cvelistv5 - cve-2024-43910

cve-2024-43910

Vulnerability from cvelistv5

Published

2024-08-26 10:11

Modified

2024-12-19 09:18

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can continue to make use of this modified CONST_PTR_TO_DYNPTR from within the context of the global function, which can unintentionally result in out-of-bounds memory accesses and therefore compromise overall system stability i.e. [ 244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140 [ 244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302 [ 244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533 [ 244.174318] Call Trace: [ 244.175787] <TASK> [ 244.177356] dump_stack_lvl+0x66/0xa0 [ 244.179531] print_report+0xce/0x670 [ 244.182314] ? __virt_addr_valid+0x200/0x3e0 [ 244.184908] kasan_report+0xd7/0x110 [ 244.187408] ? bpf_dynptr_data+0x137/0x140 [ 244.189714] ? bpf_dynptr_data+0x137/0x140 [ 244.192020] bpf_dynptr_data+0x137/0x140 [ 244.194264] bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26 [ 244.198044] bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23 [ 244.202136] bpf_user_ringbuf_drain+0x2c7/0x570 [ 244.204744] ? 0xffffffffc0009e58 [ 244.206593] ? __pfx_bpf_user_ringbuf_drain+0x10/0x10 [ 244.209795] bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b [ 244.215922] bpf_trampoline_6442502480+0x43/0xe3 [ 244.218691] __x64_sys_prlimit64+0x9/0xf0 [ 244.220912] do_syscall_64+0xc1/0x1d0 [ 244.223043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.226458] RIP: 0033:0x7ffa3eb8f059 [ 244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48 [ 244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e [ 244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059 [ 244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0 [ 244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000 [ 244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80 [ 244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000 [ 244.268303] </TASK> Add a check_func_arg_reg_off() to the path in which the BPF verifier verifies the arguments of global function arguments, specifically those which take an argument of type ARG_PTR_TO_DYNPTR | MEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any explicit and strict type matching on the supplied register type, so let's also enforce that a register either type PTR_TO_STACK or CONST_PTR_TO_DYNPTR is by the caller.

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a	Patch
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874	Patch

Impacted products

Vendor

Product

Version

▼

Linux

Version: a64bfe618665ea9c722f922cba8c6e3234eac5ac
Version: a64bfe618665ea9c722f922cba8c6e3234eac5ac

