USN-6973-3

Details

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

SuperH RISC architecture;
MMC subsystem;
Network drivers;
SCSI drivers;
GFS2 file system;
IPv4 networking;
IPv6 networking;
HD-audio driver; (CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929, CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)

Affected Packages

Ubuntu:Pro:18.04:LTSlinux-aws-5.4

Fixed in:

5.4.0-1131.141~18.04.1

References

REPORThttps://ubuntu.com/security/CVE-2021-46926 REPORThttps://ubuntu.com/security/CVE-2023-52629 REPORThttps://ubuntu.com/security/CVE-2023-52760 REPORThttps://ubuntu.com/security/CVE-2024-24860 REPORThttps://ubuntu.com/security/CVE-2024-26830 REPORThttps://ubuntu.com/security/CVE-2024-26921 REPORThttps://ubuntu.com/security/CVE-2024-26929 REPORThttps://ubuntu.com/security/CVE-2024-36901 REPORThttps://ubuntu.com/security/CVE-2024-39484 ADVISORYhttps://ubuntu.com/security/notices/USN-6973-3

USN-6973-3

Details

Affected Packages

References

Upstream

Ecosystems

Timeline