admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-17 10:00:35 +00:00
parent faa75260c1
commit 754db57c31
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
96 changed files with 10332 additions and 198 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
2023/0xxx/CVE-2023-0714.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0714",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. This allows unauthenticated visitors to perform a \"double extension\" attack and upload files containing a malicious extension but ending with a benign extension, which may make remote code execution possible in some configurations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"cweId": "CWE-434"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "xpeedstudio",
"product": {
"product_data": [
{
"product_name": "MetForm \u2013 Contact Form, Survey, Quiz, & Custom Form Builder for Elementor",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "3.2.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2896914/",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/2896914/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ramuel Gall"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH"
}
]
}

76
2023/3xxx/CVE-2023-3416.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3416",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'subscriptionCouponId' parameter via the 'create_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TagDiv",
"product": {
"product_data": [
{
"product_name": "tagDiv Opt-In Builder",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.4.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7659ac9b-fa4e-4cb7-9887-38aa65b6d1c3?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7659ac9b-fa4e-4cb7-9887-38aa65b6d1c3?source=cve"
},
{
"url": "https://tagdiv.com/tagdiv-opt-in-builder/",
"refsource": "MISC",
"name": "https://tagdiv.com/tagdiv-opt-in-builder/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Truoc Phan"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}

76
2023/3xxx/CVE-2023-3419.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3419",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'couponId' parameter of the 'recreate_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TagDiv",
"product": {
"product_data": [
{
"product_name": "tagDiv Opt-In Builder",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.4.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17150263-261d-422f-8b36-a2981d4aaad3?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17150263-261d-422f-8b36-a2981d4aaad3?source=cve"
},
{
"url": "https://tagdiv.com/tagdiv-opt-in-builder/",
"refsource": "MISC",
"name": "https://tagdiv.com/tagdiv-opt-in-builder/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Truoc Phan"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}

114
2023/52xxx/CVE-2023-52889.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52889",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: Fix null pointer deref when receiving skb during sock creation\n\nThe panic below is observed when receiving ICMP packets with secmark set\nwhile an ICMP raw socket is being created. SK_CTX(sk)->label is updated\nin apparmor_socket_post_create(), but the packet is delivered to the\nsocket before that, causing the null pointer dereference.\nDrop the packet if label context is not set.\n\n BUG: kernel NULL pointer dereference, address: 000000000000004c\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 407 Comm: a.out Not tainted 6.4.12-arch1-1 #1 3e6fa2753a2d75925c34ecb78e22e85a65d083df\n Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/28/2020\n RIP: 0010:aa_label_next_confined+0xb/0x40\n Code: 00 00 48 89 ef e8 d5 25 0c 00 e9 66 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 89 f0 <8b> 77 4c 39 c6 7e 1f 48 63 d0 48 8d 14 d7 eb 0b 83 c0 01 48 83 c2\n RSP: 0018:ffffa92940003b08 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000e\n RDX: ffffa92940003be8 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff8b57471e7800 R08: ffff8b574c642400 R09: 0000000000000002\n R10: ffffffffbd820eeb R11: ffffffffbeb7ff00 R12: ffff8b574c642400\n R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000000\n FS: 00007fb092ea7640(0000) GS:ffff8b577bc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000004c CR3: 00000001020f2005 CR4: 00000000007706f0\n PKRU: 55555554\n Call Trace:\n <IRQ>\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? aa_label_next_confined+0xb/0x40\n apparmor_secmark_check+0xec/0x330\n security_sock_rcv_skb+0x35/0x50\n sk_filter_trim_cap+0x47/0x250\n sock_queue_rcv_skb_reason+0x20/0x60\n raw_rcv+0x13c/0x210\n raw_local_deliver+0x1f3/0x250\n ip_protocol_deliver_rcu+0x4f/0x2f0\n ip_local_deliver_finish+0x76/0xa0\n __netif_receive_skb_one_core+0x89/0xa0\n netif_receive_skb+0x119/0x170\n ? __netdev_alloc_skb+0x3d/0x140\n vmxnet3_rq_rx_complete+0xb23/0x1010 [vmxnet3 56a84f9c97178c57a43a24ec073b45a9d6f01f3a]\n vmxnet3_poll_rx_only+0x36/0xb0 [vmxnet3 56a84f9c97178c57a43a24ec073b45a9d6f01f3a]\n __napi_poll+0x28/0x1b0\n net_rx_action+0x2a4/0x380\n __do_softirq+0xd1/0x2c8\n __irq_exit_rcu+0xbb/0xf0\n common_interrupt+0x86/0xa0\n </IRQ>\n <TASK>\n asm_common_interrupt+0x26/0x40\n RIP: 0010:apparmor_socket_post_create+0xb/0x200\n Code: 08 48 85 ff 75 a1 eb b1 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 <55> 48 89 fd 53 45 85 c0 0f 84 b2 00 00 00 48 8b 1d 80 56 3f 02 48\n RSP: 0018:ffffa92940ce7e50 EFLAGS: 00000286\n RAX: ffffffffbc756440 RBX: 0000000000000000 RCX: 0000000000000001\n RDX: 0000000000000003 RSI: 0000000000000002 RDI: ffff8b574eaab740\n RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff8b57444cec70 R11: 0000000000000000 R12: 0000000000000003\n R13: 0000000000000002 R14: ffff8b574eaab740 R15: ffffffffbd8e4748\n ? __pfx_apparmor_socket_post_create+0x10/0x10\n security_socket_post_create+0x4b/0x80\n __sock_create+0x176/0x1f0\n __sys_socket+0x89/0x100\n __x64_sys_socket+0x17/0x20\n do_syscall_64+0x5d/0x90\n ? do_syscall_64+0x6c/0x90\n ? do_syscall_64+0x6c/0x90\n ? do_syscall_64+0x6c/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ab9f2115081a",
"version_value": "ead2ad1d9f04"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ead2ad1d9f045f26fdce3ef1644913b3a6cd38f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ead2ad1d9f045f26fdce3ef1644913b3a6cd38f2"
},
{
"url": "https://git.kernel.org/stable/c/6c920754f62cefc63fccdc38a062c7c3452e2961",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c920754f62cefc63fccdc38a062c7c3452e2961"
},
{
"url": "https://git.kernel.org/stable/c/46c17ead5b7389e22e7dc9903fd0ba865d05bda2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46c17ead5b7389e22e7dc9903fd0ba865d05bda2"
},
{
"url": "https://git.kernel.org/stable/c/fce09ea314505a52f2436397608fa0a5d0934fb1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fce09ea314505a52f2436397608fa0a5d0934fb1"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42276.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42276",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: add missing condition check for existence of mapped data\n\nnvme_map_data() is called when request has physical segments, hence\nthe nvme_unmap_data() should have same condition to avoid dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4aedb705437f",
"version_value": "d135c3352f7c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d135c3352f7c947a922da93c8e763ee6bc208b64",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d135c3352f7c947a922da93c8e763ee6bc208b64"
},
{
"url": "https://git.kernel.org/stable/c/77848b379e9f85a08048a2c8b3b4a7e8396f5f83",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/77848b379e9f85a08048a2c8b3b4a7e8396f5f83"
},
{
"url": "https://git.kernel.org/stable/c/70100fe721840bf6d8e5abd25b8bffe4d2e049b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70100fe721840bf6d8e5abd25b8bffe4d2e049b7"
},
{
"url": "https://git.kernel.org/stable/c/c31fad1470389666ac7169fe43aa65bf5b7e2cfd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c31fad1470389666ac7169fe43aa65bf5b7e2cfd"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

119
2024/42xxx/CVE-2024-42277.json
View File

@ -1,18 +1,129 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42277",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: sprd: Avoid NULL deref in sprd_iommu_hw_en\n\nIn sprd_iommu_cleanup() before calling function sprd_iommu_hw_en()\ndom->sdev is equal to NULL, which leads to null dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8745f3592ee4",
"version_value": "dfe90030a0cf"
},
{
"version_affected": "<",
"version_name": "9afea57384d4",
"version_value": "b62841e49a2b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dfe90030a0cfa26dca4cb6510de28920e5ad22fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dfe90030a0cfa26dca4cb6510de28920e5ad22fb"
},
{
"url": "https://git.kernel.org/stable/c/b62841e49a2b7938f6fdeaaf93fb57e4eb880bdb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b62841e49a2b7938f6fdeaaf93fb57e4eb880bdb"
},
{
"url": "https://git.kernel.org/stable/c/d5fe884ce28c5005f8582c35333c195a168f841c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d5fe884ce28c5005f8582c35333c195a168f841c"
},
{
"url": "https://git.kernel.org/stable/c/630482ee0653decf9e2482ac6181897eb6cde5b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/630482ee0653decf9e2482ac6181897eb6cde5b8"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

108
2024/42xxx/CVE-2024-42278.json
View File

@ -1,18 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42278",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: TAS2781: Fix tasdev_load_calibrated_data()\n\nThis function has a reversed if statement so it's either a no-op or it\nleads to a NULL dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "57847c2ec5fb",
"version_value": "6d98741dbd13"
},
{
"version_affected": "<",
"version_name": "b195acf5266d",
"version_value": "51be301d29d6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6d98741dbd1309a6f2d7cffbb10a8f036ec3ca06",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d98741dbd1309a6f2d7cffbb10a8f036ec3ca06"
},
{
"url": "https://git.kernel.org/stable/c/51be301d29d674ff328dfcf23705851f326f35b3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/51be301d29d674ff328dfcf23705851f326f35b3"
},
{
"url": "https://git.kernel.org/stable/c/92c78222168e9035a9bfb8841c2e56ce23e51f73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92c78222168e9035a9bfb8841c2e56ce23e51f73"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

