admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-01 15:00:39 +00:00
parent 9d2f8826f3
commit 3b3240d256
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
96 changed files with 7831 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2022/49xxx/CVE-2022-49782.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49782",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49783.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49783",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49784.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49784",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49785.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49785",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49786.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49786",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49787.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49787",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49788.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49788",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49789.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49789",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49790.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49790",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49791.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49791",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49792.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49792",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49793.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49793",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49794.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49794",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49795.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49795",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49796.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49797.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49797",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49798.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49798",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49799.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49799",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49800.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49800",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49801.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49801",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49802.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49802",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49803.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49803",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49804.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49804",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49805.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49806.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49806",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49807.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49807",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49808.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49808",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49809.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49809",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49810.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49810",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49811.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49811",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49812.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49812",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49813.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49813",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49814.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49814",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49815.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49815",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49816.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49816",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49817.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49817",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49818.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49818",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49819.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49819",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49820.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49820",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

157
2022/49xxx/CVE-2022-49840.json Normal file
View File

@ -0,0 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49840",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()\n\nWe got a syzkaller problem because of aarch64 alignment fault\nif KFENCE enabled. When the size from user bpf program is an odd\nnumber, like 399, 407, etc, it will cause the struct skb_shared_info's\nunaligned access. As seen below:\n\n BUG: KFENCE: use-after-free read in __skb_clone+0x23c/0x2a0 net/core/skbuff.c:1032\n\n Use-after-free read at 0xffff6254fffac077 (in kfence-#213):\n __lse_atomic_add arch/arm64/include/asm/atomic_lse.h:26 [inline]\n arch_atomic_add arch/arm64/include/asm/atomic.h:28 [inline]\n arch_atomic_inc include/linux/atomic-arch-fallback.h:270 [inline]\n atomic_inc include/asm-generic/atomic-instrumented.h:241 [inline]\n __skb_clone+0x23c/0x2a0 net/core/skbuff.c:1032\n skb_clone+0xf4/0x214 net/core/skbuff.c:1481\n ____bpf_clone_redirect net/core/filter.c:2433 [inline]\n bpf_clone_redirect+0x78/0x1c0 net/core/filter.c:2420\n bpf_prog_d3839dd9068ceb51+0x80/0x330\n bpf_dispatcher_nop_func include/linux/bpf.h:728 [inline]\n bpf_test_run+0x3c0/0x6c0 net/bpf/test_run.c:53\n bpf_prog_test_run_skb+0x638/0xa7c net/bpf/test_run.c:594\n bpf_prog_test_run kernel/bpf/syscall.c:3148 [inline]\n __do_sys_bpf kernel/bpf/syscall.c:4441 [inline]\n __se_sys_bpf+0xad0/0x1634 kernel/bpf/syscall.c:4381\n\n kfence-#213: 0xffff6254fffac000-0xffff6254fffac196, size=407, cache=kmalloc-512\n\n allocated by task 15074 on cpu 0 at 1342.585390s:\n kmalloc include/linux/slab.h:568 [inline]\n kzalloc include/linux/slab.h:675 [inline]\n bpf_test_init.isra.0+0xac/0x290 net/bpf/test_run.c:191\n bpf_prog_test_run_skb+0x11c/0xa7c net/bpf/test_run.c:512\n bpf_prog_test_run kernel/bpf/syscall.c:3148 [inline]\n __do_sys_bpf kernel/bpf/syscall.c:4441 [inline]\n __se_sys_bpf+0xad0/0x1634 kernel/bpf/syscall.c:4381\n __arm64_sys_bpf+0x50/0x60 kernel/bpf/syscall.c:4381\n\nTo fix the problem, we adjust @size so that (@size + @hearoom) is a\nmultiple of SMP_CACHE_BYTES. So we make sure the struct skb_shared_info\nis aligned to a cache line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1cf1cae963c2e6032aebe1637e995bc2f5d330f4",
"version_value": "047824a730699c6c66df43306b80f700c9dfc2fd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.156",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.80",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.10",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/047824a730699c6c66df43306b80f700c9dfc2fd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/047824a730699c6c66df43306b80f700c9dfc2fd"
},
{
"url": "https://git.kernel.org/stable/c/730fb1ef974a13915bc7651364d8b3318891cd70",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/730fb1ef974a13915bc7651364d8b3318891cd70"
},
{
"url": "https://git.kernel.org/stable/c/7a704dbfd3735304e261f2787c52fbc7c3884736",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a704dbfd3735304e261f2787c52fbc7c3884736"
},
{
"url": "https://git.kernel.org/stable/c/e60f37a1d379c821c17b08f366412dce9ef3d99f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e60f37a1d379c821c17b08f366412dce9ef3d99f"
},
{
"url": "https://git.kernel.org/stable/c/eaa8edd86514afac9deb9bf9a5053e74f37edf40",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eaa8edd86514afac9deb9bf9a5053e74f37edf40"
},
{
"url": "https://git.kernel.org/stable/c/1b597f2d6a55e9f549989913860ad5170da04964",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b597f2d6a55e9f549989913860ad5170da04964"
},
{
"url": "https://git.kernel.org/stable/c/d3fd203f36d46aa29600a72d57a1b61af80e4a25",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d3fd203f36d46aa29600a72d57a1b61af80e4a25"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

146
2022/49xxx/CVE-2022-49841.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49841",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: imx: Add missing .thaw_noirq hook\n\nThe following warning is seen with non-console UART instance when\nsystem hibernates.\n\n[ 37.371969] ------------[ cut here ]------------\n[ 37.376599] uart3_root_clk already disabled\n[ 37.380810] WARNING: CPU: 0 PID: 296 at drivers/clk/clk.c:952 clk_core_disable+0xa4/0xb0\n...\n[ 37.506986] Call trace:\n[ 37.509432] clk_core_disable+0xa4/0xb0\n[ 37.513270] clk_disable+0x34/0x50\n[ 37.516672] imx_uart_thaw+0x38/0x5c\n[ 37.520250] platform_pm_thaw+0x30/0x6c\n[ 37.524089] dpm_run_callback.constprop.0+0x3c/0xd4\n[ 37.528972] device_resume+0x7c/0x160\n[ 37.532633] dpm_resume+0xe8/0x230\n[ 37.536036] hibernation_snapshot+0x288/0x430\n[ 37.540397] hibernate+0x10c/0x2e0\n[ 37.543798] state_store+0xc4/0xd0\n[ 37.547203] kobj_attr_store+0x1c/0x30\n[ 37.550953] sysfs_kf_write+0x48/0x60\n[ 37.554619] kernfs_fop_write_iter+0x118/0x1ac\n[ 37.559063] new_sync_write+0xe8/0x184\n[ 37.562812] vfs_write+0x230/0x290\n[ 37.566214] ksys_write+0x68/0xf4\n[ 37.569529] __arm64_sys_write+0x20/0x2c\n[ 37.573452] invoke_syscall.constprop.0+0x50/0xf0\n[ 37.578156] do_el0_svc+0x11c/0x150\n[ 37.581648] el0_svc+0x30/0x140\n[ 37.584792] el0t_64_sync_handler+0xe8/0xf0\n[ 37.588976] el0t_64_sync+0x1a0/0x1a4\n[ 37.592639] ---[ end trace 56e22eec54676d75 ]---\n\nOn hibernating, pm core calls into related hooks in sequence like:\n\n .freeze\n .freeze_noirq\n .thaw_noirq\n .thaw\n\nWith .thaw_noirq hook being absent, the clock will be disabled in a\nunbalanced call which results the warning above.\n\n imx_uart_freeze()\n clk_prepare_enable()\n imx_uart_suspend_noirq()\n clk_disable()\n imx_uart_thaw\n clk_disable_unprepare()\n\nAdding the missing .thaw_noirq hook as imx_uart_resume_noirq() will have\nthe call sequence corrected as below and thus fix the warning.\n\n imx_uart_freeze()\n clk_prepare_enable()\n imx_uart_suspend_noirq()\n clk_disable()\n imx_uart_resume_noirq()\n clk_enable()\n imx_uart_thaw\n clk_disable_unprepare()"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "09df0b3464e528c6a4ca2c48d9ff6d2fd7cbd775",
"version_value": "e401312ca6e180ee1bd65f6a766e99dd40aa95e7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.156",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.80",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.10",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e401312ca6e180ee1bd65f6a766e99dd40aa95e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e401312ca6e180ee1bd65f6a766e99dd40aa95e7"
},
{
"url": "https://git.kernel.org/stable/c/476b09e07bd519ec7ba5941a6a6f9a02256dbb21",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/476b09e07bd519ec7ba5941a6a6f9a02256dbb21"
},
{
"url": "https://git.kernel.org/stable/c/0a3160f4ffc70ee4bfa1521f698dace06e6091fd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a3160f4ffc70ee4bfa1521f698dace06e6091fd"
},
{
"url": "https://git.kernel.org/stable/c/ae22294e213a402a70fa1731538367d1b758ffe7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ae22294e213a402a70fa1731538367d1b758ffe7"
},
{
"url": "https://git.kernel.org/stable/c/e3f9d87d6f0732827c443bd1474df21c2fad704b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3f9d87d6f0732827c443bd1474df21c2fad704b"
},
{
"url": "https://git.kernel.org/stable/c/4561d8008a467cb05ac632a215391d6b787f40aa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4561d8008a467cb05ac632a215391d6b787f40aa"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49842.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49842",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: core: Fix use-after-free in snd_soc_exit()\n\nKASAN reports a use-after-free:\n\nBUG: KASAN: use-after-free in device_del+0xb5b/0xc60\nRead of size 8 at addr ffff888008655050 by task rmmod/387\nCPU: 2 PID: 387 Comm: rmmod\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n<TASK>\ndump_stack_lvl+0x79/0x9a\nprint_report+0x17f/0x47b\nkasan_report+0xbb/0xf0\ndevice_del+0xb5b/0xc60\nplatform_device_del.part.0+0x24/0x200\nplatform_device_unregister+0x2e/0x40\nsnd_soc_exit+0xa/0x22 [snd_soc_core]\n__do_sys_delete_module.constprop.0+0x34f/0x5b0\ndo_syscall_64+0x3a/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n...\n</TASK>\n\nIt's bacause in snd_soc_init(), snd_soc_util_init() is possble to fail,\nbut its ret is ignored, which makes soc_dummy_dev unregistered twice.\n\nsnd_soc_init()\n snd_soc_util_init()\n platform_device_register_simple(soc_dummy_dev)\n platform_driver_register() # fail\n \tplatform_device_unregister(soc_dummy_dev)\n platform_driver_register() # success\n...\nsnd_soc_exit()\n snd_soc_util_exit()\n # soc_dummy_dev will be unregistered for second time\n\nTo fix it, handle error and stop snd_soc_init() when util_init() fail.\nAlso clean debugfs when util_init() or driver_register() fail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fb257897bf20c5f0e1df584bb5b874e811651263",
"version_value": "41fad4f712e081acdfde8b59847f9f66eaf407a0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.156",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.80",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.10",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/41fad4f712e081acdfde8b59847f9f66eaf407a0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41fad4f712e081acdfde8b59847f9f66eaf407a0"
},
{
"url": "https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312005a022794b8e1e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312005a022794b8e1e"
},
{
"url": "https://git.kernel.org/stable/c/a3365e62239dc064019a244bde5686ac18527c22",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a3365e62239dc064019a244bde5686ac18527c22"
},
{
"url": "https://git.kernel.org/stable/c/2ec3f558db343b045a7c7419cdbaec266b8ac1a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ec3f558db343b045a7c7419cdbaec266b8ac1a7"
},
{
"url": "https://git.kernel.org/stable/c/8d21554ec7680e9585fb852d933203c3db60dad1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8d21554ec7680e9585fb852d933203c3db60dad1"
},
{
"url": "https://git.kernel.org/stable/c/34eee4189bcebbd5f6a2ff25ef0cb893ad33d51e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/34eee4189bcebbd5f6a2ff25ef0cb893ad33d51e"
},
{
"url": "https://git.kernel.org/stable/c/c5674bd073c0fd9f620ca550c5ff08d0d429bdd9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c5674bd073c0fd9f620ca550c5ff08d0d429bdd9"
},
{
"url": "https://git.kernel.org/stable/c/6ec27c53886c8963729885bcf2dd996eba2767a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6ec27c53886c8963729885bcf2dd996eba2767a7"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

93
2022/49xxx/CVE-2022-49843.json Normal file
View File

@ -0,0 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49843",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Migrate in CPU page fault use current mm\n\nmigrate_vma_setup shows below warning because we don't hold another\nprocess mm mmap_lock. We should use current vmf->vma->vm_mm instead, the\ncaller already hold current mmap lock inside CPU page fault handler.\n\n WARNING: CPU: 10 PID: 3054 at include/linux/mmap_lock.h:155 find_vma\n Call Trace:\n walk_page_range+0x76/0x150\n migrate_vma_setup+0x18a/0x640\n svm_migrate_vram_to_ram+0x245/0xa10 [amdgpu]\n svm_migrate_to_ram+0x36f/0x470 [amdgpu]\n do_swap_page+0xcfe/0xec0\n __handle_mm_fault+0x96b/0x15e0\n handle_mm_fault+0x13f/0x3e0\n do_user_addr_fault+0x1e7/0x690"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b1f852277171ad87a37bf42835839c306b7f05dd",
"version_value": "1dea25e25acd990d7657940ffcab8354c28fa292"
},
{
"version_affected": "<",
"version_name": "883584df581987e7176bfae1c8b276f73c2ca28d",
"version_value": "128e284c6cccf5875261569fa3bb07558870c17f"
},
{
"version_affected": "<",
"version_name": "e1f84eef313f4820cca068a238c645d0a38c6a9b",
"version_value": "3a876060892ba52dd67d197c78b955e62657d906"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1dea25e25acd990d7657940ffcab8354c28fa292",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1dea25e25acd990d7657940ffcab8354c28fa292"
},
{
"url": "https://git.kernel.org/stable/c/128e284c6cccf5875261569fa3bb07558870c17f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/128e284c6cccf5875261569fa3bb07558870c17f"
},
{
"url": "https://git.kernel.org/stable/c/3a876060892ba52dd67d197c78b955e62657d906",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3a876060892ba52dd67d197c78b955e62657d906"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49844.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49844",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: fix skb drop check\n\nIn commit a6d190f8c767 (\"can: skb: drop tx skb if in listen only\nmode\") the priv->ctrlmode element is read even on virtual CAN\ninterfaces that do not create the struct can_priv at startup. This\nout-of-bounds read may lead to CAN frame drops for virtual CAN\ninterfaces like vcan and vxcan.\n\nThis patch mainly reverts the original commit and adds a new helper\nfor CAN interface drivers that provide the required information in\nstruct can_priv.\n\n[mkl: patch pch_can, too]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a6d190f8c7670068d8c154ef8477eca07b5e3574",
"version_value": "386c49fe31ee748e053860b3bac7794a933ac9ac"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/386c49fe31ee748e053860b3bac7794a933ac9ac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/386c49fe31ee748e053860b3bac7794a933ac9ac"
},
{
"url": "https://git.kernel.org/stable/c/ae64438be1923e3c1102d90fd41db7afcfaf54cc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ae64438be1923e3c1102d90fd41db7afcfaf54cc"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

