admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-05-22 09:00:34 +00:00
parent 534a467a0b
commit 558cf6b101
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
32 changed files with 3540 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
2021/47xxx/CVE-2021-47474.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47474",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix bulk-buffer overflow\n\nThe driver is using endpoint-sized buffers but must not assume that the\ntx and rx buffers are of equal size or a malicious device could overflow\nthe slab-allocated receive buffer when doing bulk transfers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "985cafccbf9b",
"version_value": "e0e6a63fd97a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.31",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.31",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.217",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.159",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.79",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.18",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.2",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7"
},
{
"url": "https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973"
},
{
"url": "https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772"
},
{
"url": "https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b"
},
{
"url": "https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993"
},
{
"url": "https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0"
},
{
"url": "https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3"
},
{
"url": "https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2"
},
{
"url": "https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2021/47xxx/CVE-2021-47475.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47475",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix transfer-buffer overflows\n\nThe driver uses endpoint-sized USB transfer buffers but up until\nrecently had no sanity checks on the sizes.\n\nCommit e1f13c879a7c (\"staging: comedi: check validity of wMaxPacketSize\nof usb endpoints found\") inadvertently fixed NULL-pointer dereferences\nwhen accessing the transfer buffers in case a malicious device has a\nzero wMaxPacketSize.\n\nMake sure to allocate buffers large enough to handle also the other\naccesses that are done without a size check (e.g. byte 18 in\nvmk80xx_cnt_insn_read() for the VMK8061_MODEL) to avoid writing beyond\nthe buffers, for example, when doing descriptor fuzzing.\n\nThe original driver was for a low-speed device with 8-byte buffers.\nSupport was later added for a device that uses bulk transfers and is\npresumably a full-speed device with a maximum 64-byte wMaxPacketSize."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "985cafccbf9b",
"version_value": "5229159f1d05"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.31",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.31",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.217",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.159",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.79",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.18",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.2",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f"
},
{
"url": "https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba"
},
{
"url": "https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7"
},
{
"url": "https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088"
},
{
"url": "https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9"
},
{
"url": "https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00"
},
{
"url": "https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47"
},
{
"url": "https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50"
},
{
"url": "https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2021/47xxx/CVE-2021-47476.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47476",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: ni_usb6501: fix NULL-deref in command paths\n\nThe driver uses endpoint-sized USB transfer buffers but had no sanity\nchecks on the sizes. This can lead to zero-size-pointer dereferences or\noverflowed transfer buffers in ni6501_port_command() and\nni6501_counter_command() if a (malicious) device has smaller max-packet\nsizes than expected (or when doing descriptor fuzz testing).\n\nAdd the missing sanity checks to probe()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a03bb00e50ab",
"version_value": "58478143771b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.217",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.159",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.79",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.18",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.2",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224"
},
{
"url": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816"
},
{
"url": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632"
},
{
"url": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1"
},
{
"url": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3"
},
{
"url": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1"
},
{
"url": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea"
},
{
"url": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1"
},
{
"url": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2021/47xxx/CVE-2021-47477.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47477",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: dt9812: fix DMA buffers on stack\n\nUSB transfer buffers are typically mapped for DMA and must not be\nallocated on the stack or transfers will fail.\n\nAllocate proper transfer buffers in the various command helpers and\nreturn an error on short transfers instead of acting on random stack\ndata.\n\nNote that this also fixes a stack info leak on systems where DMA is not\nused as 32 bytes are always sent to the device regardless of how short\nthe command is."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "63274cd7d38a",
"version_value": "a6af69768d5c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.29",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.29",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.217",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.159",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.79",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.18",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.2",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723"
},
{
"url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2"
},
{
"url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97"
},
{
"url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3"
},
{
"url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe"
},
{
"url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6"
},
{
"url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed"
},
{
"url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e"
},
{
"url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