103
2024/42xxx/CVE-2024-42279.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42279",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer\n\nWhile transmitting with rx_len == 0, the RX FIFO is not going to be\nemptied in the interrupt handler. A subsequent transfer could then\nread crap from the previous transfer out of the RX FIFO into the\nstart RX buffer. The core provides a register that will empty the RX and\nTX FIFOs, so do that before each transfer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9ac8d17694b6",
"version_value": "3feda3677e8b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80"
},
{
"url": "https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75"
},
{
"url": "https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42280.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: Fix a use after free in hfcmulti_tx()\n\nDon't dereference *sp after calling dev_kfree_skb(*sp)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "af69fb3a8ffa",
"version_value": "4d8b642985ae"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.27",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.27",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4d8b642985ae24f4b3656438eb8489834a17bb80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4d8b642985ae24f4b3656438eb8489834a17bb80"
},
{
"url": "https://git.kernel.org/stable/c/ddc79556641ee070d36be0de4a1f0a16a71f1fc7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ddc79556641ee070d36be0de4a1f0a16a71f1fc7"
},
{
"url": "https://git.kernel.org/stable/c/7e4a539bca7d8d20f2c5d93c18cce8ef77cd78e0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7e4a539bca7d8d20f2c5d93c18cce8ef77cd78e0"
},
{
"url": "https://git.kernel.org/stable/c/61ab751451f5ebd0b98e02276a44e23a10110402",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/61ab751451f5ebd0b98e02276a44e23a10110402"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42281.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42281",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a segment issue when downgrading gso_size\n\nLinearize the skb when downgrading gso_size because it may trigger a\nBUG_ON() later when the skb is segmented as described in [1,2]."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2be7e212d541",
"version_value": "11ec79f5c7f7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2"
},
{
"url": "https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf"
},
{
"url": "https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733"
},
{
"url": "https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33aa27028",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33aa27028"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42282.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42282",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mediatek: Fix potential NULL pointer dereference in dummy net_device handling\n\nMove the freeing of the dummy net_device from mtk_free_dev() to\nmtk_remove().\n\nPreviously, if alloc_netdev_dummy() failed in mtk_probe(),\neth->dummy_dev would be NULL. The error path would then call\nmtk_free_dev(), which in turn called free_netdev() assuming dummy_dev\nwas allocated (but it was not), potentially causing a NULL pointer\ndereference.\n\nBy moving free_netdev() to mtk_remove(), we ensure it's only called when\nmtk_probe() has succeeded and dummy_dev is fully allocated. This\naddresses a potential NULL pointer dereference detected by Smatch[1]."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b209bd6d0bff",
"version_value": "af6bd5c9901b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/af6bd5c9901b13a26eaf4d57d97a813297791596",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/af6bd5c9901b13a26eaf4d57d97a813297791596"
},
{
"url": "https://git.kernel.org/stable/c/16f3a28cf5f876a7f3550d8f4c870a7b41bcfaef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16f3a28cf5f876a7f3550d8f4c870a7b41bcfaef"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42283.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42283",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: Initialize all fields in dumped nexthops\n\nstruct nexthop_grp contains two reserved fields that are not initialized by\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\nstrace (edited for clarity):\n\n # ip nexthop add id 1 dev lo\n # ip nexthop add id 101 group 1\n # strace -e recvmsg ip nexthop get id 101\n ...\n recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\n [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\n\nThe fields are reserved and therefore not currently used. But as they are, they\nleak kernel memory, and the fact they are not just zero complicates repurposing\nof the fields for new ends. Initialize the full structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "430a049190de",
"version_value": "1377de719652"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b"
},
{
"url": "https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb"
},
{
"url": "https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96"
},
{
"url": "https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528aea18add2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528aea18add2"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42284.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42284",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Return non-zero value from tipc_udp_addr2str() on error\n\ntipc_udp_addr2str() should return non-zero value if the UDP media\naddress is invalid. Otherwise, a buffer overflow access can occur in\ntipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP\nmedia address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d0f91938bede",
"version_value": "728734352743"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813"
},
{
"url": "https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28"
},
{
"url": "https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62a"
},
{
"url": "https://git.kernel.org/stable/c/fa96c6baef1b5385e2f0c0677b32b3839e716076",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fa96c6baef1b5385e2f0c0677b32b3839e716076"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42285.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42285",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix a use-after-free related to destroying CM IDs\n\niw_conn_req_handler() associates a new struct rdma_id_private (conn_id) with\nan existing struct iw_cm_id (cm_id) as follows:\n\n conn_id->cm_id.iw = cm_id;\n cm_id->context = conn_id;\n cm_id->cm_handler = cma_iw_handler;\n\nrdma_destroy_id() frees both the cm_id and the struct rdma_id_private. Make\nsure that cm_work_handler() does not trigger a use-after-free by only\nfreeing of the struct rdma_id_private after all pending work has finished."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "59c68ac31e15",
"version_value": "dc8074b8901c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dc8074b8901caabb97c2d353abd6b4e7fa5a59a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dc8074b8901caabb97c2d353abd6b4e7fa5a59a5"
},
{
"url": "https://git.kernel.org/stable/c/ff5bbbdee08287d75d72e65b72a2b76d9637892a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ff5bbbdee08287d75d72e65b72a2b76d9637892a"
},
{
"url": "https://git.kernel.org/stable/c/ee39384ee787e86e9db4efb843818ef0ea9cb8ae",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ee39384ee787e86e9db4efb843818ef0ea9cb8ae"
},
{
"url": "https://git.kernel.org/stable/c/aee2424246f9f1dadc33faa78990c1e2eb7826e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aee2424246f9f1dadc33faa78990c1e2eb7826e4"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42286.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42286",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: validate nvme_local_port correctly\n\nThe driver load failed with error message,\n\nqla2xxx [0000:04:00.0]-ffff:0: register_localport failed: ret=ffffffef\n\nand with a kernel crash,\n\n\tBUG: unable to handle kernel NULL pointer dereference at 0000000000000070\n\tWorkqueue: events_unbound qla_register_fcport_fn [qla2xxx]\n\tRIP: 0010:nvme_fc_register_remoteport+0x16/0x430 [nvme_fc]\n\tRSP: 0018:ffffaaa040eb3d98 EFLAGS: 00010282\n\tRAX: 0000000000000000 RBX: ffff9dfb46b78c00 RCX: 0000000000000000\n\tRDX: ffff9dfb46b78da8 RSI: ffffaaa040eb3e08 RDI: 0000000000000000\n\tRBP: ffff9dfb612a0a58 R08: ffffffffaf1d6270 R09: 3a34303a30303030\n\tR10: 34303a303030305b R11: 2078787832616c71 R12: ffff9dfb46b78dd4\n\tR13: ffff9dfb46b78c24 R14: ffff9dfb41525300 R15: ffff9dfb46b78da8\n\tFS: 0000000000000000(0000) GS:ffff9dfc67c00000(0000) knlGS:0000000000000000\n\tCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\tCR2: 0000000000000070 CR3: 000000018da10004 CR4: 00000000000206f0\n\tCall Trace:\n\tqla_nvme_register_remote+0xeb/0x1f0 [qla2xxx]\n\t? qla2x00_dfs_create_rport+0x231/0x270 [qla2xxx]\n\tqla2x00_update_fcport+0x2a1/0x3c0 [qla2xxx]\n\tqla_register_fcport_fn+0x54/0xc0 [qla2xxx]\n\nExit the qla_nvme_register_remote() function when qla_nvme_register_hba()\nfails and correctly validate nvme_local_port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "7cec2c3bfe84"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7cec2c3bfe84539c415f5e16f989228eba1d2f1e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7cec2c3bfe84539c415f5e16f989228eba1d2f1e"
},
{
"url": "https://git.kernel.org/stable/c/f6be298cc1042f24d521197af29c7c4eb95af4d5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f6be298cc1042f24d521197af29c7c4eb95af4d5"
},
{
"url": "https://git.kernel.org/stable/c/3eac973eb5cb2b874b3918f924798afc5affd46b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3eac973eb5cb2b874b3918f924798afc5affd46b"
},
{
"url": "https://git.kernel.org/stable/c/eb1d4ce2609584eeb7694866f34d4b213caa3af9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb1d4ce2609584eeb7694866f34d4b213caa3af9"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