135
2022/49xxx/CVE-2022-49845.json Normal file
View File

@ -0,0 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49845",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_send_one(): fix missing CAN header initialization\n\nThe read access to struct canxl_frame::len inside of a j1939 created\nskbuff revealed a missing initialization of reserved and later filled\nelements in struct can_frame.\n\nThis patch initializes the 8 byte CAN header with zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9d71dd0c70099914fcd063135da3c580865e924c",
"version_value": "d0513b095e1ef1469718564dec3fb3348556d0a8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d0513b095e1ef1469718564dec3fb3348556d0a8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d0513b095e1ef1469718564dec3fb3348556d0a8"
},
{
"url": "https://git.kernel.org/stable/c/f8e0edeaa0f2b860bdbbf0aafb4492533043d650",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f8e0edeaa0f2b860bdbbf0aafb4492533043d650"
},
{
"url": "https://git.kernel.org/stable/c/69e86c6268d59ceddd0abe9ae8f1f5296f316c3c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/69e86c6268d59ceddd0abe9ae8f1f5296f316c3c"
},
{
"url": "https://git.kernel.org/stable/c/2719f82ad5d8199cf5f346ea8bb3998ad5323b72",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2719f82ad5d8199cf5f346ea8bb3998ad5323b72"
},
{
"url": "https://git.kernel.org/stable/c/3eb3d283e8579a22b81dd2ac3987b77465b2a22f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3eb3d283e8579a22b81dd2ac3987b77465b2a22f"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49846.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49846",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix a slab-out-of-bounds write bug in udf_find_entry()\n\nSyzbot reported a slab-out-of-bounds Write bug:\n\nloop0: detected capacity change from 0 to 2048\n==================================================================\nBUG: KASAN: slab-out-of-bounds in udf_find_entry+0x8a5/0x14f0\nfs/udf/namei.c:253\nWrite of size 105 at addr ffff8880123ff896 by task syz-executor323/3610\n\nCPU: 0 PID: 3610 Comm: syz-executor323 Not tainted\n6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0\nHardware name: Google Compute Engine/Google Compute Engine, BIOS\nGoogle 10/11/2022\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report+0xcd/0x100 mm/kasan/report.c:495\n kasan_check_range+0x2a7/0x2e0 mm/kasan/generic.c:189\n memcpy+0x3c/0x60 mm/kasan/shadow.c:66\n udf_find_entry+0x8a5/0x14f0 fs/udf/namei.c:253\n udf_lookup+0xef/0x340 fs/udf/namei.c:309\n lookup_open fs/namei.c:3391 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x10e6/0x2df0 fs/namei.c:3710\n do_filp_open+0x264/0x4f0 fs/namei.c:3740\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_creat fs/open.c:1402 [inline]\n __se_sys_creat fs/open.c:1396 [inline]\n __x64_sys_creat+0x11f/0x160 fs/open.c:1396\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7ffab0d164d9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89\nf7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01\nf0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe1a7e6bb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffab0d164d9\nRDX: 00007ffab0d164d9 RSI: 0000000000000000 RDI: 0000000020000180\nRBP: 00007ffab0cd5a10 R08: 0000000000000000 R09: 0000000000000000\nR10: 00005555573552c0 R11: 0000000000000246 R12: 00007ffab0cd5aa0\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\nAllocated by task 3610:\n kasan_save_stack mm/kasan/common.c:45 [inline]\n kasan_set_track+0x3d/0x60 mm/kasan/common.c:52\n ____kasan_kmalloc mm/kasan/common.c:371 [inline]\n __kasan_kmalloc+0x97/0xb0 mm/kasan/common.c:380\n kmalloc include/linux/slab.h:576 [inline]\n udf_find_entry+0x7b6/0x14f0 fs/udf/namei.c:243\n udf_lookup+0xef/0x340 fs/udf/namei.c:309\n lookup_open fs/namei.c:3391 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x10e6/0x2df0 fs/namei.c:3710\n do_filp_open+0x264/0x4f0 fs/namei.c:3740\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_creat fs/open.c:1402 [inline]\n __se_sys_creat fs/open.c:1396 [inline]\n __x64_sys_creat+0x11f/0x160 fs/open.c:1396\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe buggy address belongs to the object at ffff8880123ff800\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 150 bytes inside of\n 256-byte region [ffff8880123ff800, ffff8880123ff900)\n\nThe buggy address belongs to the physical page:\npage:ffffea000048ff80 refcount:1 mapcount:0 mapping:0000000000000000\nindex:0x0 pfn:0x123fe\nhead:ffffea000048ff80 order:1 compound_mapcount:0 compound_pincount:0\nflags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000010200 ffffea00004b8500 dead000000000003 ffff888012041b40\nraw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(),\npid 1, tgid 1 (swapper/0), ts 1841222404, free_ts 0\n create_dummy_stack mm/page_owner.c:\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "066b9cded00b8e3212df74a417bb074f3f3a1fe0",
"version_value": "583fdd98d94acba1e7225e5cc29063aef0741030"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/583fdd98d94acba1e7225e5cc29063aef0741030",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/583fdd98d94acba1e7225e5cc29063aef0741030"
},
{
"url": "https://git.kernel.org/stable/c/f1517721c408631f09d54c743aa70cb07fd3eebd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f1517721c408631f09d54c743aa70cb07fd3eebd"
},
{
"url": "https://git.kernel.org/stable/c/7a6051d734f1ed0031e2216f9a538621235c11a4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a6051d734f1ed0031e2216f9a538621235c11a4"
},
{
"url": "https://git.kernel.org/stable/c/d8971f410739a864c537e0ac29344a7b6c450232",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d8971f410739a864c537e0ac29344a7b6c450232"
},
{
"url": "https://git.kernel.org/stable/c/03f9582a6a2ebd25a440896475c968428c4b63e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/03f9582a6a2ebd25a440896475c968428c4b63e7"
},
{
"url": "https://git.kernel.org/stable/c/c736ed8541605e3a25075bb1cbf8f38cb3083238",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c736ed8541605e3a25075bb1cbf8f38cb3083238"
},
{
"url": "https://git.kernel.org/stable/c/ac79001b8e603226fab17240a79cb9ef679d3cd9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac79001b8e603226fab17240a79cb9ef679d3cd9"
},
{
"url": "https://git.kernel.org/stable/c/c8af247de385ce49afabc3bf1cf4fd455c94bfe8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8af247de385ce49afabc3bf1cf4fd455c94bfe8"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49847.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49847",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload\n\nMove am65_cpsw_nuss_phylink_cleanup() call to after\nam65_cpsw_nuss_cleanup_ndev() so phylink is still valid\nto prevent the below Segmentation fault on module remove when\nfirst slave link is up.\n\n[ 31.652944] Unable to handle kernel paging request at virtual address 00040008000005f4\n[ 31.684627] Mem abort info:\n[ 31.687446] ESR = 0x0000000096000004\n[ 31.704614] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 31.720663] SET = 0, FnV = 0\n[ 31.723729] EA = 0, S1PTW = 0\n[ 31.740617] FSC = 0x04: level 0 translation fault\n[ 31.756624] Data abort info:\n[ 31.759508] ISV = 0, ISS = 0x00000004\n[ 31.776705] CM = 0, WnR = 0\n[ 31.779695] [00040008000005f4] address between user and kernel address ranges\n[ 31.808644] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 31.814928] Modules linked in: wlcore_sdio wl18xx wlcore mac80211 libarc4 cfg80211 rfkill crct10dif_ce phy_gmii_sel ti_am65_cpsw_nuss(-) sch_fq_codel ipv6\n[ 31.828776] CPU: 0 PID: 1026 Comm: modprobe Not tainted 6.1.0-rc2-00012-gfabfcf7dafdb-dirty #160\n[ 31.837547] Hardware name: Texas Instruments AM625 (DT)\n[ 31.842760] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 31.849709] pc : phy_stop+0x18/0xf8\n[ 31.853202] lr : phylink_stop+0x38/0xf8\n[ 31.857031] sp : ffff80000a0839f0\n[ 31.860335] x29: ffff80000a0839f0 x28: ffff000000de1c80 x27: 0000000000000000\n[ 31.867462] x26: 0000000000000000 x25: 0000000000000000 x24: ffff80000a083b98\n[ 31.874589] x23: 0000000000000800 x22: 0000000000000001 x21: ffff000001bfba90\n[ 31.881715] x20: ffff0000015ee000 x19: 0004000800000200 x18: 0000000000000000\n[ 31.888842] x17: ffff800076c45000 x16: ffff800008004000 x15: 000058e39660b106\n[ 31.895969] x14: 0000000000000144 x13: 0000000000000144 x12: 0000000000000000\n[ 31.903095] x11: 000000000000275f x10: 00000000000009e0 x9 : ffff80000a0837d0\n[ 31.910222] x8 : ffff000000de26c0 x7 : ffff00007fbd6540 x6 : ffff00007fbd64c0\n[ 31.917349] x5 : ffff00007fbd0b10 x4 : ffff00007fbd0b10 x3 : ffff00007fbd3920\n[ 31.924476] x2 : d0a07fcff8b8d500 x1 : 0000000000000000 x0 : 0004000800000200\n[ 31.931603] Call trace:\n[ 31.934042] phy_stop+0x18/0xf8\n[ 31.937177] phylink_stop+0x38/0xf8\n[ 31.940657] am65_cpsw_nuss_ndo_slave_stop+0x28/0x1e0 [ti_am65_cpsw_nuss]\n[ 31.947452] __dev_close_many+0xa4/0x140\n[ 31.951371] dev_close_many+0x84/0x128\n[ 31.955115] unregister_netdevice_many+0x130/0x6d0\n[ 31.959897] unregister_netdevice_queue+0x94/0xd8\n[ 31.964591] unregister_netdev+0x24/0x38\n[ 31.968504] am65_cpsw_nuss_cleanup_ndev.isra.0+0x48/0x70 [ti_am65_cpsw_nuss]\n[ 31.975637] am65_cpsw_nuss_remove+0x58/0xf8 [ti_am65_cpsw_nuss]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e8609e69470f369509b44d5f2619f94541fe9df6",
"version_value": "442fd1bfe599bc54d118775e9e1a4fe913e4b369"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/442fd1bfe599bc54d118775e9e1a4fe913e4b369",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/442fd1bfe599bc54d118775e9e1a4fe913e4b369"
},
{
"url": "https://git.kernel.org/stable/c/1a0c016a4831ea29be09bbc8162d4a2a0690b4b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a0c016a4831ea29be09bbc8162d4a2a0690b4b8"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49848.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49848",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qmp-combo: fix NULL-deref on runtime resume\n\nCommit fc64623637da (\"phy: qcom-qmp-combo,usb: add support for separate\nPCS_USB region\") started treating the PCS_USB registers as potentially\nseparate from the PCS registers but used the wrong base when no PCS_USB\noffset has been provided.\n\nFix the PCS_USB base used at runtime resume to prevent dereferencing a\nNULL pointer on platforms that do not provide a PCS_USB offset (e.g.\nSC7180)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fc64623637da5e964566628bc0e660e93dc7a395",
"version_value": "c559a8b5cfa3db196ced0257b288f17027621348"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c559a8b5cfa3db196ced0257b288f17027621348",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c559a8b5cfa3db196ced0257b288f17027621348"
},
{
"url": "https://git.kernel.org/stable/c/04948e757148f870a31f4887ea2239403f516c3c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/04948e757148f870a31f4887ea2239403f516c3c"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

118
2022/49xxx/CVE-2022-49849.json Normal file
View File

@ -0,0 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49849",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix match incorrectly in dev_args_match_device\n\nsyzkaller found a failed assertion:\n\n assertion failed: (args->devid != (u64)-1) || args->missing, in fs/btrfs/volumes.c:6921\n\nThis can be triggered when we set devid to (u64)-1 by ioctl. In this\ncase, the match of devid will be skipped and the match of device may\nsucceed incorrectly.\n\nPatch 562d7b1512f7 introduced this function which is used to match device.\nThis function contains two matching scenarios, we can distinguish them by\nchecking the value of args->missing rather than check whether args->devid\nand args->uuid is default value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5578b681fbf2b22d61189a2539efd3009518b328",
"version_value": "c9fe4719c662e0af17eea723cf345e37719fd3c9"
},
{
"version_affected": "<",
"version_name": "562d7b1512f7369a19bca2883e2e8672d78f0481",
"version_value": "bc6c127c377010f136360552ebf91c2723081c1b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c9fe4719c662e0af17eea723cf345e37719fd3c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c9fe4719c662e0af17eea723cf345e37719fd3c9"
},
{
"url": "https://git.kernel.org/stable/c/bc6c127c377010f136360552ebf91c2723081c1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bc6c127c377010f136360552ebf91c2723081c1b"
},
{
"url": "https://git.kernel.org/stable/c/0fca385d6ebc3cabb20f67bcf8a71f1448bdc001",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0fca385d6ebc3cabb20f67bcf8a71f1448bdc001"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49850.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49850",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix deadlock in nilfs_count_free_blocks()\n\nA semaphore deadlock can occur if nilfs_get_block() detects metadata\ncorruption while locating data blocks and a superblock writeback occurs at\nthe same time:\n\ntask 1 task 2\n------ ------\n* A file operation *\nnilfs_truncate()\n nilfs_get_block()\n down_read(rwsem A) <--\n nilfs_bmap_lookup_contig()\n ... generic_shutdown_super()\n nilfs_put_super()\n * Prepare to write superblock *\n down_write(rwsem B) <--\n nilfs_cleanup_super()\n * Detect b-tree corruption * nilfs_set_log_cursor()\n nilfs_bmap_convert_error() nilfs_count_free_blocks()\n __nilfs_error() down_read(rwsem A) <--\n nilfs_set_error()\n down_write(rwsem B) <--\n\n *** DEADLOCK ***\n\nHere, nilfs_get_block() readlocks rwsem A (= NILFS_MDT(dat_inode)->mi_sem)\nand then calls nilfs_bmap_lookup_contig(), but if it fails due to metadata\ncorruption, __nilfs_error() is called from nilfs_bmap_convert_error()\ninside the lock section.\n\nSince __nilfs_error() calls nilfs_set_error() unless the filesystem is\nread-only and nilfs_set_error() attempts to writelock rwsem B (=\nnilfs->ns_sem) to write back superblock exclusively, hierarchical lock\nacquisition occurs in the order rwsem A -> rwsem B.\n\nNow, if another task starts updating the superblock, it may writelock\nrwsem B during the lock sequence above, and can deadlock trying to\nreadlock rwsem A in nilfs_count_free_blocks().\n\nHowever, there is actually no need to take rwsem A in\nnilfs_count_free_blocks() because it, within the lock section, only reads\na single integer data on a shared struct with\nnilfs_sufile_get_ncleansegs(). This has been the case after commit\naa474a220180 (\"nilfs2: add local variable to cache the number of clean\nsegments\"), that is, even before this bug was introduced.\n\nSo, this resolves the deadlock problem by just not taking the semaphore in\nnilfs_count_free_blocks()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e828949e5b42bfd234ee537cdb7c5e3a577958a3",
"version_value": "3c89ca6d3dfa6c09c515807a7a97a521f5d5147e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.38",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.38",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3c89ca6d3dfa6c09c515807a7a97a521f5d5147e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3c89ca6d3dfa6c09c515807a7a97a521f5d5147e"
},
{
"url": "https://git.kernel.org/stable/c/8b4506cff6630bb474bb46a2a75c31e533a756ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b4506cff6630bb474bb46a2a75c31e533a756ba"
},
{
"url": "https://git.kernel.org/stable/c/f0cc93080d4c09510b74ecba87fd778cca390bb1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f0cc93080d4c09510b74ecba87fd778cca390bb1"
},
{
"url": "https://git.kernel.org/stable/c/36ff974b0310771417c0be64b64aa221bd70d63d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36ff974b0310771417c0be64b64aa221bd70d63d"
},
{
"url": "https://git.kernel.org/stable/c/1d4ff73062096c21b47954d2996b4df259777bda",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d4ff73062096c21b47954d2996b4df259777bda"
},
{
"url": "https://git.kernel.org/stable/c/abc082aac0d9b6b926038fc3adb7008306581be2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abc082aac0d9b6b926038fc3adb7008306581be2"
},
{
"url": "https://git.kernel.org/stable/c/cb029b54953420f7a2d65100f1c5107f14411bdc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb029b54953420f7a2d65100f1c5107f14411bdc"
},
{
"url": "https://git.kernel.org/stable/c/8ac932a4921a96ca52f61935dbba64ea87bbd5dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ac932a4921a96ca52f61935dbba64ea87bbd5dc"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