159
2021/47xxx/CVE-2021-47478.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47478",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "156ce5bb6cc4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.217",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.159",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.79",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.18",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.2",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f"
},
{
"url": "https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e"
},
{
"url": "https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f"
},
{
"url": "https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1"
},
{
"url": "https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5"
},
{
"url": "https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7"
},
{
"url": "https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945"
},
{
"url": "https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d"
},
{
"url": "https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2021/47xxx/CVE-2021-47479.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47479",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use-after-free in rtl8712_dl_fw\n\nSyzbot reported use-after-free in rtl8712_dl_fw(). The problem was in\nrace condition between r871xu_dev_remove() ->ndo_open() callback.\n\nIt's easy to see from crash log, that driver accesses released firmware\nin ->ndo_open() callback. It may happen, since driver was releasing\nfirmware _before_ unregistering netdev. Fix it by moving\nunregister_netdev() before cleaning up resources.\n\nCall Trace:\n...\n rtl871x_open_fw drivers/staging/rtl8712/hal_init.c:83 [inline]\n rtl8712_dl_fw+0xd95/0xe10 drivers/staging/rtl8712/hal_init.c:170\n rtl8712_hal_init drivers/staging/rtl8712/hal_init.c:330 [inline]\n rtl871x_hal_init+0xae/0x180 drivers/staging/rtl8712/hal_init.c:394\n netdev_open+0xe6/0x6c0 drivers/staging/rtl8712/os_intfs.c:380\n __dev_open+0x2bc/0x4d0 net/core/dev.c:1484\n\nFreed by task 1306:\n...\n release_firmware+0x1b/0x30 drivers/base/firmware_loader/main.c:1053\n r871xu_dev_remove+0xcc/0x2c0 drivers/staging/rtl8712/usb_intf.c:599\n usb_unbind_interface+0x1d8/0x8d0 drivers/usb/core/driver.c:458"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8c213fa59199",
"version_value": "c430094541a8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.79",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.18",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.2",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506"
},
{
"url": "https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed"
},
{
"url": "https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4"
},
{
"url": "https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

148
2021/47xxx/CVE-2021-47480.json
View File

@ -1,18 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47480",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won't be unloaded before SCSI\nhost instance is released because shost->hostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of 'BUG: unable to handle page fault for address'\nreported by Changhui and Yi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "1105573d964f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.216",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.158",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.78",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.17",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813"
},
{
"url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428"
},
{
"url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee"
},
{
"url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0"
},
{
"url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b"
},
{
"url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f"
},
{
"url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836"
},
{
"url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

92
2021/47xxx/CVE-2021-47481.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47481",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize the ODP xarray when creating an ODP MR\n\nNormally the zero fill would hide the missing initialization, but an\nerrant set to desc_size in reg_create() causes a crash:\n\n BUG: unable to handle page fault for address: 0000000800000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 5 PID: 890 Comm: ib_write_bw Not tainted 5.15.0-rc4+ #47\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5_ib_dereg_mr+0x14/0x3b0 [mlx5_ib]\n Code: 48 63 cd 4c 89 f7 48 89 0c 24 e8 37 30 03 e1 48 8b 0c 24 eb a0 90 0f 1f 44 00 00 41 56 41 55 41 54 55 53 48 89 fb 48 83 ec 30 <48> 8b 2f 65 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 8b 87 c8\n RSP: 0018:ffff88811afa3a60 EFLAGS: 00010286\n RAX: 000000000000001c RBX: 0000000800000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000800000000\n RBP: 0000000800000000 R08: 0000000000000000 R09: c0000000fffff7ff\n R10: ffff88811afa38f8 R11: ffff88811afa38f0 R12: ffffffffa02c7ac0\n R13: 0000000000000000 R14: ffff88811afa3cd8 R15: ffff88810772fa00\n FS: 00007f47b9080740(0000) GS:ffff88852cd40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000800000000 CR3: 000000010761e003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n mlx5_ib_free_odp_mr+0x95/0xc0 [mlx5_ib]\n mlx5_ib_dereg_mr+0x128/0x3b0 [mlx5_ib]\n ib_dereg_mr_user+0x45/0xb0 [ib_core]\n ? xas_load+0x8/0x80\n destroy_hw_idr_uobject+0x1a/0x50 [ib_uverbs]\n uverbs_destroy_uobject+0x2f/0x150 [ib_uverbs]\n uobj_destroy+0x3c/0x70 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x467/0xb00 [ib_uverbs]\n ? uverbs_finalize_object+0x60/0x60 [ib_uverbs]\n ? ttwu_queue_wakelist+0xa9/0xe0\n ? pty_write+0x85/0x90\n ? file_tty_write.isra.33+0x214/0x330\n ? process_echoes+0x60/0x60\n ib_uverbs_ioctl+0xa7/0x110 [ib_uverbs]\n __x64_sys_ioctl+0x10d/0x8e0\n ? vfs_write+0x17f/0x260\n do_syscall_64+0x3c/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nAdd the missing xarray initialization and remove the desc_size set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a639e66703ee",
"version_value": "5f6995295f65"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe"
},
{
"url": "https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2021/47xxx/CVE-2021-47482.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47482",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn't any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won't call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c6c8fea29769",
"version_value": "0c6b199f09be"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.38",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.38",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.293",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.289",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.254",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.215",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.157",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"
},
{
"url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"
},
{
"url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"
},
{
"url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"
},
{
"url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"
},
{
"url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"
},
{
"url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"
},
{
"url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2021/47xxx/CVE-2021-47483.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47483",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when 'present' realloc failed,\nthe 'blk' which is supposed to assign to 'rbnode->block' will be freed,\nso 'rbnode->block' points a freed memory, in the error handling path of\nregcache_rbtree_init(), 'rbnode->block' will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode->block to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3f4ff561bc88",
"version_value": "e72dce9afbdb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.12",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.291",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.289",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.254",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.215",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.157",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999"
},
{
"url": "https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2"
},
{
"url": "https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6"
},
{
"url": "https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091"
},
{
"url": "https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f"
},
{
"url": "https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6"
},
{
"url": "https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047"
},
{
"url": "https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

