{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu18.04els/vex/2024/cve-2024-58083-els_os-ubuntu18_04els.json" } ], "title": "Security update on CVE-2024-58083", "tracking": { "current_release_date": "2025-12-23T22:15:38Z", "generator": { "date": "2025-12-23T22:15:38Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2024-58083-ELS_OS-UBUNTU18.04ELS", "initial_release_date": "2024-01-01T00:00:00Z", "revision_history": [ { "date": "2024-01-01T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2025-06-10T09:45:36Z", "number": "2", "summary": "Official Publication" }, { "date": "2025-12-23T22:15:38Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 18.04", "product": { "name": "Ubuntu 18.04", "product_id": "Ubuntu-18", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "product": { "name": "linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "product_id": "linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency@4.15.0-248.259?arch=amd64" } } }, { "category": "product_version", "name": "linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "product": { "name": "linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "product_id": "linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency@4.15.0-248.259?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product": { "name": "linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_id": "linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-extra-4.15.0-248-tuxcare.els36-generic@4.15.0-248.259?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product": { "name": "linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_id": "linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-4.15.0-248-tuxcare.els36-generic@4.15.0-248.259?arch=amd64" } } }, { "category": "product_version", "name": "linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product": { "name": "linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_id": "linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-headers-4.15.0-248-tuxcare.els36-generic@4.15.0-248.259?arch=amd64" } } }, { "category": "product_version", "name": "linux-libc-dev-0:4.15.0-248.259.amd64", "product": { "name": "linux-libc-dev-0:4.15.0-248.259.amd64", "product_id": "linux-libc-dev-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-libc-dev@4.15.0-248.259?arch=amd64" } } }, { "category": "product_version", "name": "linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product": { "name": "linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_id": "linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-buildinfo-4.15.0-248-tuxcare.els36-generic@4.15.0-248.259?arch=amd64" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all", "product": { "name": "linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all", "product_id": "linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-headers-4.15.0-248-tuxcare.els36@4.15.0-248.259?arch=all" } } }, { "category": "product_version", "name": "linux-tools-host-0:4.15.0-248.259.all", "product": { "name": "linux-tools-host-0:4.15.0-248.259.all", "product_id": "linux-tools-host-0:4.15.0-248.259.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-host@4.15.0-248.259?arch=all" } } }, { "category": "product_version", "name": "linux-doc-0:4.15.0-248.259.all", "product": { "name": "linux-doc-0:4.15.0-248.259.all", "product_id": "linux-doc-0:4.15.0-248.259.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-doc@4.15.0-248.259?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64" }, "product_reference": "linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64" }, "product_reference": "linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all" }, "product_reference": "linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64" }, "product_reference": "linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-host-0:4.15.0-248.259.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-tools-host-0:4.15.0-248.259.all" }, "product_reference": "linux-tools-host-0:4.15.0-248.259.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-doc-0:4.15.0-248.259.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-doc-0:4.15.0-248.259.all" }, "product_reference": "linux-doc-0:4.15.0-248.259.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64" }, "product_reference": "linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64" }, "product_reference": "linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-libc-dev-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-libc-dev-0:4.15.0-248.259.amd64" }, "product_reference": "linux-libc-dev-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64" }, "product_reference": "linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "relates_to_product_reference": "Ubuntu-18" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-58083", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate '0', i.e. KVM will return vCPU0 instead of NULL.\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\nHowever, returning vCPU0 when it shouldn't exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm->vcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it's fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all", "Ubuntu-18:linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-tools-host-0:4.15.0-248.259.all", "Ubuntu-18:linux-doc-0:4.15.0-248.259.all", "Ubuntu-18:linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-libc-dev-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-58083" } ], "release_date": "2025-03-06T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-headers-4.15.0-248-tuxcare.els36-0:4.15.0-248.259.all", "Ubuntu-18:linux-modules-extra-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-tools-host-0:4.15.0-248.259.all", "Ubuntu-18:linux-doc-0:4.15.0-248.259.all", "Ubuntu-18:linux-modules-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-headers-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-libc-dev-0:4.15.0-248.259.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-248-tuxcare.els36-generic-0:4.15.0-248.259.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] } ] }