admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-01-08 18:00:57 +00:00
parent 7e6deeff3e
commit 53dc24f67b
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
36 changed files with 2398 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
2023/35xxx/CVE-2023-35685.json
View File

@ -1,18 +1,69 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35685",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In DevmemIntMapPages of devicemem_server.c, there is a possible physical\u00a0page uaf due to a logic error in the code. This could lead to local\u00a0escalation of privilege in the kernel with no additional execution\u00a0privileges needed. User interaction is not needed for exploitation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://issuetracker.google.com/issues/42420027",
"refsource": "MISC",
"name": "https://issuetracker.google.com/issues/42420027"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
}
}

18
2024/13xxx/CVE-2024-13214.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13214",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/13xxx/CVE-2024-13215.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13215",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/13xxx/CVE-2024-13216.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13216",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

71
2024/51xxx/CVE-2024-51442.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51442",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-51442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/projects/minidlna/",
"refsource": "MISC",
"name": "https://sourceforge.net/projects/minidlna/"
},
{
"url": "https://sourceforge.net/p/minidlna/git/ci/master/tree/minidlna.c",
"refsource": "MISC",
"name": "https://sourceforge.net/p/minidlna/git/ci/master/tree/minidlna.c"
},
{
"url": "https://sourceforge.net/p/minidlna/bugs/364/",
"refsource": "MISC",
"name": "https://sourceforge.net/p/minidlna/bugs/364/"
},
{
"refsource": "MISC",
"name": "https://github.com/mselbrede/CVE-2024-51442",
"url": "https://github.com/mselbrede/CVE-2024-51442"
}
]
}

