INFSA-2025:3893: kernel security update
Information about definition
Identificator: INFSA-2025:3893
Type: security
Release date: 2025-04-29 14:34:11 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2024-53150
A vulnerability was found in the Linux kernel's USB Audio driver. This flaw can allow an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by reading arbitrary system memory.
- CVE-2024-53241
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-53150
|
no information | 7.1 | no information |
|
NIST — CVE-2024-53241
|
no information | 5.7 | no information |
Updated packages