109-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020110.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0106-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020113.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0101-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020116.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0103-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020115.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0097-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020107.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0110-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PLWCG227VUGPKNXHW6FOCW727UUPVLLU/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0114-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YC7MKFCHLBJHUQM2SLPOGVG4DUWP2J4E/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0115-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VK2D63Q2FKHJWXOLVAS7HPIWURVL3MQQ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0124-1 vom 2025-01-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020125.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0131-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NVEFJ5TKVGVJIR3Y7Y6XQIAGC5P5TTK7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0150-1 vom 2025-01-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/USHZQFRYGMLVCVQRQLPH4FARDBDAEC6G/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0146-1 vom 2025-01-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/C6ANXHEO54VUUFEWI6QYB2M3L2SS7OOW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0137-1 vom 2025-01-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YHBMZ4MND2ONRG4N26VJNJGAZBXMYEDV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0164-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020153.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0158-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020154.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:21:17.508+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-1268",
      "initial_release_date": "2024-06-02T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-06-02T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-26T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-10T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-22T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-08-06T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-07T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-08T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-11T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-08-12T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-13T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-14T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-15T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-08-19T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-21T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-22T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-09-02T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-09-04T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von ORACLE aufgenommen"
        },
        {
          "date": "2024-09-10T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-11T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-29T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-09T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-10-14T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-15T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-16T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-29T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-30T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-03T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-12T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-02T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-03T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-04T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-05T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-08T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-09T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-10T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-13T23:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-14T23:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-15T23:00:00.000+00:00",
          "number": "43",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-16T23:00:00.000+00:00",
          "number": "44",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "45",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "45"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
                  "product_id": "T038741"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
                  "product_id": "T038741-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T035143",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36960",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36960"
    },
    {
      "cve": "CVE-2024-36961",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36961"
    },
    {
      "cve": "CVE-2024-36962",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36962"
    },
    {
      "cve": "CVE-2024-36963",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36963"
    },
    {
      "cve": "CVE-2024-36964",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36964"
    }
  ]
}