92
2024/56xxx/CVE-2024-56771.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56771",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information\n\nThese four chips:\n* W25N512GW\n* W25N01GW\n* W25N01JW\n* W25N02JW\nall require a single bit of ECC strength and thus feature an on-die\nHamming-like ECC engine. There is no point in filling a ->get_status()\ncallback for them because the main ECC status bytes are located in\nstandard places, and retrieving the number of bitflips in case of\ncorrected chunk is both useless and unsupported (if there are bitflips,\nthen there is 1 at most, so no need to query the chip for that).\n\nWithout this change, a kernel warning triggers every time a bit flips."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6a804fb72de56d6a99b799f565ae45f2cec7cd55",
"version_value": "234d5f75c3ae911b52c5e4442b8a87fbbd129836"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/234d5f75c3ae911b52c5e4442b8a87fbbd129836",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/234d5f75c3ae911b52c5e4442b8a87fbbd129836"
},
{
"url": "https://git.kernel.org/stable/c/fee9b240916df82a8b07aef0fdfe96785417a164",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fee9b240916df82a8b07aef0fdfe96785417a164"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2024/56xxx/CVE-2024-56772.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56772",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: string-stream: Fix a UAF bug in kunit_init_suite()\n\nIn kunit_debugfs_create_suite(), if alloc_string_stream() fails in the\nkunit_suite_for_each_test_case() loop, the \"suite->log = stream\"\nhas assigned before, and the error path only free the suite->log's stream\nmemory but not set it to NULL, so the later string_stream_clear() of\nsuite->log in kunit_init_suite() will cause below UAF bug.\n\nSet stream pointer to NULL after free to fix it.\n\n\tUnable to handle kernel paging request at virtual address 006440150000030d\n\tMem abort info:\n\t ESR = 0x0000000096000004\n\t EC = 0x25: DABT (current EL), IL = 32 bits\n\t SET = 0, FnV = 0\n\t EA = 0, S1PTW = 0\n\t FSC = 0x04: level 0 translation fault\n\tData abort info:\n\t ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n\t CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n\t GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n\t[006440150000030d] address between user and kernel address ranges\n\tInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n\tDumping ftrace buffer:\n\t (ftrace buffer empty)\n\tModules linked in: iio_test_gts industrialio_gts_helper cfg80211 rfkill ipv6 [last unloaded: iio_test_gts]\n\tCPU: 5 UID: 0 PID: 6253 Comm: modprobe Tainted: G B W N 6.12.0-rc4+ #458\n\tTainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST\n\tHardware name: linux,dummy-virt (DT)\n\tpstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\tpc : string_stream_clear+0x54/0x1ac\n\tlr : string_stream_clear+0x1a8/0x1ac\n\tsp : ffffffc080b47410\n\tx29: ffffffc080b47410 x28: 006440550000030d x27: ffffff80c96b5e98\n\tx26: ffffff80c96b5e80 x25: ffffffe461b3f6c0 x24: 0000000000000003\n\tx23: ffffff80c96b5e88 x22: 1ffffff019cdf4fc x21: dfffffc000000000\n\tx20: ffffff80ce6fa7e0 x19: 032202a80000186d x18: 0000000000001840\n\tx17: 0000000000000000 x16: 0000000000000000 x15: ffffffe45c355cb4\n\tx14: ffffffe45c35589c x13: ffffffe45c03da78 x12: ffffffb810168e75\n\tx11: 1ffffff810168e74 x10: ffffffb810168e74 x9 : dfffffc000000000\n\tx8 : 0000000000000004 x7 : 0000000000000003 x6 : 0000000000000001\n\tx5 : ffffffc080b473a0 x4 : 0000000000000000 x3 : 0000000000000000\n\tx2 : 0000000000000001 x1 : ffffffe462fbf620 x0 : dfffffc000000000\n\tCall trace:\n\t string_stream_clear+0x54/0x1ac\n\t __kunit_test_suites_init+0x108/0x1d8\n\t kunit_exec_run_tests+0xb8/0x100\n\t kunit_module_notify+0x400/0x55c\n\t notifier_call_chain+0xfc/0x3b4\n\t blocking_notifier_call_chain+0x68/0x9c\n\t do_init_module+0x24c/0x5c8\n\t load_module+0x4acc/0x4e90\n\t init_module_from_file+0xd4/0x128\n\t idempotent_init_module+0x2d4/0x57c\n\t __arm64_sys_finit_module+0xac/0x100\n\t invoke_syscall+0x6c/0x258\n\t el0_svc_common.constprop.0+0x160/0x22c\n\t do_el0_svc+0x44/0x5c\n\t el0_svc+0x48/0xb8\n\t el0t_64_sync_handler+0x13c/0x158\n\t el0t_64_sync+0x190/0x194\n\tCode: f9400753 d2dff800 f2fbffe0 d343fe7c (38e06b80)\n\t---[ end trace 0000000000000000 ]---\n\tKernel panic - not syncing: Oops: Fatal exception"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a3fdf784780ccb0008d630e8722d1389c49c7499",
"version_value": "3213b92754b94dec6836e8b4d6ec7d224a805b61"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3213b92754b94dec6836e8b4d6ec7d224a805b61",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3213b92754b94dec6836e8b4d6ec7d224a805b61"
},
{
"url": "https://git.kernel.org/stable/c/39e21403c978862846fa68b7f6d06f9cca235194",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39e21403c978862846fa68b7f6d06f9cca235194"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2024/56xxx/CVE-2024-56773.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56773",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: Fix potential null dereference in kunit_device_driver_test()\n\nkunit_kzalloc() may return a NULL pointer, dereferencing it without\nNULL check may lead to NULL dereference.\nAdd a NULL check for test_state."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d03c720e03bd9bf0b784d80b5d3ede7e2daf3b6e",
"version_value": "5d28fac59369b5d3c48cdf09e50275a61ff91202"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5d28fac59369b5d3c48cdf09e50275a61ff91202",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d28fac59369b5d3c48cdf09e50275a61ff91202"
},
{
"url": "https://git.kernel.org/stable/c/435c20eed572a95709b1536ff78832836b2f91b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/435c20eed572a95709b1536ff78832836b2f91b1"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2024/56xxx/CVE-2024-56774.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56774",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: add a sanity check for btrfs root in btrfs_search_slot()\n\nSyzbot reports a null-ptr-deref in btrfs_search_slot().\n\nThe reproducer is using rescue=ibadroots, and the extent tree root is\ncorrupted thus the extent tree is NULL.\n\nWhen scrub tries to search the extent tree to gather the needed extent\ninfo, btrfs_search_slot() doesn't check if the target root is NULL or\nnot, resulting the null-ptr-deref.\n\nAdd sanity check for btrfs root before using it in btrfs_search_slot()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "42437a6386ffeaaf200731e73d723ea491f3fe7d",
