admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-02-26 02:07:09 +00:00
parent 4d7f4feb51
commit 5ab9d07c87
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
6 changed files with 826 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
2022/49xxx/CVE-2022-49289.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuaccess: fix integer overflow on access_ok()\n\nThree architectures check the end of a user access against the\naddress limit without taking a possible overflow into account.\nPassing a negative length or another overflow in here returns\nsuccess when it should not.\n\nUse the most common correct implementation here, which optimizes\nfor a constant 'size' argument, and turns the common case into a\nsingle comparison."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7567746e1c0d66ac0ef8a9d8816ca694462c7370",
"version_value": "e65d28d4e9bf90a35ba79c06661a572a38391dec"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.32",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.18",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.1",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e65d28d4e9bf90a35ba79c06661a572a38391dec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e65d28d4e9bf90a35ba79c06661a572a38391dec"
},
{
"url": "https://git.kernel.org/stable/c/99801e2f457824955da4aadaa035913a6dede03a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/99801e2f457824955da4aadaa035913a6dede03a"
},
{
"url": "https://git.kernel.org/stable/c/a1ad747fc1a0e06d1bf26b996ee8a56b5c8d02d8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1ad747fc1a0e06d1bf26b996ee8a56b5c8d02d8"
},
{
"url": "https://git.kernel.org/stable/c/222ca305c9fd39e5ed8104da25c09b2b79a516a8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/222ca305c9fd39e5ed8104da25c09b2b79a516a8"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

189
2022/49xxx/CVE-2022-49290.json
View File

@ -1,18 +1,199 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49290",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix potential double free on mesh join\n\nWhile commit 6a01afcf8468 (\"mac80211: mesh: Free ie data when leaving\nmesh\") fixed a memory leak on mesh leave / teardown it introduced a\npotential memory corruption caused by a double free when rejoining the\nmesh:\n\n ieee80211_leave_mesh()\n -> kfree(sdata->u.mesh.ie);\n ...\n ieee80211_join_mesh()\n -> copy_mesh_setup()\n -> old_ie = ifmsh->ie;\n -> kfree(old_ie);\n\nThis double free / kernel panics can be reproduced by using wpa_supplicant\nwith an encrypted mesh (if set up without encryption via \"iw\" then\nifmsh->ie is always NULL, which avoids this issue). And then calling:\n\n $ iw dev mesh0 mesh leave\n $ iw dev mesh0 mesh join my-mesh\n\nNote that typically these commands are not used / working when using\nwpa_supplicant. And it seems that wpa_supplicant or wpa_cli are going\nthrough a NETDEV_DOWN/NETDEV_UP cycle between a mesh leave and mesh join\nwhere the NETDEV_UP resets the mesh.ie to NULL via a memcpy of\ndefault_mesh_setup in cfg80211_netdev_notifier_call, which then avoids\nthe memory corruption, too.\n\nThe issue was first observed in an application which was not using\nwpa_supplicant but \"Senf\" instead, which implements its own calls to\nnl80211.\n\nFixing the issue by removing the kfree()'ing of the mesh IE in the mesh\njoin function and leaving it solely up to the mesh leave to free the\nmesh IE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3212d6248faf0efce6b7a718e198feecce0eea05",
"version_value": "615716af8644813355e014314a0bc1e961250f5a"
},
{
"version_affected": "<",
"version_name": "86e7d4cd2ed5f4b0188afce8199faffcf1ae7c7e",
"version_value": "c1d9c3628ef0a0ca197595d0f9e01cd3b5dda186"
},
{
"version_affected": "<",
"version_name": "37bccfa89559a70c044b5ccde3c916a91388e14a",
"version_value": "273ebddc5fda2967492cb0b6cdd7d81cfb821b76"
},
{
"version_affected": "<",
"version_name": "3f15e3e62c80e180282f0cbc5559264e11c328b7",
"version_value": "3bbd0000d012f92aec423b224784fbf0f7bf40f8"
},
{
"version_affected": "<",
"version_name": "6a01afcf8468d3ca2bd8bbb27503f60dcf643b20",
"version_value": "5d3ff9542a40ce034416bca03864709540a36016"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.309",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.274",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.237",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.188",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.109",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.32",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.18",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.1",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/615716af8644813355e014314a0bc1e961250f5a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/615716af8644813355e014314a0bc1e961250f5a"
},
{
"url": "https://git.kernel.org/stable/c/c1d9c3628ef0a0ca197595d0f9e01cd3b5dda186",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c1d9c3628ef0a0ca197595d0f9e01cd3b5dda186"
},
{
"url": "https://git.kernel.org/stable/c/273ebddc5fda2967492cb0b6cdd7d81cfb821b76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/273ebddc5fda2967492cb0b6cdd7d81cfb821b76"
},
{
"url": "https://git.kernel.org/stable/c/3bbd0000d012f92aec423b224784fbf0f7bf40f8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3bbd0000d012f92aec423b224784fbf0f7bf40f8"
},
{
"url": "https://git.kernel.org/stable/c/5d3ff9542a40ce034416bca03864709540a36016",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d3ff9542a40ce034416bca03864709540a36016"
},
{
"url": "https://git.kernel.org/stable/c/12e407a8ef17623823fd0c066fbd7f103953d28d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12e407a8ef17623823fd0c066fbd7f103953d28d"
},
{
"url": "https://git.kernel.org/stable/c/582d8c60c0c053684f7138875e8150d5749ffc17",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/582d8c60c0c053684f7138875e8150d5749ffc17"
},
{
"url": "https://git.kernel.org/stable/c/46bb87d40683337757a2f902fcd4244b32bb4e86",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46bb87d40683337757a2f902fcd4244b32bb4e86"
},
{
"url": "https://git.kernel.org/stable/c/4a2d4496e15ea5bb5c8e83b94ca8ca7fb045e7d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4a2d4496e15ea5bb5c8e83b94ca8ca7fb045e7d3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