Linux

Version: 6.8

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-43910",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-10T15:28:19.098639Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-12T17:33:07.162Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "kernel/bpf/verifier.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "13663a7c644bf1dedaf461d07252db5d76c8759a",
                     status: "affected",
                     version: "a64bfe618665ea9c722f922cba8c6e3234eac5ac",
                     versionType: "git",
                  },
                  {
                     lessThan: "ec2b9a5e11e51fea1bb04c1e7e471952e887e874",
                     status: "affected",
                     version: "a64bfe618665ea9c722f922cba8c6e3234eac5ac",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "kernel/bpf/verifier.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "6.8",
                  },
                  {
                     lessThan: "6.8",
                     status: "unaffected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.10.*",
                     status: "unaffected",
                     version: "6.10.5",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "6.11",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses\n\nCurrently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to\na global function as an argument. The adverse effects of this is that\nBPF helpers can continue to make use of this modified\nCONST_PTR_TO_DYNPTR from within the context of the global function,\nwhich can unintentionally result in out-of-bounds memory accesses and\ntherefore compromise overall system stability i.e.\n\n[  244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140\n[  244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302\n[  244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533\n[  244.174318] Call Trace:\n[  244.175787]  <TASK>\n[  244.177356]  dump_stack_lvl+0x66/0xa0\n[  244.179531]  print_report+0xce/0x670\n[  244.182314]  ? __virt_addr_valid+0x200/0x3e0\n[  244.184908]  kasan_report+0xd7/0x110\n[  244.187408]  ? bpf_dynptr_data+0x137/0x140\n[  244.189714]  ? bpf_dynptr_data+0x137/0x140\n[  244.192020]  bpf_dynptr_data+0x137/0x140\n[  244.194264]  bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26\n[  244.198044]  bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23\n[  244.202136]  bpf_user_ringbuf_drain+0x2c7/0x570\n[  244.204744]  ? 0xffffffffc0009e58\n[  244.206593]  ? __pfx_bpf_user_ringbuf_drain+0x10/0x10\n[  244.209795]  bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b\n[  244.215922]  bpf_trampoline_6442502480+0x43/0xe3\n[  244.218691]  __x64_sys_prlimit64+0x9/0xf0\n[  244.220912]  do_syscall_64+0xc1/0x1d0\n[  244.223043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[  244.226458] RIP: 0033:0x7ffa3eb8f059\n[  244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48\n[  244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e\n[  244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059\n[  244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0\n[  244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000\n[  244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80\n[  244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000\n[  244.268303]  </TASK>\n\nAdd a check_func_arg_reg_off() to the path in which the BPF verifier\nverifies the arguments of global function arguments, specifically\nthose which take an argument of type ARG_PTR_TO_DYNPTR |\nMEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any\nexplicit and strict type matching on the supplied register type, so\nlet's also enforce that a register either type PTR_TO_STACK or\nCONST_PTR_TO_DYNPTR is by the caller.",
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-19T09:18:16.887Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a",
            },
            {
               url: "https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874",
            },
         ],
         title: "bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses",
         x_generator: {
            engine: "bippy-5f407fcff5a0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2024-43910",
      datePublished: "2024-08-26T10:11:14.105Z",
      dateReserved: "2024-08-17T09:11:59.294Z",
      dateUpdated: "2024-12-19T09:18:16.887Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2024-43910\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-08-26T11:15:05.177\",\"lastModified\":\"2024-09-05T18:30:23.437\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses\\n\\nCurrently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to\\na global function as an argument. The adverse effects of this is that\\nBPF helpers can continue to make use of this modified\\nCONST_PTR_TO_DYNPTR from within the context of the global function,\\nwhich can unintentionally result in out-of-bounds memory accesses and\\ntherefore compromise overall system stability i.e.\\n\\n[  244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140\\n[  244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302\\n[  244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533\\n[  244.174318] Call Trace:\\n[  244.175787]  <TASK>\\n[  244.177356]  dump_stack_lvl+0x66/0xa0\\n[  244.179531]  print_report+0xce/0x670\\n[  244.182314]  ? __virt_addr_valid+0x200/0x3e0\\n[  244.184908]  kasan_report+0xd7/0x110\\n[  244.187408]  ? bpf_dynptr_data+0x137/0x140\\n[  244.189714]  ? bpf_dynptr_data+0x137/0x140\\n[  244.192020]  bpf_dynptr_data+0x137/0x140\\n[  244.194264]  bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26\\n[  244.198044]  bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23\\n[  244.202136]  bpf_user_ringbuf_drain+0x2c7/0x570\\n[  244.204744]  ? 0xffffffffc0009e58\\n[  244.206593]  ? __pfx_bpf_user_ringbuf_drain+0x10/0x10\\n[  244.209795]  bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b\\n[  244.215922]  bpf_trampoline_6442502480+0x43/0xe3\\n[  244.218691]  __x64_sys_prlimit64+0x9/0xf0\\n[  244.220912]  do_syscall_64+0xc1/0x1d0\\n[  244.223043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n[  244.226458] RIP: 0033:0x7ffa3eb8f059\\n[  244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48\\n[  244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e\\n[  244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059\\n[  244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0\\n[  244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000\\n[  244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80\\n[  244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000\\n[  244.268303]  </TASK>\\n\\nAdd a check_func_arg_reg_off() to the path in which the BPF verifier\\nverifies the arguments of global function arguments, specifically\\nthose which take an argument of type ARG_PTR_TO_DYNPTR |\\nMEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any\\nexplicit and strict type matching on the supplied register type, so\\nlet's also enforce that a register either type PTR_TO_STACK or\\nCONST_PTR_TO_DYNPTR is by the caller.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: agrega check_func_arg_reg_off() faltante para evitar accesos a memoria fuera de los límites. Actualmente, es posible pasar un CONST_PTR_TO_DYNPTR modificado a una función global como argumento. Los efectos adversos de esto es que los asistentes de BPF pueden continuar haciendo uso de este CONST_PTR_TO_DYNPTR modificado desde dentro del contexto de la función global, lo que puede resultar involuntariamente en accesos a la memoria fuera de los límites y, por lo tanto, comprometer la estabilidad general del sistema, es decir, [244.157771] ERROR : KASAN: losa fuera de los límites en bpf_dynptr_data+0x137/0x140 [244.161345] Lectura de tamaño 8 en la dirección ffff88810914be68 por tarea test_progs/302 [244.167151] CPU: 0 PID: 302 Comm: test_progs Contaminado: GOE 6.10.0- rc3-00131-g66b586715063 #533 [244.174318] Seguimiento de llamadas: [244.175787]  [244.177356] dump_stack_lvl+0x66/0xa0 [244.179531] print_report+0xce/0x670 [244. 182314] ? __virt_addr_valid+0x200/0x3e0 [ 244.184908] kasan_report+0xd7/0x110 [ 244.187408] ? bpf_dynptr_data+0x137/0x140 [244.189714]? bpf_dynptr_data+0x137/0x140 [ 244.192020] bpf_dynptr_data+0x137/0x140 [ 244.194264] bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26 [ 244. 198044] bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23 [ 244.202136] bpf_user_ringbuf_drain+0x2c7/0x570 [ 244.204744] ? 0xffffffffc0009e58 [244.206593]? __pfx_bpf_user_ringbuf_drain+0x10/0x10 [ 244.209795] bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b [ 244.215922] 2502480+0x43/0xe3 [ 244.218691] __x64_sys_prlimit64+0x9/0xf0 [ 244.220912] do_syscall_64+0xc1/0x1d0 [ 244.223043] Entry_SYSCALL_64_after_hwframe+0x77/0x7f [244.226458] QEPD: 0033:0x7ffa3eb8f059 [ 244.228582] Código: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 d 89 c8 4c 8b 4c 24 08 0f 05 &lt;48&gt; 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48 [ 244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 0000000012e [ 244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059 [ 244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0 [ 244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R 09: 0000000000000000 [ 244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80 [ 244.264201] R13: 000000000000001c R 14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000 [ 244.268303 ]  Agregue un check_func_arg_reg_off() a la ruta en la que el verificador BPF verifica los argumentos de las funciones globales, específicamente aquellos que toman un argumento de tipo ARG_PTR_TO_DYNPTR | MEM_RDONLY. Además, Process_dynptr_func() no parece realizar ninguna coincidencia de tipos explícita y estricta en el tipo de registro proporcionado, por lo que también hagamos cumplir que un registro del tipo PTR_TO_STACK o CONST_PTR_TO_DYNPTR esté a cargo de la persona que llama.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.8\",\"versionEndExcluding\":\"6.10.5\",\"matchCriteriaId\":\"48E239A0-A959-4FAB-8475-D045FED3DDA5\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43910\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T15:28:19.098639Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:14.947Z\"}}], \"cna\": {\"title\": \"bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"a64bfe618665\", \"lessThan\": \"13663a7c644b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a64bfe618665\", \"lessThan\": \"ec2b9a5e11e5\", \"versionType\": \"git\"}], \"programFiles\": [\"kernel/bpf/verifier.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.8\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.10.5\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.10.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"kernel/bpf/verifier.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a\"}, {\"url\": \"https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874\"}], \"x_generator\": {\"engine\": \"bippy-c9c4e1df01b2\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses\\n\\nCurrently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to\\na global function as an argument. The adverse effects of this is that\\nBPF helpers can continue to make use of this modified\\nCONST_PTR_TO_DYNPTR from within the context of the global function,\\nwhich can unintentionally result in out-of-bounds memory accesses and\\ntherefore compromise overall system stability i.e.\\n\\n[  244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140\\n[  244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302\\n[  244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533\\n[  244.174318] Call Trace:\\n[  244.175787]  <TASK>\\n[  244.177356]  dump_stack_lvl+0x66/0xa0\\n[  244.179531]  print_report+0xce/0x670\\n[  244.182314]  ? __virt_addr_valid+0x200/0x3e0\\n[  244.184908]  kasan_report+0xd7/0x110\\n[  244.187408]  ? bpf_dynptr_data+0x137/0x140\\n[  244.189714]  ? bpf_dynptr_data+0x137/0x140\\n[  244.192020]  bpf_dynptr_data+0x137/0x140\\n[  244.194264]  bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26\\n[  244.198044]  bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23\\n[  244.202136]  bpf_user_ringbuf_drain+0x2c7/0x570\\n[  244.204744]  ? 0xffffffffc0009e58\\n[  244.206593]  ? __pfx_bpf_user_ringbuf_drain+0x10/0x10\\n[  244.209795]  bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b\\n[  244.215922]  bpf_trampoline_6442502480+0x43/0xe3\\n[  244.218691]  __x64_sys_prlimit64+0x9/0xf0\\n[  244.220912]  do_syscall_64+0xc1/0x1d0\\n[  244.223043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n[  244.226458] RIP: 0033:0x7ffa3eb8f059\\n[  244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48\\n[  244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e\\n[  244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059\\n[  244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0\\n[  244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000\\n[  244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80\\n[  244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000\\n[  244.268303]  </TASK>\\n\\nAdd a check_func_arg_reg_off() to the path in which the BPF verifier\\nverifies the arguments of global function arguments, specifically\\nthose which take an argument of type ARG_PTR_TO_DYNPTR |\\nMEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any\\nexplicit and strict type matching on the supplied register type, so\\nlet's also enforce that a register either type PTR_TO_STACK or\\nCONST_PTR_TO_DYNPTR is by the caller.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-09-15T17:55:22.283Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-43910\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-15T17:55:22.283Z\", \"dateReserved\": \"2024-08-17T09:11:59.294Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-08-26T10:11:14.105Z\", \"assignerShortName\": \"Linux\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

fkie_cve-2024-43910

Vulnerability from fkie_nvd

Published

2024-08-26 11:15

Modified

2024-09-05 18:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a	Patch
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874	Patch