"version_value": "c71d114ef68c95da5a82ec85a721ab31f5bd905b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c71d114ef68c95da5a82ec85a721ab31f5bd905b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c71d114ef68c95da5a82ec85a721ab31f5bd905b"
},
{
"url": "https://git.kernel.org/stable/c/db66fb87c21e8ae724886e6a464dcbac562a64c6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/db66fb87c21e8ae724886e6a464dcbac562a64c6"
},
{
"url": "https://git.kernel.org/stable/c/757171d1369b3b47f36932d40a05a0715496dcab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/757171d1369b3b47f36932d40a05a0715496dcab"
},
{
"url": "https://git.kernel.org/stable/c/93992c3d9629b02dccf6849238559d5c24f2dece",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93992c3d9629b02dccf6849238559d5c24f2dece"
},
{
"url": "https://git.kernel.org/stable/c/3ed51857a50f530ac7a1482e069dfbd1298558d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3ed51857a50f530ac7a1482e069dfbd1298558d4"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2024/56xxx/CVE-2024-56775.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix handling of plane refcount\n\n[Why]\nThe mechanism to backup and restore plane states doesn't maintain\nrefcount, which can cause issues if the refcount of the plane changes\nin between backup and restore operations, such as memory leaks if the\nrefcount was supposed to go down, or double frees / invalid memory\naccesses if the refcount was supposed to go up.\n\n[How]\nCache and re-apply current refcount when restoring plane states."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "8cb2f6793845f135b28361ba8e96901cae3e5790"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790"
},
{
"url": "https://git.kernel.org/stable/c/27227a234c1487cb7a684615f0749c455218833a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/27227a234c1487cb7a684615f0749c455218833a"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2024/56xxx/CVE-2024-56776.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56776",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sti: avoid potential dereference of error pointers\n\nThe return value of drm_atomic_get_crtc_state() needs to be\nchecked. To avoid use of error pointer 'crtc_state' in case\nof the failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "dd86dc2f9ae1102f46115be1f1422265c15540f1",
"version_value": "e98ff67f5a68114804607de549c2350d27628fc7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e98ff67f5a68114804607de549c2350d27628fc7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e98ff67f5a68114804607de549c2350d27628fc7"
},
{
"url": "https://git.kernel.org/stable/c/40725c5fabee804fecce41d4d5c5bae80c45e1c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40725c5fabee804fecce41d4d5c5bae80c45e1c4"
},
{
"url": "https://git.kernel.org/stable/c/8ab73ac97c0fa528f66eeccd9bb53eb6eb7d20dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ab73ac97c0fa528f66eeccd9bb53eb6eb7d20dc"
},
{
"url": "https://git.kernel.org/stable/c/f67786293193cf01ebcc6fdbcbd1587b24f52679",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f67786293193cf01ebcc6fdbcbd1587b24f52679"
},
{
"url": "https://git.kernel.org/stable/c/831214f77037de02afc287eae93ce97f218d8c04",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/831214f77037de02afc287eae93ce97f218d8c04"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2024/56xxx/CVE-2024-56777.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56777",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check\n\nThe return value of drm_atomic_get_crtc_state() needs to be\nchecked. To avoid use of error pointer 'crtc_state' in case\nof the failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "dd86dc2f9ae1102f46115be1f1422265c15540f1",
"version_value": "f5804567cf9605d6e5ec46c0bb786f7d50f18c13"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f5804567cf9605d6e5ec46c0bb786f7d50f18c13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f5804567cf9605d6e5ec46c0bb786f7d50f18c13"
},
{
"url": "https://git.kernel.org/stable/c/b79612ed6bc1a184c45427105c851b5b2d4342ca",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b79612ed6bc1a184c45427105c851b5b2d4342ca"
},
{
"url": "https://git.kernel.org/stable/c/997b64c3f4c1827c5cfda8ae7f5d13f78d28b541",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/997b64c3f4c1827c5cfda8ae7f5d13f78d28b541"
},
{
"url": "https://git.kernel.org/stable/c/3cf2e7c448e246f7e700c7aa47450d1e27579559",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cf2e7c448e246f7e700c7aa47450d1e27579559"
},
{
"url": "https://git.kernel.org/stable/c/e965e771b069421c233d674c3c8cd8c7f7245f42",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e965e771b069421c233d674c3c8cd8c7f7245f42"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2024/56xxx/CVE-2024-56778.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56778",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check\n\nThe return value of drm_atomic_get_crtc_state() needs to be\nchecked. To avoid use of error pointer 'crtc_state' in case\nof the failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "dd86dc2f9ae1102f46115be1f1422265c15540f1",
"version_value": "31c857e7496d34e5a32a6f75bc024d0b06fd646a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/31c857e7496d34e5a32a6f75bc024d0b06fd646a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31c857e7496d34e5a32a6f75bc024d0b06fd646a"
},
{
"url": "https://git.kernel.org/stable/c/6b0d0d6e9d3c26697230bf7dc9e6b52bdb24086f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6b0d0d6e9d3c26697230bf7dc9e6b52bdb24086f"
},
{
"url": "https://git.kernel.org/stable/c/82a5312f874fb18f045d9658e9bd290e3b0621c0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/82a5312f874fb18f045d9658e9bd290e3b0621c0"
},
{
"url": "https://git.kernel.org/stable/c/837eb99ad3340c7a9febf454f41c8e3edb68ac1e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/837eb99ad3340c7a9febf454f41c8e3edb68ac1e"
},
{
"url": "https://git.kernel.org/stable/c/c1ab40a1fdfee732c7e6ff2fb8253760293e47e8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c1ab40a1fdfee732c7e6ff2fb8253760293e47e8"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