124
2022/49xxx/CVE-2022-49851.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49851",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: fix reserved memory setup\n\nCurrently, RISC-V sets up reserved memory using the \"early\" copy of the\ndevice tree. As a result, when trying to get a reserved memory region\nusing of_reserved_mem_lookup(), the pointer to reserved memory regions\nis using the early, pre-virtual-memory address which causes a kernel\npanic when trying to use the buffer's name:\n\n Unable to handle kernel paging request at virtual address 00000000401c31ac\n Oops [#1]\n Modules linked in:\n CPU: 0 PID: 0 Comm: swapper Not tainted 6.0.0-rc1-00001-g0d9d6953d834 #1\n Hardware name: Microchip PolarFire-SoC Icicle Kit (DT)\n epc : string+0x4a/0xea\n ra : vsnprintf+0x1e4/0x336\n epc : ffffffff80335ea0 ra : ffffffff80338936 sp : ffffffff81203be0\n gp : ffffffff812e0a98 tp : ffffffff8120de40 t0 : 0000000000000000\n t1 : ffffffff81203e28 t2 : 7265736572203a46 s0 : ffffffff81203c20\n s1 : ffffffff81203e28 a0 : ffffffff81203d22 a1 : 0000000000000000\n a2 : ffffffff81203d08 a3 : 0000000081203d21 a4 : ffffffffffffffff\n a5 : 00000000401c31ac a6 : ffff0a00ffffff04 a7 : ffffffffffffffff\n s2 : ffffffff81203d08 s3 : ffffffff81203d00 s4 : 0000000000000008\n s5 : ffffffff000000ff s6 : 0000000000ffffff s7 : 00000000ffffff00\n s8 : ffffffff80d9821a s9 : ffffffff81203d22 s10: 0000000000000002\n s11: ffffffff80d9821c t3 : ffffffff812f3617 t4 : ffffffff812f3617\n t5 : ffffffff812f3618 t6 : ffffffff81203d08\n status: 0000000200000100 badaddr: 00000000401c31ac cause: 000000000000000d\n [<ffffffff80338936>] vsnprintf+0x1e4/0x336\n [<ffffffff80055ae2>] vprintk_store+0xf6/0x344\n [<ffffffff80055d86>] vprintk_emit+0x56/0x192\n [<ffffffff80055ed8>] vprintk_default+0x16/0x1e\n [<ffffffff800563d2>] vprintk+0x72/0x80\n [<ffffffff806813b2>] _printk+0x36/0x50\n [<ffffffff8068af48>] print_reserved_mem+0x1c/0x24\n [<ffffffff808057ec>] paging_init+0x528/0x5bc\n [<ffffffff808031ae>] setup_arch+0xd0/0x592\n [<ffffffff8080070e>] start_kernel+0x82/0x73c\n\nearly_init_fdt_scan_reserved_mem() takes no arguments as it operates on\ninitial_boot_params, which is populated by early_init_dt_verify(). On\nRISC-V, early_init_dt_verify() is called twice. Once, directly, in\nsetup_arch() if CONFIG_BUILTIN_DTB is not enabled and once indirectly,\nvery early in the boot process, by parse_dtb() when it calls\nearly_init_dt_scan_nodes().\n\nThis first call uses dtb_early_va to set initial_boot_params, which is\nnot usable later in the boot process when\nearly_init_fdt_scan_reserved_mem() is called. On arm64 for example, the\ncorresponding call to early_init_dt_scan_nodes() uses fixmap addresses\nand doesn't suffer the same fate.\n\nMove early_init_fdt_scan_reserved_mem() further along the boot sequence,\nafter the direct call to early_init_dt_verify() in setup_arch() so that\nthe names use the correct virtual memory addresses. The above supposed\nthat CONFIG_BUILTIN_DTB was not set, but should work equally in the case\nwhere it is - unflatted_and_copy_device_tree() also updates\ninitial_boot_params."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "922b0375fc93fb1a20c5617e37c389c26bbccb70",
"version_value": "94ab8f88feb75e3b1486102c0c9c550f37d9d137"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/94ab8f88feb75e3b1486102c0c9c550f37d9d137",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/94ab8f88feb75e3b1486102c0c9c550f37d9d137"
},
{
"url": "https://git.kernel.org/stable/c/518e49f0590de66555503aabe199ba8d3f2e24ac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/518e49f0590de66555503aabe199ba8d3f2e24ac"
},
{
"url": "https://git.kernel.org/stable/c/93598deb101540c4f9e7de15099ea8255b965fc2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93598deb101540c4f9e7de15099ea8255b965fc2"
},
{
"url": "https://git.kernel.org/stable/c/50e63dd8ed92045eb70a72d7ec725488320fb68b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50e63dd8ed92045eb70a72d7ec725488320fb68b"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

146
2022/49xxx/CVE-2022-49852.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49852",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: process: fix kernel info leakage\n\nthread_struct's s[12] may contain random kernel memory content, which\nmay be finally leaked to userspace. This is a security hole. Fix it\nby clearing the s[12] array in thread_struct when fork.\n\nAs for kthread case, it's better to clear the s[12] array as well."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7db91e57a0acde126a162ababfb1e0ab190130cb",
"version_value": "c4601d30f7d989b4f354df899ab85b5f7a750d30"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c4601d30f7d989b4f354df899ab85b5f7a750d30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c4601d30f7d989b4f354df899ab85b5f7a750d30"
},
{
"url": "https://git.kernel.org/stable/c/c5c0b3167537793a7cf936fb240366eefd2fc7fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c5c0b3167537793a7cf936fb240366eefd2fc7fb"
},
{
"url": "https://git.kernel.org/stable/c/e56d18a976dda653194218df6d40d8122c775712",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e56d18a976dda653194218df6d40d8122c775712"
},
{
"url": "https://git.kernel.org/stable/c/cc36c7fa5d9384602529ba3eea8c5daee7be4dbc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc36c7fa5d9384602529ba3eea8c5daee7be4dbc"
},
{
"url": "https://git.kernel.org/stable/c/358a68f98304b40b201ba5afe94c20355aa3dc68",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/358a68f98304b40b201ba5afe94c20355aa3dc68"
},
{
"url": "https://git.kernel.org/stable/c/6510c78490c490a6636e48b61eeaa6fb65981f4b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6510c78490c490a6636e48b61eeaa6fb65981f4b"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49853.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49853",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macvlan: fix memory leaks of macvlan_common_newlink\n\nkmemleak reports memory leaks in macvlan_common_newlink, as follows:\n\n ip link add link eth0 name .. type macvlan mode source macaddr add\n <MAC-ADDR>\n\nkmemleak reports:\n\nunreferenced object 0xffff8880109bb140 (size 64):\n comm \"ip\", pid 284, jiffies 4294986150 (age 430.108s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 b8 aa 5a 12 80 88 ff ff ..........Z.....\n 80 1b fa 0d 80 88 ff ff 1e ff ac af c7 c1 6b 6b ..............kk\n backtrace:\n [<ffffffff813e06a7>] kmem_cache_alloc_trace+0x1c7/0x300\n [<ffffffff81b66025>] macvlan_hash_add_source+0x45/0xc0\n [<ffffffff81b66a67>] macvlan_changelink_sources+0xd7/0x170\n [<ffffffff81b6775c>] macvlan_common_newlink+0x38c/0x5a0\n [<ffffffff81b6797e>] macvlan_newlink+0xe/0x20\n [<ffffffff81d97f8f>] __rtnl_newlink+0x7af/0xa50\n [<ffffffff81d98278>] rtnl_newlink+0x48/0x70\n ...\n\nIn the scenario where the macvlan mode is configured as 'source',\nmacvlan_changelink_sources() will be execured to reconfigure list of\nremote source mac addresses, at the same time, if register_netdevice()\nreturn an error, the resource generated by macvlan_changelink_sources()\nis not cleaned up.\n\nUsing this patch, in the case of an error, it will execute\nmacvlan_flush_sources() to ensure that the resource is cleaned up."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "aa5fd0fb77486b8a6764ead8627baa14790e4280",
"version_value": "9f288e338be206713d79b29144c27fca4503c39b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9f288e338be206713d79b29144c27fca4503c39b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9f288e338be206713d79b29144c27fca4503c39b"
},
{
"url": "https://git.kernel.org/stable/c/21d3a8b6a1e39e7529ce9de07316ee13a63f305b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21d3a8b6a1e39e7529ce9de07316ee13a63f305b"
},
{
"url": "https://git.kernel.org/stable/c/a81b44d1df1f07f00c0dcc0a0b3d2fa24a46289e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a81b44d1df1f07f00c0dcc0a0b3d2fa24a46289e"
},
{
"url": "https://git.kernel.org/stable/c/685e73e3f7a9fb75cbf049a9d0b7c45cc6b57b2e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/685e73e3f7a9fb75cbf049a9d0b7c45cc6b57b2e"
},
{
"url": "https://git.kernel.org/stable/c/956e0216a19994443c90ba2ea6b0b284c9c4f9cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/956e0216a19994443c90ba2ea6b0b284c9c4f9cb"
},
{
"url": "https://git.kernel.org/stable/c/a8d67367ab33604326cc37ab44fd1801bf5691ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8d67367ab33604326cc37ab44fd1801bf5691ba"
},
{
"url": "https://git.kernel.org/stable/c/9ea003c4671b2fc455320ecf6d4a43b0a3c1878a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ea003c4671b2fc455320ecf6d4a43b0a3c1878a"
},
{
"url": "https://git.kernel.org/stable/c/23569b5652ee8e8e55a12f7835f59af6f3cefc30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/23569b5652ee8e8e55a12f7835f59af6f3cefc30"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49854.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49854",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: Fix an error handling path in mctp_init()\n\nIf mctp_neigh_init() return error, the routes resources should\nbe released in the error handling path. Otherwise some resources\nleak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4d8b9319282ae84f5a17b28d8b5b5d1e7e537312",
"version_value": "49d8a6e24a3496d86e8d8ae748375df984fb6d6f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/49d8a6e24a3496d86e8d8ae748375df984fb6d6f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49d8a6e24a3496d86e8d8ae748375df984fb6d6f"
},
{
"url": "https://git.kernel.org/stable/c/216c83222d2eb24b0e63df56e8740b02c33286e8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/216c83222d2eb24b0e63df56e8740b02c33286e8"
},
{
"url": "https://git.kernel.org/stable/c/d4072058af4fd8fb4658e7452289042a406a9398",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d4072058af4fd8fb4658e7452289042a406a9398"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49855.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49855",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg\n\nipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to\nobtain the wwan power state configuration from BIOS but is\nnot freeing the acpi_object. The acpi_evaluate_dsm() returned\nacpi_object to be freed.\n\nFree the acpi_object after use."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7e98d785ae6184c7580a33619dae8b651769ff08",
"version_value": "13b1ea861e8aeb701bcfbfe436b943efa2d44029"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/13b1ea861e8aeb701bcfbfe436b943efa2d44029",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/13b1ea861e8aeb701bcfbfe436b943efa2d44029"
},
{
"url": "https://git.kernel.org/stable/c/7560ceef4d2832a67e8781d924e129c7f542376f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7560ceef4d2832a67e8781d924e129c7f542376f"
},
{
"url": "https://git.kernel.org/stable/c/d38a648d2d6cc7bee11c6f533ff9426a00c2a74c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d38a648d2d6cc7bee11c6f533ff9426a00c2a74c"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

123
2022/49xxx/CVE-2022-49856.json Normal file
View File

@ -0,0 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49856",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tun: call napi_schedule_prep() to ensure we own a napi\n\nA recent patch exposed another issue in napi_get_frags()\ncaught by syzbot [1]\n\nBefore feeding packets to GRO, and calling napi_complete()\nwe must first grab NAPI_STATE_SCHED.\n\n[1]\nWARNING: CPU: 0 PID: 3612 at net/core/dev.c:6076 napi_complete_done+0x45b/0x880 net/core/dev.c:6076\nModules linked in:\nCPU: 0 PID: 3612 Comm: syz-executor408 Not tainted 6.1.0-rc3-syzkaller-00175-g1118b2049d77 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nRIP: 0010:napi_complete_done+0x45b/0x880 net/core/dev.c:6076\nCode: c1 ea 03 0f b6 14 02 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 24 04 00 00 41 89 5d 1c e9 73 fc ff ff e8 b5 53 22 fa <0f> 0b e9 82 fe ff ff e8 a9 53 22 fa 48 8b 5c 24 08 31 ff 48 89 de\nRSP: 0018:ffffc90003c4f920 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000000030 RCX: 0000000000000000\nRDX: ffff8880251c0000 RSI: ffffffff875a58db RDI: 0000000000000007\nRBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000001 R12: ffff888072d02628\nR13: ffff888072d02618 R14: ffff888072d02634 R15: 0000000000000000\nFS: 0000555555f13300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055c44d3892b8 CR3: 00000000172d2000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<TASK>\nnapi_complete include/linux/netdevice.h:510 [inline]\ntun_get_user+0x206d/0x3a60 drivers/net/tun.c:1980\ntun_chr_write_iter+0xdb/0x200 drivers/net/tun.c:2027\ncall_write_iter include/linux/fs.h:2191 [inline]\ndo_iter_readv_writev+0x20b/0x3b0 fs/read_write.c:735\ndo_iter_write+0x182/0x700 fs/read_write.c:861\nvfs_writev+0x1aa/0x630 fs/read_write.c:934\ndo_writev+0x133/0x2f0 fs/read_write.c:977\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f37021a3c19"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "223ef6a94e52331a6a7ef31e59921e0e82d2d40a",
"version_value": "310f0855352ee4b2eb38855c99185c23e6e1496b"
},
{
"version_affected": "<",
"version_name": "a4f73f6adc53fd7a3f9771cbc89a03ef39b0b755",
"version_value": "30b0263d0366ea63aa7cad0407dfd945cc348580"
},
{
"version_affected": "<",
"version_name": "3401f964028ac941425b9b2c8ff8a022539ef44a",
"version_value": "534762e261c84d43e5d56a780e40278b94c20540"
},
{
"version_affected": "<",
"version_name": "d7569302a7a52a9305d2fb054df908ff985553bb",
"version_value": "9132fa043f96ac545254ab326db5c6fd47d54acb"
},
{
"version_affected": "<",
"version_name": "8b12a020b20a78f62bedc50f26db3bf4fadf8cb9",
"version_value": "999550c8cbb3fcb535f542d652fe1cb936839e5f"
},
{
"version_affected": "<",
"version_name": "1118b2049d77ca0b505775fc1a8d1909cf19a7ec",
"version_value": "07d120aa33cc9d9115753d159f64d20c94458781"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/310f0855352ee4b2eb38855c99185c23e6e1496b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/310f0855352ee4b2eb38855c99185c23e6e1496b"
},
{
"url": "https://git.kernel.org/stable/c/30b0263d0366ea63aa7cad0407dfd945cc348580",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/30b0263d0366ea63aa7cad0407dfd945cc348580"
},
{
"url": "https://git.kernel.org/stable/c/534762e261c84d43e5d56a780e40278b94c20540",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/534762e261c84d43e5d56a780e40278b94c20540"
},
{
"url": "https://git.kernel.org/stable/c/9132fa043f96ac545254ab326db5c6fd47d54acb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9132fa043f96ac545254ab326db5c6fd47d54acb"
},
{
"url": "https://git.kernel.org/stable/c/999550c8cbb3fcb535f542d652fe1cb936839e5f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/999550c8cbb3fcb535f542d652fe1cb936839e5f"
},
{
"url": "https://git.kernel.org/stable/c/07d120aa33cc9d9115753d159f64d20c94458781",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07d120aa33cc9d9115753d159f64d20c94458781"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

124
2022/49xxx/CVE-2022-49857.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49857",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()\n\nWhen prestera_sdma_switch_init() failed, the memory pointed to by\nsw->rxtx isn't released. Fix it. Only be compiled, not be tested."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "501ef3066c89d7f9045315e1be58749cf9e6814d",
"version_value": "5333cf1b7f6861912aff6263978d4781f9858e47"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.10",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5333cf1b7f6861912aff6263978d4781f9858e47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5333cf1b7f6861912aff6263978d4781f9858e47"
},
{
"url": "https://git.kernel.org/stable/c/409731df6310a33f4d0a3ef594d2410cdcd637f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/409731df6310a33f4d0a3ef594d2410cdcd637f2"
},
{
"url": "https://git.kernel.org/stable/c/31e5084ac6876e52dbb0a1cc4fc18b6c79979f31",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31e5084ac6876e52dbb0a1cc4fc18b6c79979f31"
},
{
"url": "https://git.kernel.org/stable/c/519b58bbfa825f042fcf80261cc18e1e35f85ffd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/519b58bbfa825f042fcf80261cc18e1e35f85ffd"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49858.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49858",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix SQE threshold checking\n\nCurrent way of checking available SQE count which is based on\nHW updated SQB count could result in driver submitting an SQE\neven before CQE for the previously transmitted SQE at the same\nindex is processed in NAPI resulting losing SKB pointers,\nhence a leak. Fix this by checking a consumer index which\nis updated once CQE is processed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3ca6c4c882a7f34085b170d93cf0d0e843aa00e6",
"version_value": "015e3c0a3b16193aab23beefe4719484b9984c2d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/015e3c0a3b16193aab23beefe4719484b9984c2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/015e3c0a3b16193aab23beefe4719484b9984c2d"
},
{
"url": "https://git.kernel.org/stable/c/f0dfc4c88ef39be0ba736aa0ce6119263fc19aeb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f0dfc4c88ef39be0ba736aa0ce6119263fc19aeb"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49859.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49859",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lapbether: fix issue of invalid opcode in lapbeth_open()\n\nIf lapb_register() failed when lapb device goes to up for the first time,\nthe NAPI is not disabled. As a result, the invalid opcode issue is\nreported when the lapb device goes to up for the second time.\n\nThe stack info is as follows:\n[ 1958.311422][T11356] kernel BUG at net/core/dev.c:6442!\n[ 1958.312206][T11356] invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n[ 1958.315979][T11356] RIP: 0010:napi_enable+0x16a/0x1f0\n[ 1958.332310][T11356] Call Trace:\n[ 1958.332817][T11356] <TASK>\n[ 1958.336135][T11356] lapbeth_open+0x18/0x90\n[ 1958.337446][T11356] __dev_open+0x258/0x490\n[ 1958.341672][T11356] __dev_change_flags+0x4d4/0x6a0\n[ 1958.345325][T11356] dev_change_flags+0x93/0x160\n[ 1958.346027][T11356] devinet_ioctl+0x1276/0x1bf0\n[ 1958.346738][T11356] inet_ioctl+0x1c8/0x2d0\n[ 1958.349638][T11356] sock_ioctl+0x5d1/0x750\n[ 1958.356059][T11356] __x64_sys_ioctl+0x3ec/0x1790\n[ 1958.365594][T11356] do_syscall_64+0x35/0x80\n[ 1958.366239][T11356] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 1958.377381][T11356] </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "514e1150da9cd8d7978d990a353636cf1a7a87c2",
"version_value": "4689bd3a1b23a1bd917899e63b81bca2ccdfab45"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4689bd3a1b23a1bd917899e63b81bca2ccdfab45",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4689bd3a1b23a1bd917899e63b81bca2ccdfab45"
},
{
"url": "https://git.kernel.org/stable/c/ed4940050a7ce7fc2ccd51db580ef1ade64290b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed4940050a7ce7fc2ccd51db580ef1ade64290b1"
},
{
"url": "https://git.kernel.org/stable/c/3faf7e14ec0c3462c2d747fa6793b8645d1391df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3faf7e14ec0c3462c2d747fa6793b8645d1391df"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49860.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49860",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma-glue: fix memory leak when register device fail\n\nIf device_register() fails, it should call put_device() to give\nup reference, the name allocated in dev_set_name() can be freed\nin callback function kobject_cleanup()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5b65781d06ea90ef2f8e51a13352c43c3daa8cdc",
"version_value": "1dd27541aa2b95bde71bddd43d73f9c16d73272c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1dd27541aa2b95bde71bddd43d73f9c16d73272c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1dd27541aa2b95bde71bddd43d73f9c16d73272c"
},
{
"url": "https://git.kernel.org/stable/c/025eab5189fc7ee223ae9b4bc49d7df196543e53",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/025eab5189fc7ee223ae9b4bc49d7df196543e53"
},
{
"url": "https://git.kernel.org/stable/c/ac2b9f34f02052709aea7b34bb2a165e1853eb41",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac2b9f34f02052709aea7b34bb2a165e1853eb41"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

