vulnerability
Ubuntu: (CVE-2024-26836): linux-raspi-realtime vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Apr 17, 2024 | Feb 11, 2025 | Apr 16, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Apr 17, 2024
Added
Feb 11, 2025
Modified
Apr 16, 2026
Description
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: think-lmi: Fix password opcode ordering for workstations
The Lenovo workstations require the password opcode to be run before
the attribute value is changed (if Admin password is enabled).
Tested on some Thinkpads to confirm they are OK with this order too.
Solution
ubuntu-upgrade-linux-raspi-realtime
References
- CVE-2024-26836
- https://attackerkb.com/topics/CVE-2024-26836
- EUVD-EUVD-2024-24098
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-24098
- https://git.kernel.org/linus/6f7d0f5fd8e440c3446560100ac4ff9a55eec340
- https://git.kernel.org/stable/c/2bfbe1e0aed00ba51d58573c79452fada3f62ed4
- https://git.kernel.org/stable/c/6f7d0f5fd8e440c3446560100ac4ff9a55eec340
- https://www.cve.org/CVERecord?id=CVE-2024-26836
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.