{"id":"USN-6957-1","summary":" linux-oracle-5.15 vulnerabilities","details":"Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde\ndiscovered that an untrusted hypervisor could inject malicious #VC\ninterrupts and compromise the security guarantees of AMD SEV-SNP. This flaw\nis known as WeSee. A local attacker in control of the hypervisor could use\nthis to expose sensitive information or possibly execute arbitrary code in\nthe trusted execution environment. (CVE-2024-25742)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - ARM32 architecture;\n  - ARM64 architecture;\n  - Block layer subsystem;\n  - Bluetooth drivers;\n  - Clock framework and drivers;\n  - FireWire subsystem;\n  - GPU drivers;\n  - InfiniBand drivers;\n  - Multiple devices driver;\n  - EEPROM drivers;\n  - Network drivers;\n  - Pin controllers subsystem;\n  - Remote Processor subsystem;\n  - S/390 drivers;\n  - SCSI drivers;\n  - TTY drivers;\n  - 9P distributed file system;\n  - Network file system client;\n  - SMB network file system;\n  - Socket messages infrastructure;\n  - Dynamic debug library;\n  - Bluetooth subsystem;\n  - Networking core;\n  - IPv4 networking;\n  - IPv6 networking;\n  - Multipath TCP;\n  - Netfilter;\n  - NSH protocol;\n  - Phonet protocol;\n  - TIPC protocol;\n  - Wireless networking;\n  - Key management;\n  - ALSA framework;\n  - HD-audio driver;\n(CVE-2024-36947, CVE-2024-36919, CVE-2024-36929, CVE-2024-36955,\nCVE-2023-52585, CVE-2024-36931, CVE-2024-27399, CVE-2024-36957,\nCVE-2024-26980, CVE-2024-27398, CVE-2024-36902, CVE-2024-36928,\nCVE-2024-36960, CVE-2024-36904, CVE-2024-27017, CVE-2024-36959,\nCVE-2024-36880, CVE-2024-26936, CVE-2024-36975, CVE-2023-52882,\nCVE-2024-35848, CVE-2024-36886, CVE-2024-36889, CVE-2024-27401,\nCVE-2024-36906, CVE-2024-36937, CVE-2024-36016, CVE-2024-36964,\nCVE-2024-36933, CVE-2024-36031, CVE-2024-36969, CVE-2024-36954,\nCVE-2024-26900, CVE-2024-26952, CVE-2024-36017, CVE-2024-35947,\nCVE-2024-36965, CVE-2023-52752, CVE-2024-36905, CVE-2024-36938,\nCVE-2024-36952, CVE-2024-36940, CVE-2024-36916, CVE-2024-38600,\nCVE-2024-36946, CVE-2024-36953, CVE-2024-36967, CVE-2024-26886,\nCVE-2024-36934, CVE-2024-36950, CVE-2024-36941, CVE-2024-36883,\nCVE-2024-36944, CVE-2024-36939, CVE-2024-36897)\n","modified":"2026-04-24T10:02:43.717766937Z","published":"2024-08-13T00:13:25Z","related":["UBUNTU-CVE-2023-52585","UBUNTU-CVE-2023-52752","UBUNTU-CVE-2023-52882","UBUNTU-CVE-2024-25742","UBUNTU-CVE-2024-26886","UBUNTU-CVE-2024-26900","UBUNTU-CVE-2024-26936","UBUNTU-CVE-2024-26952","UBUNTU-CVE-2024-26980","UBUNTU-CVE-2024-27017","UBUNTU-CVE-2024-27398","UBUNTU-CVE-2024-27399","UBUNTU-CVE-2024-27401","UBUNTU-CVE-2024-35848","UBUNTU-CVE-2024-35947","UBUNTU-CVE-2024-36016","UBUNTU-CVE-2024-36017","UBUNTU-CVE-2024-36031","UBUNTU-CVE-2024-36880","UBUNTU-CVE-2024-36883","UBUNTU-CVE-2024-36886","UBUNTU-CVE-2024-36889","UBUNTU-CVE-2024-36897","UBUNTU-CVE-2024-36902","UBUNTU-CVE-2024-36904","UBUNTU-CVE-2024-36905","UBUNTU-CVE-2024-36906","UBUNTU-CVE-2024-36916","UBUNTU-CVE-2024-36919","UBUNTU-CVE-2024-36928","UBUNTU-CVE-2024-36929","UBUNTU-CVE-2024-36931","UBUNTU-CVE-2024-36933","UBUNTU-CVE-2024-36934","UBUNTU-CVE-2024-36937","