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "48E239A0-A959-4FAB-8475-D045FED3DDA5",
                     versionEndExcluding: "6.10.5",
                     versionStartIncluding: "6.8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses\n\nCurrently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to\na global function as an argument. The adverse effects of this is that\nBPF helpers can continue to make use of this modified\nCONST_PTR_TO_DYNPTR from within the context of the global function,\nwhich can unintentionally result in out-of-bounds memory accesses and\ntherefore compromise overall system stability i.e.\n\n[  244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140\n[  244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302\n[  244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533\n[  244.174318] Call Trace:\n[  244.175787]  <TASK>\n[  244.177356]  dump_stack_lvl+0x66/0xa0\n[  244.179531]  print_report+0xce/0x670\n[  244.182314]  ? __virt_addr_valid+0x200/0x3e0\n[  244.184908]  kasan_report+0xd7/0x110\n[  244.187408]  ? bpf_dynptr_data+0x137/0x140\n[  244.189714]  ? bpf_dynptr_data+0x137/0x140\n[  244.192020]  bpf_dynptr_data+0x137/0x140\n[  244.194264]  bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26\n[  244.198044]  bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23\n[  244.202136]  bpf_user_ringbuf_drain+0x2c7/0x570\n[  244.204744]  ? 0xffffffffc0009e58\n[  244.206593]  ? __pfx_bpf_user_ringbuf_drain+0x10/0x10\n[  244.209795]  bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b\n[  244.215922]  bpf_trampoline_6442502480+0x43/0xe3\n[  244.218691]  __x64_sys_prlimit64+0x9/0xf0\n[  244.220912]  do_syscall_64+0xc1/0x1d0\n[  244.223043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[  244.226458] RIP: 0033:0x7ffa3eb8f059\n[  244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48\n[  244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e\n[  244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059\n[  244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0\n[  244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000\n[  244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80\n[  244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000\n[  244.268303]  </TASK>\n\nAdd a check_func_arg_reg_off() to the path in which the BPF verifier\nverifies the arguments of global function arguments, specifically\nthose which take an argument of type ARG_PTR_TO_DYNPTR |\nMEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any\nexplicit and strict type matching on the supplied register type, so\nlet's also enforce that a register either type PTR_TO_STACK or\nCONST_PTR_TO_DYNPTR is by the caller.",
      },
      {
         lang: "es",
         value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: agrega check_func_arg_reg_off() faltante para evitar accesos a memoria fuera de los límites. Actualmente, es posible pasar un CONST_PTR_TO_DYNPTR modificado a una función global como argumento. Los efectos adversos de esto es que los asistentes de BPF pueden continuar haciendo uso de este CONST_PTR_TO_DYNPTR modificado desde dentro del contexto de la función global, lo que puede resultar involuntariamente en accesos a la memoria fuera de los límites y, por lo tanto, comprometer la estabilidad general del sistema, es decir, [244.157771] ERROR : KASAN: losa fuera de los límites en bpf_dynptr_data+0x137/0x140 [244.161345] Lectura de tamaño 8 en la dirección ffff88810914be68 por tarea test_progs/302 [244.167151] CPU: 0 PID: 302 Comm: test_progs Contaminado: GOE 6.10.0- rc3-00131-g66b586715063 #533 [244.174318] Seguimiento de llamadas: [244.175787]  [244.177356] dump_stack_lvl+0x66/0xa0 [244.179531] print_report+0xce/0x670 [244. 182314] ? __virt_addr_valid+0x200/0x3e0 [ 244.184908] kasan_report+0xd7/0x110 [ 244.187408] ? bpf_dynptr_data+0x137/0x140 [244.189714]? bpf_dynptr_data+0x137/0x140 [ 244.192020] bpf_dynptr_data+0x137/0x140 [ 244.194264] bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26 [ 244. 198044] bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23 [ 244.202136] bpf_user_ringbuf_drain+0x2c7/0x570 [ 244.204744] ? 0xffffffffc0009e58 [244.206593]? __pfx_bpf_user_ringbuf_drain+0x10/0x10 [ 244.209795] bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b [ 244.215922] 2502480+0x43/0xe3 [ 244.218691] __x64_sys_prlimit64+0x9/0xf0 [ 244.220912] do_syscall_64+0xc1/0x1d0 [ 244.223043] Entry_SYSCALL_64_after_hwframe+0x77/0x7f [244.226458] QEPD: 0033:0x7ffa3eb8f059 [ 244.228582] Código: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 d 89 c8 4c 8b 4c 24 08 0f 05 &lt;48&gt; 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48 [ 244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 0000000012e [ 244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059 [ 244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0 [ 244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R 09: 0000000000000000 [ 244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80 [ 244.264201] R13: 000000000000001c R 14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000 [ 244.268303 ]  Agregue un check_func_arg_reg_off() a la ruta en la que el verificador BPF verifica los argumentos de las funciones globales, específicamente aquellos que toman un argumento de tipo ARG_PTR_TO_DYNPTR | MEM_RDONLY. Además, Process_dynptr_func() no parece realizar ninguna coincidencia de tipos explícita y estricta en el tipo de registro proporcionado, por lo que también hagamos cumplir que un registro del tipo PTR_TO_STACK o CONST_PTR_TO_DYNPTR esté a cargo de la persona que llama.",
      },
   ],
   id: "CVE-2024-43910",
   lastModified: "2024-09-05T18:30:23.437",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-08-26T11:15:05.177",
   references: [
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         tags: [
            "Patch",
         ],
         url: "https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a",
      },
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         tags: [
            "Patch",
         ],
         url: "https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874",
      },
   ],
   sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