148
2022/49xxx/CVE-2022-49291.json
View File

@ -1,18 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49291",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix races among concurrent hw_params and hw_free calls\n\nCurrently we have neither proper check nor protection against the\nconcurrent calls of PCM hw_params and hw_free ioctls, which may result\nin a UAF. Since the existing PCM stream lock can't be used for\nprotecting the whole ioctl operations, we need a new mutex to protect\nthose racy calls.\n\nThis patch introduced a new mutex, runtime->buffer_mutex, and applies\nit to both hw_params and hw_free ioctl code paths. Along with it, the\nboth functions are slightly modified (the mmap_count check is moved\ninto the state-check block) for code simplicity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a42aa926843acca96c0dfbde2e835b8137f2f092"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.14.279",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.243",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.193",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.109",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.32",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.18",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.1",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a42aa926843acca96c0dfbde2e835b8137f2f092",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a42aa926843acca96c0dfbde2e835b8137f2f092"
},
{
"url": "https://git.kernel.org/stable/c/9cb6c40a6ebe4a0cfc9d6a181958211682cffea9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9cb6c40a6ebe4a0cfc9d6a181958211682cffea9"
},
{
"url": "https://git.kernel.org/stable/c/fbeb492694ce0441053de57699e1e2b7bc148a69",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fbeb492694ce0441053de57699e1e2b7bc148a69"
},
{
"url": "https://git.kernel.org/stable/c/0f6947f5f5208f6ebd4d76a82a4757e2839a23f8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0f6947f5f5208f6ebd4d76a82a4757e2839a23f8"
},
{
"url": "https://git.kernel.org/stable/c/33061d0fba51d2bf70a2ef9645f703c33fe8e438",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/33061d0fba51d2bf70a2ef9645f703c33fe8e438"
},
{
"url": "https://git.kernel.org/stable/c/0090c13cbbdffd7da079ac56f80373a9a1be0bf8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0090c13cbbdffd7da079ac56f80373a9a1be0bf8"
},
{
"url": "https://git.kernel.org/stable/c/1bbf82d9f961414d6c76a08f7f843ea068e0ab7b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1bbf82d9f961414d6c76a08f7f843ea068e0ab7b"
},
{
"url": "https://git.kernel.org/stable/c/92ee3c60ec9fe64404dc035e7c41277d74aa26cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92ee3c60ec9fe64404dc035e7c41277d74aa26cb"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