92
2021/47xxx/CVE-2021-47484.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47484",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix possible null pointer dereference.\n\nThis patch fixes possible null pointer dereference in files\n\"rvu_debugfs.c\" and \"rvu_nix.c\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8756828a8148",
"version_value": "f1e3cd1cc802"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0"
},
{
"url": "https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2021/47xxx/CVE-2021-47485.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47485",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f931551bafe1",
"version_value": "bda41654b6e0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.35",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.35",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.292",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.290",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.255",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.216",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.157",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0"
},
{
"url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad"
},
{
"url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d"
},
{
"url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42"
},
{
"url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724"
},
{
"url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780"
},
{
"url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952"
},
{
"url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2021/47xxx/CVE-2021-47486.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv, bpf: Fix potential NULL dereference\n\nThe bpf_jit_binary_free() function requires a non-NULL argument. When\nthe RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps,\njit_data->header will be NULL, which triggers a NULL\ndereference. Avoid this by checking the argument, prior calling the\nfunction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ca6cb5447cec",
"version_value": "cac6b043cea3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d"
},
{
"url": "https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41"
},
{
"url": "https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

93
2021/47xxx/CVE-2021-47487.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47487",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix out of bounds write\n\nSize can be any value and is user controlled resulting in overwriting the\n40 byte array wr_buf with an arbitrary length of data from buf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "eb3b6805e3e9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/eb3b6805e3e9d98b2507201fd061a231988ce623",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb3b6805e3e9d98b2507201fd061a231988ce623"
},
{
"url": "https://git.kernel.org/stable/c/d3ed72495a59fbfb9377450c8dfe94389a6509a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d3ed72495a59fbfb9377450c8dfe94389a6509a7"
},
{
"url": "https://git.kernel.org/stable/c/5afa7898ab7a0ec9c28556a91df714bf3c2f725e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5afa7898ab7a0ec9c28556a91df714bf3c2f725e"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2021/47xxx/CVE-2021-47488.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47488",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: Fix memory leak caused by missing cgroup_bpf_offline\n\nWhen enabling CONFIG_CGROUP_BPF, kmemleak can be observed by running\nthe command as below:\n\n $mount -t cgroup -o none,name=foo cgroup cgroup/\n $umount cgroup/\n\nunreferenced object 0xc3585c40 (size 64):\n comm \"mount\", pid 425, jiffies 4294959825 (age 31.990s)\n hex dump (first 32 bytes):\n 01 00 00 80 84 8c 28 c0 00 00 00 00 00 00 00 00 ......(.........\n 00 00 00 00 00 00 00 00 6c 43 a0 c3 00 00 00 00 ........lC......\n backtrace:\n [<e95a2f9e>] cgroup_bpf_inherit+0x44/0x24c\n [<1f03679c>] cgroup_setup_root+0x174/0x37c\n [<ed4b0ac5>] cgroup1_get_tree+0x2c0/0x4a0\n [<f85b12fd>] vfs_get_tree+0x24/0x108\n [<f55aec5c>] path_mount+0x384/0x988\n [<e2d5e9cd>] do_mount+0x64/0x9c\n [<208c9cfe>] sys_mount+0xfc/0x1f4\n [<06dd06e0>] ret_fast_syscall+0x0/0x48\n [<a8308cb3>] 0xbeb4daa8\n\nThis is because that since the commit 2b0d3d3e4fcf (\"percpu_ref: reduce\nmemory footprint of percpu_ref in fast path\") root_cgrp->bpf.refcnt.data\nis allocated by the function percpu_ref_init in cgroup_bpf_inherit which\nis called by cgroup_setup_root when mounting, but not freed along with\nroot_cgrp when umounting. Adding cgroup_bpf_offline which calls\npercpu_ref_kill to cgroup_kill_sb can free root_cgrp->bpf.refcnt.data in\numount path.\n\nThis patch also fixes the commit 4bfc0bb2c60e (\"bpf: decouple the lifetime\nof cgroup_bpf from cgroup itself\"). A cgroup_bpf_offline is needed to do a\ncleanup that frees the resources which are allocated by cgroup_bpf_inherit\nin cgroup_setup_root.\n\nAnd inside cgroup_bpf_offline, cgroup_get() is at the beginning and\ncgroup_put is at the end of cgroup_bpf_release which is called by\ncgroup_bpf_offline. So cgroup_bpf_offline can keep the balance of\ncgroup's refcount."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4bfc0bb2c60e",
"version_value": "01599bf7cc2b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/01599bf7cc2b49c3d2be886cb438647dc25446ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/01599bf7cc2b49c3d2be886cb438647dc25446ed"
},
{
"url": "https://git.kernel.org/stable/c/b529f88d93884cf8ccafda793ee3d27b82fa578d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b529f88d93884cf8ccafda793ee3d27b82fa578d"
},
{
"url": "https://git.kernel.org/stable/c/04f8ef5643bcd8bcde25dfdebef998aea480b2ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/04f8ef5643bcd8bcde25dfdebef998aea480b2ba"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