119
2024/42xxx/CVE-2024-42287.json
View File

@ -1,18 +1,129 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42287",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Complete command early within lock\n\nA crash was observed while performing NPIV and FW reset,\n\n BUG: kernel NULL pointer dereference, address: 000000000000001c\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 1 PREEMPT_RT SMP NOPTI\n RIP: 0010:dma_direct_unmap_sg+0x51/0x1e0\n RSP: 0018:ffffc90026f47b88 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000000000002\n RDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff8881041130d0\n RBP: ffff8881041130d0 R08: 0000000000000000 R09: 0000000000000034\n R10: ffffc90026f47c48 R11: 0000000000000031 R12: 0000000000000000\n R13: 0000000000000000 R14: ffff8881565e4a20 R15: 0000000000000000\n FS: 00007f4c69ed3d00(0000) GS:ffff889faac80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000001c CR3: 0000000288a50002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n <TASK>\n ? __die_body+0x1a/0x60\n ? page_fault_oops+0x16f/0x4a0\n ? do_user_addr_fault+0x174/0x7f0\n ? exc_page_fault+0x69/0x1a0\n ? asm_exc_page_fault+0x22/0x30\n ? dma_direct_unmap_sg+0x51/0x1e0\n ? preempt_count_sub+0x96/0xe0\n qla2xxx_qpair_sp_free_dma+0x29f/0x3b0 [qla2xxx]\n qla2xxx_qpair_sp_compl+0x60/0x80 [qla2xxx]\n __qla2x00_abort_all_cmds+0xa2/0x450 [qla2xxx]\n\nThe command completion was done early while aborting the commands in driver\nunload path but outside lock to avoid the WARN_ON condition of performing\ndma_free_attr within the lock. However this caused race condition while\ncommand completion via multiple paths causing system crash.\n\nHence complete the command early in unload path but within the lock to\navoid race condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cd0a1804ac5b",
"version_value": "814f4a53cc86"
},
{
"version_affected": "<",
"version_name": "0367076b0817",
"version_value": "314efe3f8794"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/814f4a53cc86f7ea8b501bfb1723f24fd29ef5ee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/814f4a53cc86f7ea8b501bfb1723f24fd29ef5ee"
},
{
"url": "https://git.kernel.org/stable/c/314efe3f87949a568f512f05df20bf47b81cf232",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/314efe3f87949a568f512f05df20bf47b81cf232"
},
{
"url": "https://git.kernel.org/stable/c/36fdc5319c4d0ec8b8938ec4769764098a246bfb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36fdc5319c4d0ec8b8938ec4769764098a246bfb"
},
{
"url": "https://git.kernel.org/stable/c/4475afa2646d3fec176fc4d011d3879b26cb26e3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4475afa2646d3fec176fc4d011d3879b26cb26e3"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42288.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix for possible memory corruption\n\nInit Control Block is dereferenced incorrectly. Correctly dereference ICB"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "2a15b59a2c5a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e"
},
{
"url": "https://git.kernel.org/stable/c/571d7f2a08836698c2fb0d792236424575b9829b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/571d7f2a08836698c2fb0d792236424575b9829b"
},
{
"url": "https://git.kernel.org/stable/c/8192c533e89d9fb69b2490398939236b78cda79b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8192c533e89d9fb69b2490398939236b78cda79b"
},
{
"url": "https://git.kernel.org/stable/c/c03d740152f78e86945a75b2ad541bf972fab92a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c03d740152f78e86945a75b2ad541bf972fab92a"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42289.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: During vport delete send async logout explicitly\n\nDuring vport delete, it is observed that during unload we hit a crash\nbecause of stale entries in outstanding command array. For all these stale\nI/O entries, eh_abort was issued and aborted (fast_fail_io = 2009h) but\nI/Os could not complete while vport delete is in process of deleting.\n\n BUG: kernel NULL pointer dereference, address: 000000000000001c\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n Workqueue: qla2xxx_wq qla_do_work [qla2xxx]\n RIP: 0010:dma_direct_unmap_sg+0x51/0x1e0\n RSP: 0018:ffffa1e1e150fc68 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000000000001\n RDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff8ce208a7a0d0\n RBP: ffff8ce208a7a0d0 R08: 0000000000000000 R09: ffff8ce378aac9c8\n R10: ffff8ce378aac8a0 R11: ffffa1e1e150f9d8 R12: 0000000000000000\n R13: 0000000000000000 R14: ffff8ce378aac9c8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8d217f000000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000001c CR3: 0000002089acc000 CR4: 0000000000350ee0\n Call Trace:\n <TASK>\n qla2xxx_qpair_sp_free_dma+0x417/0x4e0\n ? qla2xxx_qpair_sp_compl+0x10d/0x1a0\n ? qla2x00_status_entry+0x768/0x2830\n ? newidle_balance+0x2f0/0x430\n ? dequeue_entity+0x100/0x3c0\n ? qla24xx_process_response_queue+0x6a1/0x19e0\n ? __schedule+0x2d5/0x1140\n ? qla_do_work+0x47/0x60\n ? process_one_work+0x267/0x440\n ? process_one_work+0x440/0x440\n ? worker_thread+0x2d/0x3d0\n ? process_one_work+0x440/0x440\n ? kthread+0x156/0x180\n ? set_kthread_struct+0x50/0x50\n ? ret_from_fork+0x22/0x30\n </TASK>\n\nSend out async logout explicitly for all the ports during vport delete."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "d28a2075bb53"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d28a2075bb530489715a3b011e1dd8765ba20313",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d28a2075bb530489715a3b011e1dd8765ba20313"
},
{
"url": "https://git.kernel.org/stable/c/87c25fcb95aafabb6a4914239f4ab41b07a4f9b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87c25fcb95aafabb6a4914239f4ab41b07a4f9b7"
},
{
"url": "https://git.kernel.org/stable/c/b35d6d5a2f38605cddea7d5c64cded894fbe8ede",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b35d6d5a2f38605cddea7d5c64cded894fbe8ede"
},
{
"url": "https://git.kernel.org/stable/c/76f480d7c717368f29a3870f7d64471ce0ff8fb2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/76f480d7c717368f29a3870f7d64471ce0ff8fb2"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42290.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42290",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/imx-irqsteer: Handle runtime power management correctly\n\nThe power domain is automatically activated from clk_prepare(). However, on\ncertain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes\nsleeping functions, which triggers the 'scheduling while atomic' bug in the\ncontext switch path during device probing:\n\n BUG: scheduling while atomic: kworker/u13:1/48/0x00000002\n Call trace:\n __schedule_bug+0x54/0x6c\n __schedule+0x7f0/0xa94\n schedule+0x5c/0xc4\n schedule_preempt_disabled+0x24/0x40\n __mutex_lock.constprop.0+0x2c0/0x540\n __mutex_lock_slowpath+0x14/0x20\n mutex_lock+0x48/0x54\n clk_prepare_lock+0x44/0xa0\n clk_prepare+0x20/0x44\n imx_irqsteer_resume+0x28/0xe0\n pm_generic_runtime_resume+0x2c/0x44\n __genpd_runtime_resume+0x30/0x80\n genpd_runtime_resume+0xc8/0x2c0\n __rpm_callback+0x48/0x1d8\n rpm_callback+0x6c/0x78\n rpm_resume+0x490/0x6b4\n __pm_runtime_resume+0x50/0x94\n irq_chip_pm_get+0x2c/0xa0\n __irq_do_set_handler+0x178/0x24c\n irq_set_chained_handler_and_data+0x60/0xa4\n mxc_gpio_probe+0x160/0x4b0\n\nCure this by implementing the irq_bus_lock/sync_unlock() interrupt chip\ncallbacks and handle power management in them as they are invoked from\nnon-atomic context.\n\n[ tglx: Rewrote change log, added Fixes tag ]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0136afa08967",
"version_value": "58c56735facb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/58c56735facb225a5c46fa4b8bbbe7f31d1cb894",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/58c56735facb225a5c46fa4b8bbbe7f31d1cb894"
},
{
"url": "https://git.kernel.org/stable/c/21bd3f9e7f924cd2fc892a484e7a50c7e1847565",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21bd3f9e7f924cd2fc892a484e7a50c7e1847565"
},
{
"url": "https://git.kernel.org/stable/c/f8ae38f1dfe652779c7c613facbc257cec00ac44",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f8ae38f1dfe652779c7c613facbc257cec00ac44"
},
{
"url": "https://git.kernel.org/stable/c/33b1c47d1fc0b5f06a393bb915db85baacba18ea",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/33b1c47d1fc0b5f06a393bb915db85baacba18ea"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42291.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42291",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Add a per-VF limit on number of FDIR filters\n\nWhile the iavf driver adds a s/w limit (128) on the number of FDIR\nfilters that the VF can request, a malicious VF driver can request more\nthan that and exhaust the resources for other VFs.\n\nAdd a similar limit in ice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1f7ea1cd6a37",
"version_value": "8e02cd98a6e2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8e02cd98a6e24389d476e28436d41e620ed8e559",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e02cd98a6e24389d476e28436d41e620ed8e559"
},
{
"url": "https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c"
},
{
"url": "https://git.kernel.org/stable/c/292081c4e7f575a79017d5cbe1a0ec042783976f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/292081c4e7f575a79017d5cbe1a0ec042783976f"
},
{
"url": "https://git.kernel.org/stable/c/6ebbe97a488179f5dc85f2f1e0c89b486e99ee97",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6ebbe97a488179f5dc85f2f1e0c89b486e99ee97"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42292.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42292",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkobject_uevent: Fix OOB access within zap_modalias_env()\n\nzap_modalias_env() wrongly calculates size of memory block to move, so\nwill cause OOB memory access issue if variable MODALIAS is not the last\none within its @env parameter, fixed by correcting size to memmove."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9b3fa47d4a76",
"version_value": "68d63ace80b7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/68d63ace80b76395e7935687ecdb86421adc2168",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/68d63ace80b76395e7935687ecdb86421adc2168"
},
{
"url": "https://git.kernel.org/stable/c/57fe01d3d04276875c7e3a6dc763517fc05b8762",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57fe01d3d04276875c7e3a6dc763517fc05b8762"
},
{
"url": "https://git.kernel.org/stable/c/d4663536754defff75ff1eca0aaebc41da165a8d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d4663536754defff75ff1eca0aaebc41da165a8d"
},
{
"url": "https://git.kernel.org/stable/c/dd6e9894b451e7c85cceb8e9dc5432679a70e7dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd6e9894b451e7c85cceb8e9dc5432679a70e7dc"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42293.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42293",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: mm: Fix lockless walks with static and dynamic page-table folding\n\nLina reports random oopsen originating from the fast GUP code when\n16K pages are used with 4-level page-tables, the fourth level being\nfolded at runtime due to lack of LPA2.\n\nIn this configuration, the generic implementation of\np4d_offset_lockless() will return a 'p4d_t *' corresponding to the\n'pgd_t' allocated on the stack of the caller, gup_fast_pgd_range().\nThis is normally fine, but when the fourth level of page-table is folded\nat runtime, pud_offset_lockless() will offset from the address of the\n'p4d_t' to calculate the address of the PUD in the same page-table page.\nThis results in a stray stack read when the 'p4d_t' has been allocated\non the stack and can send the walker into the weeds.\n\nFix the problem by providing our own definition of p4d_offset_lockless()\nwhen CONFIG_PGTABLE_LEVELS <= 4 which returns the real page-table\npointer rather than the address of the local stack variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0dd4f60a2c76",
"version_value": "78672d49d3ee"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/78672d49d3eebbcda3589f4d6e589caf357c5a59",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/78672d49d3eebbcda3589f4d6e589caf357c5a59"
},
{
"url": "https://git.kernel.org/stable/c/36639013b3462c06ff8e3400a427f775b4fc97f5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36639013b3462c06ff8e3400a427f775b4fc97f5"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