137
2022/49xxx/CVE-2022-49292.json
View File

@ -1,18 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49292",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: oss: Fix PCM OSS buffer allocation overflow\n\nWe've got syzbot reports hitting INT_MAX overflow at vmalloc()\nallocation that is called from snd_pcm_plug_alloc(). Although we\napply the restrictions to input parameters, it's based only on the\nhw_params of the underlying PCM device. Since the PCM OSS layer\nallocates a temporary buffer for the data conversion, the size may\nbecome unexpectedly large when more channels or higher rates is given;\nin the reported case, it went over INT_MAX, hence it hits WARN_ON().\n\nThis patch is an attempt to avoid such an overflow and an allocation\nfor too large buffers. First off, it adds the limit of 1MB as the\nupper bound for period bytes. This must be large enough for all use\ncases, and we really don't want to handle a larger temporary buffer\nthan this size. The size check is performed at two places, where the\noriginal period bytes is calculated and where the plugin buffer size\nis calculated.\n\nIn addition, the driver uses array_size() and array3_size() for\nmultiplications to catch overflows for the converted period size and\nbuffer bytes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a63af1baf0a5e11827db60e3127f87e437cab6e5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.237",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.188",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.109",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.32",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.18",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.1",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a63af1baf0a5e11827db60e3127f87e437cab6e5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a63af1baf0a5e11827db60e3127f87e437cab6e5"
},
{
"url": "https://git.kernel.org/stable/c/0c4190b41a69990666b4000999e27f8f1b2a426b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c4190b41a69990666b4000999e27f8f1b2a426b"
},
{
"url": "https://git.kernel.org/stable/c/5ce74ff7059341d8b2f4d01c3383491df63d1898",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5ce74ff7059341d8b2f4d01c3383491df63d1898"
},
{
"url": "https://git.kernel.org/stable/c/7a40cbf3579a8e14849ba7ce46309c1992658d2b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a40cbf3579a8e14849ba7ce46309c1992658d2b"
},
{
"url": "https://git.kernel.org/stable/c/fb08bf99195a87c798bc8ae1357337a981faeade",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fb08bf99195a87c798bc8ae1357337a981faeade"
},
{
"url": "https://git.kernel.org/stable/c/e74a069c6a7bb505f3ade141dddf85f4b0b5145a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e74a069c6a7bb505f3ade141dddf85f4b0b5145a"
},
{
"url": "https://git.kernel.org/stable/c/efb6402c3c4a7c26d97c92d70186424097b6e366",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/efb6402c3c4a7c26d97c92d70186424097b6e366"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

169
2022/49xxx/CVE-2022-49293.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49293",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: initialize registers in nft_do_chain()\n\nInitialize registers to avoid stack leak into userspace."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "96518518cc417bb0a8c80b9fb736202e28acdf96",
"version_value": "4d28522acd1c4415c85f6b33463713a268f68965"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.13",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.309",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.274",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.237",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.188",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.109",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.32",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.18",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.1",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4d28522acd1c4415c85f6b33463713a268f68965",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4d28522acd1c4415c85f6b33463713a268f68965"
},
{
"url": "https://git.kernel.org/stable/c/a3cc32863b175168283cb0a5fde08de6a1e27df9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a3cc32863b175168283cb0a5fde08de6a1e27df9"
},
{
"url": "https://git.kernel.org/stable/c/88791b79a1eb2ba94e95d039243e28433583a67b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/88791b79a1eb2ba94e95d039243e28433583a67b"
},
{
"url": "https://git.kernel.org/stable/c/06f0ff82c70241a766a811ae1acf07d6e2734dcb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/06f0ff82c70241a766a811ae1acf07d6e2734dcb"
},
{
"url": "https://git.kernel.org/stable/c/2c74374c2e88c7b7992bf808d9f9391f7452f9d9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2c74374c2e88c7b7992bf808d9f9391f7452f9d9"
},
{
"url": "https://git.kernel.org/stable/c/fafb904156fbb8f1dd34970cd5223e00b47c33be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fafb904156fbb8f1dd34970cd5223e00b47c33be"
},
{
"url": "https://git.kernel.org/stable/c/64f24c76dd0ce53d0fa3a0bfb9aeea507c769485",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/64f24c76dd0ce53d0fa3a0bfb9aeea507c769485"
},
{
"url": "https://git.kernel.org/stable/c/dd03640529204ef4b8189fbdea08217d8d98271f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd03640529204ef4b8189fbdea08217d8d98271f"
},
{
"url": "https://git.kernel.org/stable/c/4c905f6740a365464e91467aa50916555b28213d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4c905f6740a365464e91467aa50916555b28213d"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2025/0xxx/CVE-2025-0235.json
View File

@ -1,17 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0235",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Canon Inc.",
"product": {
"product_data": [
{
"product_name": "Generic PCL6 V4 Printer Driver",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1 and earlier"
}
]
}
},
{
"product_name": "Generic UFR II V4 Printer Driver",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1 and earlier"
}
]
}
},
{
"product_name": "Generic LIPSLX V4 Printer Driver",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://psirt.canon/advisory-information/cp2025-002/",
"refsource": "MISC",
"name": "https://psirt.canon/advisory-information/cp2025-002/"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}