137
2024/56xxx/CVE-2024-56779.json
View File

@ -1,18 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56779",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur\n\nThe action force umount(umount -f) will attempt to kill all rpc_task even\numount operation may ultimately fail if some files remain open.\nConsequently, if an action attempts to open a file, it can potentially\nsend two rpc_task to nfs server.\n\n NFS CLIENT\nthread1 thread2\nopen(\"file\")\n...\nnfs4_do_open\n _nfs4_do_open\n _nfs4_open_and_get_state\n _nfs4_proc_open\n nfs4_run_open_task\n /* rpc_task1 */\n rpc_run_task\n rpc_wait_for_completion_task\n\n umount -f\n nfs_umount_begin\n rpc_killall_tasks\n rpc_signal_task\n rpc_task1 been wakeup\n and return -512\n _nfs4_do_open // while loop\n ...\n nfs4_run_open_task\n /* rpc_task2 */\n rpc_run_task\n rpc_wait_for_completion_task\n\nWhile processing an open request, nfsd will first attempt to find or\nallocate an nfs4_openowner. If it finds an nfs4_openowner that is not\nmarked as NFS4_OO_CONFIRMED, this nfs4_openowner will released. Since\ntwo rpc_task can attempt to open the same file simultaneously from the\nclient to server, and because two instances of nfsd can run\nconcurrently, this situation can lead to lots of memory leak.\nAdditionally, when we echo 0 to /proc/fs/nfsd/threads, warning will be\ntriggered.\n\n NFS SERVER\nnfsd1 nfsd2 echo 0 > /proc/fs/nfsd/threads\n\nnfsd4_open\n nfsd4_process_open1\n find_or_alloc_open_stateowner\n // alloc oo1, stateid1\n nfsd4_open\n nfsd4_process_open1\n find_or_alloc_open_stateowner\n // find oo1, without NFS4_OO_CONFIRMED\n release_openowner\n unhash_openowner_locked\n list_del_init(&oo->oo_perclient)\n // cannot find this oo\n // from client, LEAK!!!\n alloc_stateowner // alloc oo2\n\n nfsd4_process_open2\n init_open_stateid\n // associate oo1\n // with stateid1, stateid1 LEAK!!!\n nfs4_get_vfs_file\n // alloc nfsd_file1 and nfsd_file_mark1\n // all LEAK!!!\n\n nfsd4_process_open2\n ...\n\n write_threads\n ...\n nfsd_destroy_serv\n nfsd_shutdown_net\n nfs4_state_shutdown_net\n nfs4_state_destroy_net\n destroy_client\n __destroy_client\n // won't find oo1!!!\n nfsd_shutdown_generic\n nfsd_file_cache_shutdown\n kmem_cache_destroy\n for nfsd_file_slab\n and nfsd_file_mark_slab\n // bark since nfsd_file1\n // and nfsd_file_mark1\n // still alive\n\n=======================================================================\nBUG nfsd_file (Not tainted): Objects remaining in nfsd_file on\n__kmem_cache_shutdown()\n-----------------------------------------------------------------------\n\nSlab 0xffd4000004438a80 objects=34 used=1 fp=0xff11000110e2ad28\nflags=0x17ffffc0000240(workingset|head|node=0|zone=2|lastcpupid=0x1fffff)\nCPU: 4 UID: 0 PID: 757 Comm: sh Not tainted 6.12.0-rc6+ #19\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nCall Trace:\n <TASK>\n dum\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a85364f0d30dee01c5d5b4afa55a9629a8f36d8e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.287",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.231",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a85364f0d30dee01c5d5b4afa55a9629a8f36d8e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a85364f0d30dee01c5d5b4afa55a9629a8f36d8e"
},
{
"url": "https://git.kernel.org/stable/c/2d505a801e57428057563762f67a5a62009b2600",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2d505a801e57428057563762f67a5a62009b2600"
},
{
"url": "https://git.kernel.org/stable/c/0ab0a3ad24e970e894abcac58f85c332d1726749",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0ab0a3ad24e970e894abcac58f85c332d1726749"
},
{
"url": "https://git.kernel.org/stable/c/45abb68c941ebc9a35c6d3a7b08196712093c636",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45abb68c941ebc9a35c6d3a7b08196712093c636"
},
{
"url": "https://git.kernel.org/stable/c/37dfc81266d3a32294524bfadd3396614f8633ee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/37dfc81266d3a32294524bfadd3396614f8633ee"
},
{
"url": "https://git.kernel.org/stable/c/6f73f920b7ad0084373e46121d7ac34117aed652",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f73f920b7ad0084373e46121d7ac34117aed652"
},
{
"url": "https://git.kernel.org/stable/c/98100e88dd8865999dc6379a3356cd799795fe7b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98100e88dd8865999dc6379a3356cd799795fe7b"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

