admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-02 16:02:18 +00:00
parent 9d8bb5eee2
commit 3261be9176
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
6 changed files with 737 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
2023/53xxx/CVE-2023-53108.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53108",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/iucv: Fix size of interrupt data\n\niucv_irq_data needs to be 4 bytes larger.\nThese bytes are not used by the iucv module, but written by\nthe z/VM hypervisor in case a CPU is deconfigured.\n\nReported as:\nBUG dma-kmalloc-64 (Not tainted): kmalloc Redzone overwritten\n-----------------------------------------------------------------------------\n0x0000000000400564-0x0000000000400567 @offset=1380. First byte 0x80 instead of 0xcc\nAllocated in iucv_cpu_prepare+0x44/0xd0 age=167839 cpu=2 pid=1\n__kmem_cache_alloc_node+0x166/0x450\nkmalloc_node_trace+0x3a/0x70\niucv_cpu_prepare+0x44/0xd0\ncpuhp_invoke_callback+0x156/0x2f0\ncpuhp_issue_call+0xf0/0x298\n__cpuhp_setup_state_cpuslocked+0x136/0x338\n__cpuhp_setup_state+0xf4/0x288\niucv_init+0xf4/0x280\ndo_one_initcall+0x78/0x390\ndo_initcalls+0x11a/0x140\nkernel_init_freeable+0x25e/0x2a0\nkernel_init+0x2e/0x170\n__ret_from_fork+0x3c/0x58\nret_from_fork+0xa/0x40\nFreed in iucv_init+0x92/0x280 age=167839 cpu=2 pid=1\n__kmem_cache_free+0x308/0x358\niucv_init+0x92/0x280\ndo_one_initcall+0x78/0x390\ndo_initcalls+0x11a/0x140\nkernel_init_freeable+0x25e/0x2a0\nkernel_init+0x2e/0x170\n__ret_from_fork+0x3c/0x58\nret_from_fork+0xa/0x40\nSlab 0x0000037200010000 objects=32 used=30 fp=0x0000000000400640 flags=0x1ffff00000010200(slab|head|node=0|zone=0|\nObject 0x0000000000400540 @offset=1344 fp=0x0000000000000000\nRedzone 0000000000400500: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400510: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400520: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400530: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nObject 0000000000400540: 00 01 00 03 00 00 00 00 00 00 00 00 00 00 00 00 ................\nObject 0000000000400550: f3 86 81 f2 f4 82 f8 82 f0 f0 f0 f0 f0 f0 f0 f2 ................\nObject 0000000000400560: 00 00 00 00 80 00 00 00 cc cc cc cc cc cc cc cc ................\nObject 0000000000400570: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400580: cc cc cc cc cc cc cc cc ........\nPadding 00000000004005d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ\nPadding 00000000004005e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ\nPadding 00000000004005f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\nCPU: 6 PID: 121030 Comm: 116-pai-crypto. Not tainted 6.3.0-20230221.rc0.git4.99b8246b2d71.300.fc37.s390x+debug #1\nHardware name: IBM 3931 A01 704 (z/VM 7.3.0)\nCall Trace:\n[<000000032aa034ec>] dump_stack_lvl+0xac/0x100\n[<0000000329f5a6cc>] check_bytes_and_report+0x104/0x140\n[<0000000329f5aa78>] check_object+0x370/0x3c0\n[<0000000329f5ede6>] free_debug_processing+0x15e/0x348\n[<0000000329f5f06a>] free_to_partial_list+0x9a/0x2f0\n[<0000000329f5f4a4>] __slab_free+0x1e4/0x3a8\n[<0000000329f61768>] __kmem_cache_free+0x308/0x358\n[<000000032a91465c>] iucv_cpu_dead+0x6c/0x88\n[<0000000329c2fc66>] cpuhp_invoke_callback+0x156/0x2f0\n[<000000032aa062da>] _cpu_down.constprop.0+0x22a/0x5e0\n[<0000000329c3243e>] cpu_device_down+0x4e/0x78\n[<000000032a61dee0>] device_offline+0xc8/0x118\n[<000000032a61e048>] online_store+0x60/0xe0\n[<000000032a08b6b0>] kernfs_fop_write_iter+0x150/0x1e8\n[<0000000329fab65c>] vfs_write+0x174/0x360\n[<0000000329fab9fc>] ksys_write+0x74/0x100\n[<000000032aa03a5a>] __do_syscall+0x1da/0x208\n[<000000032aa177b2>] system_call+0x82/0xb0\nINFO: lockdep is turned off.\nFIX dma-kmalloc-64: Restoring kmalloc Redzone 0x0000000000400564-0x0000000000400567=0xcc\nFIX dma-kmalloc-64: Object at 0x0000000000400540 not freed"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2356f4cb191100a5e92d537f13e5efdbc697e9cb",
"version_value": "a908eae0f71811afee86be7088692f1aa5855c3b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.21",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.21",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.311",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.279",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.238",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.176",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.104",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.21",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.8",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a908eae0f71811afee86be7088692f1aa5855c3b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a908eae0f71811afee86be7088692f1aa5855c3b"