wid-sec-w-2024-1268

Vulnerability from csaf_certbund

Published

2024-06-02 22:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff

Notes

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1268 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1268.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1268 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1268"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060344-CVE-2024-36961-58bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060344-CVE-2024-36962-c630@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060344-CVE-2024-36963-b8cc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement  vom 2024-06-02",
        "url": "http://lore.kernel.org/linux-cve-announce/2024060345-CVE-2024-36964-d557@gregkh/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3843 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2385-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018920.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2495-1 vom 2024-07-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5066 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:5066"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5067 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:5067"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5101 vom 2024-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:5101"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5102 vom 2024-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:5102"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6950-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6953-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6953-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6949-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6949-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6952-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6952-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-1 vom 2024-08-09",
        "url": "https://ubuntu.com/security/notices/USN-6951-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-5101 vom 2024-08-09",
        "url": "https://linux.oracle.com/errata/ELSA-2024-5101.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6957-1 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6957-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-2 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6950-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6956-1 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6956-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6955-1 vom 2024-08-12",
        "url": "https://ubuntu.com/security/notices/USN-6955-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2895-1 vom 2024-08-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019186.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-3 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6950-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6949-2 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6949-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2896-1 vom 2024-08-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019185.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6952-2 vom 2024-08-13",
        "url": "https://ubuntu.com/security/notices/USN-6952-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-2 vom 2024-08-14",
        "url": "https://ubuntu.com/security/notices/USN-6951-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2939-1 vom 2024-08-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019211.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-3 vom 2024-08-19",
        "url": "https://ubuntu.com/security/notices/USN-6951-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2973-1 vom 2024-08-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019280.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6951-4 vom 2024-08-21",
        "url": "https://ubuntu.com/security/notices/USN-6951-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6950-4 vom 2024-08-21",
        "url": "https://ubuntu.com/security/notices/USN-6950-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6979-1 vom 2024-08-22",
        "url": "https://ubuntu.com/security/notices/USN-6979-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12606 vom 2024-09-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12606.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2024-0011 vom 2024-09-04",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2024-September/001099.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-422 vom 2024-10-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3625-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XCWDJ4VQNWRMZU52FZIMVKO3ZX7QR3L7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3623-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TF6OKVTF5VSUGWWYIUXLV2YZK7NYELIN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3624-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/V4GVQWREKLT3NIX5GMPMO26GXLKRGTXJ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3628-1 vom 2024-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019596.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3639-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QREDIZHMC5MCDU7XHJHAPFFVPPIKTHWD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3640-1 vom 2024-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019609.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3632-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IMA2L435Y3DOAG6IL6IEIK2SUGPOUZXD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3631-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VBN5S6CN75ZWGV3ZNRLZRMQ5DF3HMBZE/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3638-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G5I2ZVAM4BJDGCYJE64AKFTDGHVIU5SH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3642-1 vom 2024-10-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019612.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3635-1 vom 2024-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BL3RXEW5VDVX6HS5GR4KUH6GDRT5OFQF/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3643-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VPMT5STAWY6BTO5OI2PZ7CG4AXOIQKZN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3663-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019624.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3696-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YYPGEHXE3QJ5NBRD57VSRTM36AC5DISM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3697-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/A6BRGXRVSUAODD2ZZSX5GJCV46W4N5YB/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3666-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EUYMTMU2SZQY2ZOCLHCYEZ2A2LJUYBHS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3661-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LI6Q2FNQZMLDTI4OK3SIOBF2CXJW5I56/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3700-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G3EDKBVPHAPKDJ45CNEJLJ4KGJAHJ4R7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3670-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JVBPTC5SNYDIYERI2QA3SDI56HZRXTU4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3672-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MGSVPDAL2ET3FWE6YAGBX3UOQOVXTPXB/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3674-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019642.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3695-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MOG44NUGCSJS6Q3AKMCV3X4IK2DN6CLL/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3655-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/P4LIA2SNUYEEYDFH7Q72CHUMA7X4NIY3/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3676-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019641.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3679-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RDWWWR2VCADWSQCCZNNFB4VWOMZDOC63/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3685-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S7NJHO236TM7NPYYRIFT2WLSXRC4WECV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3701-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SVZDNTNDPAUIILRXFRA47BDSDZ3IUQTH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3690-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TJEVBYA7IDQFKVP2IAJ5BZJLYZD7EOVP/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3687-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019637.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3660-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019627.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3662-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019625.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3651-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VLAP2QXVEHLNNWBLHF53IAVX5KBCFJGW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3652-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XAOP5G7ENALTQ2BLIJROCRJ3STRXQOFY/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3649-1 vom 2024-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019619.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3694-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Y2P3R5HQ4Z7AYZLBXUGXBJMITFENT5NV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3648-1 vom 2024-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YCRSFR3VCO3HMO5RI5MPP5LW6AJRWVBW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3710-1 vom 2024-10-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CLMHYECK5YKZDDXZ7XKEL3G5JXCF5QRM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3706-1 vom 2024-10-17",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IUM757WJ43K7PF2K6A3UQHWG2QALK24F/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3780-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZRFC54YJNAIE647NXDXGDHFV6UDF5EPM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3780-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZRFC54YJNAIE647NXDXGDHFV6UDF5EPM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3774-1 vom 2024-10-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019686.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3814-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QW54KPSGGX7Q3N4CIMSAGZRZY4WGZV2D/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3822-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019728.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3815-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JIUM76237NQIAK3CP7ENKHD5EOEBDHZH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3820-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019730.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3793-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019702.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3798-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019698.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3821-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019729.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3796-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019700.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3830-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5FIXDPPFE66BKRWS3X45YHODJJ57FQRT/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3806-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/I22FOLEFZIBTJBTIPHH5GXPKMIXVDSDI/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3803-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019712.