167
2024/56xxx/CVE-2024-56780.json
View File

@ -1,18 +1,177 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56780",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: flush quota_release_work upon quota writeback\n\nOne of the paths quota writeback is called from is:\n\nfreeze_super()\n sync_filesystem()\n ext4_sync_fs()\n dquot_writeback_dquots()\n\nSince we currently don't always flush the quota_release_work queue in\nthis path, we can end up with the following race:\n\n 1. dquot are added to releasing_dquots list during regular operations.\n 2. FS Freeze starts, however, this does not flush the quota_release_work queue.\n 3. Freeze completes.\n 4. Kernel eventually tries to flush the workqueue while FS is frozen which\n hits a WARN_ON since transaction gets started during frozen state:\n\n ext4_journal_check_start+0x28/0x110 [ext4] (unreliable)\n __ext4_journal_start_sb+0x64/0x1c0 [ext4]\n ext4_release_dquot+0x90/0x1d0 [ext4]\n quota_release_workfn+0x43c/0x4d0\n\nWhich is the following line:\n\n WARN_ON(sb->s_writers.frozen == SB_FREEZE_COMPLETE);\n\nWhich ultimately results in generic/390 failing due to dmesg\nnoise. This was detected on powerpc machine 15 cores.\n\nTo avoid this, make sure to flush the workqueue during\ndquot_writeback_dquots() so we dont have any pending workitems after\nfreeze."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d40c192e119892799dd4ddf94f5cea6fa93775ef",
"version_value": "a5abba5e0e586e258ded3e798fe5f69c66fec198"
},
{
"version_affected": "<",
"version_name": "86d89987f0998c98f57d641e308b40452a994045",
"version_value": "6f3821acd7c3143145999248087de5fb4b48cf26"
},
{
"version_affected": "<",
"version_name": "89602de9a2d7080b7a4029d5c1bf8f78d295ff5f",
"version_value": "ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb"
},
{
"version_affected": "<",
"version_name": "3027e200dd58d5b437f16634dbbd355b29ffe0a6",
"version_value": "3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb"
},
{
"version_affected": "<",
"version_name": "dabc8b20756601b9e1cc85a81d47d3f98ed4d13a",
"version_value": "bcacb52a985f1b6d280f698a470b873dfe52728a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.287",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.231",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.4",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5abba5e0e586e258ded3e798fe5f69c66fec198"
},
{
"url": "https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f3821acd7c3143145999248087de5fb4b48cf26"
},
{
"url": "https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ab6cfcf8ed2c7496f55d020b65b1d8cd55d9a2cb"
},
{
"url": "https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3e6ff207cd5bd924ad94cd1a7c633bcdac0ba1cb"
},
{
"url": "https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bcacb52a985f1b6d280f698a470b873dfe52728a"
},
{
"url": "https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ea87e34792258825d290f4dc5216276e91cb224"
},
{
"url": "https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac6f420291b3fee1113f21d612fa88b628afab5b"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

