Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:
5.15.0-1049.56~20.04.15.15.0-117.127~20.04.15.15.0-1061.67~20.04.15.15.0-117.127~20.04.15.15.0-117.1275.15.0-1066.725.15.0-1065.735.15.0-1063.695.15.0-1049.565.15.0-1061.675.15.0-1063.685.15.0-117.1275.15.0-1061.625.15.0-1064.70