{"id":"USN-7021-5","summary":"linux-azure-fde vulnerabilities","details":"Several security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - GPU drivers;\n  - BTRFS file system;\n  - F2FS file system;\n  - GFS2 file system;\n  - BPF subsystem;\n  - Netfilter;\n  - RxRPC session sockets;\n  - Integrity Measurement Architecture(IMA) framework;\n(CVE-2024-27012, CVE-2024-38570, CVE-2024-42228, CVE-2024-41009,\nCVE-2024-39494, CVE-2024-42160, CVE-2024-39496, CVE-2024-26677)\n","modified":"2026-02-10T04:45:26Z","published":"2024-10-31T12:07:48Z","related":["UBUNTU-CVE-2024-26677","UBUNTU-CVE-2024-27012","UBUNTU-CVE-2024-38570","UBUNTU-CVE-2024-39494","UBUNTU-CVE-2024-39496","UBUNTU-CVE-2024-41009","UBUNTU-CVE-2024-42160","UBUNTU-CVE-2024-42228"],"upstream":["CVE-2024-26677","CVE-2024-27012","CVE-2024-38570","CVE-2024-39494","CVE-2024-39496","CVE-2024-41009","CVE-2024-42160","CVE-2024-42228","UBUNTU-CVE-2024-26677","UBUNTU-CVE-2024-27012","UBUNTU-CVE-2024-38570","UBUNTU-CVE-2024-39494","UBUNTU-CVE-2024-39496","UBUNTU-CVE-2024-41009","UBUNTU-CVE-2024-42160","UBUNTU-CVE-2024-42228"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7021-5"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26677"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-27012"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-38570"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-39494"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-39496"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-41009"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-42160"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-42228"}],"affected":[{"package":{"name":"linux-azure-fde","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-azure-fde@5.15.0-1073.82.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1073.82.1"}]}],"versions":["5.15.0-1019.24.1","5.15.0-1024.30.1","5.15.0-1029.36.1","5.15.0-1030.37.1","5.15.0-1031.38.1","5.15.0-1033.40.1","5.15.0-1034.41.1","5.15.0-1035.42.1","5.15.0-1036.43.1","5.15.0-1037.44.1","5.15.0-1038.45.1","5.15.0-1039.46.1","5.15.0-1041.48.1","5.15.0-1042.49.1","5.15.0-1044.51.1","5.15.0-1045.52.1","5.15.0-1046.53.1","5.15.0-1047.54.1","5.15.0-1049.56.1","5.15.0-1050.57.1","5.15.0-1051.59.1","5.15.0-1052.60.1","5.15.0-1053.61.1","5.15.0-1054.62.1","5.15.0-1056.64.1","5.15.0-1057.65.1","5.15.0-1058.66.1","5.15.0-1059.67.1","5.15.0-1060.69.1","5.15.0-1061.70.1","5.15.0-1063.72.1","5.15.0-1064.73.1","5.15.0-1065.74.1","5.15.0-1067.76.1","5.15.0-1068.77.1","5.15.0-1070.79.1","5.15.0-1071.80.1","5.15.0-1072.81.1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1073.82.1","binary_name":"linux-image-unsigned-5.15.0-1073-azure-fde"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7021-5.json","cves_map":{"cves":[{"id":"CVE-2024-26677","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-27012","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-38570","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-39494","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-39496","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-41009","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-42160","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2024-42228","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.3"}