},
{
"url": "https://git.kernel.org/stable/c/b0d2bb5e31a693ebc8888eb407f8a257a3680efa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0d2bb5e31a693ebc8888eb407f8a257a3680efa"
},
{
"url": "https://git.kernel.org/stable/c/71da5991b6438ad6da13ceb25465ee2760a1c52f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/71da5991b6438ad6da13ceb25465ee2760a1c52f"
},
{
"url": "https://git.kernel.org/stable/c/bd2e78462ae18484e55ae4d285df2c86b86bdd12",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bd2e78462ae18484e55ae4d285df2c86b86bdd12"
},
{
"url": "https://git.kernel.org/stable/c/3cfdefdaaa4b2a77e84d0db5e0a47a7aa3bb615a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cfdefdaaa4b2a77e84d0db5e0a47a7aa3bb615a"
},
{
"url": "https://git.kernel.org/stable/c/c78f1345db4e4b3b78f9b768f4074ebd60abe966",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c78f1345db4e4b3b78f9b768f4074ebd60abe966"
},
{
"url": "https://git.kernel.org/stable/c/93a970494881004c348d8feb38463ee72496e99a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93a970494881004c348d8feb38463ee72496e99a"
},
{
"url": "https://git.kernel.org/stable/c/3d87debb8ed2649608ff432699e7c961c0c6f03b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3d87debb8ed2649608ff432699e7c961c0c6f03b"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

158
2023/53xxx/CVE-2023-53109.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53109",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tunnels: annotate lockless accesses to dev->needed_headroom\n\nIP tunnels can apparently update dev->needed_headroom\nin their xmit path.\n\nThis patch takes care of three tunnels xmit, and also the\ncore LL_RESERVED_SPACE() and LL_RESERVED_SPACE_EXTRA()\nhelpers.\n\nMore changes might be needed for completeness.\n\nBUG: KCSAN: data-race in ip_tunnel_xmit / ip_tunnel_xmit\n\nread to 0xffff88815b9da0ec of 2 bytes by task 888 on cpu 1:\nip_tunnel_xmit+0x1270/0x1730 net/ipv4/ip_tunnel.c:803\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/ipv4/ip_output.c:430\ndst_output include/net/dst.h:444 [inline]\nip_local_out+0x64/0x80 net/ipv4/ip_output.c:126\niptunnel_xmit+0x34a/0x4b0 net/ipv4/ip_tunnel_core.c:82\nip_tunnel_xmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/ipv4/ip_output.c:430\ndst_output include/net/dst.h:444 [inline]\nip_local_out+0x64/0x80 net/ipv4/ip_output.c:126\niptunnel_xmit+0x34a/0x4b0 net/ipv4/ip_tunnel_core.c:82\nip_tunnel_xmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/ipv4/ip_output.c:430\ndst_output include/net/dst.h:444 [inline]\nip_local_out+0x64/0x80 net/ipv4/ip_output.c:126\niptunnel_xmit+0x34a/0x4b0 net/ipv4/ip_tunnel_core.c:82\nip_tunnel_xmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/i\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8eb30be0352d09165e94a41fef1c7b994dca0714",
"version_value": "8e206f66d824b3b28a7f9ee1366dfc79a937bb46"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.311",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.279",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.238",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.176",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.104",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.21",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.8",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8e206f66d824b3b28a7f9ee1366dfc79a937bb46",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e206f66d824b3b28a7f9ee1366dfc79a937bb46"
},
{
"url": "https://git.kernel.org/stable/c/51f3bd3765bc5ca4583af07a00833da00d2ace1d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/51f3bd3765bc5ca4583af07a00833da00d2ace1d"
},
{
"url": "https://git.kernel.org/stable/c/5aaab217c8f5387b9c5fff9e940d80f135e04366",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5aaab217c8f5387b9c5fff9e940d80f135e04366"
},
{
"url": "https://git.kernel.org/stable/c/be59b87ee4aed81db7c10e44f603866a0ac3ca5d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/be59b87ee4aed81db7c10e44f603866a0ac3ca5d"
},
{
