From 2fe69dee10d63ff009e78c152a069c265753e3a0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 2 Apr 2024 09:01:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/22xxx/CVE-2024-22005.json | 4 +- 2024/22xxx/CVE-2024-22006.json | 4 +- 2024/22xxx/CVE-2024-22007.json | 2 +- 2024/22xxx/CVE-2024-22008.json | 2 +- 2024/22xxx/CVE-2024-22009.json | 4 +- 2024/22xxx/CVE-2024-22010.json | 2 +- 2024/22xxx/CVE-2024-22011.json | 2 +- 2024/25xxx/CVE-2024-25984.json | 2 +- 2024/25xxx/CVE-2024-25985.json | 2 +- 2024/25xxx/CVE-2024-25986.json | 2 +- 2024/25xxx/CVE-2024-25987.json | 2 +- 2024/25xxx/CVE-2024-25988.json | 2 +- 2024/25xxx/CVE-2024-25989.json | 2 +- 2024/25xxx/CVE-2024-25990.json | 2 +- 2024/25xxx/CVE-2024-25991.json | 2 +- 2024/25xxx/CVE-2024-25992.json | 2 +- 2024/25xxx/CVE-2024-25993.json | 4 +- 2024/26xxx/CVE-2024-26622.json | 10 ---- 2024/27xxx/CVE-2024-27204.json | 2 +- 2024/27xxx/CVE-2024-27205.json | 4 +- 2024/27xxx/CVE-2024-27206.json | 4 +- 2024/27xxx/CVE-2024-27207.json | 4 +- 2024/27xxx/CVE-2024-27208.json | 4 +- 2024/27xxx/CVE-2024-27209.json | 4 +- 2024/27xxx/CVE-2024-27210.json | 2 +- 2024/27xxx/CVE-2024-27211.json | 2 +- 2024/27xxx/CVE-2024-27212.json | 4 +- 2024/27xxx/CVE-2024-27213.json | 2 +- 2024/27xxx/CVE-2024-27218.json | 4 +- 2024/27xxx/CVE-2024-27219.json | 2 +- 2024/27xxx/CVE-2024-27220.json | 4 +- 2024/27xxx/CVE-2024-27221.json | 4 +- 2024/27xxx/CVE-2024-27222.json | 2 +- 2024/27xxx/CVE-2024-27223.json | 2 +- 2024/27xxx/CVE-2024-27224.json | 2 +- 2024/27xxx/CVE-2024-27225.json | 2 +- 2024/27xxx/CVE-2024-27226.json | 4 +- 2024/27xxx/CVE-2024-27227.json | 4 +- 2024/27xxx/CVE-2024-27228.json | 4 +- 2024/27xxx/CVE-2024-27229.json | 2 +- 2024/27xxx/CVE-2024-27230.json | 2 +- 2024/27xxx/CVE-2024-27233.json | 2 +- 2024/27xxx/CVE-2024-27234.json | 2 +- 2024/27xxx/CVE-2024-27235.json | 4 +- 2024/27xxx/CVE-2024-27236.json | 2 +- 2024/27xxx/CVE-2024-27237.json | 2 +- 2024/2xxx/CVE-2024-2357.json | 99 ++++++++++++++++++++++++++++++++-- 47 files changed, 156 insertions(+), 77 deletions(-) diff --git a/2024/22xxx/CVE-2024-22005.json b/2024/22xxx/CVE-2024-22005.json index afbe25bb566..23c91992b86 100644 --- a/2024/22xxx/CVE-2024-22005.json +++ b/2024/22xxx/CVE-2024-22005.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In TBD of TBD, there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/22xxx/CVE-2024-22006.json b/2024/22xxx/CVE-2024-22006.json index bcfae548697..3067f0b262c 100644 --- a/2024/22xxx/CVE-2024-22006.json +++ b/2024/22xxx/CVE-2024-22006.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "OOB read in the TMU plugin that allows for memory disclosure in the power management subsystem of the device." + "value": "Android kernel allows Information disclosure." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/22xxx/CVE-2024-22007.json b/2024/22xxx/CVE-2024-22007.json index b1e710e191d..775a65284e1 100644 --- a/2024/22xxx/CVE-2024-22007.json +++ b/2024/22xxx/CVE-2024-22007.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/22xxx/CVE-2024-22008.json b/2024/22xxx/CVE-2024-22008.json index b175424d44c..a44fef5e78c 100644 --- a/2024/22xxx/CVE-2024-22008.json +++ b/2024/22xxx/CVE-2024-22008.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/22xxx/CVE-2024-22009.json b/2024/22xxx/CVE-2024-22009.json index 6ef3b2de590..e5b4e8fcc23 100644 --- a/2024/22xxx/CVE-2024-22009.json +++ b/2024/22xxx/CVE-2024-22009.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In init_data of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/22xxx/CVE-2024-22010.json b/2024/22xxx/CVE-2024-22010.json index 1e7490d2ac4..4298d4cfbaa 100644 --- a/2024/22xxx/CVE-2024-22010.json +++ b/2024/22xxx/CVE-2024-22010.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/22xxx/CVE-2024-22011.json b/2024/22xxx/CVE-2024-22011.json index 7a915d7e7d7..ba8e9dbe784 100644 --- a/2024/22xxx/CVE-2024-22011.json +++ b/2024/22xxx/CVE-2024-22011.