103
2024/42xxx/CVE-2024-42294.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42294",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix deadlock between sd_remove & sd_release\n\nOur test report the following hung task:\n\n[ 2538.459400] INFO: task \"kworker/0:0\":7 blocked for more than 188 seconds.\n[ 2538.459427] Call trace:\n[ 2538.459430] __switch_to+0x174/0x338\n[ 2538.459436] __schedule+0x628/0x9c4\n[ 2538.459442] schedule+0x7c/0xe8\n[ 2538.459447] schedule_preempt_disabled+0x24/0x40\n[ 2538.459453] __mutex_lock+0x3ec/0xf04\n[ 2538.459456] __mutex_lock_slowpath+0x14/0x24\n[ 2538.459459] mutex_lock+0x30/0xd8\n[ 2538.459462] del_gendisk+0xdc/0x350\n[ 2538.459466] sd_remove+0x30/0x60\n[ 2538.459470] device_release_driver_internal+0x1c4/0x2c4\n[ 2538.459474] device_release_driver+0x18/0x28\n[ 2538.459478] bus_remove_device+0x15c/0x174\n[ 2538.459483] device_del+0x1d0/0x358\n[ 2538.459488] __scsi_remove_device+0xa8/0x198\n[ 2538.459493] scsi_forget_host+0x50/0x70\n[ 2538.459497] scsi_remove_host+0x80/0x180\n[ 2538.459502] usb_stor_disconnect+0x68/0xf4\n[ 2538.459506] usb_unbind_interface+0xd4/0x280\n[ 2538.459510] device_release_driver_internal+0x1c4/0x2c4\n[ 2538.459514] device_release_driver+0x18/0x28\n[ 2538.459518] bus_remove_device+0x15c/0x174\n[ 2538.459523] device_del+0x1d0/0x358\n[ 2538.459528] usb_disable_device+0x84/0x194\n[ 2538.459532] usb_disconnect+0xec/0x300\n[ 2538.459537] hub_event+0xb80/0x1870\n[ 2538.459541] process_scheduled_works+0x248/0x4dc\n[ 2538.459545] worker_thread+0x244/0x334\n[ 2538.459549] kthread+0x114/0x1bc\n\n[ 2538.461001] INFO: task \"fsck.\":15415 blocked for more than 188 seconds.\n[ 2538.461014] Call trace:\n[ 2538.461016] __switch_to+0x174/0x338\n[ 2538.461021] __schedule+0x628/0x9c4\n[ 2538.461025] schedule+0x7c/0xe8\n[ 2538.461030] blk_queue_enter+0xc4/0x160\n[ 2538.461034] blk_mq_alloc_request+0x120/0x1d4\n[ 2538.461037] scsi_execute_cmd+0x7c/0x23c\n[ 2538.461040] ioctl_internal_command+0x5c/0x164\n[ 2538.461046] scsi_set_medium_removal+0x5c/0xb0\n[ 2538.461051] sd_release+0x50/0x94\n[ 2538.461054] blkdev_put+0x190/0x28c\n[ 2538.461058] blkdev_release+0x28/0x40\n[ 2538.461063] __fput+0xf8/0x2a8\n[ 2538.461066] __fput_sync+0x28/0x5c\n[ 2538.461070] __arm64_sys_close+0x84/0xe8\n[ 2538.461073] invoke_syscall+0x58/0x114\n[ 2538.461078] el0_svc_common+0xac/0xe0\n[ 2538.461082] do_el0_svc+0x1c/0x28\n[ 2538.461087] el0_svc+0x38/0x68\n[ 2538.461090] el0t_64_sync_handler+0x68/0xbc\n[ 2538.461093] el0t_64_sync+0x1a8/0x1ac\n\n T1:\t\t\t\tT2:\n sd_remove\n del_gendisk\n __blk_mark_disk_dead\n blk_freeze_queue_start\n ++q->mq_freeze_depth\n \t\t\t\tbdev_release\n \t\t\t\tmutex_lock(&disk->open_mutex)\n \t\t\t\tsd_release\n \t\t\t\tscsi_execute_cmd\n \t\t\t\tblk_queue_enter\n \t\t\t\twait_event(!q->mq_freeze_depth)\n mutex_lock(&disk->open_mutex)\n\nSCSI does not set GD_OWNS_QUEUE, so QUEUE_FLAG_DYING is not set in\nthis scenario. This is a classic ABBA deadlock. To fix the deadlock,\nmake sure we don't try to acquire disk->open_mutex after freezing\nthe queue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "eec1be4c30df",
"version_value": "5a5625a83eac"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5a5625a83eac91fdff1d5f0202ecfc45a31983c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5a5625a83eac91fdff1d5f0202ecfc45a31983c9"
},
{
"url": "https://git.kernel.org/stable/c/f5418f48a93b69ed9e6a2281eee06b412f14a544",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f5418f48a93b69ed9e6a2281eee06b412f14a544"
},
{
"url": "https://git.kernel.org/stable/c/7e04da2dc7013af50ed3a2beb698d5168d1e594b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7e04da2dc7013af50ed3a2beb698d5168d1e594b"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42295.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42295",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: handle inconsistent state in nilfs_btnode_create_block()\n\nSyzbot reported that a buffer state inconsistency was detected in\nnilfs_btnode_create_block(), triggering a kernel bug.\n\nIt is not appropriate to treat this inconsistency as a bug; it can occur\nif the argument block address (the buffer index of the newly created\nblock) is a virtual block number and has been reallocated due to\ncorruption of the bitmap used to manage its allocation state.\n\nSo, modify nilfs_btnode_create_block() and its callers to treat it as a\npossible filesystem error, rather than triggering a kernel bug."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a60be987d45d",
"version_value": "012be828a118"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.30",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.30",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/012be828a118bf496e666ef1fc47fc0e7358ada2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/012be828a118bf496e666ef1fc47fc0e7358ada2"
},
{
"url": "https://git.kernel.org/stable/c/be56dfc9be0604291267c07b0e27a69a6bda4899",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/be56dfc9be0604291267c07b0e27a69a6bda4899"
},
{
"url": "https://git.kernel.org/stable/c/366c3f688dd0288cbe38af1d3a886b5c62372e4a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/366c3f688dd0288cbe38af1d3a886b5c62372e4a"
},
{
"url": "https://git.kernel.org/stable/c/4811f7af6090e8f5a398fbdd766f903ef6c0d787",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4811f7af6090e8f5a398fbdd766f903ef6c0d787"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42296.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42296",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix return value of f2fs_convert_inline_inode()\n\nIf device is readonly, make f2fs_convert_inline_inode()\nreturn EROFS instead of zero, otherwise it may trigger\npanic during writeback of inline inode's dirty page as\nbelow:\n\n f2fs_write_single_data_page+0xbb6/0x1e90 fs/f2fs/data.c:2888\n f2fs_write_cache_pages fs/f2fs/data.c:3187 [inline]\n __f2fs_write_data_pages fs/f2fs/data.c:3342 [inline]\n f2fs_write_data_pages+0x1efe/0x3a90 fs/f2fs/data.c:3369\n do_writepages+0x359/0x870 mm/page-writeback.c:2634\n filemap_fdatawrite_wbc+0x125/0x180 mm/filemap.c:397\n __filemap_fdatawrite_range mm/filemap.c:430 [inline]\n file_write_and_wait_range+0x1aa/0x290 mm/filemap.c:788\n f2fs_do_sync_file+0x68a/0x1ae0 fs/f2fs/file.c:276\n generic_write_sync include/linux/fs.h:2806 [inline]\n f2fs_file_write_iter+0x7bd/0x24e0 fs/f2fs/file.c:4977\n call_write_iter include/linux/fs.h:2114 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xa72/0xc90 fs/read_write.c:590\n ksys_write+0x1a0/0x2c0 fs/read_write.c:643\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "47a8ddcdcacc"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/47a8ddcdcaccd9b891db4574795e46a33a121ac2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/47a8ddcdcaccd9b891db4574795e46a33a121ac2"
},
{
"url": "https://git.kernel.org/stable/c/077f0e24b27c4b44841593c7edbd1993be9eecb5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/077f0e24b27c4b44841593c7edbd1993be9eecb5"
},
{
"url": "https://git.kernel.org/stable/c/1e7725814361c8c008d131db195cef8274ff26b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1e7725814361c8c008d131db195cef8274ff26b8"
},
{
"url": "https://git.kernel.org/stable/c/a8eb3de28e7a365690c61161e7a07a4fc7c60bbf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8eb3de28e7a365690c61161e7a07a4fc7c60bbf"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42297.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42297",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to don't dirty inode for readonly filesystem\n\nsyzbot reports f2fs bug as below:\n\nkernel BUG at fs/f2fs/inode.c:933!\nRIP: 0010:f2fs_evict_inode+0x1576/0x1590 fs/f2fs/inode.c:933\nCall Trace:\n evict+0x2a4/0x620 fs/inode.c:664\n dispose_list fs/inode.c:697 [inline]\n evict_inodes+0x5f8/0x690 fs/inode.c:747\n generic_shutdown_super+0x9d/0x2c0 fs/super.c:675\n kill_block_super+0x44/0x90 fs/super.c:1667\n kill_f2fs_super+0x303/0x3b0 fs/f2fs/super.c:4894\n deactivate_locked_super+0xc1/0x130 fs/super.c:484\n cleanup_mnt+0x426/0x4c0 fs/namespace.c:1256\n task_work_run+0x24a/0x300 kernel/task_work.c:180\n ptrace_notify+0x2cd/0x380 kernel/signal.c:2399\n ptrace_report_syscall include/linux/ptrace.h:411 [inline]\n ptrace_report_syscall_exit include/linux/ptrace.h:473 [inline]\n syscall_exit_work kernel/entry/common.c:251 [inline]\n syscall_exit_to_user_mode_prepare kernel/entry/common.c:278 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]\n syscall_exit_to_user_mode+0x15c/0x280 kernel/entry/common.c:296\n do_syscall_64+0x50/0x110 arch/x86/entry/common.c:88\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nThe root cause is:\n- do_sys_open\n - f2fs_lookup\n - __f2fs_find_entry\n - f2fs_i_depth_write\n - f2fs_mark_inode_dirty_sync\n - f2fs_dirty_inode\n - set_inode_flag(inode, FI_DIRTY_INODE)\n\n- umount\n - kill_f2fs_super\n - kill_block_super\n - generic_shutdown_super\n - sync_filesystem\n : sb is readonly, skip sync_filesystem()\n - evict_inodes\n - iput\n - f2fs_evict_inode\n - f2fs_bug_on(sbi, is_inode_flag_set(inode, FI_DIRTY_INODE))\n : trigger kernel panic\n\nWhen we try to repair i_current_depth in readonly filesystem, let's\nskip dirty inode to avoid panic in later f2fs_evict_inode()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "9ce8135accf1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9ce8135accf103f7333af472709125878704fdd4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ce8135accf103f7333af472709125878704fdd4"
},
{
"url": "https://git.kernel.org/stable/c/e62ff092a42f4a1bae3b310cf46673b4f3aac3b5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e62ff092a42f4a1bae3b310cf46673b4f3aac3b5"
},
{
"url": "https://git.kernel.org/stable/c/2434344559f6743efb3ac15d11af9a0db9543bd3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2434344559f6743efb3ac15d11af9a0db9543bd3"
},
{
"url": "https://git.kernel.org/stable/c/192b8fb8d1c8ca3c87366ebbef599fa80bb626b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/192b8fb8d1c8ca3c87366ebbef599fa80bb626b8"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