UBUNTU-CVE-2024-36938","UBUNTU-CVE-2024-36939","UBUNTU-CVE-2024-36940","UBUNTU-CVE-2024-36941","UBUNTU-CVE-2024-36944","UBUNTU-CVE-2024-36946","UBUNTU-CVE-2024-36947","UBUNTU-CVE-2024-36950","UBUNTU-CVE-2024-36952","UBUNTU-CVE-2024-36953","UBUNTU-CVE-2024-36954","UBUNTU-CVE-2024-36955","UBUNTU-CVE-2024-36957","UBUNTU-CVE-2024-36959","UBUNTU-CVE-2024-36960","UBUNTU-CVE-2024-36964","UBUNTU-CVE-2024-36965","UBUNTU-CVE-2024-36967","UBUNTU-CVE-2024-36969","UBUNTU-CVE-2024-36975","UBUNTU-CVE-2024-38600"],"upstream":["CVE-2024-26886","CVE-2024-36031","CVE-2024-36897","CVE-2024-36944","UBUNTU-CVE-2024-26886","UBUNTU-CVE-2024-36031","UBUNTU-CVE-2024-36897","UBUNTU-CVE-2024-36944"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6957-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26886"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36031"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36897"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36944"}],"affected":[{"package":{"name":"linux-oracle-5.15","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-oracle-5.15@5.15.0-1065.71~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1065.71~20.04.1"}]}],"versions":["5.15.0-1007.9~20.04.1","5.15.0-1013.17~20.04.1","5.15.0-1016.20~20.04.1","5.15.0-1017.22~20.04.1","5.15.0-1018.23~20.04.1","5.15.0-1019.24~20.04.1","5.15.0-1021.27~20.04.1","5.15.0-1022.28~20.04.1","5.15.0-1025.31~20.04.2","5.15.0-1027.33~20.04.1","5.15.0-1029.35~20.04.1","5.15.0-1030.36~20.04.1","5.15.0-1032.38~20.04.1","5.15.0-1033.39~20.04.1","5.15.0-1034.40~20.04.1","5.15.0-1035.41~20.04.1","5.15.0-1036.42~20.04.1","5.15.0-1037.43~20.04.1","5.15.0-1038.44~20.04.1","5.15.0-1039.45~20.04.1","5.15.0-1040.46~20.04.1","5.15.0-1041.47~20.04.1","5.15.0-1042.48~20.04.1","5.15.0-1044.50~20.04.1","5.15.0-1045.51~20.04.1","5.15.0-1046.52~20.04.1","5.15.0-1047.53~20.04.1","5.15.0-1048.54~20.04.1","5.15.0-1049.55~20.04.1","5.15.0-1050.56~20.04.1","5.15.0-1051.57~20.04.1","5.15.0-1052.58~20.04.1","5.15.0-1053.59~20.04.1","5.15.0-1054.60~20.04.1","5.15.0-1055.61~20.04.1","5.15.0-1058.64~20.04.1","5.15.0-1059.65~20.04.1","5.15.0-1061.67~20.04.1","5.15.0-1062.68~20.04.1","5.15.0-1063.69~20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-5.15.0-1065-oracle","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-headers-5.15.0-1065-oracle","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-image-unsigned-5.15.0-1065-oracle","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-modules-5.15.0-1065-oracle","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-modules-extra-5.15.0-1065-oracle","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-oracle-5.15-headers-5.15.0-1065","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-oracle-5.15-tools-5.15.0-1065","binary_version":"5.15.0-1065.71~20.04.1"},{"binary_name":"linux-tools-5.15.0-1065-oracle","binary_version":"5.15.0-1065.71~20.04.1"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2024-26886","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-36031","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-36944","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6957-1.json"}}],"schema_version":"1.7.5"}