178
2022/49xxx/CVE-2022-49861.json Normal file
View File

@ -0,0 +1,178 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49861",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()\n\nA clk_prepare_enable() call in the probe is not balanced by a corresponding\nclk_disable_unprepare() in the remove function.\n\nAdd the missing call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3bdcced41936b054470639c6a76ae033df1074e3",
"version_value": "04f2cc56d80a1ac058045a7835c5bfd910f17863"
},
{
"version_affected": "<",
"version_name": "2299285fb1819ef8459c116fd1eafe1458bb9ca1",
"version_value": "4b6641c3a2ba95ddcfecec263b4a5e572a4b0641"
},
{
"version_affected": "<",
"version_name": "3cd2c313f1d618f92d1294addc6c685c17065761",
"version_value": "20479886b40c0ed4864a5fc8490a1f6b70cccf1b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/04f2cc56d80a1ac058045a7835c5bfd910f17863",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/04f2cc56d80a1ac058045a7835c5bfd910f17863"
},
{
"url": "https://git.kernel.org/stable/c/4b6641c3a2ba95ddcfecec263b4a5e572a4b0641",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b6641c3a2ba95ddcfecec263b4a5e572a4b0641"
},
{
"url": "https://git.kernel.org/stable/c/20479886b40c0ed4864a5fc8490a1f6b70cccf1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20479886b40c0ed4864a5fc8490a1f6b70cccf1b"
},
{
"url": "https://git.kernel.org/stable/c/1d84887327659c58a6637060ac8c50c3a952a163",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d84887327659c58a6637060ac8c50c3a952a163"
},
{
"url": "https://git.kernel.org/stable/c/0b7ee3d50f32d277bf024b4ddb4de54da43a3025",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0b7ee3d50f32d277bf024b4ddb4de54da43a3025"
},
{
"url": "https://git.kernel.org/stable/c/992e966caf57e00855edbd79f19d911809732a69",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/992e966caf57e00855edbd79f19d911809732a69"
},
{
"url": "https://git.kernel.org/stable/c/a1cb72e20a64a3c83f9b4ee993fbf97e4c1d7714",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1cb72e20a64a3c83f9b4ee993fbf97e4c1d7714"
},
{
"url": "https://git.kernel.org/stable/c/081195d17a0c4c636da2b869bd5809d42e8cbb13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/081195d17a0c4c636da2b869bd5809d42e8cbb13"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

183
2022/49xxx/CVE-2022-49862.json Normal file
View File

@ -0,0 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49862",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header\n\nThis is a follow-up for commit 974cb0e3e7c9 (\"tipc: fix uninit-value\nin tipc_nl_compat_name_table_dump\") where it should have type casted\nsizeof(..) to int to work when TLV_GET_DATA_LEN() returns a negative\nvalue.\n\nsyzbot reported a call trace because of it:\n\n BUG: KMSAN: uninit-value in ...\n tipc_nl_compat_name_table_dump+0x841/0xea0 net/tipc/netlink_compat.c:934\n __tipc_nl_compat_dumpit+0xab2/0x1320 net/tipc/netlink_compat.c:238\n tipc_nl_compat_dumpit+0x991/0xb50 net/tipc/netlink_compat.c:321\n tipc_nl_compat_recv+0xb6e/0x1640 net/tipc/netlink_compat.c:1324\n genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:775 [inline]\n genl_rcv_msg+0x103f/0x1260 net/netlink/genetlink.c:792\n netlink_rcv_skb+0x3a5/0x6c0 net/netlink/af_netlink.c:2501\n genl_rcv+0x3c/0x50 net/netlink/genetlink.c:803\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0xf3b/0x1270 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x1288/0x1440 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg net/socket.c:734 [inline]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4c559fb7e111077b56f62ccf833a52d8169cde19",
"version_value": "082707d3df191bf5bb8801d43e4ce3dea39ca173"
},
{
"version_affected": "<",
"version_name": "2aae1723dea1235ffef183daf0694805297424f6",
"version_value": "a0ead1d648df9c456baec832b494513ef405949a"
},
{
"version_affected": "<",
"version_name": "2d5fc1d492d194aa2986c5a9d8a48a60e9143a72",
"version_value": "55a253a6753a603e80b95932ca971ba514aa6ce7"
},
{
"version_affected": "<",
"version_name": "974cb0e3e7c963ced06c4e32c5b2884173fa5e01",
"version_value": "36769b9477491a7af6635863bd950309c1e1b96c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/082707d3df191bf5bb8801d43e4ce3dea39ca173",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/082707d3df191bf5bb8801d43e4ce3dea39ca173"
},
{
"url": "https://git.kernel.org/stable/c/a0ead1d648df9c456baec832b494513ef405949a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a0ead1d648df9c456baec832b494513ef405949a"
},
{
"url": "https://git.kernel.org/stable/c/55a253a6753a603e80b95932ca971ba514aa6ce7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55a253a6753a603e80b95932ca971ba514aa6ce7"
},
{
"url": "https://git.kernel.org/stable/c/36769b9477491a7af6635863bd950309c1e1b96c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36769b9477491a7af6635863bd950309c1e1b96c"
},
{
"url": "https://git.kernel.org/stable/c/f31dd158580940938f77514b87337a777520185a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f31dd158580940938f77514b87337a777520185a"
},
{
"url": "https://git.kernel.org/stable/c/301caa06091af4d5cf056ac8249cbda4e6029c6a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/301caa06091af4d5cf056ac8249cbda4e6029c6a"
},
{
"url": "https://git.kernel.org/stable/c/6cee2c60bd168279852ac7dbe54c2b70d1028644",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6cee2c60bd168279852ac7dbe54c2b70d1028644"
},
{
"url": "https://git.kernel.org/stable/c/1c075b192fe41030457cd4a5f7dea730412bca40",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1c075b192fe41030457cd4a5f7dea730412bca40"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

145
2022/49xxx/CVE-2022-49863.json Normal file
View File

@ -0,0 +1,145 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49863",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: af_can: fix NULL pointer dereference in can_rx_register()\n\nIt causes NULL pointer dereference when testing as following:\n(a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket.\n(b) use syscall(__NR_sendmsg, ...) to create bond link device and vxcan\n link device, and bind vxcan device to bond device (can also use\n ifenslave command to bind vxcan device to bond device).\n(c) use syscall(__NR_socket, 0x1dul, 3ul, 1) to create CAN socket.\n(d) use syscall(__NR_bind, ...) to bind the bond device to CAN socket.\n\nThe bond device invokes the can-raw protocol registration interface to\nreceive CAN packets. However, ml_priv is not allocated to the dev,\ndev_rcv_lists is assigned to NULL in can_rx_register(). In this case,\nit will occur the NULL pointer dereference issue.\n\nThe following is the stack information:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 122a4067 P4D 122a4067 PUD 1223c067 PMD 0\nOops: 0000 [#1] PREEMPT SMP\nRIP: 0010:can_rx_register+0x12d/0x1e0\nCall Trace:\n<TASK>\nraw_enable_filters+0x8d/0x120\nraw_enable_allfilters+0x3b/0x130\nraw_bind+0x118/0x4f0\n__sys_bind+0x163/0x1a0\n__x64_sys_bind+0x1e/0x30\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n</TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4ac1feff6ea6495cbfd336f4438a6c6d140544a6",
"version_value": "afab4655750fcb3fca359bc7d7214e3d634cdf9c"
},
{
"version_affected": "<",
"version_name": "1a5751d58b14195f763b8c1d9ef33fb8a93e95e7",
"version_value": "d68fa77ee3d03bad6fe84e89759ddf7005f9e9c6"
},
{
"version_affected": "<",
"version_name": "4e096a18867a5a989b510f6999d9c6b6622e8f7b",
"version_value": "261178a1c2623077d62e374a75c195e6c99a6f05"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/afab4655750fcb3fca359bc7d7214e3d634cdf9c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afab4655750fcb3fca359bc7d7214e3d634cdf9c"
},
{
"url": "https://git.kernel.org/stable/c/d68fa77ee3d03bad6fe84e89759ddf7005f9e9c6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d68fa77ee3d03bad6fe84e89759ddf7005f9e9c6"
},
{
"url": "https://git.kernel.org/stable/c/261178a1c2623077d62e374a75c195e6c99a6f05",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/261178a1c2623077d62e374a75c195e6c99a6f05"
},
{
"url": "https://git.kernel.org/stable/c/a8055677b054bc2bb78beb1080fdc2dc5158c2fe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8055677b054bc2bb78beb1080fdc2dc5158c2fe"
},
{
"url": "https://git.kernel.org/stable/c/8aa59e355949442c408408c2d836e561794c40a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8aa59e355949442c408408c2d836e561794c40a1"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

103
2022/49xxx/CVE-2022-49864.json Normal file
View File

@ -0,0 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49864",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()\n\n./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "3c1bb6187e566143f15dbf0367ae671584aead5b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3c1bb6187e566143f15dbf0367ae671584aead5b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3c1bb6187e566143f15dbf0367ae671584aead5b"
},
{
"url": "https://git.kernel.org/stable/c/613d5a9a440828970f1543b962779401ac2c9c62",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/613d5a9a440828970f1543b962779401ac2c9c62"
},
{
"url": "https://git.kernel.org/stable/c/5b994354af3cab770bf13386469c5725713679af",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5b994354af3cab770bf13386469c5725713679af"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49865.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49865",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network\n\nWhen copying a `struct ifaddrlblmsg` to the network, __ifal_reserved\nremained uninitialized, resulting in a 1-byte infoleak:\n\n BUG: KMSAN: kernel-network-infoleak in __netdev_start_xmit ./include/linux/netdevice.h:4841\n __netdev_start_xmit ./include/linux/netdevice.h:4841\n netdev_start_xmit ./include/linux/netdevice.h:4857\n xmit_one net/core/dev.c:3590\n dev_hard_start_xmit+0x1dc/0x800 net/core/dev.c:3606\n __dev_queue_xmit+0x17e8/0x4350 net/core/dev.c:4256\n dev_queue_xmit ./include/linux/netdevice.h:3009\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:307\n __netlink_deliver_tap+0x728/0xad0 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338\n __netlink_sendskb net/netlink/af_netlink.c:1263\n netlink_sendskb+0x1d9/0x200 net/netlink/af_netlink.c:1272\n netlink_unicast+0x56d/0xf50 net/netlink/af_netlink.c:1360\n nlmsg_unicast ./include/net/netlink.h:1061\n rtnl_unicast+0x5a/0x80 net/core/rtnetlink.c:758\n ip6addrlbl_get+0xfad/0x10f0 net/ipv6/addrlabel.c:628\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n ...\n Uninit was created at:\n slab_post_alloc_hook+0x118/0xb00 mm/slab.h:742\n slab_alloc_node mm/slub.c:3398\n __kmem_cache_alloc_node+0x4f2/0x930 mm/slub.c:3437\n __do_kmalloc_node mm/slab_common.c:954\n __kmalloc_node_track_caller+0x117/0x3d0 mm/slab_common.c:975\n kmalloc_reserve net/core/skbuff.c:437\n __alloc_skb+0x27a/0xab0 net/core/skbuff.c:509\n alloc_skb ./include/linux/skbuff.h:1267\n nlmsg_new ./include/net/netlink.h:964\n ip6addrlbl_get+0x490/0x10f0 net/ipv6/addrlabel.c:608\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n netlink_rcv_skb+0x299/0x550 net/netlink/af_netlink.c:2540\n rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:6109\n netlink_unicast_kernel net/netlink/af_netlink.c:1319\n netlink_unicast+0x9ab/0xf50 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0xebc/0x10f0 net/netlink/af_netlink.c:1921\n ...\n\nThis patch ensures that the reserved field is always initialized."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2a8cc6c89039e0530a3335954253b76ed0f9339a",
"version_value": "568a47ff756f913e8b374c2af9d22cd2c772c744"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.25",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.25",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/568a47ff756f913e8b374c2af9d22cd2c772c744",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/568a47ff756f913e8b374c2af9d22cd2c772c744"
},
{
"url": "https://git.kernel.org/stable/c/0f85b7ae7c4b5d7b4bbf7ac653a733c181a8a2bf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0f85b7ae7c4b5d7b4bbf7ac653a733c181a8a2bf"
},
{
"url": "https://git.kernel.org/stable/c/6d26d0587abccb9835382a0b53faa7b9b1cd83e3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d26d0587abccb9835382a0b53faa7b9b1cd83e3"
},
{
"url": "https://git.kernel.org/stable/c/58cd7fdc8c1e6c7873acc08f190069fed88d1c12",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/58cd7fdc8c1e6c7873acc08f190069fed88d1c12"
},
{
"url": "https://git.kernel.org/stable/c/a033b86c7f7621fde31f0364af8986f43b44914f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a033b86c7f7621fde31f0364af8986f43b44914f"
},
{
"url": "https://git.kernel.org/stable/c/2acb2779b147decd300c117683d5a32ce61c75d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2acb2779b147decd300c117683d5a32ce61c75d6"
},
{
"url": "https://git.kernel.org/stable/c/49e92ba5ecd7d72ba369dde2ccff738edd028a47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49e92ba5ecd7d72ba369dde2ccff738edd028a47"
},
{
"url": "https://git.kernel.org/stable/c/c23fb2c82267638f9d206cb96bb93e1f93ad7828",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c23fb2c82267638f9d206cb96bb93e1f93ad7828"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49866.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49866",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: mhi: fix memory leak in mhi_mbim_dellink\n\nMHI driver registers network device without setting the\nneeds_free_netdev flag, and does NOT call free_netdev() when\nunregisters network device, which causes a memory leak.\n\nThis patch sets needs_free_netdev to true when registers\nnetwork device, which makes netdev subsystem call free_netdev()\nautomatically after unregister_netdevice()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "aa730a9905b7b079ef2fffdab7f15dbb842f5c7c",
"version_value": "2845bc9070cef0c651987487d84d4813d64675dd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2845bc9070cef0c651987487d84d4813d64675dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2845bc9070cef0c651987487d84d4813d64675dd"
},
{
"url": "https://git.kernel.org/stable/c/3cd3ffe952f78ec5dadf300cb58d4b38a0c0106d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cd3ffe952f78ec5dadf300cb58d4b38a0c0106d"
},
{
"url": "https://git.kernel.org/stable/c/668205b9c9f94d5ed6ab00cce9a46a654c2b5d16",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/668205b9c9f94d5ed6ab00cce9a46a654c2b5d16"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49867.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49867",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: iosm: fix memory leak in ipc_wwan_dellink\n\nIOSM driver registers network device without setting the\nneeds_free_netdev flag, and does NOT call free_netdev() when\nunregisters network device, which causes a memory leak.\n\nThis patch sets needs_free_netdev to true when registers\nnetwork device, which makes netdev subsystem call free_netdev()\nautomatically after unregister_netdevice()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2a54f2c7793409736f2e5ea101e050b3f1997088",
"version_value": "2ce2348c2858d723f7fe389dead9b43b08e0944e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2ce2348c2858d723f7fe389dead9b43b08e0944e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ce2348c2858d723f7fe389dead9b43b08e0944e"
},
{
"url": "https://git.kernel.org/stable/c/128514b51a5ba2c82f9e4a106f1c10423907618a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/128514b51a5ba2c82f9e4a106f1c10423907618a"
},
{
"url": "https://git.kernel.org/stable/c/f25caaca424703d5a0607310f0452f978f1f78d9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f25caaca424703d5a0607310f0452f978f1f78d9"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49868.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49868",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: ralink: mt7621-pci: add sentinel to quirks table\n\nWith mt7621 soc_dev_attr fixed to register the soc as a device,\nkernel will experience an oops in soc_device_match_attr\n\nThis quirk test was introduced in the staging driver in\ncommit 9445ccb3714c (\"staging: mt7621-pci-phy: add quirks for 'E2'\nrevision using 'soc_device_attribute'\"). The staging driver was removed,\nand later re-added in commit d87da32372a0 (\"phy: ralink: Add PHY driver\nfor MT7621 PCIe PHY\") for kernel 5.11"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d87da32372a03ce121fc65ccd2c9a43edf56b364",
"version_value": "500bcd3a99eae84412067c3b9e7ffba1c66e6383"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/500bcd3a99eae84412067c3b9e7ffba1c66e6383",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/500bcd3a99eae84412067c3b9e7ffba1c66e6383"
},
{
"url": "https://git.kernel.org/stable/c/d539cfd1202d66c2dcea383f1d96835ae72d5809",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d539cfd1202d66c2dcea383f1d96835ae72d5809"
},
{
"url": "https://git.kernel.org/stable/c/819b885cd886c193782891c4f51bbcab3de119a4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/819b885cd886c193782891c4f51bbcab3de119a4"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