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3837-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VHXZ2BQRCVWQY2AVSULS6AN56SITZ273/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3829-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RMOWLUMWUZKBWNWZRVPCJY43YUOMCMJ7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3800-1 vom 2024-10-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019714.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3831-1 vom 2024-10-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QK6PZZGVJB6TX4W6LKJNJW74SGTITNGD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3842-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VVJDY73ZQLYG6XTLPXQKV6DOXIBCWQNH/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3860-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/UFUASUPHAEZFWXKIMGZLIZD4LHGMJ5YW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3854-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6DKQ4KINQ5TXHK6JA63O3YINMJXE2QVJ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3851-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/7YDAYBSAUUUZVVIKYWRRX5O6ZCOQ2K46/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3852-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CJCHUFTBOJTQRE24NTRP6WMCK5BGPZ3N/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3857-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DM3QIZHKHG7AW6EAKKMMWCCUOYK4JU3R/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3855-1 vom 2024-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/HVT4PHTMBZOBVPW2CI26GVIVJNWCBTVN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3849-1 vom 2024-10-31",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019742.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7174634"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3880-1 vom 2024-11-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4FKA7N5AUZ6CDGAARMRU76MNKUZHMPAH/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9315"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4122-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019885.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4123-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019884.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4125-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019882.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4124-1 vom 2024-12-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019883.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10771 vom 2024-12-04",
        "url": "https://access.redhat.com/errata/RHSA-2024:10771"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4180-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3ACAYSLQECATBMYSIXEOONW3SJQYVWGD/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4197-1 vom 2024-12-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019927.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4207-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KHOJJYPB3I2C5FKMLHD5WFCQI342KAXA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4216-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KZC5ZXKVE5JSNEKEAICAO52WN7SOJCTX/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4214-1 vom 2024-12-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/P4UZ4KLYIQHACIYR7LE2ANITUCPLWFYS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4218-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4UVNDL3CU4NHVPE7QELR2N5HRCDSMYEV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4234-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/B6RMLGICBLD3BNXSBS7J23W3GCEJMFJA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4256-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/34BVCDIDBQSXQ6Y3TVDGD4FSZ7N3D3LI/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4250-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019952.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4231-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019946.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4243-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GDL3TRRFKGYVQIW7MMTUJS76GCW7B3JZ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4242-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019958.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4235-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LIMMCWFWYJUMJTABZZ7ZEYXOOVE5BZY7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4246-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LFFLGXO55CBY4WD74GYLL6CL2HWJM2Q/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4226-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019950.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4249-1 vom 2024-12-06",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019953.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4236-1 vom 2024-12-06",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ODASOBSBN3UUGHNO44MK2K4MC35CPLXJ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4263-1 vom 2024-12-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019971.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4266-1 vom 2024-12-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RRJRAM3LFR4MNOHCFB2XIOS6OJUDNUPE/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4264-1 vom 2024-12-09",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SZPUHL7SUZ57L3OJFO25IHYVDJ76ONGC/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4275-1 vom 2024-12-10",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YTZ2WGLML4Q6E3IG32UCJ6NFIDUTWN22/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4275-1 vom 2024-12-10",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YTZ2WGLML4Q6E3IG32UCJ6NFIDUTWN22/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0091-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020100.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0107-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020112.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0109-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020110.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0106-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020113.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0101-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020116.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0103-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020115.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0097-1 vom 2025-01-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020107.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0110-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PLWCG227VUGPKNXHW6FOCW727UUPVLLU/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0114-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YC7MKFCHLBJHUQM2SLPOGVG4DUWP2J4E/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0115-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VK2D63Q2FKHJWXOLVAS7HPIWURVL3MQQ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0124-1 vom 2025-01-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020125.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0131-1 vom 2025-01-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NVEFJ5TKVGVJIR3Y7Y6XQIAGC5P5TTK7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0150-1 vom 2025-01-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/USHZQFRYGMLVCVQRQLPH4FARDBDAEC6G/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0146-1 vom 2025-01-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/C6ANXHEO54VUUFEWI6QYB2M3L2SS7OOW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0137-1 vom 2025-01-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YHBMZ4MND2ONRG4N26VJNJGAZBXMYEDV/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0164-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020153.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0158-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020154.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:21:17.508+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-1268",
      "initial_release_date": "2024-06-02T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-06-02T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-26T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-10T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-22T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-08-06T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-07T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-08T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-11T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-08-12T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-13T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-14T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-15T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-08-19T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-21T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-08-22T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-09-02T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-09-04T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von ORACLE aufgenommen"
        },
        {
          "date": "2024-09-10T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-11T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-29T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-09T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-10-14T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-15T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-16T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-29T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-30T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-03T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-12T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-02T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-03T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-04T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-05T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-08T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-09T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-10T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-13T23:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-14T23:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-15T23:00:00.000+00:00",
          "number": "43",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-16T23:00:00.000+00:00",
          "number": "44",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "45",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "45"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
                  "product_id": "T038741"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
                  "product_id": "T038741-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T035143",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36960",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36960"
    },
    {
      "cve": "CVE-2024-36961",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36961"
    },
    {
      "cve": "CVE-2024-36962",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36962"
    },
    {
      "cve": "CVE-2024-36963",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36963"
    },
    {
      "cve": "CVE-2024-36964",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T035143",
          "T004914",
          "T038741"
        ]
      },
      "release_date": "2024-06-02T22:00:00.000+00:00",
      "title": "CVE-2024-36964"
    }
  ]
}