92
2021/47xxx/CVE-2021-47489.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47489",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix even more out of bound writes from debugfs\n\nCVE-2021-42327 was fixed by:\n\ncommit f23750b5b3d98653b31d4469592935ef6364ad67\nAuthor: Thelford Williams <tdwilliamsiv@gmail.com>\nDate: Wed Oct 13 16:04:13 2021 -0400\n\n drm/amdgpu: fix out of bounds write\n\nbut amdgpu_dm_debugfs.c contains more of the same issue so fix the\nremaining ones.\n\nv2:\n\t* Add missing fix in dp_max_bpc_write (Harry Wentland)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "918698d5c2b5",
"version_value": "9eb4bdd554fc"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9"
},
{
"url": "https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

126
2021/47xxx/CVE-2021-47490.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47490",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix memleak in ttm_transfered_destroy\n\nWe need to cleanup the fences for ghost objects as well.\n\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214029\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214447"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "bd99782f3ca4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.157",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.158",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.78",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd"
},
{
"url": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9"
},
{
"url": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db"
},
{
"url": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a"
},
{
"url": "https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd"
},
{
"url": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2021/47xxx/CVE-2021-47491.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47491",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: khugepaged: skip huge page collapse for special files\n\nThe read-only THP for filesystems will collapse THP for files opened\nreadonly and mapped with VM_EXEC. The intended usecase is to avoid TLB\nmisses for large text segments. But it doesn't restrict the file types\nso a THP could be collapsed for a non-regular file, for example, block\ndevice, if it is opened readonly and mapped with EXEC permission. This\nmay cause bugs, like [1] and [2].\n\nThis is definitely not the intended usecase, so just collapse THP for\nregular files in order to close the attack surface.\n\n[shy828301@gmail.com: fix vm_file check [3]]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "99cb0dbd47a1",
"version_value": "6d67b2a73b8e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.78",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8"
},
{
"url": "https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9"
},
{
"url": "https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2021/47xxx/CVE-2021-47492.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47492",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, thp: bail out early in collapse_file for writeback page\n\nCurrently collapse_file does not explicitly check PG_writeback, instead,\npage_has_private and try_to_release_page are used to filter writeback\npages. This does not work for xfs with blocksize equal to or larger\nthan pagesize, because in such case xfs has no page->private.\n\nThis makes collapse_file bail out early for writeback page. Otherwise,\nxfs end_page_writeback will panic as follows.\n\n page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:ffff0003f88c86a8 index:0x0 pfn:0x84ef32\n aops:xfs_address_space_operations [xfs] ino:30000b7 dentry name:\"libtest.so\"\n flags: 0x57fffe0000008027(locked|referenced|uptodate|active|writeback)\n raw: 57fffe0000008027 ffff80001b48bc28 ffff80001b48bc28 ffff0003f88c86a8\n raw: 0000000000000000 0000000000000000 00000000ffffffff ffff0000c3e9a000\n page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u <= 127u))\n page->mem_cgroup:ffff0000c3e9a000\n ------------[ cut here ]------------\n kernel BUG at include/linux/mm.h:1212!