137
2024/56xxx/CVE-2024-56781.json
View File

@ -1,18 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56781",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/prom_init: Fixup missing powermac #size-cells\n\nOn some powermacs `escc` nodes are missing `#size-cells` properties,\nwhich is deprecated and now triggers a warning at boot since commit\n045b14ca5c36 (\"of: WARN on deprecated #address-cells/#size-cells\nhandling\").\n\nFor example:\n\n Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000\n WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108\n Hardware name: PowerMac3,1 7400 0xc0209 PowerMac\n ...\n Call Trace:\n of_bus_n_size_cells+0x98/0x108 (unreliable)\n of_bus_default_count_cells+0x40/0x60\n __of_get_address+0xc8/0x21c\n __of_address_to_resource+0x5c/0x228\n pmz_init_port+0x5c/0x2ec\n pmz_probe.isra.0+0x144/0x1e4\n pmz_console_init+0x10/0x48\n console_init+0xcc/0x138\n start_kernel+0x5c4/0x694\n\nAs powermacs boot via prom_init it's possible to add the missing\nproperties to the device tree during boot, avoiding the warning. Note\nthat `escc-legacy` nodes are also missing `#size-cells` properties, but\nthey are skipped by the macio driver, so leave them alone.\n\nDepends-on: 045b14ca5c36 (\"of: WARN on deprecated #address-cells/#size-cells handling\")"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "0b94d838018fb0a824e0cd3149034928c99fb1b7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.287",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.231",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.66",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0b94d838018fb0a824e0cd3149034928c99fb1b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0b94d838018fb0a824e0cd3149034928c99fb1b7"
},
{
"url": "https://git.kernel.org/stable/c/a79a7e3c03ae2a07f68b5f24d5ed549f9799ec89",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a79a7e3c03ae2a07f68b5f24d5ed549f9799ec89"
},
{
"url": "https://git.kernel.org/stable/c/ee68554d2c03e32077f7b984e5289fdb005036d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ee68554d2c03e32077f7b984e5289fdb005036d2"
},
{
"url": "https://git.kernel.org/stable/c/6d5f0453a2228607333bff0c85238a3cb495d194",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d5f0453a2228607333bff0c85238a3cb495d194"
},
{
"url": "https://git.kernel.org/stable/c/691284c2cd33ffaa0b35ce53b3286b90621e9dc9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/691284c2cd33ffaa0b35ce53b3286b90621e9dc9"
},
{
"url": "https://git.kernel.org/stable/c/296a109fa77110ba5267fe0e90a26005eecc2726",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/296a109fa77110ba5267fe0e90a26005eecc2726"
},
{
"url": "https://git.kernel.org/stable/c/cf89c9434af122f28a3552e6f9cc5158c33ce50a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cf89c9434af122f28a3552e6f9cc5158c33ce50a"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2024/56xxx/CVE-2024-56782.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56782",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()\n\nacpi_dev_hid_match() does not check for adev == NULL, dereferencing\nit unconditional.\n\nAdd a check for adev being NULL before calling acpi_dev_hid_match().\n\nAt the moment acpi_quirk_skip_serdev_enumeration() is never called with\na controller_parent without an ACPI companion, but better safe than sorry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "e173bce05f7032a8b4964cfef82a4b7668f5f3af"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e173bce05f7032a8b4964cfef82a4b7668f5f3af",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e173bce05f7032a8b4964cfef82a4b7668f5f3af"
},
{
"url": "https://git.kernel.org/stable/c/4a49194f587a62d972b602e3e1a2c3cfe6567966",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4a49194f587a62d972b602e3e1a2c3cfe6567966"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

124
2024/56xxx/CVE-2024-56783.json
View File

@ -1,18 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56783",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level\n\ncgroup maximum depth is INT_MAX by default, there is a cgroup toggle to\nrestrict this maximum depth to a more reasonable value not to harm\nperformance. Remove unnecessary WARN_ON_ONCE which is reachable from\nuserspace."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ace0db36b4a1db07a48517c4f04488d1cd05e5f5",
"version_value": "7064a6daa4a700a298fe3aee11dea296bfe59fc4"
},
{
"version_affected": "<",
"version_name": "f07e28e4c623168f9fa5c00f518bd341d4014aa6",
"version_value": "2f9bec0a749eb646b384fde0c7b7c24687b2ffae"
},
{
"version_affected": "<",
"version_name": "7f3287db654395f9c5ddd246325ff7889f550286",
"version_value": "e227c042580ab065edc610c9ddc9bea691e6fc4d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.66",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7064a6daa4a700a298fe3aee11dea296bfe59fc4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7064a6daa4a700a298fe3aee11dea296bfe59fc4"
},
{
"url": "https://git.kernel.org/stable/c/2f9bec0a749eb646b384fde0c7b7c24687b2ffae",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2f9bec0a749eb646b384fde0c7b7c24687b2ffae"
},
{
"url": "https://git.kernel.org/stable/c/e227c042580ab065edc610c9ddc9bea691e6fc4d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e227c042580ab065edc610c9ddc9bea691e6fc4d"
},
{
"url": "https://git.kernel.org/stable/c/b7529880cb961d515642ce63f9d7570869bbbdc3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7529880cb961d515642ce63f9d7570869bbbdc3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2024/56xxx/CVE-2024-56784.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56784",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Adding array index check to prevent memory corruption\n\n[Why & How]\nArray indices out of bound caused memory corruption. Adding checks to\nensure that array index stays in bound."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "dff526dc3e27f5484f5ba11471b9fbbe681467f2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba11471b9fbbe681467f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba11471b9fbbe681467f2"
},
{
"url": "https://git.kernel.org/stable/c/2c437d9a0b496168e1a1defd17b531f0a526dbe9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2c437d9a0b496168e1a1defd17b531f0a526dbe9"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