fkie_cve-2024-36962

Vulnerability from fkie_nvd

Published

2024-06-03 08:15

Modified

2024-11-21 09:22

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993
	af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\n\nCurrently the driver uses local_bh_disable()/local_bh_enable() in its\nIRQ handler to avoid triggering net_rx_action() softirq on exit from\nnetif_rx(). The net_rx_action() could trigger this driver .start_xmit\ncallback, which is protected by the same lock as the IRQ handler, so\ncalling the .start_xmit from netif_rx() from the IRQ handler critical\nsection protected by the lock could lead to an attempt to claim the\nalready claimed lock, and a hang.\n\nThe local_bh_disable()/local_bh_enable() approach works only in case\nthe IRQ handler is protected by a spinlock, but does not work if the\nIRQ handler is protected by mutex, i.e. this works for KS8851 with\nParallel bus interface, but not for KS8851 with SPI bus interface.\n\nRemove the BH manipulation and instead of calling netif_rx() inside\nthe IRQ handler code protected by the lock, queue all the received\nSKBs in the IRQ handler into a queue first, and once the IRQ handler\nexits the critical section protected by the lock, dequeue all the\nqueued SKBs and push them all into netif_rx(). At this point, it is\nsafe to trigger the net_rx_action() softirq, since the netif_rx()\ncall is outside of the lock that protects the IRQ handler."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ks8851: Cola de paquetes RX en el controlador IRQ en lugar de deshabilitar los BH Actualmente, el controlador usa local_bh_disable()/local_bh_enable() en su controlador IRQ para evitar activar el softirq net_rx_action() al salir de netif_rx(). net_rx_action() podr\u00eda activar esta devoluci\u00f3n de llamada del controlador .start_xmit, que est\u00e1 protegido por el mismo candado que el controlador IRQ, por lo que llamar al .start_xmit desde netif_rx() desde la secci\u00f3n cr\u00edtica del controlador IRQ protegido por el bloqueo podr\u00eda llevar a un intento de reclamar el candado ya reclamado y un colgado. El enfoque local_bh_disable()/local_bh_enable() funciona s\u00f3lo en caso de que el controlador IRQ est\u00e9 protegido por un spinlock, pero no funciona si el controlador IRQ est\u00e1 protegido por mutex, es decir, esto funciona para KS8851 con interfaz de bus paralelo, pero no para KS8851 con Interfaz de bus SPI. Elimine la manipulaci\u00f3n de BH y en lugar de llamar a netif_rx() dentro del c\u00f3digo del controlador IRQ protegido por el bloqueo, primero ponga en cola todos los SKB recibidos en el controlador IRQ y, una vez que el controlador IRQ salga de la secci\u00f3n cr\u00edtica protegida por el bloqueo, retire la cola. todos los SKB en cola y env\u00edelos todos a netif_rx(). En este punto, es seguro activar el softirq net_rx_action(), ya que la llamada netif_rx() est\u00e1 fuera del bloqueo que protege el controlador IRQ."
    }
  ],
  "id": "CVE-2024-36962",
  "lastModified": "2024-11-21T09:22:55.130",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-06-03T08:15:09.740",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