\n Internal error: Oops - BUG: 0 [#1] SMP\n Modules linked in:\n BUG: Bad page state in process khugepaged pfn:84ef32\n xfs(E)\n page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:0 index:0x0 pfn:0x84ef32\n libcrc32c(E) rfkill(E) aes_ce_blk(E) crypto_simd(E) ...\n CPU: 25 PID: 0 Comm: swapper/25 Kdump: loaded Tainted: ...\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n Call trace:\n end_page_writeback+0x1c0/0x214\n iomap_finish_page_writeback+0x13c/0x204\n iomap_finish_ioend+0xe8/0x19c\n iomap_writepage_end_bio+0x38/0x50\n bio_endio+0x168/0x1ec\n blk_update_request+0x278/0x3f0\n blk_mq_end_request+0x34/0x15c\n virtblk_request_done+0x38/0x74 [virtio_blk]\n blk_done_softirq+0xc4/0x110\n __do_softirq+0x128/0x38c\n __irq_exit_rcu+0x118/0x150\n irq_exit+0x1c/0x30\n __handle_domain_irq+0x8c/0xf0\n gic_handle_irq+0x84/0x108\n el1_irq+0xcc/0x180\n arch_cpu_idle+0x18/0x40\n default_idle_call+0x4c/0x1a0\n cpuidle_idle_call+0x168/0x1e0\n do_idle+0xb4/0x104\n cpu_startup_entry+0x30/0x9c\n secondary_start_kernel+0x104/0x180\n Code: d4210000 b0006161 910c8021 94013f4d (d4210000)\n ---[ end trace 4a88c6a074082f8c ]---\n Kernel panic - not syncing: Oops - BUG: Fatal exception in interrupt"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "99cb0dbd47a1",
"version_value": "69a7fa5cb0de"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca"
},
{
"url": "https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc"
},
{
"url": "https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

93
2021/47xxx/CVE-2021-47493.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47493",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix race between searching chunks and release journal_head from buffer_head\n\nEncountered a race between ocfs2_test_bg_bit_allocatable() and\njbd2_journal_put_journal_head() resulting in the below vmcore.\n\n PID: 106879 TASK: ffff880244ba9c00 CPU: 2 COMMAND: \"loop3\"\n Call trace:\n panic\n oops_end\n no_context\n __bad_area_nosemaphore\n bad_area_nosemaphore\n __do_page_fault\n do_page_fault\n page_fault\n [exception RIP: ocfs2_block_group_find_clear_bits+316]\n ocfs2_block_group_find_clear_bits [ocfs2]\n ocfs2_cluster_group_search [ocfs2]\n ocfs2_search_chain [ocfs2]\n ocfs2_claim_suballoc_bits [ocfs2]\n __ocfs2_claim_clusters [ocfs2]\n ocfs2_claim_clusters [ocfs2]\n ocfs2_local_alloc_slide_window [ocfs2]\n ocfs2_reserve_local_alloc_bits [ocfs2]\n ocfs2_reserve_clusters_with_limit [ocfs2]\n ocfs2_reserve_clusters [ocfs2]\n ocfs2_lock_refcount_allocators [ocfs2]\n ocfs2_make_clusters_writable [ocfs2]\n ocfs2_replace_cow [ocfs2]\n ocfs2_refcount_cow [ocfs2]\n ocfs2_file_write_iter [ocfs2]\n lo_rw_aio\n loop_queue_work\n kthread_worker_fn\n kthread\n ret_from_fork\n\nWhen ocfs2_test_bg_bit_allocatable() called bh2jh(bg_bh), the\nbg_bh->b_private NULL as jbd2_journal_put_journal_head() raced and\nreleased the jounal head from the buffer head. Needed to take bit lock\nfor the bit 'BH_JournalHead' to fix this race."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "5043fbd294f5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7"
},
{
"url": "https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2"
},
{
"url": "https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2021/47xxx/CVE-2021-47494.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47494",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: fix management registrations locking\n\nThe management registrations locking was broken, the list was\nlocked for each wdev, but cfg80211_mgmt_registrations_update()\niterated it without holding all the correct spinlocks, causing\nlist corruption.\n\nRather than trying to fix it with fine-grained locking, just\nmove the lock to the wiphy/rdev (still need the list on each\nwdev), we already need to hold the wdev lock to change it, so\nthere's no contention on the lock in any case. This trivially\nfixes the bug since we hold one wdev's lock already, and now\nwill hold the lock that protects all lists."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6cd536fe62ef",
"version_value": "4c22227e39c7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4"
},
{
"url": "https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e"
},
{
"url": "https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

