USN-6923-2

Advisory lineage Upstream: 12 Downstream: 0
Published: 30 Jul 2024, 10:59
Last modified:03 Jun 2026, 14:03

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

30 Jul 2024, 10:59
Published
Vulnerability first disclosed
03 Jun 2026, 14:03
Last Modified
Vulnerability information updated

Description

linux-aws-5.15, linux-ibm, linux-ibm-5.15, linux-raspi vulnerabilities Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - SMB network file system; - Netfilter; - Bluetooth subsystem; (CVE-2024-26886, CVE-2023-52752, CVE-2024-36016, CVE-2024-26952, CVE-2024-27017)

Affected Systems

  • ubuntulinux-aws-5.15

    < 5.15.0-1066.72~20.04.1

  • ubuntulinux-ibm

    < 5.15.0-1059.62

  • ubuntulinux-ibm-5.15

    < 5.15.0-1059.62~20.04.1

  • ubuntulinux-raspi

    < 5.15.0-1059.62

References (7)