wid-sec-w-2024-1925

Vulnerability from csaf_certbund

Published

2024-08-25 22:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um weitere, nicht beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1925 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1925.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1925 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1925",
         },
         {
            category: "external",
            summary: "Linux CVE Announcements vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43896 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082610-CVE-2024-43896-10b9@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43898 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082613-CVE-2024-43898-52c2@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43899 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082614-CVE-2024-43899-2339@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43900 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082616-CVE-2024-43900-029c@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43901 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082617-CVE-2024-43901-6c76@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43902 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082618-CVE-2024-43902-eb6d@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43903 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082620-CVE-2024-43903-3644@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43904 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082621-CVE-2024-43904-63a1@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43905 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082623-CVE-2024-43905-008f@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43906 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082624-CVE-2024-43906-27ab@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43907 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082626-CVE-2024-43907-91a1@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43908 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082627-CVE-2024-43908-4406@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43909 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082628-CVE-2024-43909-acb8@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43910 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082630-CVE-2024-43910-c6ec@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43911 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082631-CVE-2024-43911-96bb@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43912 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082632-CVE-2024-43912-801f@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43913 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082633-CVE-2024-43913-6ec7@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43914 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082635-CVE-2024-43914-a664@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44931 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082636-CVE-2024-44931-8212@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44932 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082638-CVE-2024-44932-2659@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44933 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082639-CVE-2024-44933-222c@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44934 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082641-CVE-2024-44934-a7fe@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44935 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082642-CVE-2024-44935-3452@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44936 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082643-CVE-2024-44936-505c@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44937 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082645-CVE-2024-44937-5c1d@gregkh/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3194-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019400.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3189-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019404.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3195-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019407.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3252-1 vom 2024-09-16",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019436.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3251-1 vom 2024-09-16",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019435.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3383-1 vom 2024-09-23",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019497.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-5782 vom 2024-10-03",
            url: "https://lists.debian.org/debian-security-announce/2024/msg00195.html",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DLA-3912 vom 2024-10-07",
            url: "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019562.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3553-1 vom 2024-10-08",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019560.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q7MIMQMCXNGMVS32KLTADYTPQCKF5HWU/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3569-1 vom 2024-10-09",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6GBL67LQ3MUSYQCQRQH2AZH3XWILTO5A/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3564-1 vom 2024-10-09",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R7FS3QARF7WUPH5GFL22NW3G3SDO2C7Z/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3559-1 vom 2024-10-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019575.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3561-1 vom 2024-10-09",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LSUY4BSWS5WR46CHS4FPBIJIRLKHRDHV/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3591-1 vom 2024-10-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019587.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3587-1 vom 2024-10-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019588.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3592-1 vom 2024-10-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019589.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12780 vom 2024-10-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-12780.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12782 vom 2024-10-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-12782.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-1 vom 2024-10-31",
            url: "https://ubuntu.com/security/notices/USN-7088-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-2 vom 2024-11-04",
            url: "https://ubuntu.com/security/notices/USN-7088-2",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8856 vom 2024-11-05",
            url: "https://access.redhat.com/errata/RHSA-2024:8856",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8870 vom 2024-11-05",
            url: "https://access.redhat.com/errata/RHSA-2024:8870",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-8856 vom 2024-11-06",
            url: "https://linux.oracle.com/errata/ELSA-2024-8856.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-3 vom 2024-11-06",
            url: "https://ubuntu.com/security/notices/USN-7088-3",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:8870 vom 2024-11-08",
            url: "https://errata.build.resf.org/RLSA-2024:8870",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7100-1 vom 2024-11-11",
            url: "https://ubuntu.com/security/notices/USN-7100-1",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
            url: "https://access.redhat.com/errata/RHSA-2024:9315",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7100-2 vom 2024-11-12",
            url: "https://ubuntu.com/security/notices/USN-7100-2",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12815 vom 2024-11-13",
            url: "https://linux.oracle.com/errata/ELSA-2024-12815.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3986-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CIC23R3UQSPF2K4P2CX54TPCX5T7KWQG/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3984-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L52VEDNTEHWEPR56WZN4KZNMEUYGCJX6/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3985-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB6DG7QR5KXDQRV57H4IY2TB2LW42K4S/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3983-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QUOFKELDJYP3JMHIXPCVKVI4REVXAKTX/",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-5 vom 2024-11-14",
            url: "https://ubuntu.com/security/notices/USN-7088-5",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7119-1 vom 2024-11-20",
            url: "https://ubuntu.com/security/notices/USN-7119-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7123-1 vom 2024-11-20",
            url: "https://ubuntu.com/security/notices/USN-7123-1",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-5818 vom 2024-11-24",
            url: "https://lists.debian.org/debian-security-announce/2024/msg00233.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4100-1 vom 2024-11-28",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019864.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12868 vom 2024-12-09",
            url: "https://linux.oracle.com/errata/ELSA-2024-12868.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7144-1 vom 2024-12-09",
            url: "https://ubuntu.com/security/notices/USN-7144-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7154-1 vom 2024-12-12",
            url: "https://ubuntu.com/security/notices/USN-7154-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7156-1 vom 2024-12-12",
            url: "https://ubuntu.com/security/notices/USN-7156-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7155-1 vom 2024-12-12",
            url: "https://ubuntu.com/security/notices/USN-7155-1",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17",
            url: "https://linux.oracle.com/errata/ELSA-2024-12884.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7166-1 vom 2024-12-17",
            url: "https://ubuntu.com/security/notices/USN-7166-1",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4346-1 vom 2024-12-17",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2FJJW5HEWYSYWAJBRWARBIZ4AQHAXLNG/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4345-1 vom 2024-12-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020018.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18",
            url: "https://linux.oracle.com/errata/ELSA-2024-12887.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7166-3 vom 2024-12-20",
            url: "https://ubuntu.com/security/notices/USN-7166-3",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7179-1 vom 2024-12-20",
            url: "https://ubuntu.com/security/notices/USN-7179-1",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DLA-4008 vom 2025-01-03",
            url: "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7154-2 vom 2025-01-06",
            url: "https://ubuntu.com/security/notices/USN-7154-2",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7179-2 vom 2025-01-06",
            url: "https://ubuntu.com/security/notices/USN-7179-2",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7186-1 vom 2025-01-06",
            url: "https://ubuntu.com/security/notices/USN-7186-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7179-3 vom 2025-01-07",
            url: "https://ubuntu.com/security/notices/USN-7179-3",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0034-1 vom 2025-01-08",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020071.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7194-1 vom 2025-01-09",
            url: "https://ubuntu.com/security/notices/USN-7194-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7186-2 vom 2025-01-09",
            url: "https://ubuntu.com/security/notices/USN-7186-2",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7196-1 vom 2025-01-09",
            url: "https://ubuntu.com/security/notices/USN-7196-1",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0117-1 vom 2025-01-15",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020131.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0154-1 vom 2025-01-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020151.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0153-1 vom 2025-01-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020150.html",
         },
      ],
      source_lang: "en-US",
      title: "Linux Kernel: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2025-01-19T23:00:00.000+00:00",
         generator: {
            date: "2025-01-20T09:19:52.282+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.10",
            },
         },
         id: "WID-SEC-W-2024-1925",
