Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde
discovered that an untrusted hypervisor could inject malicious #VC
interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw
is known as WeSee. A local attacker in control of the hypervisor could use
this to expose sensitive information or possibly execute arbitrary code in
the trusted execution environment. (CVE-2024-25742)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- M68K architecture;
- OpenRISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- x86 architecture;
- Block layer subsystem;
- Accessibility subsystem;
- Bluetooth drivers;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- DPLL subsystem;
- FireWire subsystem;
- EFI core;
- Qualcomm firmware drivers;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I2C subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Macintosh device drivers;
- Multiple devices driver;
- Media drivers;
- EEPROM drivers;
- MMC subsystem;
- Network drivers;
- STMicroelectronics network drivers;
- Device tree and open firmware driver;
- HiSilicon SoC PMU drivers;
- PHY drivers;
- Pin controllers subsystem;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI drivers;
- SPI subsystem;
- Media staging drivers;
- Thermal drivers;
- TTY drivers;
- Userspace I/O drivers;
- USB subsystem;
- DesignWare USB3 driver;
- ACRN Hypervisor Service Module driver;
- Virtio drivers;
- 9P distributed file system;
- BTRFS file system;
- eCrypt file system;
- EROFS file system;
- File systems infrastructure;
- GFS2 file system;
- JFFS2...