Rewterz Threat Alert – FormBook Malware – Active IOCs
February 8, 2024Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
February 8, 2024Rewterz Threat Alert – FormBook Malware – Active IOCs
February 8, 2024Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
February 8, 2024Severity
High
Analysis Summary
CVE-2024-22386 CVSS:5.3
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the exynos_drm_crtc_atomic_disable() function in drm/exynos. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic or a denial of service condition
CVE-2024-23196 CVSS:5.3
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the snd_hdac_regmap_sync() function in sound/hda. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic or a denial of service condition
CVE-2024-24855 CVSS:5
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the lpfc_unregister_fcf_rescan() function in the scsi device driver. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic or a denial of service condition.
CVE-2024-24859 CVSS:4.6
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the sniff_{min,max}_interval_set() function in net/bluetooth. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-24860 CVSS:4.6
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the {min,max}_key_size_set() function in the bluetooth device driver. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a kernel panic or a denial of service condition.
CVE-2024-24861 CVSS:3.3
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the xc4000_get_frequency() function in media/xc4000. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic or a denial of service condition.
CVE-2024-24857 CVSS:4.6
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the conn_info_{min,max}_age_set() function in net/bluetooth. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause bluetooth connection abnormality or a denial of service condition.
CVE-2024-24858 CVSS:4.6
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the {conn,adv}_{min,max}_interval_set() function in net/bluetooth. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-24864 CVSS:5.3
Linux Kernel is vulnerable to a denial of service, caused by a race condition in the dvbdmx_write() function in media/dvb-core. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic or a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2024-22386
- CVE-2024-23196
- CVE-2024-24855
- CVE-2024-24859
- CVE-2024-24860
- CVE-2024-24861
- CVE-2024-24857
- CVE-2024-24858
- CVE-2024-24864
Affected Vendors
Linux
Affected Products
- Linux Kernel 6.4
- Linux Kernel 6.5
- Linux Kernel 6.7.0
Remediation
Upgrade to the latest version of Linux Kernel, available from the Linux Kernel Website.