         initial_release_date: "2024-08-25T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-08-25T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-09-10T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-11T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-16T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-23T22:00:00.000+00:00",
               number: "5",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-29T22:00:00.000+00:00",
               number: "6",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-03T22:00:00.000+00:00",
               number: "7",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2024-10-07T22:00:00.000+00:00",
               number: "8",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2024-10-08T22:00:00.000+00:00",
               number: "9",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-09T22:00:00.000+00:00",
               number: "10",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-10T22:00:00.000+00:00",
               number: "11",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-14T22:00:00.000+00:00",
               number: "12",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-10-31T23:00:00.000+00:00",
               number: "13",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-04T23:00:00.000+00:00",
               number: "14",
               summary: "Neue Updates von Ubuntu und Red Hat aufgenommen",
            },
            {
               date: "2024-11-05T23:00:00.000+00:00",
               number: "15",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-11-10T23:00:00.000+00:00",
               number: "16",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-11-11T23:00:00.000+00:00",
               number: "17",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-12T23:00:00.000+00:00",
               number: "18",
               summary: "Neue Updates von Red Hat und Ubuntu aufgenommen",
            },
            {
               date: "2024-11-13T23:00:00.000+00:00",
               number: "19",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-11-14T23:00:00.000+00:00",
               number: "20",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-19T23:00:00.000+00:00",
               number: "21",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-20T23:00:00.000+00:00",
               number: "22",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-24T23:00:00.000+00:00",
               number: "23",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2024-11-28T23:00:00.000+00:00",
               number: "24",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-12-09T23:00:00.000+00:00",
               number: "25",
               summary: "Neue Updates von Oracle Linux und Ubuntu aufgenommen",
            },
            {
               date: "2024-12-12T23:00:00.000+00:00",
               number: "26",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-12-15T23:00:00.000+00:00",
               number: "27",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-12-16T23:00:00.000+00:00",
               number: "28",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-12-17T23:00:00.000+00:00",
               number: "29",
               summary: "Neue Updates von SUSE und Ubuntu aufgenommen",
            },
            {
               date: "2024-12-18T23:00:00.000+00:00",
               number: "30",
               summary: "Neue Updates von SUSE und Oracle Linux aufgenommen",
            },
            {
               date: "2024-12-19T23:00:00.000+00:00",
               number: "31",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-12-22T23:00:00.000+00:00",
               number: "32",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-02T23:00:00.000+00:00",
               number: "33",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2025-01-06T23:00:00.000+00:00",
               number: "34",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-07T23:00:00.000+00:00",
               number: "35",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-08T23:00:00.000+00:00",
               number: "36",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2025-01-09T23:00:00.000+00:00",
               number: "37",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-15T23:00:00.000+00:00",
               number: "38",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2025-01-19T23:00:00.000+00:00",
               number: "39",
               summary: "Neue Updates von SUSE aufgenommen",
            },
         ],
         status: "final",
         version: "39",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Debian Linux",
                  product: {
                     name: "Debian Linux",
                     product_id: "2951",
                     product_identification_helper: {
                        cpe: "cpe:/o:debian:debian_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Debian",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<6.11-rc3",
                        product: {
                           name: "Open Source Linux Kernel <6.11-rc3",
                           product_id: "T036886",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.11-rc3",
                        product: {
                           name: "Open Source Linux Kernel 6.11-rc3",
                           product_id: "T036886-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.11-rc3",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<4.19.320",
                        product: {
                           name: "Open Source Linux Kernel <4.19.320",
                           product_id: "T037072",
                        },
                     },
                     {
                        category: "product_version",
                        name: "4.19.320",
                        product: {
                           name: "Open Source Linux Kernel 4.19.320",
                           product_id: "T037072-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:4.19.320",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<5.4.282",
                        product: {
                           name: "Open Source Linux Kernel <5.4.282",
                           product_id: "T037073",
                        },
                     },
                     {
                        category: "product_version",
                        name: "5.4.282",
                        product: {
                           name: "Open Source Linux Kernel 5.4.282",
                           product_id: "T037073-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:5.4.282",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<5.10.224",
                        product: {
                           name: "Open Source Linux Kernel <5.10.224",
                           product_id: "T037074",
                        },
                     },
                     {
                        category: "product_version",
                        name: "5.10.224",
                        product: {
                           name: "Open Source Linux Kernel 5.10.224",
                           product_id: "T037074-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:5.10.224",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<5.15.165",
                        product: {
                           name: "Open Source Linux Kernel <5.15.165",
                           product_id: "T037075",
                        },
                     },
                     {
                        category: "product_version",
                        name: "5.15.165",
                        product: {
                           name: "Open Source Linux Kernel 5.15.165",
                           product_id: "T037075-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:5.15.165",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<6.1.105",
                        product: {
                           name: "Open Source Linux Kernel <6.1.105",
                           product_id: "T037076",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.1.105",
                        product: {
                           name: "Open Source Linux Kernel 6.1.105",
                           product_id: "T037076-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.1.105",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<6.10.5",
                        product: {
                           name: "Open Source Linux Kernel <6.10.5",
                           product_id: "T037078",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.10.5",
                        product: {
                           name: "Open Source Linux Kernel 6.10.5",
                           product_id: "T037078-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.10.5",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<6.6.47",
                        product: {
                           name: "Open Source Linux Kernel <6.6.47",
                           product_id: "T037088",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.6.47",
                        product: {
                           name: "Open Source Linux Kernel 6.6.47",
                           product_id: "T037088-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.6.47",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Linux Kernel",
               },
            ],
            category: "vendor",
            name: "Open Source",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Oracle Linux",
                  product: {
                     name: "Oracle Linux",
                     product_id: "T004914",
                     product_identification_helper: {
                        cpe: "cpe:/o:oracle:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "RESF Rocky Linux",
                  product: {
                     name: "RESF Rocky Linux",
                     product_id: "T032255",
                     product_identification_helper: {
                        cpe: "cpe:/o:resf:rocky_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "RESF",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Ubuntu Linux",
                  product: {
                     name: "Ubuntu Linux",
                     product_id: "T000126",
                     product_identification_helper: {
                        cpe: "cpe:/o:canonical:ubuntu_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Ubuntu",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-43896",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43896",
      },
      {
         cve: "CVE-2024-43898",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43898",
      },
      {
         cve: "CVE-2024-43899",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43899",
      },
      {
         cve: "CVE-2024-43900",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43900",
      },
      {
         cve: "CVE-2024-43901",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43901",
      },
      {
         cve: "CVE-2024-43902",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43902",
      },
      {
         cve: "CVE-2024-43903",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43903",
      },
      {
         cve: "CVE-2024-43904",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43904",
      },
      {
         cve: "CVE-2024-43905",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43905",
      },
      {
         cve: "CVE-2024-43906",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43906",
      },
      {
         cve: "CVE-2024-43907",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43907",
      },
      {
         cve: "CVE-2024-43908",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43908",
      },
      {
         cve: "CVE-2024-43909",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43909",
      },
      {
         cve: "CVE-2024-43910",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43910",
      },
      {
         cve: "CVE-2024-43911",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43911",
      },
      {
         cve: "CVE-2024-43912",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43912",
      },
      {
         cve: "CVE-2024-43913",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43913",
      },
      {
         cve: "CVE-2024-43914",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43914",
      },
      {
         cve: "CVE-2024-44931",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44931",
      },
      {
         cve: "CVE-2024-44932",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44932",
      },
      {
         cve: "CVE-2024-44933",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44933",
      },
      {
         cve: "CVE-2024-44934",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44934",
      },
      {
         cve: "CVE-2024-44935",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44935",
      },
      {
         cve: "CVE-2024-44936",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44936",
      },
      {
         cve: "CVE-2024-44937",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44937",
      },
   ],
}

