admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-02-05 08:00:34 +00:00
parent 3f377f2000
commit 3e14a481fc
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
18 changed files with 1017 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/24xxx/CVE-2023-24676.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue found in Processwire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the download_zip_url parameter when installing a new module."
"value": "** DISPUTED ** An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the download_zip_url parameter when installing a new module. NOTE: this is disputed because exploitation requires that the attacker is able to enter requests as an admin; however, a ProcessWire admin is intentionally allowed to install any module that contains any arbitrary code."
}
]
},

5
2023/27xxx/CVE-2023-27043.json
View File

@ -156,6 +156,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2024-3ab90a5b01",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2023-0583eedde7",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/"
}
]
}

5
2023/47xxx/CVE-2023-47038.json
View File

@ -184,6 +184,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249523",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2249523"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/"
}
]
},

5
2023/47xxx/CVE-2023-47627.json
View File

@ -73,6 +73,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQYQL6WV535EEKSNH7KRARLLMOW5WXDM/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQYQL6WV535EEKSNH7KRARLLMOW5WXDM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUSJVQ7OQ55RWL4XAX2F5EZ73N4ZSH6U/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUSJVQ7OQ55RWL4XAX2F5EZ73N4ZSH6U/"
}
]
},

10
2023/6xxx/CVE-2023-6111.json
View File

@ -74,6 +74,16 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQ7JVDEDZV5SNHG5EW7RHKK2ZN56HSGB/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQ7JVDEDZV5SNHG5EW7RHKK2ZN56HSGB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3S55P23EYAWDHXZPJEVTGIRZZRICYI3Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3S55P23EYAWDHXZPJEVTGIRZZRICYI3Z/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OXWBKK7RTQOGGDLQGCZFS753VLGS2GD/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OXWBKK7RTQOGGDLQGCZFS753VLGS2GD/"
}
]
},

18
2024/1xxx/CVE-2024-1224.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1224",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

102
2024/22xxx/CVE-2024-22386.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22386",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's drm/exynos device driver in\u00a0exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v4.11-rc1",
"version_value": "v6.6-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8147",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8147"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=2e63972a2de14482d0eae1a03a73e379f1c3f44c\">https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=2e63972a2de14482d0eae...</a><br>"
}
],
"value": " https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=2e63972a2de14482d0eae... https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}

61
2024/22xxx/CVE-2024-22667.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22667",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-22667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47",
"refsource": "MISC",
"name": "https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/henices/2467e7f22dcc2aa97a2453e197b55a0c/raw/7b54bccc9a129c604fb139266f4497ab7aaa94c7/gistfile1.txt",
"url": "https://gist.githubusercontent.com/henices/2467e7f22dcc2aa97a2453e197b55a0c/raw/7b54bccc9a129c604fb139266f4497ab7aaa94c7/gistfile1.txt"
}
]
}

102
2024/23xxx/CVE-2024-23196.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v5.6-rc1",
"version_value": "v6.5-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8148",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8148"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/1f4a08fed450d\">https://github.com/torvalds/linux/commit/1f4a08fed450d</a><br>"
}
],
"value": " https://github.com/torvalds/linux/commit/1f4a08fed450d https://github.com/torvalds/linux/commit/1f4a08fed450d \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24855.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v2.6.34-rc2",
"version_value": "v6.5-rc2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8149",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8149"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/0e881c0a4b614\">https://github.com/torvalds/linux/commit/0e881c0a4b614</a><br>"
}
],
"value": " https://github.com/torvalds/linux/commit/0e881c0a4b614 https://github.com/torvalds/linux/commit/0e881c0a4b614 \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24857.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24857",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v4.0-rc1",
"version_value": "v6.8-rc2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8155",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8155"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/\">https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/</a><br>"
}
],
"value": " https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/ https://lore.kernel.org/lkml/20231222162310.6461-1-2045gemini@gmail.com/T/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24858.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24858",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v4.0-rc1",
"version_value": "v6.8-rc2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8154",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8154"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/\">https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/</a><br>"
}
],
"value": " https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/ https://lore.kernel.org/lkml/20231222161317.6255-1-2045gemini@gmail.com/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24859.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24859",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.\n\n\n\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v4.0-rc1",
"version_value": "v6.8-rc2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8153",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8153"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/\">https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/</a><br>"
}
],
"value": " https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/ https://lore.kernel.org/lkml/20231222162931.6553-1-2045gemini@gmail.com/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24860.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24860",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v5.6-rc1",
"version_value": "v6.8-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8151",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8151"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/da9065caa594d\">https://github.com/torvalds/linux/commit/da9065caa594d</a><br>"
}
],
"value": " https://github.com/torvalds/linux/commit/da9065caa594d https://github.com/torvalds/linux/commit/da9065caa594d \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24861.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24861",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v3.1-rc1",
"version_value": "v6.8-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8150",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8150"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/\">https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/</a><br>"
}
],
"value": " https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/ https://lore.kernel.org/lkml/20231222055030.5237-1-2045gemini@gmail.com/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
]
}

102
2024/24xxx/CVE-2024-24864.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write()\u00a0function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v2.6.12-rc2",
"version_value": "v6.8-rc2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8178",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8178"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<u><a target=\"_blank\" rel=\"nofollow\" href=\"https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/\">https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/</a><br></u><a target=\"_blank\" rel=\"nofollow\" href=\"https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/\">https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/</a><br>"
}
],
"value": " https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/ https://patchwork.kernel.org/project/linux-media/patch/20230626024429.994136-1-islituo@gmail.com/ \n https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/ https://lore.kernel.org/all/20230626024429.994136-1-islituo@gmail.com/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "\u767d\u5bb6\u9a79 <baijiaju@buaa.edu.cn>"
},
{
"lang": "en",
"value": "\u97e9\u6842\u680b <hanguidong@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}

18
2024/25xxx/CVE-2024-25102.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25102",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/25xxx/CVE-2024-25103.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25103",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}