"url": "https://git.kernel.org/stable/c/e0a557fc1daf5c1086e47150a4571aebadbb62be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0a557fc1daf5c1086e47150a4571aebadbb62be"
},
{
"url": "https://git.kernel.org/stable/c/a69b72b57b7d269e833e520ba7500d556e8189b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a69b72b57b7d269e833e520ba7500d556e8189b6"
},
{
"url": "https://git.kernel.org/stable/c/9b86a8702b042ee4e15d2d46375be873a6a8834f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b86a8702b042ee4e15d2d46375be873a6a8834f"
},
{
"url": "https://git.kernel.org/stable/c/4b397c06cb987935b1b097336532aa6b4210e091",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b397c06cb987935b1b097336532aa6b4210e091"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

125
2023/53xxx/CVE-2023-53110.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53110",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()\n\nWhen performing a stress test on SMC-R by rmmod mlx5_ib driver\nduring the wrk/nginx test, we found that there is a probability\nof triggering a panic while terminating all link groups.\n\nThis issue dues to the race between smc_smcr_terminate_all()\nand smc_buf_create().\n\n\t\t\tsmc_smcr_terminate_all\n\nsmc_buf_create\n/* init */\nconn->sndbuf_desc = NULL;\n...\n\n\t\t\t__smc_lgr_terminate\n\t\t\t\tsmc_conn_kill\n\t\t\t\t\tsmc_close_abort\n\t\t\t\t\t\tsmc_cdc_get_slot_and_msg_send\n\n\t\t\t__softirqentry_text_start\n\t\t\t\tsmc_wr_tx_process_cqe\n\t\t\t\t\tsmc_cdc_tx_handler\n\t\t\t\t\t\tREAD(conn->sndbuf_desc->len);\n\t\t\t\t\t\t/* panic dues to NULL sndbuf_desc */\n\nconn->sndbuf_desc = xxx;\n\nThis patch tries to fix the issue by always to check the sndbuf_desc\nbefore send any cdc msg, to make sure that no null pointer is\nseen during cqe processing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0b29ec6436138721acf5844e558f7334a0fa61d5",
"version_value": "31817c530768b0199771ec6019571b4f0ddbf230"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.5",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.176",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.104",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.21",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.8",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/31817c530768b0199771ec6019571b4f0ddbf230",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31817c530768b0199771ec6019571b4f0ddbf230"
},
{
"url": "https://git.kernel.org/stable/c/b108bd9e6be000492ebebe867daa699285978a10",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b108bd9e6be000492ebebe867daa699285978a10"
},
{
"url": "https://git.kernel.org/stable/c/3c270435db8aa34929263dddae8fd050f5216ecb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3c270435db8aa34929263dddae8fd050f5216ecb"
},
{
"url": "https://git.kernel.org/stable/c/3ebac7cf0a184a8102821a7a00203f02bebda83c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3ebac7cf0a184a8102821a7a00203f02bebda83c"
},
{
"url": "https://git.kernel.org/stable/c/22a825c541d775c1dbe7b2402786025acad6727b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/22a825c541d775c1dbe7b2402786025acad6727b"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

114
2023/53xxx/CVE-2023-53111.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53111",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Fix use-after-free issues\n\ndo_req_filebacked() calls blk_mq_complete_request() synchronously or\nasynchronously when using asynchronous I/O unless memory allocation fails.\nHence, modify loop_handle_cmd() such that it does not dereference 'cmd' nor\n'rq' after do_req_filebacked() finished unless we are sure that the request\nhas not yet been completed. This patch fixes the following kernel crash:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000054\nCall trace:\n css_put.42938+0x1c/0x1ac\n loop_process_work+0xc8c/0xfd4\n loop_rootcg_workfn+0x24/0x34\n process_one_work+0x244/0x558\n worker_thread+0x400/0x8fc\n kthread+0x16c/0x1e0\n ret_from_fork+0x10/0x20"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bc07c10a3603a5ab3ef01ba42b3d41f9ac63d1b6",
"version_value": "407badf73ec9fb0d5744bf2ca1745c1818aa222f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.104",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.21",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.8",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/407badf73ec9fb0d5744bf2ca1745c1818aa222f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/407badf73ec9fb0d5744bf2ca1745c1818aa222f"