103
2024/42xxx/CVE-2024-42298.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42298",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this returned\nvalue is not checked.\n\nFix this lack and check the returned value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "075c7125b11c",
"version_value": "b4205dfcfe96"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b4205dfcfe96182118e54343954827eda51b2135",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4205dfcfe96182118e54343954827eda51b2135"
},
{
"url": "https://git.kernel.org/stable/c/af466037fa2b263e8ea5c47285513d2487e17d90",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/af466037fa2b263e8ea5c47285513d2487e17d90"
},
{
"url": "https://git.kernel.org/stable/c/e62599902327d27687693f6e5253a5d56583db58",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e62599902327d27687693f6e5253a5d56583db58"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42299.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42299",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Update log->page_{mask,bits} if log->page_size changed\n\nIf an NTFS file system is mounted to another system with different\nPAGE_SIZE from the original system, log->page_size will change in\nlog_replay(), but log->page_{mask,bits} don't change correspondingly.\nThis will cause a panic because \"u32 bytes = log->page_size - page_off\"\nwill get a negative value in the later read_log_page()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b46acd6a6a62",
"version_value": "b90ceffdc975"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b90ceffdc975502bc085ce8e79c6adeff05f9521",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b90ceffdc975502bc085ce8e79c6adeff05f9521"
},
{
"url": "https://git.kernel.org/stable/c/2cac0df3324b5e287d8020bc0708f7d2dec88a6f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2cac0df3324b5e287d8020bc0708f7d2dec88a6f"
},
{
"url": "https://git.kernel.org/stable/c/0a4ae2644e2a3b3b219aad9639fb2b0691d08420",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a4ae2644e2a3b3b219aad9639fb2b0691d08420"
},
{
"url": "https://git.kernel.org/stable/c/2fef55d8f78383c8e6d6d4c014b9597375132696",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fef55d8f78383c8e6d6d4c014b9597375132696"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42300.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42300",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix race in z_erofs_get_gbuf()\n\nIn z_erofs_get_gbuf(), the current task may be migrated to another\nCPU between `z_erofs_gbuf_id()` and `spin_lock(&gbuf->lock)`.\n\nTherefore, z_erofs_put_gbuf() will trigger the following issue\nwhich was found by stress test:\n\n<2>[772156.434168] kernel BUG at fs/erofs/zutil.c:58!\n..\n<4>[772156.435007]\n<4>[772156.439237] CPU: 0 PID: 3078 Comm: stress Kdump: loaded Tainted: G E 6.10.0-rc7+ #2\n<4>[772156.439239] Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 1.0.0 01/01/2017\n<4>[772156.439241] pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)\n<4>[772156.439243] pc : z_erofs_put_gbuf+0x64/0x70 [erofs]\n<4>[772156.439252] lr : z_erofs_lz4_decompress+0x600/0x6a0 [erofs]\n..\n<6>[772156.445958] stress (3127): drop_caches: 1\n<4>[772156.446120] Call trace:\n<4>[772156.446121] z_erofs_put_gbuf+0x64/0x70 [erofs]\n<4>[772156.446761] z_erofs_lz4_decompress+0x600/0x6a0 [erofs]\n<4>[772156.446897] z_erofs_decompress_queue+0x740/0xa10 [erofs]\n<4>[772156.447036] z_erofs_runqueue+0x428/0x8c0 [erofs]\n<4>[772156.447160] z_erofs_readahead+0x224/0x390 [erofs]\n.."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f36f3010f676",
"version_value": "49b22e06a947"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/49b22e06a947727a6d1c802d2d9ad92420b90fc5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49b22e06a947727a6d1c802d2d9ad92420b90fc5"
},
{
"url": "https://git.kernel.org/stable/c/7dc5537c3f8be87e005f0844a7626c987914f8fd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7dc5537c3f8be87e005f0844a7626c987914f8fd"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42301.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42301",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndev/parport: fix the array out-of-bounds risk\n\nFixed array out-of-bounds issues caused by sprintf\nby replacing it with snprintf for safer data copying,\nensuring the destination buffer is not overflowed.\n\nBelow is the stack trace I encountered during the actual issue:\n\n[ 66.575408s] [pid:5118,cpu4,QThread,4]Kernel panic - not syncing: stack-protector:\nKernel stack is corrupted in: do_hardware_base_addr+0xcc/0xd0 [parport]\n[ 66.575408s] [pid:5118,cpu4,QThread,5]CPU: 4 PID: 5118 Comm:\nQThread Tainted: G S W O 5.10.97-arm64-desktop #7100.57021.2\n[ 66.575439s] [pid:5118,cpu4,QThread,6]TGID: 5087 Comm: EFileApp\n[ 66.575439s] [pid:5118,cpu4,QThread,7]Hardware name: HUAWEI HUAWEI QingYun\nPGUX-W515x-B081/SP1PANGUXM, BIOS 1.00.07 04/29/2024\n[ 66.575439s] [pid:5118,cpu4,QThread,8]Call trace:\n[ 66.575469s] [pid:5118,cpu4,QThread,9] dump_backtrace+0x0/0x1c0\n[ 66.575469s] [pid:5118,cpu4,QThread,0] show_stack+0x14/0x20\n[ 66.575469s] [pid:5118,cpu4,QThread,1] dump_stack+0xd4/0x10c\n[ 66.575500s] [pid:5118,cpu4,QThread,2] panic+0x1d8/0x3bc\n[ 66.575500s] [pid:5118,cpu4,QThread,3] __stack_chk_fail+0x2c/0x38\n[ 66.575500s] [pid:5118,cpu4,QThread,4] do_hardware_base_addr+0xcc/0xd0 [parport]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "7f4da759092a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7f4da759092a1a6ce35fb085182d02de8cc4cc84",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7f4da759092a1a6ce35fb085182d02de8cc4cc84"
},
{
"url": "https://git.kernel.org/stable/c/b579ea3516c371ecf59d073772bc45dfd28c8a0e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b579ea3516c371ecf59d073772bc45dfd28c8a0e"
},
{
"url": "https://git.kernel.org/stable/c/7789a1d6792af410aa9b39a1eb237ed24fa2170a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7789a1d6792af410aa9b39a1eb237ed24fa2170a"
},
{
"url": "https://git.kernel.org/stable/c/ab11dac93d2d568d151b1918d7b84c2d02bacbd5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ab11dac93d2d568d151b1918d7b84c2d02bacbd5"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

119
2024/42xxx/CVE-2024-42302.json
View File

@ -1,18 +1,129 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42302",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/DPC: Fix use-after-free on concurrent DPC and hot-removal\n\nKeith reports a use-after-free when a DPC event occurs concurrently to\nhot-removal of the same portion of the hierarchy:\n\nThe dpc_handler() awaits readiness of the secondary bus below the\nDownstream Port where the DPC event occurred. To do so, it polls the\nconfig space of the first child device on the secondary bus. If that\nchild device is concurrently removed, accesses to its struct pci_dev\ncause the kernel to oops.\n\nThat's because pci_bridge_wait_for_secondary_bus() neglects to hold a\nreference on the child device. Before v6.3, the function was only\ncalled on resume from system sleep or on runtime resume. Holding a\nreference wasn't necessary back then because the pciehp IRQ thread\ncould never run concurrently. (On resume from system sleep, IRQs are\nnot enabled until after the resume_noirq phase. And runtime resume is\nalways awaited before a PCI device is removed.)\n\nHowever starting with v6.3, pci_bridge_wait_for_secondary_bus() is also\ncalled on a DPC event. Commit 53b54ad074de (\"PCI/DPC: Await readiness\nof secondary bus after reset\"), which introduced that, failed to\nappreciate that pci_bridge_wait_for_secondary_bus() now needs to hold a\nreference on the child device because dpc_handler() and pciehp may\nindeed run concurrently. The commit was backported to v5.10+ stable\nkernels, so that's the oldest one affected.\n\nAdd the missing reference acquisition.\n\nAbridged stack trace:\n\n BUG: unable to handle page fault for address: 00000000091400c0\n CPU: 15 PID: 2464 Comm: irq/53-pcie-dpc 6.9.0\n RIP: pci_bus_read_config_dword+0x17/0x50\n pci_dev_wait()\n pci_bridge_wait_for_secondary_bus()\n dpc_reset_link()\n pcie_do_recovery()\n dpc_handler()"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "189f856e76f5",
"version_value": "f63df70b439b"
},
{
"version_affected": "<",
"version_name": "53b54ad074de",
"version_value": "2cc8973bdc4d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f63df70b439bb8331358a306541893bf415bf1da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f63df70b439bb8331358a306541893bf415bf1da"
},
{
"url": "https://git.kernel.org/stable/c/2cc8973bdc4d6c928ebe38b88090a2cdfe81f42f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2cc8973bdc4d6c928ebe38b88090a2cdfe81f42f"
},
{
"url": "https://git.kernel.org/stable/c/b16f3ea1db47a6766a9f1169244cf1fc287a7c62",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b16f3ea1db47a6766a9f1169244cf1fc287a7c62"
},
{
"url": "https://git.kernel.org/stable/c/11a1f4bc47362700fcbde717292158873fb847ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/11a1f4bc47362700fcbde717292158873fb847ed"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