126
2024/56xxx/CVE-2024-56785.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56785",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nMIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a\n\nFix the dtc warnings:\n\n arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider\n arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider\n arch/mips/boot/dts/loongson/loongson64g_4core_ls7a.dtb: Warning (interrupt_map): Failed prerequisite 'interrupt_provider'\n\nAnd a runtime warning introduced in commit 045b14ca5c36 (\"of: WARN on\ndeprecated #address-cells/#size-cells handling\"):\n\n WARNING: CPU: 0 PID: 1 at drivers/of/base.c:106 of_bus_n_addr_cells+0x9c/0xe0\n Missing '#address-cells' in /bus@10000000/pci@1a000000/pci_bridge@9,0\n\nThe fix is similar to commit d89a415ff8d5 (\"MIPS: Loongson64: DTS: Fix PCIe\nport nodes for ls7a\"), which has fixed the issue for ls2k (despite its\nsubject mentions ls7a)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "5a2eaa3ad2b803c7ea442c6db7379466ee73c024"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.231",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.66",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5a2eaa3ad2b803c7ea442c6db7379466ee73c024",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5a2eaa3ad2b803c7ea442c6db7379466ee73c024"
},
{
"url": "https://git.kernel.org/stable/c/a7fd78075031871bc68fc56fdaa6e7a3934064b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7fd78075031871bc68fc56fdaa6e7a3934064b1"
},
{
"url": "https://git.kernel.org/stable/c/c8ee41fc3522c6659e324d90bc2ccd3b6310d7fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8ee41fc3522c6659e324d90bc2ccd3b6310d7fc"
},
{
"url": "https://git.kernel.org/stable/c/8ef9ea1503d0a129cc6f5cf48fb63633efa5d766",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ef9ea1503d0a129cc6f5cf48fb63633efa5d766"
},
{
"url": "https://git.kernel.org/stable/c/01575f2ff8ba578a3436f230668bd056dc2eb823",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/01575f2ff8ba578a3436f230668bd056dc2eb823"
},
{
"url": "https://git.kernel.org/stable/c/4fbd66d8254cedfd1218393f39d83b6c07a01917",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4fbd66d8254cedfd1218393f39d83b6c07a01917"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

93
2024/56xxx/CVE-2024-56786.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56786",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: put bpf_link's program when link is safe to be deallocated\n\nIn general, BPF link's underlying BPF program should be considered to be\nreachable through attach hook -> link -> prog chain, and, pessimistically,\nwe have to assume that as long as link's memory is not safe to free,\nattach hook's code might hold a pointer to BPF program and use it.\n\nAs such, it's not (generally) correct to put link's program early before\nwaiting for RCU GPs to go through. More eager bpf_prog_put() that we\ncurrently do is mostly correct due to BPF program's release code doing\nsimilar RCU GP waiting, but as will be shown in the following patches,\nBPF program can be non-sleepable (and, thus, reliant on only \"classic\"\nRCU GP), while BPF link's attach hook can have sleepable semantics and\nneeds to be protected by RCU Tasks Trace, and for such cases BPF link\nhas to go through RCU Tasks Trace + \"classic\" RCU GPs before being\ndeallocated. And so, if we put BPF program early, we might free BPF\nprogram before we free BPF link, leading to use-after-free situation.\n\nSo, this patch defers bpf_prog_put() until we are ready to perform\nbpf_link's deallocation. At worst, this delays BPF program freeing by\none extra RCU GP, but that seems completely acceptable. Alternatively,\nwe'd need more elaborate ways to determine BPF hook, BPF link, and BPF\nprogram lifetimes, and how they relate to each other, which seems like\nan unnecessary complication.\n\nNote, for most BPF links we still will perform eager bpf_prog_put() and\nlink dealloc, so for those BPF links there are no observable changes\nwhatsoever. Only BPF links that use deferred dealloc might notice\nslightly delayed freeing of BPF programs.\n\nAlso, to reduce code and logic duplication, extract program put + link\ndealloc logic into bpf_link_dealloc() helper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "5fe23c57abadfd46a7a66e81f3536e4757252a0b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6.66",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b"
},
{
"url": "https://git.kernel.org/stable/c/2fcb921c2799c49ac5e365cf4110f94a64ae4885",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fcb921c2799c49ac5e365cf4110f94a64ae4885"
},
{
"url": "https://git.kernel.org/stable/c/f44ec8733a8469143fde1984b5e6931b2e2f6f3f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f44ec8733a8469143fde1984b5e6931b2e2f6f3f"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