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25984.json b/2024/25xxx/CVE-2024-25984.json index c755ff5b13c..e43a7ce8cf0 100644 --- a/2024/25xxx/CVE-2024-25984.json +++ b/2024/25xxx/CVE-2024-25984.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25985.json b/2024/25xxx/CVE-2024-25985.json index 6cf14df7696..12b9675a0cc 100644 --- a/2024/25xxx/CVE-2024-25985.json +++ b/2024/25xxx/CVE-2024-25985.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25986.json b/2024/25xxx/CVE-2024-25986.json index e15e87222a5..7034db375f6 100644 --- a/2024/25xxx/CVE-2024-25986.json +++ b/2024/25xxx/CVE-2024-25986.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25987.json b/2024/25xxx/CVE-2024-25987.json index 3c098bcc5d1..8fc7d558bcd 100644 --- a/2024/25xxx/CVE-2024-25987.json +++ b/2024/25xxx/CVE-2024-25987.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25988.json b/2024/25xxx/CVE-2024-25988.json index bff9e1bba48..7cd30273eb3 100644 --- a/2024/25xxx/CVE-2024-25988.json +++ b/2024/25xxx/CVE-2024-25988.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25989.json b/2024/25xxx/CVE-2024-25989.json index 2cd0c748d77..49331ba53e1 100644 --- a/2024/25xxx/CVE-2024-25989.json +++ b/2024/25xxx/CVE-2024-25989.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25990.json b/2024/25xxx/CVE-2024-25990.json index 5a10a32474c..1c4e673c0e6 100644 --- a/2024/25xxx/CVE-2024-25990.json +++ b/2024/25xxx/CVE-2024-25990.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25991.json b/2024/25xxx/CVE-2024-25991.json index 886635a6202..0f8e89e2b77 100644 --- a/2024/25xxx/CVE-2024-25991.json +++ b/2024/25xxx/CVE-2024-25991.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25992.json b/2024/25xxx/CVE-2024-25992.json index 5a0707d5c68..e8689ddf2aa 100644 --- a/2024/25xxx/CVE-2024-25992.json +++ b/2024/25xxx/CVE-2024-25992.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/25xxx/CVE-2024-25993.json b/2024/25xxx/CVE-2024-25993.json index a097887bc5f..97a35000e24 100644 --- a/2024/25xxx/CVE-2024-25993.json +++ b/2024/25xxx/CVE-2024-25993.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In tmu_reset_tmu_trip_counter of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In tmu_reset_tmu_trip_counter of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/26xxx/CVE-2024-26622.json b/2024/26xxx/CVE-2024-26622.json index ce19ad847e5..3eee2ca7836 100644 --- a/2024/26xxx/CVE-2024-26622.json +++ b/2024/26xxx/CVE-2024-26622.json @@ -137,16 +137,6 @@ "url": "https://git.kernel.org/stable/c/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVVYSTEVMPYGF6GDSOD44MUXZXAZHOHB/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVVYSTEVMPYGF6GDSOD44MUXZXAZHOHB/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSXNF4RLEFLH35BFUQGYXRRVHHUIVBAE/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSXNF4RLEFLH35BFUQGYXRRVHHUIVBAE/" } ] }, diff --git a/2024/27xxx/CVE-2024-27204.json b/2024/27xxx/CVE-2024-27204.json index eba2fc40ee2..2b5dd69bd3e 100644 --- a/2024/27xxx/CVE-2024-27204.json +++ b/2024/27xxx/CVE-2024-27204.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27205.json b/2024/27xxx/CVE-2024-27205.json index 5514e139d03..ca4419f1715 100644 --- a/2024/27xxx/CVE-2024-27205.json +++ b/2024/27xxx/CVE-2024-27205.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In tbd of tbd, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27206.json b/2024/27xxx/CVE-2024-27206.json index 9bd07dfe248..39af85d1ff7 100644 --- a/2024/27xxx/CVE-2024-27206.json +++ b/2024/27xxx/CVE-2024-27206.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In tbd of tbd, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27207.json b/2024/27xxx/CVE-2024-27207.json index b95291ceb41..1b55783d378 100644 --- a/2024/27xxx/CVE-2024-27207.json +++ b/2024/27xxx/CVE-2024-27207.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Exported broadcast receivers allowing malicious apps to bypass broadcast protection." + "value": "Android kernel allows Elevation of privilege." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27208.json b/2024/27xxx/CVE-2024-27208.json index 2eedfa0d107..0eed2504e92 100644 --- a/2024/27xxx/CVE-2024-27208.json +++ b/2024/27xxx/CVE-2024-27208.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In TBD of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27209.json b/2024/27xxx/CVE-2024-27209.json index 13133751613..6b749762ec0 100644 --- a/2024/27xxx/CVE-2024-27209.json +++ b/2024/27xxx/CVE-2024-27209.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In TBD of TBD, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27210.json b/2024/27xxx/CVE-2024-27210.json index d3f2c9c59ad..8617b92399e 100644 --- a/2024/27xxx/CVE-2024-27210.json +++ b/2024/27xxx/CVE-2024-27210.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27211.json b/2024/27xxx/CVE-2024-27211.json index a1df1416aae..fa3effb1225 100644 --- a/2024/27xxx/CVE-2024-27211.json +++ b/2024/27xxx/CVE-2024-27211.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27212.json b/2024/27xxx/CVE-2024-27212.json index a1f9dcfadab..64cf26b6252 100644 --- a/2024/27xxx/CVE-2024-27212.json +++ b/2024/27xxx/CVE-2024-27212.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In init_data of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27213.json b/2024/27xxx/CVE-2024-27213.json index da6159594c8..37cf8c95f4f 100644 --- a/2024/27xxx/CVE-2024-27213.json +++ b/2024/27xxx/CVE-2024-27213.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27218.json b/2024/27xxx/CVE-2024-27218.json index 530028ce1aa..688721a06d0 100644 --- a/2024/27xxx/CVE-2024-27218.json +++ b/2024/27xxx/CVE-2024-27218.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In update_freq_data of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27219.json b/2024/27xxx/CVE-2024-27219.json index c67d232269c..8396b24e00d 100644 --- a/2024/27xxx/CVE-2024-27219.json +++ b/2024/27xxx/CVE-2024-27219.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27220.json b/2024/27xxx/CVE-2024-27220.json index 689e77705aa..8c22cef46be 100644 --- a/2024/27xxx/CVE-2024-27220.json +++ b/2024/27xxx/CVE-2024-27220.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In lpm_req_handler of , there is a possible out of bounds memory access due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In lpm_req_handler of TBD, there is a possible out of bounds memory access due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27221.json b/2024/27xxx/CVE-2024-27221.json index cd019374428..844108ef20d 100644 --- a/2024/27xxx/CVE-2024-27221.json +++ b/2024/27xxx/CVE-2024-27221.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In update_policy_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In update_policy_data of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27222.json b/2024/27xxx/CVE-2024-27222.json index a17315b6dde..f10edd94bfd 100644 --- a/2024/27xxx/CVE-2024-27222.json +++ b/2024/27xxx/CVE-2024-27222.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27223.json b/2024/27xxx/CVE-2024-27223.json index e64e3012f18..9102c92756c 100644 --- a/2024/27xxx/CVE-2024-27223.json +++ b/2024/27xxx/CVE-2024-27223.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27224.json b/2024/27xxx/CVE-2024-27224.json index 0dc6ebeb2c9..6013290cab5 100644 --- a/2024/27xxx/CVE-2024-27224.json +++ b/2024/27xxx/CVE-2024-27224.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27225.json b/2024/27xxx/CVE-2024-27225.json index 8ace8dbbd2c..d4dc295e24b 100644 --- a/2024/27xxx/CVE-2024-27225.json +++ b/2024/27xxx/CVE-2024-27225.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27226.json b/2024/27xxx/CVE-2024-27226.json index c1c7814f39d..470c0067ad7 100644 --- a/2024/27xxx/CVE-2024-27226.json +++ b/2024/27xxx/CVE-2024-27226.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In tmu_config_gov_params of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In tmu_config_gov_params of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27227.json b/2024/27xxx/CVE-2024-27227.json index 2b0f62aa39d..02d41de8c6b 100644 --- a/2024/27xxx/CVE-2024-27227.json +++ b/2024/27xxx/CVE-2024-27227.