103
2024/42xxx/CVE-2024-42303.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42303",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-pxp: Fix ERR_PTR dereference in pxp_probe()\n\ndevm_regmap_init_mmio() can fail, add a check and bail out in case of\nerror."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4e5bd3fdbeb3",
"version_value": "358bc85269d6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/358bc85269d6a359fea597ef9fbb429cd3626e08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/358bc85269d6a359fea597ef9fbb429cd3626e08"
},
{
"url": "https://git.kernel.org/stable/c/5ab6ac4e9e165b0fe8a326308218337007224f05",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5ab6ac4e9e165b0fe8a326308218337007224f05"
},
{
"url": "https://git.kernel.org/stable/c/57e9ce68ae98551da9c161aaab12b41fe8601856",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57e9ce68ae98551da9c161aaab12b41fe8601856"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42304.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42304",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: make sure the first directory block is not a hole\n\nThe syzbot constructs a directory that has no dirblock but is non-inline,\ni.e. the first directory block is a hole. And no errors are reported when\ncreating files in this directory in the following flow.\n\n ext4_mknod\n ...\n ext4_add_entry\n // Read block 0\n ext4_read_dirblock(dir, block, DIRENT)\n bh = ext4_bread(NULL, inode, block, 0)\n if (!bh && (type == INDEX || type == DIRENT_HTREE))\n // The first directory block is a hole\n // But type == DIRENT, so no error is reported.\n\nAfter that, we get a directory block without '.' and '..' but with a valid\ndentry. This may cause some code that relies on dot or dotdot (such as\nmake_indexed_dir()) to crash.\n\nTherefore when ext4_read_dirblock() finds that the first directory block\nis a hole report that the filesystem is corrupted and return an error to\navoid loading corrupted data from disk causing something bad."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4e19d6b65fb4",
"version_value": "b609753cbbd3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b609753cbbd38f8c0affd4956c0af178348523ac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b609753cbbd38f8c0affd4956c0af178348523ac"
},
{
"url": "https://git.kernel.org/stable/c/c3893d9de8ee153baac56d127d844103488133b5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3893d9de8ee153baac56d127d844103488133b5"
},
{
"url": "https://git.kernel.org/stable/c/299bc6ffa57e04e74c6cce866d6c0741fb4897a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/299bc6ffa57e04e74c6cce866d6c0741fb4897a1"
},
{
"url": "https://git.kernel.org/stable/c/f9ca51596bbfd0f9c386dd1c613c394c78d9e5e6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f9ca51596bbfd0f9c386dd1c613c394c78d9e5e6"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42305.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42305",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: check dot and dotdot of dx_root before making dir indexed\n\nSyzbot reports a issue as follows:\n============================================\nBUG: unable to handle page fault for address: ffffed11022e24fe\nPGD 23ffee067 P4D 23ffee067 PUD 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 PID: 5079 Comm: syz-executor306 Not tainted 6.10.0-rc5-g55027e689933 #0\nCall Trace:\n <TASK>\n make_indexed_dir+0xdaf/0x13c0 fs/ext4/namei.c:2341\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2451\n ext4_rename fs/ext4/namei.c:3936 [inline]\n ext4_rename2+0x26e5/0x4370 fs/ext4/namei.c:4214\n[...]\n============================================\n\nThe immediate cause of this problem is that there is only one valid dentry\nfor the block to be split during do_split, so split==0 results in out of\nbounds accesses to the map triggering the issue.\n\n do_split\n unsigned split\n dx_make_map\n count = 1\n split = count/2 = 0;\n continued = hash2 == map[split - 1].hash;\n ---> map[4294967295]\n\nThe maximum length of a filename is 255 and the minimum block size is 1024,\nso it is always guaranteed that the number of entries is greater than or\nequal to 2 when do_split() is called.\n\nBut syzbot's crafted image has no dot and dotdot in dir, and the dentry\ndistribution in dirblock is as follows:\n\n bus dentry1 hole dentry2 free\n|xx--|xx-------------|...............|xx-------------|...............|\n0 12 (8+248)=256 268 256 524 (8+256)=264 788 236 1024\n\nSo when renaming dentry1 increases its name_len length by 1, neither hole\nnor free is sufficient to hold the new dentry, and make_indexed_dir() is\ncalled.\n\nIn make_indexed_dir() it is assumed that the first two entries of the\ndirblock must be dot and dotdot, so bus and dentry1 are left in dx_root\nbecause they are treated as dot and dotdot, and only dentry2 is moved\nto the new leaf block. That's why count is equal to 1.\n\nTherefore add the ext4_check_dx_root() helper function to add more sanity\nchecks to dot and dotdot before starting the conversion to avoid the above\nissue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ac27a0ec112a",
"version_value": "abb411ac9918"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/abb411ac991810c0bcbe51c2e76d2502bf611b5c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abb411ac991810c0bcbe51c2e76d2502bf611b5c"
},
{
"url": "https://git.kernel.org/stable/c/9d241b7a39af192d1bb422714a458982c7cc67a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9d241b7a39af192d1bb422714a458982c7cc67a2"
},
{
"url": "https://git.kernel.org/stable/c/cdd345321699042ece4a9d2e70754d2397d378c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdd345321699042ece4a9d2e70754d2397d378c5"
},
{
"url": "https://git.kernel.org/stable/c/50ea741def587a64e08879ce6c6a30131f7111e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50ea741def587a64e08879ce6c6a30131f7111e7"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

119
2024/42xxx/CVE-2024-42306.json
View File

@ -1,18 +1,129 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42306",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Avoid using corrupted block bitmap buffer\n\nWhen the filesystem block bitmap is corrupted, we detect the corruption\nwhile loading the bitmap and fail the allocation with error. However the\nnext allocation from the same bitmap will notice the bitmap buffer is\nalready loaded and tries to allocate from the bitmap with mixed results\n(depending on the exact nature of the bitmap corruption). Fix the\nproblem by using BH_verified bit to indicate whether the bitmap is valid\nor not."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6ac8f2c8362a",
"version_value": "271cab2ca006"
},
{
"version_affected": "<",
"version_name": "1e0d4adf17e7",
"version_value": "57053b3bcf34"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/271cab2ca00652bc984e269cf1208699a1e09cdd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/271cab2ca00652bc984e269cf1208699a1e09cdd"
},
{
"url": "https://git.kernel.org/stable/c/57053b3bcf3403b80db6f65aba284d7dfe7326af",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57053b3bcf3403b80db6f65aba284d7dfe7326af"
},
{
"url": "https://git.kernel.org/stable/c/8ca170c39eca7cad6e0cfeb24e351d8f8eddcd65",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ca170c39eca7cad6e0cfeb24e351d8f8eddcd65"
},
{
"url": "https://git.kernel.org/stable/c/a90d4471146de21745980cba51ce88e7926bcc4f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a90d4471146de21745980cba51ce88e7926bcc4f"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/42xxx/CVE-2024-42307.json
View File