148
2021/47xxx/CVE-2021-47495.json
View File

@ -1,18 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "b9eba0a4a527"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.4.291",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.289",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.254",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.215",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.157",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e"
},
{
"url": "https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767"
},
{
"url": "https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4"
},
{
"url": "https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed"
},
{
"url": "https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20"
},
{
"url": "https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a"
},
{
"url": "https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5"
},
{
"url": "https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2021/47xxx/CVE-2021-47496.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47496",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk->sk_err appears to expect a positive value, a convention that ktls\ndoesn't always follow and that leads to memory corruption in other code.\nFor instance,\n\n [kworker]\n tls_encrypt_done(..., err=<negative error from crypto request>)\n tls_err_abort(.., err)\n sk->sk_err = err;\n\n [task]\n splice_from_pipe_feed\n ...\n tls_sw_do_sendpage\n if (sk->sk_err) {\n ret = -sk->sk_err; // ret is positive\n\n splice_from_pipe_feed (continued)\n ret = actor(...) // ret is still positive and interpreted as bytes\n // written, resulting in underflow of buf->len and\n // sd->len, leading to huge buf->offset and bogus\n // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c46234ebb4d1",
"version_value": "e0cfd5159f31"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.17",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.157",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.77",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.16",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb"
},
{
"url": "https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19"
},
{
"url": "https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a"
},
{
"url": "https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2021/47xxx/CVE-2021-47497.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47497",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic\n\n *p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type 'unsigned long'\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n dump_backtrace+0x0/0x170\n show_stack+0x24/0x30\n dump_stack_lvl+0x64/0x7c\n dump_stack+0x18/0x38\n ubsan_epilogue+0x10/0x54\n __ubsan_handle_shift_out_of_bounds+0x180/0x194\n __nvmem_cell_read+0x1ec/0x21c\n nvmem_cell_read+0x58/0x94\n nvmem_cell_read_variable_common+0x4c/0xb0\n nvmem_cell_read_variable_le_u32+0x40/0x100\n a6xx_gpu_init+0x170/0x2f4\n adreno_bind+0x174/0x284\n component_bind_all+0xf0/0x264\n msm_drm_bind+0x1d8/0x7a0\n try_to_bring_up_master+0x164/0x1ac\n __component_add+0xbc/0x13c\n component_add+0x20/0x2c\n dp_display_probe+0x340/0x384\n platform_probe+0xc0/0x100\n really_probe+0x110/0x304\n __driver_probe_device+0xb8/0x120\n driver_probe_device+0x4c/0xfc\n __device_attach_driver+0xb0/0x128\n bus_for_each_drv+0x90/0xdc\n __device_attach+0xc8/0x174\n device_initial_probe+0x20/0x2c\n bus_probe_device+0x40/0xa4\n deferred_probe_work_func+0x7c/0xb8\n process_one_work+0x128/0x21c\n process_scheduled_works+0x40/0x54\n worker_thread+0x1ec/0x2a8\n kthread+0x138/0x158\n ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "69aba7948cbe",
"version_value": "abcb8d33e4d2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.4.290",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.9.288",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.252",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.213",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.155",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.75",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.14",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97"
},
{
"url": "https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df"
},
{
"url": "https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df"
},
{
"url": "https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca"
},
{
"url": "https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082"
},
{
"url": "https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66"
},
{
"url": "https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae"
},
{
"url": "https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

