USN-6921-1

Source
https://ubuntu.com/security/notices/USN-6921-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6921-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6921-1
Related
Published
2024-07-29T12:51:56.160870Z
Modified
2024-07-29T12:51:56.160870Z
Summary
linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-nvidia, linux-oem-6.8, linux-raspi vulnerabilities
Details

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - DMA engine subsystem; - HID subsystem; - I2C subsystem; - PHY drivers; - TTY drivers; - IPv4 networking; (CVE-2024-35990, CVE-2024-35997, CVE-2024-35992, CVE-2024-35984, CVE-2024-36008, CVE-2024-36016)

References

Affected packages

Ubuntu:24.04:LTS / linux

Package

Name
linux
Purl
pkg:deb/ubuntu/linux?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-39.39

Affected versions

6.*

6.5.0-9.9
6.6.0-14.14
6.8.0-11.11
6.8.0-20.20
6.8.0-22.22
6.8.0-28.28
6.8.0-31.31
6.8.0-35.35
6.8.0-36.36
6.8.0-38.38

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-buildinfo-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-buildinfo-6.8.0-39-generic-64k"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-cloud-tools-6.8.0-39"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-cloud-tools-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-cloud-tools-common"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-doc"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-headers-6.8.0-39"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-headers-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-headers-6.8.0-39-generic-64k"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-image-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-image-6.8.0-39-generic-dbgsym"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-image-unsigned-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-image-unsigned-6.8.0-39-generic-64k"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-image-unsigned-6.8.0-39-generic-64k-dbgsym"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-image-unsigned-6.8.0-39-generic-dbgsym"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-lib-rust-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-libc-dev"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-modules-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-modules-6.8.0-39-generic-64k"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-modules-extra-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-modules-ipu6-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-modules-iwlwifi-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-modules-usbio-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-source-6.8.0"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-tools-6.8.0-39"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-tools-6.8.0-39-generic"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-tools-6.8.0-39-generic-64k"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-tools-common"
        },
        {
            "binary_version": "6.8.0-39.39",
            "binary_name": "linux-tools-host"
        }
    ]
}

Ubuntu:24.04:LTS / linux-aws

Package

Name
linux-aws
Purl
pkg:deb/ubuntu/linux-aws?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1012.13

Affected versions

6.*

6.5.0-1008.8
6.6.0-1001.1
6.8.0-1001.1
6.8.0-1006.6
6.8.0-1008.8
6.8.0-1009.9
6.8.0-1010.10
6.8.0-1011.12

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-aws-cloud-tools-6.8.0-1012"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-aws-headers-6.8.0-1012"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-aws-tools-6.8.0-1012"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-buildinfo-6.8.0-1012-aws"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-cloud-tools-6.8.0-1012-aws"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-headers-6.8.0-1012-aws"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-image-unsigned-6.8.0-1012-aws"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-image-unsigned-6.8.0-1012-aws-dbgsym"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-modules-6.8.0-1012-aws"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-modules-extra-6.8.0-1012-aws"
        },
        {
            "binary_version": "6.8.0-1012.13",
            "binary_name": "linux-tools-6.8.0-1012-aws"
        }
    ]
}

Ubuntu:24.04:LTS / linux-gcp

Package

Name
linux-gcp
Purl
pkg:deb/ubuntu/linux-gcp?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1011.12

Affected versions

6.*

6.5.0-1007.7
6.6.0-1001.1
6.8.0-1002.2
6.8.0-1005.5
6.8.0-1006.6
6.8.0-1007.7
6.8.0-1008.9
6.8.0-1009.10
6.8.0-1010.11

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-buildinfo-6.8.0-1011-gcp"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-gcp-headers-6.8.0-1011"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-gcp-tools-6.8.0-1011"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-headers-6.8.0-1011-gcp"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-image-unsigned-6.8.0-1011-gcp"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-image-unsigned-6.8.0-1011-gcp-dbgsym"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-modules-6.8.0-1011-gcp"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-modules-extra-6.8.0-1011-gcp"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-modules-iwlwifi-6.8.0-1011-gcp"
        },
        {
            "binary_version": "6.8.0-1011.12",
            "binary_name": "linux-tools-6.8.0-1011-gcp"
        }
    ]
}

Ubuntu:24.04:LTS / linux-gke

Package

Name
linux-gke
Purl
pkg:deb/ubuntu/linux-gke?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1007.10