135
2022/49xxx/CVE-2022-49869.json Normal file
View File

@ -0,0 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49869",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix possible crash in bnxt_hwrm_set_coal()\n\nDuring the error recovery sequence, the rtnl_lock is not held for the\nentire duration and some datastructures may be freed during the sequence.\nCheck for the BNXT_STATE_OPEN flag instead of netif_running() to ensure\nthat the device is fully operational before proceeding to reconfigure\nthe coalescing settings.\n\nThis will fix a possible crash like this:\n\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000000\nPGD 0 P4D 0\nOops: 0000 [#1] SMP NOPTI\nCPU: 10 PID: 181276 Comm: ethtool Kdump: loaded Tainted: G IOE --------- - - 4.18.0-348.el8.x86_64 #1\nHardware name: Dell Inc. PowerEdge R740/0F9N89, BIOS 2.3.10 08/15/2019\nRIP: 0010:bnxt_hwrm_set_coal+0x1fb/0x2a0 [bnxt_en]\nCode: c2 66 83 4e 22 08 66 89 46 1c e8 10 cb 00 00 41 83 c6 01 44 39 b3 68 01 00 00 0f 8e a3 00 00 00 48 8b 93 c8 00 00 00 49 63 c6 <48> 8b 2c c2 48 8b 85 b8 02 00 00 48 85 c0 74 2e 48 8b 74 24 08 f6\nRSP: 0018:ffffb11c8dcaba50 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff8d168a8b0ac0 RCX: 00000000000000c5\nRDX: 0000000000000000 RSI: ffff8d162f72c000 RDI: ffff8d168a8b0b28\nRBP: 0000000000000000 R08: b6e1f68a12e9a7eb R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000037 R12: ffff8d168a8b109c\nR13: ffff8d168a8b10aa R14: 0000000000000000 R15: ffffffffc01ac4e0\nFS: 00007f3852e4c740(0000) GS:ffff8d24c0080000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000041b3ee003 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n ethnl_set_coalesce+0x3ce/0x4c0\n genl_family_rcv_msg_doit.isra.15+0x10f/0x150\n genl_family_rcv_msg+0xb3/0x160\n ? coalesce_fill_reply+0x480/0x480\n genl_rcv_msg+0x47/0x90\n ? genl_family_rcv_msg+0x160/0x160\n netlink_rcv_skb+0x4c/0x120\n genl_rcv+0x24/0x40\n netlink_unicast+0x196/0x230\n netlink_sendmsg+0x204/0x3d0\n sock_sendmsg+0x4c/0x50\n __sys_sendto+0xee/0x160\n ? syscall_trace_enter+0x1d3/0x2c0\n ? __audit_syscall_exit+0x249/0x2a0\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x5b/0x1a0\n entry_SYSCALL_64_after_hwframe+0x65/0xca\nRIP: 0033:0x7f38524163bb"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2151fe0830fdb951f8ecfcfe67306fdef2366aa0",
"version_value": "a5a05fbef4a0dfe45fe03b2f1d02ba23aebf5384"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a5a05fbef4a0dfe45fe03b2f1d02ba23aebf5384",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5a05fbef4a0dfe45fe03b2f1d02ba23aebf5384"
},
{
"url": "https://git.kernel.org/stable/c/38147073c96dce8c7e142ce0e5f305a420a729ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/38147073c96dce8c7e142ce0e5f305a420a729ba"
},
{
"url": "https://git.kernel.org/stable/c/ac257c43fa615d22180916074feed803b8bb8cb0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac257c43fa615d22180916074feed803b8bb8cb0"
},
{
"url": "https://git.kernel.org/stable/c/7781e32984cde65549bedc3201537e253297c98d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7781e32984cde65549bedc3201537e253297c98d"
},
{
"url": "https://git.kernel.org/stable/c/6d81ea3765dfa6c8a20822613c81edad1c4a16a0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d81ea3765dfa6c8a20822613c81edad1c4a16a0"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49870.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49870",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncapabilities: fix undefined behavior in bit shift for CAP_TO_MASK\n\nShifting signed 32-bit value by 31 bits is undefined, so changing\nsignificant bit to unsigned. The UBSAN warning calltrace like below:\n\nUBSAN: shift-out-of-bounds in security/commoncap.c:1252:2\nleft shift of 1 by 31 places cannot be represented in type 'int'\nCall Trace:\n <TASK>\n dump_stack_lvl+0x7d/0xa5\n dump_stack+0x15/0x1b\n ubsan_epilogue+0xe/0x4e\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c\n cap_task_prctl+0x561/0x6f0\n security_task_prctl+0x5a/0xb0\n __x64_sys_prctl+0x61/0x8f0\n do_syscall_64+0x58/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e338d263a76af78fe8f38a72131188b58fceb591",
"version_value": "5b79fa628e2ab789e629a83cd211ef9b4c1a593e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.25",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.25",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5b79fa628e2ab789e629a83cd211ef9b4c1a593e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5b79fa628e2ab789e629a83cd211ef9b4c1a593e"
},
{
"url": "https://git.kernel.org/stable/c/65b0bc7a0690861812ade523d19f82688ab819dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65b0bc7a0690861812ade523d19f82688ab819dc"
},
{
"url": "https://git.kernel.org/stable/c/dbaab08c8677d598244d21afb7818e44e1c5d826",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dbaab08c8677d598244d21afb7818e44e1c5d826"
},
{
"url": "https://git.kernel.org/stable/c/5661f111a1616ac105ec8cec81bff99b60f847ac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5661f111a1616ac105ec8cec81bff99b60f847ac"
},
{
"url": "https://git.kernel.org/stable/c/fcbd2b336834bd24e1d9454ad5737856470c10d7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fcbd2b336834bd24e1d9454ad5737856470c10d7"
},
{
"url": "https://git.kernel.org/stable/c/151dc8087b5609e53b069c068e3f3ee100efa586",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/151dc8087b5609e53b069c068e3f3ee100efa586"
},
{
"url": "https://git.kernel.org/stable/c/27bdb134c043ff32c459d98f16550d0ffa0b3c34",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/27bdb134c043ff32c459d98f16550d0ffa0b3c34"
},
{
"url": "https://git.kernel.org/stable/c/46653972e3ea64f79e7f8ae3aa41a4d3fdb70a13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46653972e3ea64f79e7f8ae3aa41a4d3fdb70a13"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

146
2022/49xxx/CVE-2022-49871.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49871",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tun: Fix memory leaks of napi_get_frags\n\nkmemleak reports after running test_progs:\n\nunreferenced object 0xffff8881b1672dc0 (size 232):\n comm \"test_progs\", pid 394388, jiffies 4354712116 (age 841.975s)\n hex dump (first 32 bytes):\n e0 84 d7 a8 81 88 ff ff 80 2c 67 b1 81 88 ff ff .........,g.....\n 00 40 c5 9b 81 88 ff ff 00 00 00 00 00 00 00 00 .@..............\n backtrace:\n [<00000000c8f01748>] napi_skb_cache_get+0xd4/0x150\n [<0000000041c7fc09>] __napi_build_skb+0x15/0x50\n [<00000000431c7079>] __napi_alloc_skb+0x26e/0x540\n [<000000003ecfa30e>] napi_get_frags+0x59/0x140\n [<0000000099b2199e>] tun_get_user+0x183d/0x3bb0 [tun]\n [<000000008a5adef0>] tun_chr_write_iter+0xc0/0x1b1 [tun]\n [<0000000049993ff4>] do_iter_readv_writev+0x19f/0x320\n [<000000008f338ea2>] do_iter_write+0x135/0x630\n [<000000008a3377a4>] vfs_writev+0x12e/0x440\n [<00000000a6b5639a>] do_writev+0x104/0x280\n [<00000000ccf065d8>] do_syscall_64+0x3b/0x90\n [<00000000d776e329>] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe issue occurs in the following scenarios:\ntun_get_user()\n napi_gro_frags()\n napi_frags_finish()\n case GRO_NORMAL:\n gro_normal_one()\n list_add_tail(&skb->list, &napi->rx_list);\n <-- While napi->rx_count < READ_ONCE(gro_normal_batch),\n <-- gro_normal_list() is not called, napi->rx_list is not empty\n <-- not ask to complete the gro work, will cause memory leaks in\n <-- following tun_napi_del()\n...\ntun_napi_del()\n netif_napi_del()\n __netif_napi_del()\n <-- &napi->rx_list is not empty, which caused memory leaks\n\nTo fix, add napi_complete() after napi_gro_frags()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "90e33d45940793def6f773b2d528e9f3c84ffdc7",
"version_value": "223ef6a94e52331a6a7ef31e59921e0e82d2d40a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/223ef6a94e52331a6a7ef31e59921e0e82d2d40a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/223ef6a94e52331a6a7ef31e59921e0e82d2d40a"
},
{
"url": "https://git.kernel.org/stable/c/a4f73f6adc53fd7a3f9771cbc89a03ef39b0b755",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a4f73f6adc53fd7a3f9771cbc89a03ef39b0b755"
},
{
"url": "https://git.kernel.org/stable/c/3401f964028ac941425b9b2c8ff8a022539ef44a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3401f964028ac941425b9b2c8ff8a022539ef44a"
},
{
"url": "https://git.kernel.org/stable/c/d7569302a7a52a9305d2fb054df908ff985553bb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d7569302a7a52a9305d2fb054df908ff985553bb"
},
{
"url": "https://git.kernel.org/stable/c/8b12a020b20a78f62bedc50f26db3bf4fadf8cb9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b12a020b20a78f62bedc50f26db3bf4fadf8cb9"
},
{
"url": "https://git.kernel.org/stable/c/1118b2049d77ca0b505775fc1a8d1909cf19a7ec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1118b2049d77ca0b505775fc1a8d1909cf19a7ec"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

183
2022/49xxx/CVE-2022-49872.json Normal file
View File

@ -0,0 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49872",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix panic on frag_list with mixed head alloc types\n\nSince commit 3dcbdb134f32 (\"net: gso: Fix skb_segment splat when\nsplitting gso_size mangled skb having linear-headed frag_list\"), it is\nallowed to change gso_size of a GRO packet. However, that commit assumes\nthat \"checking the first list_skb member suffices; i.e if either of the\nlist_skb members have non head_frag head, then the first one has too\".\n\nIt turns out this assumption does not hold. We've seen BUG_ON being hit\nin skb_segment when skbs on the frag_list had differing head_frag with\nthe vmxnet3 driver. This happens because __netdev_alloc_skb and\n__napi_alloc_skb can return a skb that is page backed or kmalloced\ndepending on the requested size. As the result, the last small skb in\nthe GRO packet can be kmalloced.\n\nThere are three different locations where this can be fixed:\n\n(1) We could check head_frag in GRO and not allow GROing skbs with\n different head_frag. However, that would lead to performance\n regression on normal forward paths with unmodified gso_size, where\n !head_frag in the last packet is not a problem.\n\n(2) Set a flag in bpf_skb_net_grow and bpf_skb_net_shrink indicating\n that NETIF_F_SG is undesirable. That would need to eat a bit in\n sk_buff. Furthermore, that flag can be unset when all skbs on the\n frag_list are page backed. To retain good performance,\n bpf_skb_net_grow/shrink would have to walk the frag_list.\n\n(3) Walk the frag_list in skb_segment when determining whether\n NETIF_F_SG should be cleared. This of course slows things down.\n\nThis patch implements (3). To limit the performance impact in\nskb_segment, the list is walked only for skbs with SKB_GSO_DODGY set\nthat have gso_size changed. Normal paths thus will not hit it.\n\nWe could check only the last skb but since we need to walk the whole\nlist anyway, let's stay on the safe side."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "162a5a8c3aff15c449e6b38355cdf80ab4f77a5a",
"version_value": "5876b7f249a1ecbbcc8e35072c3828d6526d1c3a"
},
{
"version_affected": "<",
"version_name": "55fb612bef7fd237fb70068e2b6ff1cd1543a8ef",
"version_value": "0a9f56e525ea871d3950b90076912f5c7494f00f"
},
{
"version_affected": "<",
"version_name": "821302dd0c51d29269ef73a595bdff294419e2cd",
"version_value": "bd5362e58721e4d0d1a37796593bd6e51536ce7a"
},
{
"version_affected": "<",
"version_name": "3dcbdb134f329842a38f0e6797191b885ab00a00",
"version_value": "65ad047fd83502447269fda8fd26c99077a9af47"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.3",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5876b7f249a1ecbbcc8e35072c3828d6526d1c3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5876b7f249a1ecbbcc8e35072c3828d6526d1c3a"
},
{
"url": "https://git.kernel.org/stable/c/0a9f56e525ea871d3950b90076912f5c7494f00f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a9f56e525ea871d3950b90076912f5c7494f00f"
},
{
"url": "https://git.kernel.org/stable/c/bd5362e58721e4d0d1a37796593bd6e51536ce7a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bd5362e58721e4d0d1a37796593bd6e51536ce7a"
},
{
"url": "https://git.kernel.org/stable/c/65ad047fd83502447269fda8fd26c99077a9af47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65ad047fd83502447269fda8fd26c99077a9af47"
},
{
"url": "https://git.kernel.org/stable/c/50868de7dc4e7f0fcadd6029f32bf4387c102ee6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50868de7dc4e7f0fcadd6029f32bf4387c102ee6"
},
{
"url": "https://git.kernel.org/stable/c/ad25a115f50800c6847e0d841c5c7992a9f7c1b3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad25a115f50800c6847e0d841c5c7992a9f7c1b3"
},
{
"url": "https://git.kernel.org/stable/c/598d9e30927b15731e83797fbd700ecf399f42dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/598d9e30927b15731e83797fbd700ecf399f42dd"
},
{
"url": "https://git.kernel.org/stable/c/9e4b7a99a03aefd37ba7bb1f022c8efab5019165",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9e4b7a99a03aefd37ba7bb1f022c8efab5019165"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

124
2022/49xxx/CVE-2022-49873.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49873",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix wrong reg type conversion in release_reference()\n\nSome helper functions will allocate memory. To avoid memory leaks, the\nverifier requires the eBPF program to release these memories by calling\nthe corresponding helper functions.\n\nWhen a resource is released, all pointer registers corresponding to the\nresource should be invalidated. The verifier use release_references() to\ndo this job, by apply __mark_reg_unknown() to each relevant register.\n\nIt will give these registers the type of SCALAR_VALUE. A register that\nwill contain a pointer value at runtime, but of type SCALAR_VALUE, which\nmay allow the unprivileged user to get a kernel pointer by storing this\nregister into a map.\n\nUsing __mark_reg_not_init() while NOT allow_ptr_leaks can mitigate this\nproblem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fd978bf7fd312581a7ca454a991f0ffb34c4204b",
"version_value": "cedd4f01f67be94735f15123158f485028571037"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cedd4f01f67be94735f15123158f485028571037",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cedd4f01f67be94735f15123158f485028571037"
},
{
"url": "https://git.kernel.org/stable/c/466ce46f251dfb259a8cbaa895ab9edd6fb56240",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/466ce46f251dfb259a8cbaa895ab9edd6fb56240"
},
{
"url": "https://git.kernel.org/stable/c/ae5ccad6c711db0f2ca1231be051935dd128b8f5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ae5ccad6c711db0f2ca1231be051935dd128b8f5"
},
{
"url": "https://git.kernel.org/stable/c/f1db20814af532f85e091231223e5e4818e8464b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f1db20814af532f85e091231223e5e4818e8464b"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

