What is the severity of USN-6704-4?

The severity of USN-6704-4 is critical as it allows a local attacker to cause a denial of service through a system crash.

How do I fix USN-6704-4?

To fix USN-6704-4, upgrade your package to one of the recommended versions mentioned in the Ubuntu security notice.

Which systems are affected by USN-6704-4?

USN-6704-4 affects Ubuntu 22.04 and Ubuntu 20.04 systems that use specific versions of the Linux kernel.

What is the vulnerability identified in USN-6704-4?

The vulnerability in USN-6704-4 is related to improper handling of return values in the NVIDIA Tegra XUSB pad controller driver.

Can a remote attacker exploit USN-6704-4?

No, USN-6704-4 can only be exploited by a local attacker due to its requirement for local access to the system.

Vulnerability/
USN-6704-4

CWE

416 476 362

28/3/2024

12/5/2025

USN-6704-4: Linux kernel (Intel IoTG) vulnerabilities

First published: Thu Mar 28 2024(Updated: )

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855)

Affected Software	Affected Version	How to fix
Linux kernel

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-6704-4?
The severity of USN-6704-4 is critical as it allows a local attacker to cause a denial of service through a system crash.
How do I fix USN-6704-4?
To fix USN-6704-4, upgrade your package to one of the recommended versions mentioned in the Ubuntu security notice.
Which systems are affected by USN-6704-4?
USN-6704-4 affects Ubuntu 22.04 and Ubuntu 20.04 systems that use specific versions of the Linux kernel.
What is the vulnerability identified in USN-6704-4?
The vulnerability in USN-6704-4 is related to improper handling of return values in the NVIDIA Tegra XUSB pad controller driver.
Can a remote attacker exploit USN-6704-4?
No, USN-6704-4 can only be exploited by a local attacker due to its requirement for local access to the system.

agent/severity
agent/title
agent/last-modified-date
agent/type
agent/description
agent/weakness
agent/first-publish-date
agent/trending
agent/source
collector/usn
source/Ubuntu
agent/references
agent/event
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
vendor/linux
canonical/linux kernel