@ -1,18 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42307",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed 'serverclose_wq' could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8c99dfb49bdc",
"version_value": "6018971710fd"
},
{
"version_affected": "<",
"version_name": "6f17163b9339",
"version_value": "160235efb4f9"
},
{
"version_affected": "<",
"version_name": "173217bd7336",
"version_value": "3739d711246d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6018971710fdc7739f8655c1540832b4bb903671",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6018971710fdc7739f8655c1540832b4bb903671"
},
{
"url": "https://git.kernel.org/stable/c/160235efb4f9b55212dedff5de0094c606c4b303",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/160235efb4f9b55212dedff5de0094c606c4b303"
},
{
"url": "https://git.kernel.org/stable/c/3739d711246d8fbc95ff73dbdace9741cdce4777",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3739d711246d8fbc95ff73dbdace9741cdce4777"
},
{
"url": "https://git.kernel.org/stable/c/193cc89ea0ca1da311877d2b4bb5e9f03bcc82a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/193cc89ea0ca1da311877d2b4bb5e9f03bcc82a2"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42308.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42308",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check for NULL pointer\n\n[why & how]\nNeed to make sure plane_state is initialized\nbefore accessing its members.\n\n(cherry picked from commit 295d91cbc700651782a60572f83c24861607b648)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "f068494430d1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602"
},
{
"url": "https://git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a"
},
{
"url": "https://git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89"
},
{
"url": "https://git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42309.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42309",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes\n\nIn psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a possible NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "89c78134cc54",
"version_value": "f70ffeca5464"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811"
},
{
"url": "https://git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692"
},
{
"url": "https://git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14"
},
{
"url": "https://git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42310.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42310",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes\n\nIn cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6a227d5fd6c4",
"version_value": "e74eb5e80894"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e74eb5e8089427c8c49e0dd5067e5f39ce3a4d56",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e74eb5e8089427c8c49e0dd5067e5f39ce3a4d56"
},
{
"url": "https://git.kernel.org/stable/c/2d209b2f862f6b8bff549ede541590a8d119da23",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2d209b2f862f6b8bff549ede541590a8d119da23"
},
{
"url": "https://git.kernel.org/stable/c/977ee4fe895e1729cd36cc26916bbb10084713d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/977ee4fe895e1729cd36cc26916bbb10084713d6"
},
{
"url": "https://git.kernel.org/stable/c/cb520c3f366c77e8d69e4e2e2781a8ce48d98e79",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb520c3f366c77e8d69e4e2e2781a8ce48d98e79"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42311.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42311",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode()\n\nSyzbot reports uninitialized value access issue as below:\n\nloop0: detected capacity change from 0 to 64\n=====================================================\nBUG: KMSAN: uninit-value in hfs_revalidate_dentry+0x307/0x3f0 fs/hfs/sysdep.c:30\n hfs_revalidate_dentry+0x307/0x3f0 fs/hfs/sysdep.c:30\n d_revalidate fs/namei.c:862 [inline]\n lookup_fast+0x89e/0x8e0 fs/namei.c:1649\n walk_component fs/namei.c:2001 [inline]\n link_path_walk+0x817/0x1480 fs/namei.c:2332\n path_lookupat+0xd9/0x6f0 fs/namei.c:2485\n filename_lookup+0x22e/0x740 fs/namei.c:2515\n user_path_at_empty+0x8b/0x390 fs/namei.c:2924\n user_path_at include/linux/namei.h:57 [inline]\n do_mount fs/namespace.c:3689 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x66b/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x140 fs/namespace.c:3875\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nBUG: KMSAN: uninit-value in hfs_ext_read_extent fs/hfs/extent.c:196 [inline]\nBUG: KMSAN: uninit-value in hfs_get_block+0x92d/0x1620 fs/hfs/extent.c:366\n hfs_ext_read_extent fs/hfs/extent.c:196 [inline]\n hfs_get_block+0x92d/0x1620 fs/hfs/extent.c:366\n block_read_full_folio+0x4ff/0x11b0 fs/buffer.c:2271\n hfs_read_folio+0x55/0x60 fs/hfs/inode.c:39\n filemap_read_folio+0x148/0x4f0 mm/filemap.c:2426\n do_read_cache_folio+0x7c8/0xd90 mm/filemap.c:3553\n do_read_cache_page mm/filemap.c:3595 [inline]\n read_cache_page+0xfb/0x2f0 mm/filemap.c:3604\n read_mapping_page include/linux/pagemap.h:755 [inline]\n hfs_btree_open+0x928/0x1ae0 fs/hfs/btree.c:78\n hfs_mdb_get+0x260c/0x3000 fs/hfs/mdb.c:204\n hfs_fill_super+0x1fb1/0x2790 fs/hfs/super.c:406\n mount_bdev+0x628/0x920 fs/super.c:1359\n hfs_mount+0xcd/0xe0 fs/hfs/super.c:456\n legacy_get_tree+0x167/0x2e0 fs/fs_context.c:610\n vfs_get_tree+0xdc/0x5d0 fs/super.c:1489\n do_new_mount+0x7a9/0x16f0 fs/namespace.c:3145\n path_mount+0xf98/0x26a0 fs/namespace.c:3475\n do_mount fs/namespace.c:3488 [inline]\n __do_sys_mount fs/namespace.c:3697 [inline]\n __se_sys_mount+0x919/0x9e0 fs/namespace.c:3674\n __ia32_sys_mount+0x15b/0x1b0 fs/namespace.c:3674\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\nUninit was created at:\n __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n alloc_slab_page mm/slub.c:2190 [inline]\n allocate_slab mm/slub.c:2354 [inline]\n new_slab+0x2d7/0x1400 mm/slub.c:2407\n ___slab_alloc+0x16b5/0x3970 mm/slub.c:3540\n __slab_alloc mm/slub.c:3625 [inline]\n __slab_alloc_node mm/slub.c:3678 [inline]\n slab_alloc_node mm/slub.c:3850 [inline]\n kmem_cache_alloc_lru+0x64d/0xb30 mm/slub.c:3879\n alloc_inode_sb include/linux/fs.h:3018 [inline]\n hfs_alloc_inode+0x5a/0xc0 fs/hfs/super.c:165\n alloc_inode+0x83/0x440 fs/inode.c:260\n new_inode_pseudo fs/inode.c:1005 [inline]\n new_inode+0x38/0x4f0 fs/inode.c:1031\n hfs_new_inode+0x61/0x1010 fs/hfs/inode.c:186\n hfs_mkdir+0x54/0x250 fs/hfs/dir.c:228\n vfs_mkdir+0x49a/0x700 fs/namei.c:4126\n do_mkdirat+0x529/0x810 fs/namei.c:4149\n __do_sys_mkdirat fs/namei.c:4164 [inline]\n __se_sys_mkdirat fs/namei.c:4162 [inline]\n __x64_sys_mkdirat+0xc8/0x120 fs/namei.c:4162\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nIt missed to initialize .tz_secondswest, .cached_start and .cached_blocks\nfields in struct hfs_inode_info after hfs_alloc_inode(), fix it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "58d83fc16050"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/58d83fc160505a7009c39dec64effaac5129b971",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/58d83fc160505a7009c39dec64effaac5129b971"
},
{
"url": "https://git.kernel.org/stable/c/9c4e40b9b731220f9464975e49da75496e3865c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9c4e40b9b731220f9464975e49da75496e3865c4"
},
{
"url": "https://git.kernel.org/stable/c/d3493d6f0dfb1ab5225b62faa77732983f2187a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d3493d6f0dfb1ab5225b62faa77732983f2187a1"
},
{
"url": "https://git.kernel.org/stable/c/26a2ed107929a855155429b11e1293b83e6b2a8b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/26a2ed107929a855155429b11e1293b83e6b2a8b"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42312.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysctl: always initialize i_uid/i_gid\n\nAlways initialize i_uid/i_gid inside the sysfs core so set_ownership()\ncan safely skip setting them.\n\nCommit 5ec27ec735ba (\"fs/proc/proc_sysctl.c: fix the default values of\ni_uid/i_gid on /proc/sys inodes.\") added defaults for i_uid/i_gid when\nset_ownership() was not implemented. It also missed adjusting\nnet_ctl_set_ownership() to use the same default values in case the\ncomputation of a better value failed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5ec27ec735ba",
"version_value": "1deae34db9f4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1deae34db9f4f8e0e03f891be2e2e15c15c8ac05",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1deae34db9f4f8e0e03f891be2e2e15c15c8ac05"
},
{
"url": "https://git.kernel.org/stable/c/ffde3af4b29bf97d62d82e1d45275587e10a991a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ffde3af4b29bf97d62d82e1d45275587e10a991a"
},
{
"url": "https://git.kernel.org/stable/c/c7e2f43d182f5dde473389dbb39f16c9f0d64536",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c7e2f43d182f5dde473389dbb39f16c9f0d64536"
},
{
"url": "https://git.kernel.org/stable/c/98ca62ba9e2be5863c7d069f84f7166b45a5b2f4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98ca62ba9e2be5863c7d069f84f7166b45a5b2f4"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42313.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42313",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: fix use after free in vdec_close\n\nThere appears to be a possible use after free with vdec_close().\nThe firmware will add buffer release work to the work queue through\nHFI callbacks as a normal part of decoding. Randomly closing the\ndecoder device from userspace during normal decoding can incur\na read after free for inst.\n\nFix it by cancelling the work in vdec_close."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "af2c3834c8ca",
"version_value": "da55685247f4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/da55685247f409bf7f976cc66ba2104df75d8dad",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da55685247f409bf7f976cc66ba2104df75d8dad"
},
{
"url": "https://git.kernel.org/stable/c/66fa52edd32cdbb675f0803b3c4da10ea19b6635",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66fa52edd32cdbb675f0803b3c4da10ea19b6635"
},
{
"url": "https://git.kernel.org/stable/c/6a96041659e834dc0b172dda4b2df512d63920c2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6a96041659e834dc0b172dda4b2df512d63920c2"
},
{
"url": "https://git.kernel.org/stable/c/a0157b5aa34eb43ec4c5510f9c260bbb03be937e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a0157b5aa34eb43ec4c5510f9c260bbb03be937e"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

103
2024/42xxx/CVE-2024-42314.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42314",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix extent map use-after-free when adding pages to compressed bio\n\nAt add_ra_bio_pages() we are accessing the extent map to calculate\n'add_size' after we dropped our reference on the extent map, resulting\nin a use-after-free. Fix this by computing 'add_size' before dropping our\nextent map reference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6a4049102055",
"version_value": "c205565e0f2f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.16",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c205565e0f2f439f278a4a94ee97b67ef7b56ae8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c205565e0f2f439f278a4a94ee97b67ef7b56ae8"
},
{
"url": "https://git.kernel.org/stable/c/b7859ff398b6b656e1689daa860eb34837b4bb89",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7859ff398b6b656e1689daa860eb34837b4bb89"
},
{
"url": "https://git.kernel.org/stable/c/8e7860543a94784d744c7ce34b78a2e11beefa5c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e7860543a94784d744c7ce34b78a2e11beefa5c"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