168
2022/49xxx/CVE-2022-49874.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49874",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hyperv: fix possible memory leak in mousevsc_probe()\n\nIf hid_add_device() returns error, it should call hid_destroy_device()\nto free hid_dev which is allocated in hid_allocate_device()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "74c4fb058083b47571a4f76dcfce95085f2d8098",
"version_value": "ed75d1a1c31a0cae8ecc8bcea710b25c0be68da0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.3",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.334",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.300",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ed75d1a1c31a0cae8ecc8bcea710b25c0be68da0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed75d1a1c31a0cae8ecc8bcea710b25c0be68da0"
},
{
"url": "https://git.kernel.org/stable/c/249b743801c00542e9324f87b380032e957a43e8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/249b743801c00542e9324f87b380032e957a43e8"
},
{
"url": "https://git.kernel.org/stable/c/a6d2fb1874c52ace1f5cf1966ee558829c5c19b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a6d2fb1874c52ace1f5cf1966ee558829c5c19b6"
},
{
"url": "https://git.kernel.org/stable/c/e29289d0d8193fca6d2c1f0a1de75cfc80edec00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e29289d0d8193fca6d2c1f0a1de75cfc80edec00"
},
{
"url": "https://git.kernel.org/stable/c/8597b59e3d22b27849bd3e4f92a3d466774bfb04",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8597b59e3d22b27849bd3e4f92a3d466774bfb04"
},
{
"url": "https://git.kernel.org/stable/c/5ad95d71344b7ffec360d62591633b3c465dc049",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5ad95d71344b7ffec360d62591633b3c465dc049"
},
{
"url": "https://git.kernel.org/stable/c/5f3aba6566b866f5b0a4916f0b2e8a6ae66a6451",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f3aba6566b866f5b0a4916f0b2e8a6ae66a6451"
},
{
"url": "https://git.kernel.org/stable/c/b5bcb94b0954a026bbd671741fdb00e7141f9c91",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5bcb94b0954a026bbd671741fdb00e7141f9c91"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

124
2022/49xxx/CVE-2022-49875.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49875",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE\n\nWhen using bpftool to pin {PROG, MAP, LINK} without FILE,\nsegmentation fault will occur. The reson is that the lack\nof FILE will cause strlen to trigger NULL pointer dereference.\nThe corresponding stacktrace is shown below:\n\ndo_pin\n do_pin_any\n do_pin_fd\n mount_bpffs_for_pin\n strlen(name) <- NULL pointer dereference\n\nFix it by adding validation to the common process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "75a1e792c335b5c6d7fdb1014da47aeb64c5944f",
"version_value": "8c80b2fca4112d724dde477aed13f7b0510a2792"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8c80b2fca4112d724dde477aed13f7b0510a2792",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8c80b2fca4112d724dde477aed13f7b0510a2792"
},
{
"url": "https://git.kernel.org/stable/c/6dcdd1b68b7f9333d48d48fc77b75e7f235f6a4a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6dcdd1b68b7f9333d48d48fc77b75e7f235f6a4a"
},
{
"url": "https://git.kernel.org/stable/c/da5161ba94c5e9182c301dd4f09c94f715c068bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da5161ba94c5e9182c301dd4f09c94f715c068bd"
},
{
"url": "https://git.kernel.org/stable/c/34de8e6e0e1f66e431abf4123934a2581cb5f133",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/34de8e6e0e1f66e431abf4123934a2581cb5f133"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49876.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49876",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix general-protection-fault in ieee80211_subif_start_xmit()\n\nWhen device is running and the interface status is changed, the gpf issue\nis triggered. The problem triggering process is as follows:\nThread A: Thread B\nieee80211_runtime_change_iftype() process_one_work()\n ... ...\n ieee80211_do_stop() ...\n ... ...\n sdata->bss = NULL ...\n ... ieee80211_subif_start_xmit()\n ieee80211_multicast_to_unicast\n //!sdata->bss->multicast_to_unicast\n cause gpf issue\n\nWhen the interface status is changed, the sending queue continues to send\npackets. After the bss is set to NULL, the bss is accessed. As a result,\nthis causes a general-protection-fault issue.\n\nThe following is the stack information:\ngeneral protection fault, probably for non-canonical address\n0xdffffc000000002f: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000178-0x000000000000017f]\nWorkqueue: mld mld_ifc_work\nRIP: 0010:ieee80211_subif_start_xmit+0x25b/0x1310\nCall Trace:\n<TASK>\ndev_hard_start_xmit+0x1be/0x990\n__dev_queue_xmit+0x2c9a/0x3b60\nip6_finish_output2+0xf92/0x1520\nip6_finish_output+0x6af/0x11e0\nip6_output+0x1ed/0x540\nmld_sendpack+0xa09/0xe70\nmld_ifc_work+0x71c/0xdb0\nprocess_one_work+0x9bf/0x1710\nworker_thread+0x665/0x1080\nkthread+0x2e4/0x3a0\nret_from_fork+0x1f/0x30\n</TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f856373e2f31ffd340e47e2b00027bd4070f74b3",
"version_value": "03eb68c72cee249aeb7af7d04a83c033aca3d6d9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/03eb68c72cee249aeb7af7d04a83c033aca3d6d9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/03eb68c72cee249aeb7af7d04a83c033aca3d6d9"
},
{
"url": "https://git.kernel.org/stable/c/780854186946e0de2be192ee7fa5125666533b3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/780854186946e0de2be192ee7fa5125666533b3a"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

150
2022/49xxx/CVE-2022-49877.json Normal file
View File

@ -0,0 +1,150 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49877",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues\n\nWhen running `test_sockmap` selftests, the following warning appears:\n\n WARNING: CPU: 2 PID: 197 at net/core/stream.c:205 sk_stream_kill_queues+0xd3/0xf0\n Call Trace:\n <TASK>\n inet_csk_destroy_sock+0x55/0x110\n tcp_rcv_state_process+0xd28/0x1380\n ? tcp_v4_do_rcv+0x77/0x2c0\n tcp_v4_do_rcv+0x77/0x2c0\n __release_sock+0x106/0x130\n __tcp_close+0x1a7/0x4e0\n tcp_close+0x20/0x70\n inet_release+0x3c/0x80\n __sock_release+0x3a/0xb0\n sock_close+0x14/0x20\n __fput+0xa3/0x260\n task_work_run+0x59/0xb0\n exit_to_user_mode_prepare+0x1b3/0x1c0\n syscall_exit_to_user_mode+0x19/0x50\n do_syscall_64+0x48/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe root case is in commit 84472b436e76 (\"bpf, sockmap: Fix more uncharged\nwhile msg has more_data\"), where I used msg->sg.size to replace the tosend,\ncausing breakage:\n\n if (msg->apply_bytes && msg->apply_bytes < tosend)\n tosend = psock->apply_bytes;"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "244ce90c8d0bd10ebf957da02c6f3fcd5d920bdf",
"version_value": "d975bec1eaeb52341acc9273db79ddb078220399"
},
{
"version_affected": "<",
"version_name": "7b812a369e6416ab06d83cdd39d8e3f752781dd0",
"version_value": "cc21dc48a78cc9e5af9a4d039cd456446a6e73ff"
},
{
"version_affected": "<",
"version_name": "168ff181f5b6e7fce684c98a30d35da1dbf8f82a",
"version_value": "95adbd2ac8de82e43fd6b347e7e1b47f74dc1abb"
},
{
"version_affected": "<",
"version_name": "84472b436e760ba439e1969a9e3c5ae7c86de39d",
"version_value": "14e8bc3bf7bd6af64d7538a0684c8238d96cdfd7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d975bec1eaeb52341acc9273db79ddb078220399",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d975bec1eaeb52341acc9273db79ddb078220399"
},
{
"url": "https://git.kernel.org/stable/c/cc21dc48a78cc9e5af9a4d039cd456446a6e73ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc21dc48a78cc9e5af9a4d039cd456446a6e73ff"
},
{
"url": "https://git.kernel.org/stable/c/95adbd2ac8de82e43fd6b347e7e1b47f74dc1abb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/95adbd2ac8de82e43fd6b347e7e1b47f74dc1abb"
},
{
"url": "https://git.kernel.org/stable/c/14e8bc3bf7bd6af64d7538a0684c8238d96cdfd7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/14e8bc3bf7bd6af64d7538a0684c8238d96cdfd7"
},
{
"url": "https://git.kernel.org/stable/c/8ec95b94716a1e4d126edc3fb2bc426a717e2dba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ec95b94716a1e4d126edc3fb2bc426a717e2dba"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49878.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49878",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, verifier: Fix memory leak in array reallocation for stack state\n\nIf an error (NULL) is returned by krealloc(), callers of realloc_array()\nwere setting their allocation pointers to NULL, but on error krealloc()\ndoes not touch the original allocation. This would result in a memory\nresource leak. Instead, free the old allocation on the error handling\npath.\n\nThe memory leak information is as follows as also reported by Zhengchao:\n\n unreferenced object 0xffff888019801800 (size 256):\n comm \"bpf_repo\", pid 6490, jiffies 4294959200 (age 17.170s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000b211474b>] __kmalloc_node_track_caller+0x45/0xc0\n [<0000000086712a0b>] krealloc+0x83/0xd0\n [<00000000139aab02>] realloc_array+0x82/0xe2\n [<00000000b1ca41d1>] grow_stack_state+0xfb/0x186\n [<00000000cd6f36d2>] check_mem_access.cold+0x141/0x1341\n [<0000000081780455>] do_check_common+0x5358/0xb350\n [<0000000015f6b091>] bpf_check.cold+0xc3/0x29d\n [<000000002973c690>] bpf_prog_load+0x13db/0x2240\n [<00000000028d1644>] __sys_bpf+0x1605/0x4ce0\n [<00000000053f29bd>] __x64_sys_bpf+0x75/0xb0\n [<0000000056fedaf5>] do_syscall_64+0x35/0x80\n [<000000002bd58261>] entry_SYSCALL_64_after_hwframe+0x63/0xcd"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c69431aab67a912836e5831f03d99a819c14c9c3",
"version_value": "06615967d4889b08b19ff3dda96e8b131282f73d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/06615967d4889b08b19ff3dda96e8b131282f73d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/06615967d4889b08b19ff3dda96e8b131282f73d"
},
{
"url": "https://git.kernel.org/stable/c/3e210891c4a4c2d858cd6f9f61d5809af251d4df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3e210891c4a4c2d858cd6f9f61d5809af251d4df"
},
{
"url": "https://git.kernel.org/stable/c/42378a9ca55347102bbf86708776061d8fe3ece2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/42378a9ca55347102bbf86708776061d8fe3ece2"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

125
2022/49xxx/CVE-2022-49879.json Normal file
View File

@ -0,0 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49879",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix BUG_ON() when directory entry has invalid rec_len\n\nThe rec_len field in the directory entry has to be a multiple of 4. A\ncorrupted filesystem image can be used to hit a BUG() in\next4_rec_len_to_disk(), called from make_indexed_dir().\n\n ------------[ cut here ]------------\n kernel BUG at fs/ext4/ext4.h:2413!\n ...\n RIP: 0010:make_indexed_dir+0x53f/0x5f0\n ...\n Call Trace:\n <TASK>\n ? add_dirent_to_buf+0x1b2/0x200\n ext4_add_entry+0x36e/0x480\n ext4_add_nondir+0x2b/0xc0\n ext4_create+0x163/0x200\n path_openat+0x635/0xe90\n do_filp_open+0xb4/0x160\n ? __create_object.isra.0+0x1de/0x3b0\n ? _raw_spin_unlock+0x12/0x30\n do_sys_openat2+0x91/0x150\n __x64_sys_open+0x6c/0xa0\n do_syscall_64+0x3c/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe fix simply adds a call to ext4_check_dir_entry() to validate the\ndirectory entry, returning -EFSCORRUPTED if the entry is invalid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "2fa24d0274fbf913b56ee31f15bc01168669d909"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.224",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2fa24d0274fbf913b56ee31f15bc01168669d909",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fa24d0274fbf913b56ee31f15bc01168669d909"
},
{
"url": "https://git.kernel.org/stable/c/156451a67b93986fb07c274ef6995ff40766c5ad",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/156451a67b93986fb07c274ef6995ff40766c5ad"
},
{
"url": "https://git.kernel.org/stable/c/999cff2b6ce3b45c08abf793bf55534777421327",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/999cff2b6ce3b45c08abf793bf55534777421327"
},
{
"url": "https://git.kernel.org/stable/c/ce1ee2c8827fb6493e91acbd50f664cf2a972c3d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ce1ee2c8827fb6493e91acbd50f664cf2a972c3d"
},
{
"url": "https://git.kernel.org/stable/c/17a0bc9bd697f75cfdf9b378d5eb2d7409c91340",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/17a0bc9bd697f75cfdf9b378d5eb2d7409c91340"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

158
2022/49xxx/CVE-2022-49880.json Normal file
View File

@ -0,0 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49880",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix warning in 'ext4_da_release_space'\n\nSyzkaller report issue as follows:\nEXT4-fs (loop0): Free/Dirty block details\nEXT4-fs (loop0): free_blocks=0\nEXT4-fs (loop0): dirty_blocks=0\nEXT4-fs (loop0): Block reservation details\nEXT4-fs (loop0): i_reserved_data_blocks=0\nEXT4-fs warning (device loop0): ext4_da_release_space:1527: ext4_da_release_space: ino 18, to_free 1 with only 0 reserved data blocks\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 92 at fs/ext4/inode.c:1528 ext4_da_release_space+0x25e/0x370 fs/ext4/inode.c:1524\nModules linked in:\nCPU: 0 PID: 92 Comm: kworker/u4:4 Not tainted 6.0.0-syzkaller-09423-g493ffd6605b2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022\nWorkqueue: writeback wb_workfn (flush-7:0)\nRIP: 0010:ext4_da_release_space+0x25e/0x370 fs/ext4/inode.c:1528\nRSP: 0018:ffffc900015f6c90 EFLAGS: 00010296\nRAX: 42215896cd52ea00 RBX: 0000000000000000 RCX: 42215896cd52ea00\nRDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000\nRBP: 1ffff1100e907d96 R08: ffffffff816aa79d R09: fffff520002bece5\nR10: fffff520002bece5 R11: 1ffff920002bece4 R12: ffff888021fd2000\nR13: ffff88807483ecb0 R14: 0000000000000001 R15: ffff88807483e740\nFS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555569ba628 CR3: 000000000c88e000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n ext4_es_remove_extent+0x1ab/0x260 fs/ext4/extents_status.c:1461\n mpage_release_unused_pages+0x24d/0xef0 fs/ext4/inode.c:1589\n ext4_writepages+0x12eb/0x3be0 fs/ext4/inode.c:2852\n do_writepages+0x3c3/0x680 mm/page-writeback.c:2469\n __writeback_single_inode+0xd1/0x670 fs/fs-writeback.c:1587\n writeback_sb_inodes+0xb3b/0x18f0 fs/fs-writeback.c:1870\n wb_writeback+0x41f/0x7b0 fs/fs-writeback.c:2044\n wb_do_writeback fs/fs-writeback.c:2187 [inline]\n wb_workfn+0x3cb/0xef0 fs/fs-writeback.c:2227\n process_one_work+0x877/0xdb0 kernel/workqueue.c:2289\n worker_thread+0xb14/0x1330 kernel/workqueue.c:2436\n kthread+0x266/0x300 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n </TASK>\n\nAbove issue may happens as follows:\next4_da_write_begin\n ext4_create_inline_data\n ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS);\n ext4_set_inode_flag(inode, EXT4_INODE_INLINE_DATA);\n__ext4_ioctl\n ext4_ext_migrate -> will lead to eh->eh_entries not zero, and set extent flag\next4_da_write_begin\n ext4_da_convert_inline_data_to_extent\n ext4_da_write_inline_data_begin\n ext4_da_map_blocks\n ext4_insert_delayed_block\n\t if (!ext4_es_scan_clu(inode, &ext4_es_is_delonly, lblk))\n\t if (!ext4_es_scan_clu(inode, &ext4_es_is_mapped, lblk))\n\t ext4_clu_mapped(inode, EXT4_B2C(sbi, lblk)); -> will return 1\n\t allocated = true;\n ext4_es_insert_delayed_block(inode, lblk, allocated);\next4_writepages\n mpage_map_and_submit_extent(handle, &mpd, &give_up_on_write); -> return -ENOSPC\n mpage_release_unused_pages(&mpd, give_up_on_write); -> give_up_on_write == 1\n ext4_es_remove_extent\n ext4_da_release_space(inode, reserved);\n if (unlikely(to_free > ei->i_reserved_data_blocks))\n\t -> to_free == 1 but ei->i_reserved_data_blocks == 0\n\t -> then trigger warning as above\n\nTo solve above issue, forbid inode do migrate which has inline data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "0de5ee103747fd3a24f1c010c79caabe35e8f0bb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9.333",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.299",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.265",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.224",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0de5ee103747fd3a24f1c010c79caabe35e8f0bb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0de5ee103747fd3a24f1c010c79caabe35e8f0bb"
},
{
"url": "https://git.kernel.org/stable/c/c3bf1e95cfa7d950dc3c064d0c2e3d06b427bc63",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3bf1e95cfa7d950dc3c064d0c2e3d06b427bc63"
},
{
"url": "https://git.kernel.org/stable/c/890d738f569fa9412b70ba09f15407f17a52da20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/890d738f569fa9412b70ba09f15407f17a52da20"
},
{
"url": "https://git.kernel.org/stable/c/72743d5598b9096950bbfd6a9b7f173d156eea97",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/72743d5598b9096950bbfd6a9b7f173d156eea97"
},
{
"url": "https://git.kernel.org/stable/c/5370b965b7a945bb8f48b9ee23d83a76a947902e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5370b965b7a945bb8f48b9ee23d83a76a947902e"
},
{
"url": "https://git.kernel.org/stable/c/0a43c015e98121c91a76154edf42280ce1a8a883",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a43c015e98121c91a76154edf42280ce1a8a883"
},
{
"url": "https://git.kernel.org/stable/c/89bee03d2fb8c54119b38ac6c24e7d60fae036b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89bee03d2fb8c54119b38ac6c24e7d60fae036b6"
},
{
"url": "https://git.kernel.org/stable/c/1b8f787ef547230a3249bcf897221ef0cc78481b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b8f787ef547230a3249bcf897221ef0cc78481b"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