ghsa-j27x-m3vr-xwcf

Vulnerability from github

Published

2024-06-03 09:30

Modified

2024-11-04 18:31

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs

Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from netif_rx(). The net_rx_action() could trigger this driver .start_xmit callback, which is protected by the same lock as the IRQ handler, so calling the .start_xmit from netif_rx() from the IRQ handler critical section protected by the lock could lead to an attempt to claim the already claimed lock, and a hang.

The local_bh_disable()/local_bh_enable() approach works only in case the IRQ handler is protected by a spinlock, but does not work if the IRQ handler is protected by mutex, i.e. this works for KS8851 with Parallel bus interface, but not for KS8851 with SPI bus interface.

Remove the BH manipulation and instead of calling netif_rx() inside the IRQ handler code protected by the lock, queue all the received SKBs in the IRQ handler into a queue first, and once the IRQ handler exits the critical section protected by the lock, dequeue all the queued SKBs and push them all into netif_rx(). At this point, it is safe to trigger the net_rx_action() softirq, since the netif_rx() call is outside of the lock that protects the IRQ handler.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-36962"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-03T08:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\n\nCurrently the driver uses local_bh_disable()/local_bh_enable() in its\nIRQ handler to avoid triggering net_rx_action() softirq on exit from\nnetif_rx(). The net_rx_action() could trigger this driver .start_xmit\ncallback, which is protected by the same lock as the IRQ handler, so\ncalling the .start_xmit from netif_rx() from the IRQ handler critical\nsection protected by the lock could lead to an attempt to claim the\nalready claimed lock, and a hang.\n\nThe local_bh_disable()/local_bh_enable() approach works only in case\nthe IRQ handler is protected by a spinlock, but does not work if the\nIRQ handler is protected by mutex, i.e. this works for KS8851 with\nParallel bus interface, but not for KS8851 with SPI bus interface.\n\nRemove the BH manipulation and instead of calling netif_rx() inside\nthe IRQ handler code protected by the lock, queue all the received\nSKBs in the IRQ handler into a queue first, and once the IRQ handler\nexits the critical section protected by the lock, dequeue all the\nqueued SKBs and push them all into netif_rx(). At this point, it is\nsafe to trigger the net_rx_action() softirq, since the netif_rx()\ncall is outside of the lock that protects the IRQ handler.",
  "id": "GHSA-j27x-m3vr-xwcf",
  "modified": "2024-11-04T18:31:18Z",
  "published": "2024-06-03T09:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36962"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7e2901a2a9195da76111f351584bf77552a038f0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8a3ff43dcbab7c96f9e8cf2bd1049ab8d6e59545"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ae87f661f3c1a3134a7ed86ab69bf9f12af88993"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e0863634bf9f7cf36291ebb5bfa2d16632f79c49"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-36962

Vulnerability from cvelistv5

WID-SEC-W-2024-1268

Vulnerability from csaf_certbund

wid-sec-w-2024-1268

Vulnerability from csaf_certbund

fkie_cve-2024-36962

Vulnerability from fkie_nvd

ghsa-j27x-m3vr-xwcf

Vulnerability from github

Tags

Sightings

Nomenclature