It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate certain SMB messages, leading to an
out-of-bounds read vulnerability. An attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information.
(CVE-2023-6610)
Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and
Shweta Shinde discovered that the Confidential Computing framework in the
Linux kernel for x86 platforms did not properly handle 32-bit emulation on
TDX and SEV. An attacker with access to the VMM could use this to cause a
denial of service (guest crash) or possibly execute arbitrary code.
(CVE-2024-25744)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Android drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- Null block device driver;
- Character device driver;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I3C subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- ISDN/mISDN subsystem;
- LED subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- Network drivers;
- Near Field Communication (NFC) drivers;
- NVME drivers;
- Device tree and open firmware driver;
- Parport drivers;
- PCI subsystem;
- Pin controllers subsystem;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI drivers;
- QCOM SoC drivers;
- Direct Digital Synthesis drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- Userspace I/O drivers;...