WID-SEC-W-2024-1925

Vulnerability from csaf_certbund

Published

2024-08-25 22:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um weitere, nicht beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1925 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1925.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1925 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1925",
         },
         {
            category: "external",
            summary: "Linux CVE Announcements vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43896 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082610-CVE-2024-43896-10b9@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43898 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082613-CVE-2024-43898-52c2@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43899 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082614-CVE-2024-43899-2339@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43900 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082616-CVE-2024-43900-029c@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43901 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082617-CVE-2024-43901-6c76@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43902 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082618-CVE-2024-43902-eb6d@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43903 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082620-CVE-2024-43903-3644@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43904 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082621-CVE-2024-43904-63a1@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43905 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082623-CVE-2024-43905-008f@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43906 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082624-CVE-2024-43906-27ab@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43907 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082626-CVE-2024-43907-91a1@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43908 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082627-CVE-2024-43908-4406@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43909 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082628-CVE-2024-43909-acb8@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43910 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082630-CVE-2024-43910-c6ec@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43911 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082631-CVE-2024-43911-96bb@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43912 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082632-CVE-2024-43912-801f@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43913 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082633-CVE-2024-43913-6ec7@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-43914 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082635-CVE-2024-43914-a664@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44931 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082636-CVE-2024-44931-8212@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44932 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082638-CVE-2024-44932-2659@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44933 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082639-CVE-2024-44933-222c@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44934 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082641-CVE-2024-44934-a7fe@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44935 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082642-CVE-2024-44935-3452@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44936 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082643-CVE-2024-44936-505c@gregkh/",
         },
         {
            category: "external",
            summary: "Linux CVE Announcement CVE-2024-44937 vom 2024-08-25",
            url: "https://lore.kernel.org/linux-cve-announce/2024082645-CVE-2024-44937-5c1d@gregkh/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3194-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019400.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3189-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019404.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3195-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019407.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3252-1 vom 2024-09-16",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019436.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3251-1 vom 2024-09-16",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019435.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3383-1 vom 2024-09-23",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019497.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-5782 vom 2024-10-03",
            url: "https://lists.debian.org/debian-security-announce/2024/msg00195.html",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DLA-3912 vom 2024-10-07",
            url: "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019562.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3553-1 vom 2024-10-08",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019560.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q7MIMQMCXNGMVS32KLTADYTPQCKF5HWU/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3569-1 vom 2024-10-09",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6GBL67LQ3MUSYQCQRQH2AZH3XWILTO5A/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3564-1 vom 2024-10-09",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R7FS3QARF7WUPH5GFL22NW3G3SDO2C7Z/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3559-1 vom 2024-10-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019575.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3561-1 vom 2024-10-09",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LSUY4BSWS5WR46CHS4FPBIJIRLKHRDHV/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3591-1 vom 2024-10-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019587.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3587-1 vom 2024-10-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019588.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3592-1 vom 2024-10-10",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019589.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12780 vom 2024-10-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-12780.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12782 vom 2024-10-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-12782.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-1 vom 2024-10-31",
            url: "https://ubuntu.com/security/notices/USN-7088-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-2 vom 2024-11-04",
            url: "https://ubuntu.com/security/notices/USN-7088-2",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8856 vom 2024-11-05",
            url: "https://access.redhat.com/errata/RHSA-2024:8856",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8870 vom 2024-11-05",
            url: "https://access.redhat.com/errata/RHSA-2024:8870",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-8856 vom 2024-11-06",
            url: "https://linux.oracle.com/errata/ELSA-2024-8856.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-3 vom 2024-11-06",
            url: "https://ubuntu.com/security/notices/USN-7088-3",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:8870 vom 2024-11-08",
            url: "https://errata.build.resf.org/RLSA-2024:8870",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7100-1 vom 2024-11-11",
            url: "https://ubuntu.com/security/notices/USN-7100-1",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
            url: "https://access.redhat.com/errata/RHSA-2024:9315",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7100-2 vom 2024-11-12",
            url: "https://ubuntu.com/security/notices/USN-7100-2",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12815 vom 2024-11-13",
            url: "https://linux.oracle.com/errata/ELSA-2024-12815.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3986-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CIC23R3UQSPF2K4P2CX54TPCX5T7KWQG/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3984-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L52VEDNTEHWEPR56WZN4KZNMEUYGCJX6/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3985-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB6DG7QR5KXDQRV57H4IY2TB2LW42K4S/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3983-1 vom 2024-11-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QUOFKELDJYP3JMHIXPCVKVI4REVXAKTX/",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7088-5 vom 2024-11-14",
            url: "https://ubuntu.com/security/notices/USN-7088-5",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7119-1 vom 2024-11-20",
            url: "https://ubuntu.com/security/notices/USN-7119-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7123-1 vom 2024-11-20",
            url: "https://ubuntu.com/security/notices/USN-7123-1",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-5818 vom 2024-11-24",
            url: "https://lists.debian.org/debian-security-announce/2024/msg00233.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4100-1 vom 2024-11-28",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019864.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12868 vom 2024-12-09",
            url: "https://linux.oracle.com/errata/ELSA-2024-12868.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7144-1 vom 2024-12-09",
            url: "https://ubuntu.com/security/notices/USN-7144-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7154-1 vom 2024-12-12",
            url: "https://ubuntu.com/security/notices/USN-7154-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7156-1 vom 2024-12-12",
            url: "https://ubuntu.com/security/notices/USN-7156-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7155-1 vom 2024-12-12",
            url: "https://ubuntu.com/security/notices/USN-7155-1",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17",
            url: "https://linux.oracle.com/errata/ELSA-2024-12884.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7166-1 vom 2024-12-17",
            url: "https://ubuntu.com/security/notices/USN-7166-1",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4346-1 vom 2024-12-17",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2FJJW5HEWYSYWAJBRWARBIZ4AQHAXLNG/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4345-1 vom 2024-12-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020018.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
            url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18",
            url: "https://linux.oracle.com/errata/ELSA-2024-12887.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7166-3 vom 2024-12-20",
            url: "https://ubuntu.com/security/notices/USN-7166-3",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7179-1 vom 2024-12-20",
            url: "https://ubuntu.com/security/notices/USN-7179-1",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DLA-4008 vom 2025-01-03",
            url: "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7154-2 vom 2025-01-06",
            url: "https://ubuntu.com/security/notices/USN-7154-2",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7179-2 vom 2025-01-06",
            url: "https://ubuntu.com/security/notices/USN-7179-2",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7186-1 vom 2025-01-06",
            url: "https://ubuntu.com/security/notices/USN-7186-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7179-3 vom 2025-01-07",
            url: "https://ubuntu.com/security/notices/USN-7179-3",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0034-1 vom 2025-01-08",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020071.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7194-1 vom 2025-01-09",
            url: "https://ubuntu.com/security/notices/USN-7194-1",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7186-2 vom 2025-01-09",
            url: "https://ubuntu.com/security/notices/USN-7186-2",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-7196-1 vom 2025-01-09",
            url: "https://ubuntu.com/security/notices/USN-7196-1",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0117-1 vom 2025-01-15",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020131.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0154-1 vom 2025-01-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020151.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2025:0153-1 vom 2025-01-17",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020150.html",
         },
      ],
      source_lang: "en-US",
      title: "Linux Kernel: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2025-01-19T23:00:00.000+00:00",
         generator: {
            date: "2025-01-20T09:19:52.282+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.10",
            },
         },
         id: "WID-SEC-W-2024-1925",
         initial_release_date: "2024-08-25T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-08-25T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-09-10T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-11T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-16T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-23T22:00:00.000+00:00",
               number: "5",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-29T22:00:00.000+00:00",
               number: "6",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-03T22:00:00.000+00:00",