146
2022/49xxx/CVE-2022-49881.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49881",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix memory leak in query_regdb_file()\n\nIn the function query_regdb_file() the alpha2 parameter is duplicated\nusing kmemdup() and subsequently freed in regdb_fw_cb(). However,\nrequest_firmware_nowait() can fail without calling regdb_fw_cb() and\nthus leak memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "007f6c5e6eb45c81ee89368a5f226572ae638831",
"version_value": "219446396786330937bcd382a7bc4ccd767383bc"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.267",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.225",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.155",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.79",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.9",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/219446396786330937bcd382a7bc4ccd767383bc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/219446396786330937bcd382a7bc4ccd767383bc"
},
{
"url": "https://git.kernel.org/stable/c/0ede1a988299e95d54bd89551fd635980572e920",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0ede1a988299e95d54bd89551fd635980572e920"
},
{
"url": "https://git.kernel.org/stable/c/e1e12180321f416d83444f2cdc9259e0f5093d35",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1e12180321f416d83444f2cdc9259e0f5093d35"
},
{
"url": "https://git.kernel.org/stable/c/38c9fa2cc6bf4b6e1a74057aef8b5cffd23d3264",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/38c9fa2cc6bf4b6e1a74057aef8b5cffd23d3264"
},
{
"url": "https://git.kernel.org/stable/c/e9b5a4566d5bc71cc901be50d1fa24da00613120",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e9b5a4566d5bc71cc901be50d1fa24da00613120"
},
{
"url": "https://git.kernel.org/stable/c/57b962e627ec0ae53d4d16d7bd1033e27e67677a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57b962e627ec0ae53d4d16d7bd1033e27e67677a"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49882.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49882",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache\n\nReject kvm_gpc_check() and kvm_gpc_refresh() if the cache is inactive.\nNot checking the active flag during refresh is particularly egregious, as\nKVM can end up with a valid, inactive cache, which can lead to a variety\nof use-after-free bugs, e.g. consuming a NULL kernel pointer or missing\nan mmu_notifier invalidation due to the cache not being on the list of\ngfns to invalidate.\n\nNote, \"active\" needs to be set if and only if the cache is on the list\nof caches, i.e. is reachable via mmu_notifier events. If a relevant\nmmu_notifier event occurs while the cache is \"active\" but not on the\nlist, KVM will not acquire the cache's lock and so will not serailize\nthe mmu_notifier event with active users and/or kvm_gpc_refresh().\n\nA race between KVM_XEN_ATTR_TYPE_SHARED_INFO and KVM_XEN_HVM_EVTCHN_SEND\ncan be exploited to trigger the bug.\n\n1. Deactivate shinfo cache:\n\nkvm_xen_hvm_set_attr\ncase KVM_XEN_ATTR_TYPE_SHARED_INFO\n kvm_gpc_deactivate\n kvm_gpc_unmap\n gpc->valid = false\n gpc->khva = NULL\n gpc->active = false\n\nResult: active = false, valid = false\n\n2. Cause cache refresh:\n\nkvm_arch_vm_ioctl\ncase KVM_XEN_HVM_EVTCHN_SEND\n kvm_xen_hvm_evtchn_send\n kvm_xen_set_evtchn\n kvm_xen_set_evtchn_fast\n kvm_gpc_check\n return -EWOULDBLOCK because !gpc->valid\n kvm_xen_set_evtchn_fast\n return -EWOULDBLOCK\n kvm_gpc_refresh\n hva_to_pfn_retry\n gpc->valid = true\n gpc->khva = not NULL\n\nResult: active = false, valid = true\n\n3. Race ioctl KVM_XEN_HVM_EVTCHN_SEND against ioctl\nKVM_XEN_ATTR_TYPE_SHARED_INFO:\n\nkvm_arch_vm_ioctl\ncase KVM_XEN_HVM_EVTCHN_SEND\n kvm_xen_hvm_evtchn_send\n kvm_xen_set_evtchn\n kvm_xen_set_evtchn_fast\n read_lock gpc->lock\n kvm_xen_hvm_set_attr case\n KVM_XEN_ATTR_TYPE_SHARED_INFO\n mutex_lock kvm->lock\n kvm_xen_shared_info_init\n kvm_gpc_activate\n gpc->khva = NULL\n kvm_gpc_check\n [ Check passes because gpc->valid is\n still true, even though gpc->khva\n is already NULL. ]\n shinfo = gpc->khva\n pending_bits = shinfo->evtchn_pending\n CRASH: test_and_set_bit(..., pending_bits)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "982ed0de4753ed6e71dbd40f82a5a066baf133ed",
"version_value": "bfa9672f8fc9eb118124bab61899d2dd497f95ba"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bfa9672f8fc9eb118124bab61899d2dd497f95ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bfa9672f8fc9eb118124bab61899d2dd497f95ba"
},
{
"url": "https://git.kernel.org/stable/c/ecbcf030b45666ad11bc98565e71dfbcb7be4393",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ecbcf030b45666ad11bc98565e71dfbcb7be4393"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49883.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49883",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: smm: number of GPRs in the SMRAM image depends on the image format\n\nOn 64 bit host, if the guest doesn't have X86_FEATURE_LM, KVM will\naccess 16 gprs to 32-bit smram image, causing out-ouf-bound ram\naccess.\n\nOn 32 bit host, the rsm_load_state_64/enter_smm_save_state_64\nis compiled out, thus access overflow can't happen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b443183a25ab61840a12de92f8822849e017b9c8",
"version_value": "a7ebfbea0f52550d7cdf12c38f3f5eaa7b2b6494"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a7ebfbea0f52550d7cdf12c38f3f5eaa7b2b6494",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7ebfbea0f52550d7cdf12c38f3f5eaa7b2b6494"
},
{
"url": "https://git.kernel.org/stable/c/696db303e54f7352623d9f640e6c51d8fa9d5588",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/696db303e54f7352623d9f640e6c51d8fa9d5588"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49884.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49884",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Initialize gfn_to_pfn_cache locks in dedicated helper\n\nMove the gfn_to_pfn_cache lock initialization to another helper and\ncall the new helper during VM/vCPU creation. There are race\nconditions possible due to kvm_gfn_to_pfn_cache_init()'s\nability to re-initialize the cache's locks.\n\nFor example: a race between ioctl(KVM_XEN_HVM_EVTCHN_SEND) and\nkvm_gfn_to_pfn_cache_init() leads to a corrupted shinfo gpc lock.\n\n (thread 1) | (thread 2)\n |\n kvm_xen_set_evtchn_fast |\n read_lock_irqsave(&gpc->lock, ...) |\n | kvm_gfn_to_pfn_cache_init\n | rwlock_init(&gpc->lock)\n read_unlock_irqrestore(&gpc->lock, ...) |\n\nRename \"cache_init\" and \"cache_destroy\" to activate+deactivate to\navoid implying that the cache really is destroyed/freed.\n\nNote, there more races in the newly named kvm_gpc_activate() that will\nbe addressed separately.\n\n[sean: call out that this is a bug fix]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "982ed0de4753ed6e71dbd40f82a5a066baf133ed",
"version_value": "61242001d6c9c253df7645dab090842d8da08764"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/61242001d6c9c253df7645dab090842d8da08764",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/61242001d6c9c253df7645dab090842d8da08764"
},
{
"url": "https://git.kernel.org/stable/c/52491a38b2c2411f3f0229dc6ad610349c704a41",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/52491a38b2c2411f3f0229dc6ad610349c704a41"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

114
2022/49xxx/CVE-2022-49885.json Normal file
View File

@ -0,0 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49885",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()\n\nChange num_ghes from int to unsigned int, preventing an overflow\nand causing subsequent vmalloc() to fail.\n\nThe overflow happens in ghes_estatus_pool_init() when calculating\nlen during execution of the statement below as both multiplication\noperands here are signed int:\n\nlen += (num_ghes * GHES_ESOURCE_PREALLOC_MAX_SIZE);\n\nThe following call trace is observed because of this bug:\n\n[ 9.317108] swapper/0: vmalloc error: size 18446744071562596352, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1\n[ 9.317131] Call Trace:\n[ 9.317134] <TASK>\n[ 9.317137] dump_stack_lvl+0x49/0x5f\n[ 9.317145] dump_stack+0x10/0x12\n[ 9.317146] warn_alloc.cold+0x7b/0xdf\n[ 9.317150] ? __device_attach+0x16a/0x1b0\n[ 9.317155] __vmalloc_node_range+0x702/0x740\n[ 9.317160] ? device_add+0x17f/0x920\n[ 9.317164] ? dev_set_name+0x53/0x70\n[ 9.317166] ? platform_device_add+0xf9/0x240\n[ 9.317168] __vmalloc_node+0x49/0x50\n[ 9.317170] ? ghes_estatus_pool_init+0x43/0xa0\n[ 9.317176] vmalloc+0x21/0x30\n[ 9.317177] ghes_estatus_pool_init+0x43/0xa0\n[ 9.317179] acpi_hest_init+0x129/0x19c\n[ 9.317185] acpi_init+0x434/0x4a4\n[ 9.317188] ? acpi_sleep_proc_init+0x2a/0x2a\n[ 9.317190] do_one_initcall+0x48/0x200\n[ 9.317195] kernel_init_freeable+0x221/0x284\n[ 9.317200] ? rest_init+0xe0/0xe0\n[ 9.317204] kernel_init+0x1a/0x130\n[ 9.317205] ret_from_fork+0x22/0x30\n[ 9.317208] </TASK>\n\n[ rjw: Subject and changelog edits ]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "9edf20e5a1d805855e78f241cf221d741b50d482"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9edf20e5a1d805855e78f241cf221d741b50d482",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9edf20e5a1d805855e78f241cf221d741b50d482"
},
{
"url": "https://git.kernel.org/stable/c/c50ec15725e005e9fb20bce69b6c23b135a4a9b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c50ec15725e005e9fb20bce69b6c23b135a4a9b7"
},
{
"url": "https://git.kernel.org/stable/c/4c10c854113720cbfe75d4f51db79b700a629e73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4c10c854113720cbfe75d4f51db79b700a629e73"
},
{
"url": "https://git.kernel.org/stable/c/43d2748394c3feb86c0c771466f5847e274fc043",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/43d2748394c3feb86c0c771466f5847e274fc043"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

102
2022/49xxx/CVE-2022-49886.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49886",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Panic on bad configs that #VE on \"private\" memory access\n\nAll normal kernel memory is \"TDX private memory\". This includes\neverything from kernel stacks to kernel text. Handling\nexceptions on arbitrary accesses to kernel memory is essentially\nimpossible because they can happen in horribly nasty places like\nkernel entry/exit. But, TDX hardware can theoretically _deliver_\na virtualization exception (#VE) on any access to private memory.\n\nBut, it's not as bad as it sounds. TDX can be configured to never\ndeliver these exceptions on private memory with a \"TD attribute\"\ncalled ATTR_SEPT_VE_DISABLE. The guest has no way to *set* this\nattribute, but it can check it.\n\nEnsure ATTR_SEPT_VE_DISABLE is set in early boot. panic() if it\nis unset. There is no sane way for Linux to run with this\nattribute clear so a panic() is appropriate.\n\nThere's small window during boot before the check where kernel\nhas an early #VE handler. But the handler is only for port I/O\nand will also panic() as soon as it sees any other #VE, such as\na one generated by a private memory access.\n\n[ dhansen: Rewrite changelog and rebase on new tdx_parse_tdinfo().\n\t Add Kirill's tested-by because I made changes since\n\t he wrote this. ]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9a22bf6debbf5169f750af53c7f86eb4e3cd6712",
"version_value": "895c168c8f78079f21ad50fead7593ffa352f795"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/895c168c8f78079f21ad50fead7593ffa352f795",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/895c168c8f78079f21ad50fead7593ffa352f795"
},
{
"url": "https://git.kernel.org/stable/c/373e715e31bf4e0f129befe87613a278fac228d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/373e715e31bf4e0f129befe87613a278fac228d3"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

125
2022/49xxx/CVE-2022-49887.json Normal file
View File

@ -0,0 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49887",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: meson: vdec: fix possible refcount leak in vdec_probe()\n\nv4l2_device_unregister need to be called to put the refcount got by\nv4l2_device_register when vdec_probe fails or vdec_remove is called."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "70119756311a0be3b95bec2e1ba714673e90feba"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.224",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/70119756311a0be3b95bec2e1ba714673e90feba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70119756311a0be3b95bec2e1ba714673e90feba"
},
{
"url": "https://git.kernel.org/stable/c/be6e22f54623d8a856a4f167b25be73c2ff1ff80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/be6e22f54623d8a856a4f167b25be73c2ff1ff80"
},
{
"url": "https://git.kernel.org/stable/c/f96ad391d054bd5c36994f98afd6a12cbb5600bf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f96ad391d054bd5c36994f98afd6a12cbb5600bf"
},
{
"url": "https://git.kernel.org/stable/c/0457e7b12ece1a7e41fa0ae8b7e47c0a72a83bef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0457e7b12ece1a7e41fa0ae8b7e47c0a72a83bef"
},
{
"url": "https://git.kernel.org/stable/c/7718999356234d9cc6a11b4641bb773928f1390f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7718999356234d9cc6a11b4641bb773928f1390f"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