115
2024/56xxx/CVE-2024-56787.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56787",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: imx8m: Probe the SoC driver as platform driver\n\nWith driver_async_probe=* on kernel command line, the following trace is\nproduced because on i.MX8M Plus hardware because the soc-imx8m.c driver\ncalls of_clk_get_by_name() which returns -EPROBE_DEFER because the clock\ndriver is not yet probed. This was not detected during regular testing\nwithout driver_async_probe.\n\nConvert the SoC code to platform driver and instantiate a platform device\nin its current device_initcall() to probe the platform driver. Rework\n.soc_revision callback to always return valid error code and return SoC\nrevision via parameter. This way, if anything in the .soc_revision callback\nreturn -EPROBE_DEFER, it gets propagated to .probe and the .probe will get\nretried later.\n\n\"\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1 at drivers/soc/imx/soc-imx8m.c:115 imx8mm_soc_revision+0xdc/0x180\nCPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-next-20240924-00002-g2062bb554dea #603\nHardware name: DH electronics i.MX8M Plus DHCOM Premium Developer Kit (3) (DT)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : imx8mm_soc_revision+0xdc/0x180\nlr : imx8mm_soc_revision+0xd0/0x180\nsp : ffff8000821fbcc0\nx29: ffff8000821fbce0 x28: 0000000000000000 x27: ffff800081810120\nx26: ffff8000818a9970 x25: 0000000000000006 x24: 0000000000824311\nx23: ffff8000817f42c8 x22: ffff0000df8be210 x21: fffffffffffffdfb\nx20: ffff800082780000 x19: 0000000000000001 x18: ffffffffffffffff\nx17: ffff800081fff418 x16: ffff8000823e1000 x15: ffff0000c03b65e8\nx14: ffff0000c00051b0 x13: ffff800082790000 x12: 0000000000000801\nx11: ffff80008278ffff x10: ffff80008209d3a6 x9 : ffff80008062e95c\nx8 : ffff8000821fb9a0 x7 : 0000000000000000 x6 : 00000000000080e3\nx5 : ffff0000df8c03d8 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : 0000000000000000 x1 : fffffffffffffdfb x0 : fffffffffffffdfb\nCall trace:\n imx8mm_soc_revision+0xdc/0x180\n imx8_soc_init+0xb0/0x1e0\n do_one_initcall+0x94/0x1a8\n kernel_init_freeable+0x240/0x2a8\n kernel_init+0x28/0x140\n ret_from_fork+0x10/0x20\n---[ end trace 0000000000000000 ]---\nSoC: i.MX8MP revision 1.1\n\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "e497edb8f31ec2c2b6f4ce930e175aa2da8be334"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.174",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.120",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.66",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.5",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334"
},
{
"url": "https://git.kernel.org/stable/c/ea2ff66feb5f9b183f9e2f9d06c21340bd88de12",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ea2ff66feb5f9b183f9e2f9d06c21340bd88de12"
},
{
"url": "https://git.kernel.org/stable/c/2129f6faa5dfe8c6b87aad11720bf75edd77d3e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2129f6faa5dfe8c6b87aad11720bf75edd77d3e4"
},
{
"url": "https://git.kernel.org/stable/c/997a3c04d7fa3d1d385c14691350d096fada648c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/997a3c04d7fa3d1d385c14691350d096fada648c"
},
{
"url": "https://git.kernel.org/stable/c/9cc832d37799dbea950c4c8a34721b02b8b5a8ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9cc832d37799dbea950c4c8a34721b02b8b5a8ff"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

84
2024/6xxx/CVE-2024-6350.json
View File

@ -1,17 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6350",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@silabs.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A malformed 802.15.4 packet causes a buffer overflow to occur leading to an assert and a denial of service. A watchdog reset clears the error condition automatically."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "silabs.com",
"product": {
"product_data": [
{
"product_name": "Simplicity SDK",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2024.12.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.silabs.com/069Vm00000HtvDgIAJ",
"refsource": "MISC",
"name": "https://community.silabs.com/069Vm00000HtvDgIAJ"
},
{
"url": "https://github.com/SiliconLabs/simplicity_sdk/releases",
"refsource": "MISC",
"name": "https://github.com/SiliconLabs/simplicity_sdk/releases"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

18
2025/0xxx/CVE-2025-0331.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0331",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0332.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0332",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0333.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0333",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0334.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0334",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0335.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0335",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0336.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0336",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0337.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0337",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0338.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0338",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0339.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0339",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0340.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0340",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0341.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0341",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0342.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0342",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

79
2025/21xxx/CVE-2025-21111.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-21111",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@dell.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password",
"cweId": "CWE-256"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Dell",
"product": {
"product_data": [
{
"product_name": "Dell VxRail HCI",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "8.0.000",
"version_value": "8.0.311"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities",
"refsource": "MISC",
"name": "https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}