               number: "7",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2024-10-07T22:00:00.000+00:00",
               number: "8",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2024-10-08T22:00:00.000+00:00",
               number: "9",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-09T22:00:00.000+00:00",
               number: "10",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-10T22:00:00.000+00:00",
               number: "11",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-10-14T22:00:00.000+00:00",
               number: "12",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-10-31T23:00:00.000+00:00",
               number: "13",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-04T23:00:00.000+00:00",
               number: "14",
               summary: "Neue Updates von Ubuntu und Red Hat aufgenommen",
            },
            {
               date: "2024-11-05T23:00:00.000+00:00",
               number: "15",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-11-10T23:00:00.000+00:00",
               number: "16",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-11-11T23:00:00.000+00:00",
               number: "17",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-12T23:00:00.000+00:00",
               number: "18",
               summary: "Neue Updates von Red Hat und Ubuntu aufgenommen",
            },
            {
               date: "2024-11-13T23:00:00.000+00:00",
               number: "19",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-11-14T23:00:00.000+00:00",
               number: "20",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-19T23:00:00.000+00:00",
               number: "21",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-20T23:00:00.000+00:00",
               number: "22",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-11-24T23:00:00.000+00:00",
               number: "23",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2024-11-28T23:00:00.000+00:00",
               number: "24",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-12-09T23:00:00.000+00:00",
               number: "25",
               summary: "Neue Updates von Oracle Linux und Ubuntu aufgenommen",
            },
            {
               date: "2024-12-12T23:00:00.000+00:00",
               number: "26",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-12-15T23:00:00.000+00:00",
               number: "27",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-12-16T23:00:00.000+00:00",
               number: "28",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-12-17T23:00:00.000+00:00",
               number: "29",
               summary: "Neue Updates von SUSE und Ubuntu aufgenommen",
            },
            {
               date: "2024-12-18T23:00:00.000+00:00",
               number: "30",
               summary: "Neue Updates von SUSE und Oracle Linux aufgenommen",
            },
            {
               date: "2024-12-19T23:00:00.000+00:00",
               number: "31",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-12-22T23:00:00.000+00:00",
               number: "32",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-02T23:00:00.000+00:00",
               number: "33",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2025-01-06T23:00:00.000+00:00",
               number: "34",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-07T23:00:00.000+00:00",
               number: "35",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-08T23:00:00.000+00:00",
               number: "36",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2025-01-09T23:00:00.000+00:00",
               number: "37",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2025-01-15T23:00:00.000+00:00",
               number: "38",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2025-01-19T23:00:00.000+00:00",
               number: "39",
               summary: "Neue Updates von SUSE aufgenommen",
            },
         ],
         status: "final",
         version: "39",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Debian Linux",
                  product: {
                     name: "Debian Linux",
                     product_id: "2951",
                     product_identification_helper: {
                        cpe: "cpe:/o:debian:debian_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Debian",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<6.11-rc3",
                        product: {
                           name: "Open Source Linux Kernel <6.11-rc3",
                           product_id: "T036886",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.11-rc3",
                        product: {
                           name: "Open Source Linux Kernel 6.11-rc3",
                           product_id: "T036886-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.11-rc3",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<4.19.320",
                        product: {
                           name: "Open Source Linux Kernel <4.19.320",
                           product_id: "T037072",
                        },
                     },
                     {
                        category: "product_version",
                        name: "4.19.320",
                        product: {
                           name: "Open Source Linux Kernel 4.19.320",
                           product_id: "T037072-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:4.19.320",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<5.4.282",
                        product: {
                           name: "Open Source Linux Kernel <5.4.282",
                           product_id: "T037073",
                        },
                     },
                     {
                        category: "product_version",
                        name: "5.4.282",
                        product: {
                           name: "Open Source Linux Kernel 5.4.282",
                           product_id: "T037073-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:5.4.282",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<5.10.224",
                        product: {
                           name: "Open Source Linux Kernel <5.10.224",
                           product_id: "T037074",
                        },
                     },
                     {
                        category: "product_version",
                        name: "5.10.224",
                        product: {
                           name: "Open Source Linux Kernel 5.10.224",
                           product_id: "T037074-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:5.10.224",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<5.15.165",
                        product: {
                           name: "Open Source Linux Kernel <5.15.165",
                           product_id: "T037075",
                        },
                     },
                     {
                        category: "product_version",
                        name: "5.15.165",
                        product: {
                           name: "Open Source Linux Kernel 5.15.165",
                           product_id: "T037075-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:5.15.165",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<6.1.105",
                        product: {
                           name: "Open Source Linux Kernel <6.1.105",
                           product_id: "T037076",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.1.105",
                        product: {
                           name: "Open Source Linux Kernel 6.1.105",
                           product_id: "T037076-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.1.105",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<6.10.5",
                        product: {
                           name: "Open Source Linux Kernel <6.10.5",
                           product_id: "T037078",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.10.5",
                        product: {
                           name: "Open Source Linux Kernel 6.10.5",
                           product_id: "T037078-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.10.5",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<6.6.47",
                        product: {
                           name: "Open Source Linux Kernel <6.6.47",
                           product_id: "T037088",
                        },
                     },
                     {
                        category: "product_version",
                        name: "6.6.47",
                        product: {
                           name: "Open Source Linux Kernel 6.6.47",
                           product_id: "T037088-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:linux:linux_kernel:6.6.47",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Linux Kernel",
               },
            ],
            category: "vendor",
            name: "Open Source",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Oracle Linux",
                  product: {
                     name: "Oracle Linux",
                     product_id: "T004914",
                     product_identification_helper: {
                        cpe: "cpe:/o:oracle:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "RESF Rocky Linux",
                  product: {
                     name: "RESF Rocky Linux",
                     product_id: "T032255",
                     product_identification_helper: {
                        cpe: "cpe:/o:resf:rocky_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "RESF",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Ubuntu Linux",
                  product: {
                     name: "Ubuntu Linux",
                     product_id: "T000126",
                     product_identification_helper: {
                        cpe: "cpe:/o:canonical:ubuntu_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Ubuntu",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-43896",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43896",
      },
      {
         cve: "CVE-2024-43898",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43898",
      },
      {
         cve: "CVE-2024-43899",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43899",
      },
      {
         cve: "CVE-2024-43900",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43900",
      },
      {
         cve: "CVE-2024-43901",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43901",
      },
      {
         cve: "CVE-2024-43902",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43902",
      },
      {
         cve: "CVE-2024-43903",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43903",
      },
      {
         cve: "CVE-2024-43904",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43904",
      },
      {
         cve: "CVE-2024-43905",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43905",
      },
      {
         cve: "CVE-2024-43906",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43906",
      },
      {
         cve: "CVE-2024-43907",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43907",
      },
      {
         cve: "CVE-2024-43908",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43908",
      },
      {
         cve: "CVE-2024-43909",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43909",
      },
      {
         cve: "CVE-2024-43910",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43910",
      },
      {
         cve: "CVE-2024-43911",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43911",
      },
      {
         cve: "CVE-2024-43912",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43912",
      },
      {
         cve: "CVE-2024-43913",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43913",
      },
      {
         cve: "CVE-2024-43914",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-43914",
      },
      {
         cve: "CVE-2024-44931",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44931",
      },
      {
         cve: "CVE-2024-44932",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44932",
      },
      {
         cve: "CVE-2024-44933",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44933",
      },
      {
         cve: "CVE-2024-44934",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44934",
      },
      {
         cve: "CVE-2024-44935",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44935",
      },
      {
         cve: "CVE-2024-44936",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44936",
      },
      {
         cve: "CVE-2024-44937",
         notes: [
            {
               category: "description",
               text: "Im Linux Kernel existieren mehrere Schwachstellen in verschiedenen Komponenten und Subsystemen wie den AMD Display-Treibern, wifi und anderen. Zu den Ursachen zählen unter anderem NULL-Pointer Dereferenzierungen, Use-After-Free und andere Fehler in der Speicherverwaltung. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und um weitere, nicht beschriebene Auswirkungen zu erzielen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T036886",
               "T004914",
               "T037088",
               "T032255",
               "T037078",
               "T037073",
               "T037074",
               "T037075",
               "T037076",
               "2951",
               "T002207",
               "T000126",
               "T037072",
            ],
         },
         release_date: "2024-08-25T22:00:00.000+00:00",
         title: "CVE-2024-44937",
      },
   ],
}