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues" + "value": "Android kernel allows Remote code execution." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27228.json b/2024/27xxx/CVE-2024-27228.json index 1b15778848e..a2843e3de3c 100644 --- a/2024/27xxx/CVE-2024-27228.json +++ b/2024/27xxx/CVE-2024-27228.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In TBD of TBD, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27229.json b/2024/27xxx/CVE-2024-27229.json index 4fe9a274bf8..9e56a817c83 100644 --- a/2024/27xxx/CVE-2024-27229.json +++ b/2024/27xxx/CVE-2024-27229.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27230.json b/2024/27xxx/CVE-2024-27230.json index a42984dda11..a714a47cf14 100644 --- a/2024/27xxx/CVE-2024-27230.json +++ b/2024/27xxx/CVE-2024-27230.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27233.json b/2024/27xxx/CVE-2024-27233.json index 9c11b785f10..c604a35fdd6 100644 --- a/2024/27xxx/CVE-2024-27233.json +++ b/2024/27xxx/CVE-2024-27233.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27234.json b/2024/27xxx/CVE-2024-27234.json index a0569b8cfe7..3a7a9816393 100644 --- a/2024/27xxx/CVE-2024-27234.json +++ b/2024/27xxx/CVE-2024-27234.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27235.json b/2024/27xxx/CVE-2024-27235.json index d6d9900997c..009b4ec762e 100644 --- a/2024/27xxx/CVE-2024-27235.json +++ b/2024/27xxx/CVE-2024-27235.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In plugin_extern_func of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + "value": "In plugin_extern_func of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27236.json b/2024/27xxx/CVE-2024-27236.json index 9fd3bbb3db4..d19e2028606 100644 --- a/2024/27xxx/CVE-2024-27236.json +++ b/2024/27xxx/CVE-2024-27236.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/27xxx/CVE-2024-27237.json b/2024/27xxx/CVE-2024-27237.json index d699aa4a450..8ab382aa94c 100644 --- a/2024/27xxx/CVE-2024-27237.json +++ b/2024/27xxx/CVE-2024-27237.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "=", - "version_value": "13" + "version_value": "Android kernel" } ] } diff --git a/2024/2xxx/CVE-2024-2357.json b/2024/2xxx/CVE-2024-2357.json index 78495cbef1d..0c83b49b8d7 100644 --- a/2024/2xxx/CVE-2024-2357.json +++ b/2024/2xxx/CVE-2024-2357.json @@ -1,18 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@libreswan.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IKEv2 misconfiguration can cause libreswan to abort and restart" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "The Libreswan Project (www.libreswan.org)", + "product": { + "product_data": [ + { + "product_name": "libreswan", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "3.0", + "status": "unaffected", + "lessThanOrEqual": "4.1", + "versionType": "semver" + }, + { + "version": "4.2", + "status": "affected", + "lessThanOrEqual": "4.12", + "versionType": "semver" + }, + { + "version": "5.0", + "status": "unaffected" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://libreswan.org/security/CVE-2024-2357", + "refsource": "MISC", + "name": "https://libreswan.org/security/CVE-2024-2357" + } + ] + }, + "configuration": [ + { + "lang": "en", + "value": "The vulnerability can only be triggered for connections with ikev2=yes and authby=secret" + } + ], + "work_around": [ + { + "lang": "en", + "value": "As a workaround, one can place an unguessable long random default secret in /etc/ipsec.secrets, for example using the following command:\n\n echo -e \"# CVE-2024-2357 workaround\n: PSK \"$(openssl rand -hex 32)\"\" >> /etc/ipsec.secrets\n\nThis will ensure a PSK secret is always found, but it will always be wrong, and thus authentication will still properly fail." + } + ], + "solution": [ + { + "lang": "en", + "value": "This issue is fixed in 4.13, 5.0 and all later versions." + } + ], + "credits": [ + { + "lang": "en", + "value": "Andrew Vaughn" + } + ] } \ No newline at end of file