},
{
"url": "https://git.kernel.org/stable/c/e3fda704903f6d1fc351412f1bc6620333959ada",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3fda704903f6d1fc351412f1bc6620333959ada"
},
{
"url": "https://git.kernel.org/stable/c/6917395c4667cfb607ed8bf1826205a59414657c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6917395c4667cfb607ed8bf1826205a59414657c"
},
{
"url": "https://git.kernel.org/stable/c/9b0cb770f5d7b1ff40bea7ca385438ee94570eec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b0cb770f5d7b1ff40bea7ca385438ee94570eec"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

103
2023/53xxx/CVE-2023-53112.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53112",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/sseu: fix max_subslices array-index-out-of-bounds access\n\nIt seems that commit bc3c5e0809ae (\"drm/i915/sseu: Don't try to store EU\nmask internally in UAPI format\") exposed a potential out-of-bounds\naccess, reported by UBSAN as following on a laptop with a gen 11 i915\ncard:\n\n UBSAN: array-index-out-of-bounds in drivers/gpu/drm/i915/gt/intel_sseu.c:65:27\n index 6 is out of range for type 'u16 [6]'\n CPU: 2 PID: 165 Comm: systemd-udevd Not tainted 6.2.0-9-generic #9-Ubuntu\n Hardware name: Dell Inc. XPS 13 9300/077Y9N, BIOS 1.11.0 03/22/2022\n Call Trace:\n <TASK>\n show_stack+0x4e/0x61\n dump_stack_lvl+0x4a/0x6f\n dump_stack+0x10/0x18\n ubsan_epilogue+0x9/0x3a\n __ubsan_handle_out_of_bounds.cold+0x42/0x47\n gen11_compute_sseu_info+0x121/0x130 [i915]\n intel_sseu_info_init+0x15d/0x2b0 [i915]\n intel_gt_init_mmio+0x23/0x40 [i915]\n i915_driver_mmio_probe+0x129/0x400 [i915]\n ? intel_gt_probe_all+0x91/0x2e0 [i915]\n i915_driver_probe+0xe1/0x3f0 [i915]\n ? drm_privacy_screen_get+0x16d/0x190 [drm]\n ? acpi_dev_found+0x64/0x80\n i915_pci_probe+0xac/0x1b0 [i915]\n ...\n\nAccording to the definition of sseu_dev_info, eu_mask->hsw is limited to\na maximum of GEN_MAX_SS_PER_HSW_SLICE (6) sub-slices, but\ngen11_sseu_info_init() can potentially set 8 sub-slices, in the\n!IS_JSL_EHL(gt->i915) case.\n\nFix this by reserving up to 8 slots for max_subslices in the eu_mask\nstruct.\n\n(cherry picked from commit 3cba09a6ac86ea1d456909626eb2685596c07822)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bc3c5e0809ae9faa039baf75547e8ee46ec124ef",
"version_value": "1a1682abf7399318ac074b1f2ac6a8c992b5b3da"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.21",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.8",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1a1682abf7399318ac074b1f2ac6a8c992b5b3da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a1682abf7399318ac074b1f2ac6a8c992b5b3da"
},
{
"url": "https://git.kernel.org/stable/c/36b076ab6247cf0d2135b2ad6bb337617c3b5a1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36b076ab6247cf0d2135b2ad6bb337617c3b5a1b"
},
{
"url": "https://git.kernel.org/stable/c/193c41926d152761764894f46e23b53c00186a82",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/193c41926d152761764894f46e23b53c00186a82"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

103
2023/53xxx/CVE-2023-53113.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53113",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: fix NULL-ptr deref in offchan check\n\nIf, e.g. in AP mode, the link was already created by userspace\nbut not activated yet, it has a chandef but the chandef isn't\nvalid and has no channel. Check for this and ignore this link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7b0a0e3c3a88260b6fcb017e49f198463aa62ed1",
"version_value": "87e80ea4fbc9ce2f2005905fdbcd38baaa47463a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.21",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.8",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/87e80ea4fbc9ce2f2005905fdbcd38baaa47463a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87e80ea4fbc9ce2f2005905fdbcd38baaa47463a"
},
{
"url": "https://git.kernel.org/stable/c/201a836c2385fdd2b9d0a8e7737bba5b26f1863a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/201a836c2385fdd2b9d0a8e7737bba5b26f1863a"
},
{
"url": "https://git.kernel.org/stable/c/f624bb6fad23df3270580b4fcef415c6e7bf7705",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f624bb6fad23df3270580b4fcef415c6e7bf7705"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}