Affected versions

6.*

6.8.0-1003.5
6.8.0-1004.7
6.8.0-1005.8
6.8.0-1006.9

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-buildinfo-6.8.0-1007-gke"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-gke-headers-6.8.0-1007"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-gke-tools-6.8.0-1007"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-headers-6.8.0-1007-gke"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-image-unsigned-6.8.0-1007-gke"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-image-unsigned-6.8.0-1007-gke-dbgsym"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-modules-6.8.0-1007-gke"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-modules-extra-6.8.0-1007-gke"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-modules-iwlwifi-6.8.0-1007-gke"
        },
        {
            "binary_version": "6.8.0-1007.10",
            "binary_name": "linux-tools-6.8.0-1007-gke"
        }
    ]
}

Ubuntu:24.04:LTS / linux-ibm

Package

Name
linux-ibm
Purl
pkg:deb/ubuntu/linux-ibm?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1009.9

Affected versions

6.*

6.5.0-1009.9
6.8.0-1001.1
6.8.0-1003.3
6.8.0-1004.4
6.8.0-1005.5
6.8.0-1006.6
6.8.0-1007.7
6.8.0-1008.8

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-buildinfo-6.8.0-1009-ibm"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-headers-6.8.0-1009-ibm"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-ibm-cloud-tools-common"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-ibm-headers-6.8.0-1009"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-ibm-source-6.8.0"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-ibm-tools-6.8.0-1009"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-image-unsigned-6.8.0-1009-ibm"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-image-unsigned-6.8.0-1009-ibm-dbgsym"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-6.8.0-1009-ibm"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-extra-6.8.0-1009-ibm"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-iwlwifi-6.8.0-1009-ibm"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-tools-6.8.0-1009-ibm"
        }
    ]
}

Ubuntu:24.04:LTS / linux-nvidia

Package

Name
linux-nvidia
Purl
pkg:deb/ubuntu/linux-nvidia?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1010.10

Affected versions

6.*

6.8.0-1007.7
6.8.0-1008.8
6.8.0-1009.9

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-buildinfo-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-buildinfo-6.8.0-1010-nvidia-64k"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-headers-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-headers-6.8.0-1010-nvidia-64k"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-image-unsigned-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-image-unsigned-6.8.0-1010-nvidia-64k"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-image-unsigned-6.8.0-1010-nvidia-64k-dbgsym"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-image-unsigned-6.8.0-1010-nvidia-dbgsym"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-modules-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-modules-6.8.0-1010-nvidia-64k"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-modules-extra-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-modules-nvidia-fs-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-modules-nvidia-fs-6.8.0-1010-nvidia-64k"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-nvidia-headers-6.8.0-1010"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-nvidia-tools-6.8.0-1010"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-nvidia-tools-host"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-tools-6.8.0-1010-nvidia"
        },
        {
            "binary_version": "6.8.0-1010.10",
            "binary_name": "linux-tools-6.8.0-1010-nvidia-64k"
        }
    ]
}

Ubuntu:24.04:LTS / linux-oem-6.8

Package

Name
linux-oem-6.8
Purl
pkg:deb/ubuntu/linux-oem-6.8?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1009.9

Affected versions

6.*

6.8.0-1003.3
6.8.0-1004.4
6.8.0-1005.5
6.8.0-1006.6
6.8.0-1007.7
6.8.0-1008.8

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-buildinfo-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-headers-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-image-unsigned-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-image-unsigned-6.8.0-1009-oem-dbgsym"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-ipu6-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-iwlwifi-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-modules-usbio-6.8.0-1009-oem"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-oem-6.8-headers-6.8.0-1009"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-oem-6.8-tools-6.8.0-1009"
        },
        {
            "binary_version": "6.8.0-1009.9",
            "binary_name": "linux-tools-6.8.0-1009-oem"
        }
    ]
}

Ubuntu:24.04:LTS / linux-raspi

Package

Name
linux-raspi
Purl
pkg:deb/ubuntu/linux-raspi?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1008.8

Affected versions

6.*

6.5.0-1005.7
6.7.0-1001.1
6.8.0-1001.1
6.8.0-1002.2
6.8.0-1003.3
6.8.0-1004.4
6.8.0-1005.5
6.8.0-1006.6
6.8.0-1007.7

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-buildinfo-6.8.0-1008-raspi"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-headers-6.8.0-1008-raspi"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-image-6.8.0-1008-raspi"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-image-6.8.0-1008-raspi-dbgsym"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-modules-6.8.0-1008-raspi"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-raspi-headers-6.8.0-1008"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-raspi-tools-6.8.0-1008"
        },
        {
            "binary_version": "6.8.0-1008.8",
            "binary_name": "linux-tools-6.8.0-1008-raspi"
        }
    ]
}