0

This is the ubuntu kernel version on my machine Linux zaff 6.8.0-1021-azure #25~22.04.1-Ubuntu SMP Thu Jan 16 21:37:09 UTC 2025 x86 64 x86 64 x86 64 GNU/Linux

Which version from this link will be my kernel version in the below link.

https://ubuntu.com/security/CVE-2024-38541

Even after patching this CVE-2024-38541 is showing in security scan software.

Improve this question
0

1 Answer 1

Reset to default
2

The linux-azure-6.8 packages in the repositories address the Azure flavored kernels. (the -azure in the kernel string just indicates it's an Azure flavored kernel, which is in the linux-azure* pattern matching of packaging)

According to the page in question, CVE-2024-38541 was patched in version 6.8.0-1013.14~22.04.1 of the package.

The version of the kernel in your system is probably 6.8.0-1021~22.04.1 which is a later package revision than the patched version in the security page, and that means you are already patched against CVE-2024-38541.

This said, there are other vulnerabilities you might not be patched against. The current version of the package in the repositories is 6.8.0-1029.31~22.04.1, and your system is not running that. You should still update your kernel in your Azure VM and then boot to it so you get all the latest updates.

Improve this answer
4
  • Thank you so much for the information !! If my version is up to date, why my security scans are showing many vulnerabilities. I am using apt update && apt upgrade to install updates. Do i need to do anything different ? NOTE :These are production servers. Commented May 17, 2025 at 2:47
  • 2
    Because most vulnerability scanners only look at the version number 6.8.0 and are not capable of distinguishing the patches applied on top. 6.8 is not an Linux kernel LTS, and the major distributions maintain their own patches. Most fixes are a couple on lines of code, but once compiled it is hard to trace back if a certain patch was applied. Hence the many falso positives from your scanner. Commented May 17, 2025 at 4:15
  • 2
    @SZaff sleepyhead is correct, partially. Your security scanners are likely NOT tuned to check package versions (especially if doing scans external to the system) and are likely NOT seeing things. THIS SAID, you are not up to date. You're up to date against CVE-2024-38541, but not other security patches and bug fixes in the kernel trees. During your next maintenance window, you should update these servers with the updated kernel and then reboot them. Production or not, security needs to be handled usually during scheduled maintenance windows. Commented May 17, 2025 at 18:02
  • Thank you for the support guys. much appreciated, i will reach out to our security team with all these details. Commented May 20, 2025 at 15:05

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.