82
2021/47xxx/CVE-2021-47498.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47498",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: don't queue request to blk-mq during DM suspend\n\nDM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue.\n\nBut blk-mq's unquiesce may come from outside events, such as elevator\nswitch, updating nr_requests or others, and request may come during\nsuspend, so simply ask for blk-mq to requeue it.\n\nFixes one kernel panic issue when running updating nr_requests and\ndm-mpath suspend/resume stress test."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "8ca9745efe35"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14.14",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351"
},
{
"url": "https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

75
2024/2xxx/CVE-2024-2036.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ApplyOnline \u2013 Application Form Builder and Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aol_modal_box AJAX action in all versions up to, and including, 2.6. This makes it possible for authenticated attackers, with subscriber access or higher, to view Application submissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "farhannoor",
"product": {
"product_data": [
{
"product_name": "ApplyOnline \u2013 Application Form Builder and Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3eff4992-dbd4-4b9b-872e-1670ce7dab9d?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3eff4992-dbd4-4b9b-872e-1670ce7dab9d?source=cve"
},
{
"url": "https://wordpress.org/plugins/apply-online/",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/apply-online/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Lucio S\u00e1"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

18
2024/33xxx/CVE-2024-33610.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-33610",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

85
2024/3xxx/CVE-2024-3495.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the \u2018cnt\u2019 and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "trustyplugins",
"product": {
"product_data": [
{
"product_name": "Country State City Dropdown CF7",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.7.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17dcacaf-0e2a-4bef-b944-fb7e43d25777?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17dcacaf-0e2a-4bef-b944-fb7e43d25777?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/country-state-city-auto-dropdown/trunk/includes/ajax-actions.php#L8",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/country-state-city-auto-dropdown/trunk/includes/ajax-actions.php#L8"
},
{
"url": "https://plugins.trac.wordpress.org/browser/country-state-city-auto-dropdown/trunk/includes/ajax-actions.php#L22",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/country-state-city-auto-dropdown/trunk/includes/ajax-actions.php#L22"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3089374%40country-state-city-auto-dropdown%2Ftrunk&old=3068802%40country-state-city-auto-dropdown%2Ftrunk&sfp_email=&sfph_mail=",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3089374%40country-state-city-auto-dropdown%2Ftrunk&old=3068802%40country-state-city-auto-dropdown%2Ftrunk&sfp_email=&sfph_mail="
}
]
},
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
]
}

80
2024/4xxx/CVE-2024-4362.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions up to, and including, 1.60.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "gpriday",
"product": {
"product_data": [
{
"product_name": "SiteOrigin Widgets Bundle",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.60.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7926ec6-3441-4062-93b2-6c2120c9f406?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7926ec6-3441-4062-93b2-6c2120c9f406?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/base/inc/shortcode.php#L27",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/base/inc/shortcode.php#L27"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3088997/so-widgets-bundle/trunk/base/inc/shortcode.php",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3088997/so-widgets-bundle/trunk/base/inc/shortcode.php"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthew Rollings"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

80
2024/4xxx/CVE-2024-4896.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4896",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WPB Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wpbean",
"product": {
"product_data": [
{
"product_name": "WPB Elementor Addons",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.0.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/103dea33-0c30-460e-80e4-fead18928a62?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/103dea33-0c30-460e-80e4-fead18928a62?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpb-elementor-addons/trunk/templates/videos_grid.php#L323",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/wpb-elementor-addons/trunk/templates/videos_grid.php#L323"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3088737/#file26",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3088737/#file26"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthew Rollings"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

75
2024/5xxx/CVE-2024-5025.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5025",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Memberpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018arglist\u2019 parameter in all versions up to, and including, 1.11.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MemberPress",
"product": {
"product_data": [
{
"product_name": "Memberpress",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.11.29"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f147641a-f430-4743-901e-539373dc10b7?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f147641a-f430-4743-901e-539373dc10b7?source=cve"
},
{
"url": "https://memberpress.com/change-log/",
"refsource": "MISC",
"name": "https://memberpress.com/change-log/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthew Rollings"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

75
2024/5xxx/CVE-2024-5031.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5031",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MemberPress",
"product": {
"product_data": [
{
"product_name": "Memberpress",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.11.29"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80064e3b-6996-49eb-a475-0ffe0e894f9e?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80064e3b-6996-49eb-a475-0ffe0e894f9e?source=cve"
},
{
"url": "https://memberpress.com/change-log/",
"refsource": "MISC",
"name": "https://memberpress.com/change-log/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthew Rollings"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"baseScore": 8.5,
"baseSeverity": "HIGH"
}
]
}