113
2022/49xxx/CVE-2022-49888.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49888",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: entry: avoid kprobe recursion\n\nThe cortex_a76_erratum_1463225_debug_handler() function is called when\nhandling debug exceptions (and synchronous exceptions from BRK\ninstructions), and so is called when a probed function executes. If the\ncompiler does not inline cortex_a76_erratum_1463225_debug_handler(), it\ncan be probed.\n\nIf cortex_a76_erratum_1463225_debug_handler() is probed, any debug\nexception or software breakpoint exception will result in recursive\nexceptions leading to a stack overflow. This can be triggered with the\nftrace multiple_probes selftest, and as per the example splat below.\n\nThis is a regression caused by commit:\n\n 6459b8469753e9fe (\"arm64: entry: consolidate Cortex-A76 erratum 1463225 workaround\")\n\n... which removed the NOKPROBE_SYMBOL() annotation associated with the\nfunction.\n\nMy intent was that cortex_a76_erratum_1463225_debug_handler() would be\ninlined into its caller, el1_dbg(), which is marked noinstr and cannot\nbe probed. Mark cortex_a76_erratum_1463225_debug_handler() as\n__always_inline to ensure this.\n\nExample splat prior to this patch (with recursive entries elided):\n\n| # echo p cortex_a76_erratum_1463225_debug_handler > /sys/kernel/debug/tracing/kprobe_events\n| # echo p do_el0_svc >> /sys/kernel/debug/tracing/kprobe_events\n| # echo 1 > /sys/kernel/debug/tracing/events/kprobes/enable\n| Insufficient stack space to handle exception!\n| ESR: 0x0000000096000047 -- DABT (current EL)\n| FAR: 0xffff800009cefff0\n| Task stack: [0xffff800009cf0000..0xffff800009cf4000]\n| IRQ stack: [0xffff800008000000..0xffff800008004000]\n| Overflow stack: [0xffff00007fbc00f0..0xffff00007fbc10f0]\n| CPU: 0 PID: 145 Comm: sh Not tainted 6.0.0 #2\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 604003c5 (nZCv DAIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : arm64_enter_el1_dbg+0x4/0x20\n| lr : el1_dbg+0x24/0x5c\n| sp : ffff800009cf0000\n| x29: ffff800009cf0000 x28: ffff000002c74740 x27: 0000000000000000\n| x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n| x23: 00000000604003c5 x22: ffff80000801745c x21: 0000aaaac95ac068\n| x20: 00000000f2000004 x19: ffff800009cf0040 x18: 0000000000000000\n| x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n| x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n| x11: 0000000000000010 x10: ffff800008c87190 x9 : ffff800008ca00d0\n| x8 : 000000000000003c x7 : 0000000000000000 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0000000000000000 x3 : 00000000000043a4\n| x2 : 00000000f2000004 x1 : 00000000f2000004 x0 : ffff800009cf0040\n| Kernel panic - not syncing: kernel stack overflow\n| CPU: 0 PID: 145 Comm: sh Not tainted 6.0.0 #2\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n| dump_backtrace+0xe4/0x104\n| show_stack+0x18/0x4c\n| dump_stack_lvl+0x64/0x7c\n| dump_stack+0x18/0x38\n| panic+0x14c/0x338\n| test_taint+0x0/0x2c\n| panic_bad_stack+0x104/0x118\n| handle_bad_stack+0x34/0x48\n| __bad_stack+0x78/0x7c\n| arm64_enter_el1_dbg+0x4/0x20\n| el1h_64_sync_handler+0x40/0x98\n| el1h_64_sync+0x64/0x68\n| cortex_a76_erratum_1463225_debug_handler+0x0/0x34\n...\n| el1h_64_sync_handler+0x40/0x98\n| el1h_64_sync+0x64/0x68\n| cortex_a76_erratum_1463225_debug_handler+0x0/0x34\n...\n| el1h_64_sync_handler+0x40/0x98\n| el1h_64_sync+0x64/0x68\n| cortex_a76_erratum_1463225_debug_handler+0x0/0x34\n| el1h_64_sync_handler+0x40/0x98\n| el1h_64_sync+0x64/0x68\n| do_el0_svc+0x0/0x28\n| el0t_64_sync_handler+0x84/0xf0\n| el0t_64_sync+0x18c/0x190\n| Kernel Offset: disabled\n| CPU features: 0x0080,00005021,19001080\n| Memory Limit: none\n| ---[ end Kernel panic - not syncing: kernel stack overflow ]---\n\nWith this patch, cortex_a76_erratum_1463225_debug_handler() is inlined\ninto el1_dbg(), and el1_dbg() cannot be probed:\n\n| # echo p cortex_a76_erratum_1463225_debug_handler > /sys/kernel/debug/tracing/kprobe_events\n| sh: write error: No such file or directory\n| # grep -w cortex_a76_errat\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6459b8469753e9feaa8b34691d097cffad905931",
"version_value": "71d6c33fe223255f4416a01514da2c0bc3e283e7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/71d6c33fe223255f4416a01514da2c0bc3e283e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/71d6c33fe223255f4416a01514da2c0bc3e283e7"
},
{
"url": "https://git.kernel.org/stable/c/db66629d43b2d12cb43b004a4ca6be1d03228e97",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/db66629d43b2d12cb43b004a4ca6be1d03228e97"
},
{
"url": "https://git.kernel.org/stable/c/024f4b2e1f874934943eb2d3d288ebc52c79f55c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/024f4b2e1f874934943eb2d3d288ebc52c79f55c"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

97
2022/49xxx/CVE-2022-49889.json Normal file
View File

@ -0,0 +1,97 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49889",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()\n\nOn some machines the number of listed CPUs may be bigger than the actual\nCPUs that exist. The tracing subsystem allocates a per_cpu directory with\naccess to the per CPU ring buffer via a cpuX file. But to save space, the\nring buffer will only allocate buffers for online CPUs, even though the\nCPU array will be as big as the nr_cpu_ids.\n\nWith the addition of waking waiters on the ring buffer when closing the\nfile, the ring_buffer_wake_waiters() now needs to make sure that the\nbuffer is allocated (with the irq_work allocated with it) before trying to\nwake waiters, as it will cause a NULL pointer dereference.\n\nWhile debugging this, I added a NULL check for the buffer itself (which is\nOK to do), and also NULL pointer checks against buffer->buffers (which is\nnot fine, and will WARN) as well as making sure the CPU number passed in\nis within the nr_cpu_ids (which is also not fine if it isn't).\n\n\nBugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1204705"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2475de2bc0de17fb1b24c5e90194f84b5ca70d3e",
"version_value": "b5074df412bf3df9d6ce096b6fa03eb1082d05c9"
},
{
"version_affected": "<",
"version_name": "f4f15344110d0b5b8822ac97bc8200e71939c945",
"version_value": "49ca992f6e50d0f46ec9608f44e011cf3121f389"
},
{
"version_affected": "<",
"version_name": "f3ddb74ad0790030c9592229fb14d8c451f4e9a8",
"version_value": "7433632c9ff68a991bd0bc38cabf354e9d2de410"
},
{
"version_affected": "<",
"version_name": "5.15.75",
"version_value": "5.15.78"
},
{
"version_affected": "<",
"version_name": "6.0.3",
"version_value": "6.0.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b5074df412bf3df9d6ce096b6fa03eb1082d05c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5074df412bf3df9d6ce096b6fa03eb1082d05c9"
},
{
"url": "https://git.kernel.org/stable/c/49ca992f6e50d0f46ec9608f44e011cf3121f389",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49ca992f6e50d0f46ec9608f44e011cf3121f389"
},
{
"url": "https://git.kernel.org/stable/c/7433632c9ff68a991bd0bc38cabf354e9d2de410",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7433632c9ff68a991bd0bc38cabf354e9d2de410"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

157
2022/49xxx/CVE-2022-49890.json Normal file
View File

@ -0,0 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49890",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncapabilities: fix potential memleak on error path from vfs_getxattr_alloc()\n\nIn cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to\ncomplete the memory allocation of tmpbuf, if we have completed\nthe memory allocation of tmpbuf, but failed to call handler->get(...),\nthere will be a memleak in below logic:\n\n |-- ret = (int)vfs_getxattr_alloc(mnt_userns, ...)\n | /* ^^^ alloc for tmpbuf */\n |-- value = krealloc(*xattr_value, error + 1, flags)\n | /* ^^^ alloc memory */\n |-- error = handler->get(handler, ...)\n | /* error! */\n |-- *xattr_value = value\n | /* xattr_value is &tmpbuf (memory leak!) */\n\nSo we will try to free(tmpbuf) after vfs_getxattr_alloc() fails to fix it.\n\n[PM: subject line and backtrace tweaks]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8db6c34f1dbc8e06aa016a9b829b06902c3e1340",
"version_value": "6bb00eb21c0fbf18e5d3538c9ff0cf63fd0ace85"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.299",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.265",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.224",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6bb00eb21c0fbf18e5d3538c9ff0cf63fd0ace85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6bb00eb21c0fbf18e5d3538c9ff0cf63fd0ace85"
},
{
"url": "https://git.kernel.org/stable/c/90577bcc01c4188416a47269f8433f70502abe98",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90577bcc01c4188416a47269f8433f70502abe98"
},
{
"url": "https://git.kernel.org/stable/c/0c3e6288da650d1ec911a259c77bc2d88e498603",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c3e6288da650d1ec911a259c77bc2d88e498603"
},
{
"url": "https://git.kernel.org/stable/c/cdf01c807e974048c43c7fd3ca574f6086a57906",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdf01c807e974048c43c7fd3ca574f6086a57906"
},
{
"url": "https://git.kernel.org/stable/c/2de8eec8afb75792440b8900a01d52b8f6742fd1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2de8eec8afb75792440b8900a01d52b8f6742fd1"
},
{
"url": "https://git.kernel.org/stable/c/7480aeff0093d8c54377553ec6b31110bea37b4d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7480aeff0093d8c54377553ec6b31110bea37b4d"
},
{
"url": "https://git.kernel.org/stable/c/8cf0a1bc12870d148ae830a4ba88cfdf0e879cee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8cf0a1bc12870d148ae830a4ba88cfdf0e879cee"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

124
2022/49xxx/CVE-2022-49891.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49891",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()\n\ntest_gen_kprobe_cmd() only free buf in fail path, hence buf will leak\nwhen there is no failure. Move kfree(buf) from fail path to common path\nto prevent the memleak. The same reason and solution in\ntest_gen_kretprobe_cmd().\n\nunreferenced object 0xffff888143b14000 (size 2048):\n comm \"insmod\", pid 52490, jiffies 4301890980 (age 40.553s)\n hex dump (first 32 bytes):\n 70 3a 6b 70 72 6f 62 65 73 2f 67 65 6e 5f 6b 70 p:kprobes/gen_kp\n 72 6f 62 65 5f 74 65 73 74 20 64 6f 5f 73 79 73 robe_test do_sys\n backtrace:\n [<000000006d7b836b>] kmalloc_trace+0x27/0xa0\n [<0000000009528b5b>] 0xffffffffa059006f\n [<000000008408b580>] do_one_initcall+0x87/0x2a0\n [<00000000c4980a7e>] do_init_module+0xdf/0x320\n [<00000000d775aad0>] load_module+0x3006/0x3390\n [<00000000e9a74b80>] __do_sys_finit_module+0x113/0x1b0\n [<000000003726480d>] do_syscall_64+0x35/0x80\n [<000000003441e93b>] entry_SYSCALL_64_after_hwframe+0x46/0xb0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "64836248dda20c8e7427b493f7e06d9bf8f58850",
"version_value": "bef08acbe560a926b4cee9cc46404cc98ae5703b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bef08acbe560a926b4cee9cc46404cc98ae5703b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bef08acbe560a926b4cee9cc46404cc98ae5703b"
},
{
"url": "https://git.kernel.org/stable/c/d1b6a8e3414aeaa0985139180c145d2d0fbd2a49",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d1b6a8e3414aeaa0985139180c145d2d0fbd2a49"
},
{
"url": "https://git.kernel.org/stable/c/71aeb8d01a8c7ab5cf7da3f81b35206f56ce6bca",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/71aeb8d01a8c7ab5cf7da3f81b35206f56ce6bca"
},
{
"url": "https://git.kernel.org/stable/c/66f0919c953ef7b55e5ab94389a013da2ce80a2c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66f0919c953ef7b55e5ab94389a013da2ce80a2c"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

124
2022/49xxx/CVE-2022-49892.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49892",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix use-after-free for dynamic ftrace_ops\n\nKASAN reported a use-after-free with ftrace ops [1]. It was found from\nvmcore that perf had registered two ops with the same content\nsuccessively, both dynamic. After unregistering the second ops, a\nuse-after-free occurred.\n\nIn ftrace_shutdown(), when the second ops is unregistered, the\nFTRACE_UPDATE_CALLS command is not set because there is another enabled\nops with the same content. Also, both ops are dynamic and the ftrace\ncallback function is ftrace_ops_list_func, so the\nFTRACE_UPDATE_TRACE_FUNC command will not be set. Eventually the value\nof 'command' will be 0 and ftrace_shutdown() will skip the rcu\nsynchronization.\n\nHowever, ftrace may be activated. When the ops is released, another CPU\nmay be accessing the ops. Add the missing synchronization to fix this\nproblem.\n\n[1]\nBUG: KASAN: use-after-free in __ftrace_ops_list_func kernel/trace/ftrace.c:7020 [inline]\nBUG: KASAN: use-after-free in ftrace_ops_list_func+0x2b0/0x31c kernel/trace/ftrace.c:7049\nRead of size 8 at addr ffff56551965bbc8 by task syz-executor.2/14468\n\nCPU: 1 PID: 14468 Comm: syz-executor.2 Not tainted 5.10.0 #7\nHardware name: linux,dummy-virt (DT)\nCall trace:\n dump_backtrace+0x0/0x40c arch/arm64/kernel/stacktrace.c:132\n show_stack+0x30/0x40 arch/arm64/kernel/stacktrace.c:196\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1b4/0x248 lib/dump_stack.c:118\n print_address_description.constprop.0+0x28/0x48c mm/kasan/report.c:387\n __kasan_report mm/kasan/report.c:547 [inline]\n kasan_report+0x118/0x210 mm/kasan/report.c:564\n check_memory_region_inline mm/kasan/generic.c:187 [inline]\n __asan_load8+0x98/0xc0 mm/kasan/generic.c:253\n __ftrace_ops_list_func kernel/trace/ftrace.c:7020 [inline]\n ftrace_ops_list_func+0x2b0/0x31c kernel/trace/ftrace.c:7049\n ftrace_graph_call+0x0/0x4\n __might_sleep+0x8/0x100 include/linux/perf_event.h:1170\n __might_fault mm/memory.c:5183 [inline]\n __might_fault+0x58/0x70 mm/memory.c:5171\n do_strncpy_from_user lib/strncpy_from_user.c:41 [inline]\n strncpy_from_user+0x1f4/0x4b0 lib/strncpy_from_user.c:139\n getname_flags+0xb0/0x31c fs/namei.c:149\n getname+0x2c/0x40 fs/namei.c:209\n [...]\n\nAllocated by task 14445:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:48\n kasan_set_track mm/kasan/common.c:56 [inline]\n __kasan_kmalloc mm/kasan/common.c:479 [inline]\n __kasan_kmalloc.constprop.0+0x110/0x13c mm/kasan/common.c:449\n kasan_kmalloc+0xc/0x14 mm/kasan/common.c:493\n kmem_cache_alloc_trace+0x440/0x924 mm/slub.c:2950\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:675 [inline]\n perf_event_alloc.part.0+0xb4/0x1350 kernel/events/core.c:11230\n perf_event_alloc kernel/events/core.c:11733 [inline]\n __do_sys_perf_event_open kernel/events/core.c:11831 [inline]\n __se_sys_perf_event_open+0x550/0x15f4 kernel/events/core.c:11723\n __arm64_sys_perf_event_open+0x6c/0x80 kernel/events/core.c:11723\n [...]\n\nFreed by task 14445:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:48\n kasan_set_track+0x24/0x34 mm/kasan/common.c:56\n kasan_set_free_info+0x20/0x40 mm/kasan/generic.c:358\n __kasan_slab_free.part.0+0x11c/0x1b0 mm/kasan/common.c:437\n __kasan_slab_free mm/kasan/common.c:445 [inline]\n kasan_slab_free+0x2c/0x40 mm/kasan/common.c:446\n slab_free_hook mm/slub.c:1569 [inline]\n slab_free_freelist_hook mm/slub.c:1608 [inline]\n slab_free mm/slub.c:3179 [inline]\n kfree+0x12c/0xc10 mm/slub.c:4176\n perf_event_alloc.part.0+0xa0c/0x1350 kernel/events/core.c:11434\n perf_event_alloc kernel/events/core.c:11733 [inline]\n __do_sys_perf_event_open kernel/events/core.c:11831 [inline]\n __se_sys_perf_event_open+0x550/0x15f4 kernel/events/core.c:11723\n [...]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "edb096e00724f02db5f6ec7900f3bbd465c6c76f",
"version_value": "ea5f2fd4640ecbb9df969bf8bb27733ae2183169"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.154",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.78",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.8",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ea5f2fd4640ecbb9df969bf8bb27733ae2183169",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ea5f2fd4640ecbb9df969bf8bb27733ae2183169"
},
{
"url": "https://git.kernel.org/stable/c/88561a66777e7a2fe06638c6dcb22a9fae0b6733",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/88561a66777e7a2fe06638c6dcb22a9fae0b6733"
},
{
"url": "https://git.kernel.org/stable/c/cc1b9961a0ceb70f6ca4e2f4b8bb71c87c7a495c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc1b9961a0ceb70f6ca4e2f4b8bb71c87c7a495c"
},
{
"url": "https://git.kernel.org/stable/c/0e792b89e6800cd9cb4757a76a96f7ef3e8b6294",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0e792b89e6800cd9cb4757a76a96f7ef3e8b6294"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

78
2025/23xxx/CVE-2025-23244.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23244",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@nvidia.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NVIDIA",
"product": {
"product_data": [
{
"product_name": "GPU Display Driver, vGPU Software, Cloud Gaming",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R535, R550, R570, R575"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5630",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5630"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

26
2025/23xxx/CVE-2025-23245.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data tampering."
"value": "NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to access global resources. A successful exploit of this vulnerability might lead to denial of service."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data",
"cweId": "CWE-502"
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
}
]
}
@ -36,12 +36,12 @@
"product": {
"product_data": [
{
"product_name": "TensorRT-LLM",
"product_name": "vGPU Software, Cloud Gaming",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions prior to 0.18.2"
"version_value": "R535, R550, R570, R575"
}
]
}
@ -55,9 +55,9 @@
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5648",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5630",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5648"
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5630"
}
]
},
@ -73,14 +73,14 @@
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]

78
2025/23xxx/CVE-2025-23254.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23254",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@nvidia.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data tampering."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data",
"cweId": "CWE-502"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NVIDIA",
"product": {
"product_data": [
{
"product_name": "TensorRT-LLM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions prior to 0.18.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5648",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5648"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

56
2025/44xxx/CVE-2025-44838.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-44838",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-44838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Totolink CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/n0wstr/IOTVuln/tree/main/CP900/setUploadUserData",
"refsource": "MISC",
"name": "https://github.com/n0wstr/IOTVuln/tree/main/CP900/setUploadUserData"
}
]
}