{"id":"USN-6921-2","summary":"linux-lowlatency vulnerabilities","details":"\nBenedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde\ndiscovered that an untrusted hypervisor could inject malicious #VC\ninterrupts and compromise the security guarantees of AMD SEV-SNP. This flaw\nis known as WeSee. A local attacker in control of the hypervisor could use\nthis to expose sensitive information or possibly execute arbitrary code in\nthe trusted execution environment. (CVE-2024-25742)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - DMA engine subsystem;\n  - HID subsystem;\n  - I2C subsystem;\n  - PHY drivers;\n  - TTY drivers;\n  - IPv4 networking;\n(CVE-2024-35997, CVE-2024-36016, CVE-2024-35990, CVE-2024-35984,\nCVE-2024-35992, CVE-2024-36008)\n","modified":"2026-02-10T04:44:42Z","published":"2024-07-30T10:33:56Z","related":["UBUNTU-CVE-2024-25742","UBUNTU-CVE-2024-35984","UBUNTU-CVE-2024-35990","UBUNTU-CVE-2024-35992","UBUNTU-CVE-2024-35997","UBUNTU-CVE-2024-36008","UBUNTU-CVE-2024-36016"],"upstream":["CVE-2024-25742","CVE-2024-35984","CVE-2024-35990","CVE-2024-35992","CVE-2024-35997","CVE-2024-36008","CVE-2024-36016","UBUNTU-CVE-2024-25742","UBUNTU-CVE-2024-35984","UBUNTU-CVE-2024-35990","UBUNTU-CVE-2024-35992","UBUNTU-CVE-2024-35997","UBUNTU-CVE-2024-36008","UBUNTU-CVE-2024-36016"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6921-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-25742"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35984"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35990"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35992"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-35997"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36008"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-36016"}],"affected":[{"package":{"name":"linux-lowlatency","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/linux-lowlatency@6.8.0-39.39.1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.8.0-39.39.1"}]}],"versions":["6.5.0-9.9.1","6.6.0-14.14.1","6.8.0-7.7.1","6.8.0-25.25.3","6.8.0-28.28.1","6.8.0-31.31.1","6.8.0-35.35.1","6.8.0-36.36.1","6.8.0-38.38.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-buildinfo-6.8.0-39-lowlatency-64k","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-cloud-tools-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-headers-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-headers-6.8.0-39-lowlatency-64k","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-image-unsigned-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-image-unsigned-6.8.0-39-lowlatency-64k","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-cloud-tools-6.8.0-39","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-cloud-tools-common","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-headers-6.8.0-39","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-lib-rust-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-tools-6.8.0-39","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-tools-common","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-lowlatency-tools-host","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-modules-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-modules-6.8.0-39-lowlatency-64k","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-modules-iwlwifi-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-tools-6.8.0-39-lowlatency","binary_version":"6.8.0-39.39.1"},{"binary_name":"linux-tools-6.8.0-39-lowlatency-64k","binary_version":"6.8.0-39.39.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6921-2.json","cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-25742"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-35984"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-35990"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-35992"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-35997"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-36008"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2024-36016"}]}}}],"schema_version":"1.7.3"}