ghsa-5469-6p3j-2hpr

Vulnerability from github

Published

2024-08-26 12:31

Modified

2024-09-05 18:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses

Currently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can continue to make use of this modified CONST_PTR_TO_DYNPTR from within the context of the global function, which can unintentionally result in out-of-bounds memory accesses and therefore compromise overall system stability i.e.

[ 244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140 [ 244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302 [ 244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533 [ 244.174318] Call Trace: [ 244.175787] [ 244.177356] dump_stack_lvl+0x66/0xa0 [ 244.179531] print_report+0xce/0x670 [ 244.182314] ? __virt_addr_valid+0x200/0x3e0 [ 244.184908] kasan_report+0xd7/0x110 [ 244.187408] ? bpf_dynptr_data+0x137/0x140 [ 244.189714] ? bpf_dynptr_data+0x137/0x140 [ 244.192020] bpf_dynptr_data+0x137/0x140 [ 244.194264] bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26 [ 244.198044] bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23 [ 244.202136] bpf_user_ringbuf_drain+0x2c7/0x570 [ 244.204744] ? 0xffffffffc0009e58 [ 244.206593] ? __pfx_bpf_user_ringbuf_drain+0x10/0x10 [ 244.209795] bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b [ 244.215922] bpf_trampoline_6442502480+0x43/0xe3 [ 244.218691] __x64_sys_prlimit64+0x9/0xf0 [ 244.220912] do_syscall_64+0xc1/0x1d0 [ 244.223043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.226458] RIP: 0033:0x7ffa3eb8f059 [ 244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48 [ 244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e [ 244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059 [ 244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0 [ 244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000 [ 244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80 [ 244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000 [ 244.268303]

Add a check_func_arg_reg_off() to the path in which the BPF verifier verifies the arguments of global function arguments, specifically those which take an argument of type ARG_PTR_TO_DYNPTR | MEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any explicit and strict type matching on the supplied register type, so let's also enforce that a register either type PTR_TO_STACK or CONST_PTR_TO_DYNPTR is by the caller.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2024-43910",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-787",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2024-08-26T11:15:05Z",
      severity: "MODERATE",
   },
   details: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses\n\nCurrently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to\na global function as an argument. The adverse effects of this is that\nBPF helpers can continue to make use of this modified\nCONST_PTR_TO_DYNPTR from within the context of the global function,\nwhich can unintentionally result in out-of-bounds memory accesses and\ntherefore compromise overall system stability i.e.\n\n[  244.157771] BUG: KASAN: slab-out-of-bounds in bpf_dynptr_data+0x137/0x140\n[  244.161345] Read of size 8 at addr ffff88810914be68 by task test_progs/302\n[  244.167151] CPU: 0 PID: 302 Comm: test_progs Tainted: G O E 6.10.0-rc3-00131-g66b586715063 #533\n[  244.174318] Call Trace:\n[  244.175787]  <TASK>\n[  244.177356]  dump_stack_lvl+0x66/0xa0\n[  244.179531]  print_report+0xce/0x670\n[  244.182314]  ? __virt_addr_valid+0x200/0x3e0\n[  244.184908]  kasan_report+0xd7/0x110\n[  244.187408]  ? bpf_dynptr_data+0x137/0x140\n[  244.189714]  ? bpf_dynptr_data+0x137/0x140\n[  244.192020]  bpf_dynptr_data+0x137/0x140\n[  244.194264]  bpf_prog_b02a02fdd2bdc5fa_global_call_bpf_dynptr_data+0x22/0x26\n[  244.198044]  bpf_prog_b0fe7b9d7dc3abde_callback_adjust_bpf_dynptr_reg_off+0x1f/0x23\n[  244.202136]  bpf_user_ringbuf_drain+0x2c7/0x570\n[  244.204744]  ? 0xffffffffc0009e58\n[  244.206593]  ? __pfx_bpf_user_ringbuf_drain+0x10/0x10\n[  244.209795]  bpf_prog_33ab33f6a804ba2d_user_ringbuf_callback_const_ptr_to_dynptr_reg_off+0x47/0x4b\n[  244.215922]  bpf_trampoline_6442502480+0x43/0xe3\n[  244.218691]  __x64_sys_prlimit64+0x9/0xf0\n[  244.220912]  do_syscall_64+0xc1/0x1d0\n[  244.223043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[  244.226458] RIP: 0033:0x7ffa3eb8f059\n[  244.228582] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8f 1d 0d 00 f7 d8 64 89 01 48\n[  244.241307] RSP: 002b:00007ffa3e9c6eb8 EFLAGS: 00000206 ORIG_RAX: 000000000000012e\n[  244.246474] RAX: ffffffffffffffda RBX: 00007ffa3e9c7cdc RCX: 00007ffa3eb8f059\n[  244.250478] RDX: 00007ffa3eb162b4 RSI: 0000000000000000 RDI: 00007ffa3e9c7fb0\n[  244.255396] RBP: 00007ffa3e9c6ed0 R08: 00007ffa3e9c76c0 R09: 0000000000000000\n[  244.260195] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffff80\n[  244.264201] R13: 000000000000001c R14: 00007ffc5d6b4260 R15: 00007ffa3e1c7000\n[  244.268303]  </TASK>\n\nAdd a check_func_arg_reg_off() to the path in which the BPF verifier\nverifies the arguments of global function arguments, specifically\nthose which take an argument of type ARG_PTR_TO_DYNPTR |\nMEM_RDONLY. Also, process_dynptr_func() doesn't appear to perform any\nexplicit and strict type matching on the supplied register type, so\nlet's also enforce that a register either type PTR_TO_STACK or\nCONST_PTR_TO_DYNPTR is by the caller.",
   id: "GHSA-5469-6p3j-2hpr",
   modified: "2024-09-05T18:30:51Z",
   published: "2024-08-26T12:31:20Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2024-43910",
      },
      {
         type: "WEB",
         url: "https://git.kernel.org/stable/c/13663a7c644bf1dedaf461d07252db5d76c8759a",
      },
      {
         type: "WEB",
         url: "https://git.kernel.org/stable/c/ec2b9a5e11e51fea1bb04c1e7e471952e887e874",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
         type: "CVSS_V3",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-43910

Vulnerability from cvelistv5

fkie_cve-2024-43910

Vulnerability from fkie_nvd

wid-sec-w-2024-1925

Vulnerability from csaf_certbund

WID-SEC-W-2024-1925

Vulnerability from csaf_certbund

ghsa-5469-6p3j-2hpr

Vulnerability from github

Tags

Sightings

Nomenclature