103
2024/42xxx/CVE-2024-42315.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42315",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix potential deadlock on __exfat_get_dentry_set\n\nWhen accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array\nis allocated in __exfat_get_entry_set. The problem is that the bh-array is\nallocated with GFP_KERNEL. It does not make sense. In the following cases,\na deadlock for sbi->s_lock between the two processes may occur.\n\n CPU0 CPU1\n ---- ----\n kswapd\n balance_pgdat\n lock(fs_reclaim)\n exfat_iterate\n lock(&sbi->s_lock)\n exfat_readdir\n exfat_get_uniname_from_ext_entry\n exfat_get_dentry_set\n __exfat_get_dentry_set\n kmalloc_array\n ...\n lock(fs_reclaim)\n ...\n evict\n exfat_evict_inode\n lock(&sbi->s_lock)\n\nTo fix this, let's allocate bh-array with GFP_NOFS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a3ff29a95fde",
"version_value": "a7ac198f8dba"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a7ac198f8dba791e3144c4da48a5a9b95773ee4b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7ac198f8dba791e3144c4da48a5a9b95773ee4b"
},
{
"url": "https://git.kernel.org/stable/c/1d1970493c289e3f44b9ec847ed26a5dbdf56a62",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d1970493c289e3f44b9ec847ed26a5dbdf56a62"
},
{
"url": "https://git.kernel.org/stable/c/89fc548767a2155231128cb98726d6d2ea1256c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89fc548767a2155231128cb98726d6d2ea1256c9"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42316.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42316",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mglru: fix div-by-zero in vmpressure_calc_level()\n\nevict_folios() uses a second pass to reclaim folios that have gone through\npage writeback and become clean before it finishes the first pass, since\nfolio_rotate_reclaimable() cannot handle those folios due to the\nisolation.\n\nThe second pass tries to avoid potential double counting by deducting\nscan_control->nr_scanned. However, this can result in underflow of\nnr_scanned, under a condition where shrink_folio_list() does not increment\nnr_scanned, i.e., when folio_trylock() fails.\n\nThe underflow can cause the divisor, i.e., scale=scanned+reclaimed in\nvmpressure_calc_level(), to become zero, resulting in the following crash:\n\n [exception RIP: vmpressure_work_fn+101]\n process_one_work at ffffffffa3313f2b\n\nSince scan_control->nr_scanned has no established semantics, the potential\ndouble counting has minimal risks. Therefore, fix the problem by not\ndeducting scan_control->nr_scanned in evict_folios()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "359a5e1416ca",
"version_value": "8de7bf77f210"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8de7bf77f21068a5f602bb1e59adbc5ab533509d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8de7bf77f21068a5f602bb1e59adbc5ab533509d"
},
{
"url": "https://git.kernel.org/stable/c/d6510f234c7d117790397f9bb150816b0a954a04",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d6510f234c7d117790397f9bb150816b0a954a04"
},
{
"url": "https://git.kernel.org/stable/c/a39e38be632f0e1c908d70d1c9cd071c03faf895",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a39e38be632f0e1c908d70d1c9cd071c03faf895"
},
{
"url": "https://git.kernel.org/stable/c/8b671fe1a879923ecfb72dda6caf01460dd885ef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b671fe1a879923ecfb72dda6caf01460dd885ef"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42317.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42317",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: avoid PMD-size page cache if needed\n\nxarray can't support arbitrary page cache size. the largest and supported\npage cache size is defined as MAX_PAGECACHE_ORDER by commit 099d90642a71\n(\"mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray\"). However,\nit's possible to have 512MB page cache in the huge memory's collapsing\npath on ARM64 system whose base page size is 64KB. 512MB page cache is\nbreaking the limitation and a warning is raised when the xarray entry is\nsplit as shown in the following example.\n\n[root@dhcp-10-26-1-207 ~]# cat /proc/1/smaps | grep KernelPageSize\nKernelPageSize: 64 kB\n[root@dhcp-10-26-1-207 ~]# cat /tmp/test.c\n :\nint main(int argc, char **argv)\n{\n\tconst char *filename = TEST_XFS_FILENAME;\n\tint fd = 0;\n\tvoid *buf = (void *)-1, *p;\n\tint pgsize = getpagesize();\n\tint ret = 0;\n\n\tif (pgsize != 0x10000) {\n\t\tfprintf(stdout, \"System with 64KB base page size is required!\\n\");\n\t\treturn -EPERM;\n\t}\n\n\tsystem(\"echo 0 > /sys/devices/virtual/bdi/253:0/read_ahead_kb\");\n\tsystem(\"echo 1 > /proc/sys/vm/drop_caches\");\n\n\t/* Open the xfs file */\n\tfd = open(filename, O_RDONLY);\n\tassert(fd > 0);\n\n\t/* Create VMA */\n\tbuf = mmap(NULL, TEST_MEM_SIZE, PROT_READ, MAP_SHARED, fd, 0);\n\tassert(buf != (void *)-1);\n\tfprintf(stdout, \"mapped buffer at 0x%p\\n\", buf);\n\n\t/* Populate VMA */\n\tret = madvise(buf, TEST_MEM_SIZE, MADV_NOHUGEPAGE);\n\tassert(ret == 0);\n\tret = madvise(buf, TEST_MEM_SIZE, MADV_POPULATE_READ);\n\tassert(ret == 0);\n\n\t/* Collapse VMA */\n\tret = madvise(buf, TEST_MEM_SIZE, MADV_HUGEPAGE);\n\tassert(ret == 0);\n\tret = madvise(buf, TEST_MEM_SIZE, MADV_COLLAPSE);\n\tif (ret) {\n\t\tfprintf(stdout, \"Error %d to madvise(MADV_COLLAPSE)\\n\", errno);\n\t\tgoto out;\n\t}\n\n\t/* Split xarray entry. Write permission is needed */\n\tmunmap(buf, TEST_MEM_SIZE);\n\tbuf = (void *)-1;\n\tclose(fd);\n\tfd = open(filename, O_RDWR);\n\tassert(fd > 0);\n\tfallocate(fd, FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE,\n \t\t TEST_MEM_SIZE - pgsize, pgsize);\nout:\n\tif (buf != (void *)-1)\n\t\tmunmap(buf, TEST_MEM_SIZE);\n\tif (fd > 0)\n\t\tclose(fd);\n\n\treturn ret;\n}\n\n[root@dhcp-10-26-1-207 ~]# gcc /tmp/test.c -o /tmp/test\n[root@dhcp-10-26-1-207 ~]# /tmp/test\n ------------[ cut here ]------------\n WARNING: CPU: 25 PID: 7560 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128\n Modules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \\\n nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \\\n nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \\\n ip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm fuse \\\n xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 virtio_net \\\n sha1_ce net_failover virtio_blk virtio_console failover dimlib virtio_mmio\n CPU: 25 PID: 7560 Comm: test Kdump: loaded Not tainted 6.10.0-rc7-gavin+ #9\n Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024\n pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)\n pc : xas_split_alloc+0xf8/0x128\n lr : split_huge_page_to_list_to_order+0x1c4/0x780\n sp : ffff8000ac32f660\n x29: ffff8000ac32f660 x28: ffff0000e0969eb0 x27: ffff8000ac32f6c0\n x26: 0000000000000c40 x25: ffff0000e0969eb0 x24: 000000000000000d\n x23: ffff8000ac32f6c0 x22: ffffffdfc0700000 x21: 0000000000000000\n x20: 0000000000000000 x19: ffffffdfc0700000 x18: 0000000000000000\n x17: 0000000000000000 x16: ffffd5f3708ffc70 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: ffffffffffffffc0 x10: 0000000000000040 x9 : ffffd5f3708e692c\n x8 : 0000000000000003 x7 : 0000000000000000 x6 : ffff0000e0969eb8\n x5 : ffffd5f37289e378 x4 : 0000000000000000 x3 : 0000000000000c40\n x2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000\n Call trace:\n xas_split_alloc+0xf8/0x128\n split_huge_page_to_list_to_order+0x1c4/0x780\n truncate_inode_partial_folio+0xdc/0x160\n truncate_inode_pages_range+0x1b4/0x4a8\n truncate_pagecache_range+0x84/0xa\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6b24ca4a1a8d",
"version_value": "e60f62f75c99"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e60f62f75c99740a28e2bf7e6044086033012a16",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e60f62f75c99740a28e2bf7e6044086033012a16"
},
{
"url": "https://git.kernel.org/stable/c/d659b715e94ac039803d7601505d3473393fc0be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d659b715e94ac039803d7601505d3473393fc0be"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42318.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42318",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Don't lose track of restrictions on cred_transfer\n\nWhen a process' cred struct is replaced, this _almost_ always invokes\nthe cred_prepare LSM hook; but in one special case (when\nKEYCTL_SESSION_TO_PARENT updates the parent's credentials), the\ncred_transfer LSM hook is used instead. Landlock only implements the\ncred_prepare hook, not cred_transfer, so KEYCTL_SESSION_TO_PARENT causes\nall information on Landlock restrictions to be lost.\n\nThis basically means that a process with the ability to use the fork()\nand keyctl() syscalls can get rid of all Landlock restrictions on\nitself.\n\nFix it by adding a cred_transfer hook that does the same thing as the\nexisting cred_prepare hook. (Implemented by having hook_cred_prepare()\ncall hook_cred_transfer() so that the two functions are less likely to\naccidentally diverge in the future.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "385975dca53e",
"version_value": "0d74fd54db0b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0d74fd54db0bd0c0c224bef0da8fc95ea9c9f36c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0d74fd54db0bd0c0c224bef0da8fc95ea9c9f36c"
},
{
"url": "https://git.kernel.org/stable/c/16896914bace82d7811c62f3b6d5320132384f49",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16896914bace82d7811c62f3b6d5320132384f49"
},
{
"url": "https://git.kernel.org/stable/c/b14cc2cf313bd29056fadbc8ecd7f957cf5791ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b14cc2cf313bd29056fadbc8ecd7f957cf5791ff"
},
{
"url": "https://git.kernel.org/stable/c/39705a6c29f8a2b93cf5b99528a55366c50014d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39705a6c29f8a2b93cf5b99528a55366c50014d1"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42319.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42319",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable()\n\nWhen mtk-cmdq unbinds, a WARN_ON message with condition\npm_runtime_get_sync() < 0 occurs.\n\nAccording to the call tracei below:\n cmdq_mbox_shutdown\n mbox_free_channel\n mbox_controller_unregister\n __devm_mbox_controller_unregister\n ...\n\nThe root cause can be deduced to be calling pm_runtime_get_sync() after\ncalling pm_runtime_disable() as observed below:\n1. CMDQ driver uses devm_mbox_controller_register() in cmdq_probe()\n to bind the cmdq device to the mbox_controller, so\n devm_mbox_controller_unregister() will automatically unregister\n the device bound to the mailbox controller when the device-managed\n resource is removed. That means devm_mbox_controller_unregister()\n and cmdq_mbox_shoutdown() will be called after cmdq_remove().\n2. CMDQ driver also uses devm_pm_runtime_enable() in cmdq_probe() after\n devm_mbox_controller_register(), so that devm_pm_runtime_disable()\n will be called after cmdq_remove(), but before\n devm_mbox_controller_unregister().\n\nTo fix this problem, cmdq_probe() needs to move\ndevm_mbox_controller_register() after devm_pm_runtime_enable() to make\ndevm_pm_runtime_disable() be called after\ndevm_mbox_controller_unregister()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "623a6143a845",
"version_value": "11fa625b45fa"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/11fa625b45faf0649118b9deaf2d31c86ac41911",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/11fa625b45faf0649118b9deaf2d31c86ac41911"
},
{
"url": "https://git.kernel.org/stable/c/a8bd68e4329f9a0ad1b878733e0f80be6a971649",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8bd68e4329f9a0ad1b878733e0f80be6a971649"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42320.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42320",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix error checks in dasd_copy_pair_store()\n\ndasd_add_busid() can return an error via ERR_PTR() if an allocation\nfails. However, two callsites in dasd_copy_pair_store() do not check\nthe result, potentially resulting in a NULL pointer dereference. Fix\nthis by checking the result with IS_ERR() and returning the error up\nthe stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a91ff09d39f9",
"version_value": "cc8b7284d507"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cc8b7284d5076722e0b8062373b68d8e47c3bace",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc8b7284d5076722e0b8062373b68d8e47c3bace"
},
{
"url": "https://git.kernel.org/stable/c/e511167e65d332d07b3c7a3d5a741ee9c19a8c27",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e511167e65d332d07b3c7a3d5a741ee9c19a8c27"
},
{
"url": "https://git.kernel.org/stable/c/68d4c3722290ad300c295fb3435e835d200d5cb2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/68d4c3722290ad300c295fb3435e835d200d5cb2"
},
{
"url": "https://git.kernel.org/stable/c/8e64d2356cbc800b4cd0e3e614797f76bcf0cdb8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e64d2356cbc800b4cd0e3e614797f76bcf0cdb8"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43815.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43815",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: mxs-dcp - Ensure payload is zero when using key slot\n\nWe could leak stack memory through the payload field when running\nAES with a key from one of the hardware's key slots. Fix this by\nensuring the payload field is set to 0 in such cases.\n\nThis does not affect the common use case when the key is supplied\nfrom main memory via the descriptor payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3d16af0b4cfa",
"version_value": "e1640fed0377"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e1640fed0377bf7276efb70d03cb821a6931063d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1640fed0377bf7276efb70d03cb821a6931063d"
},
{
"url": "https://git.kernel.org/stable/c/dd52b5eeb0f70893f762da7254e923fd23fd1379",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd52b5eeb0f70893f762da7254e923fd23fd1379"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43816.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43816",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages\n\nOn big endian architectures, it is possible to run into a memory out of\nbounds pointer dereference when FCP targets are zoned.\n\nIn lpfc_prep_embed_io, the memcpy(ptr, fcp_cmnd, sgl->sge_len) is\nreferencing a little endian formatted sgl->sge_len value. So, the memcpy\ncan cause big endian systems to crash.\n\nRedefine the *sgl ptr as a struct sli4_sge_le to make it clear that we are\nreferring to a little endian formatted data structure. And, update the\nroutine with proper le32_to_cpu macro usages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "af20bb73ac25",
"version_value": "9fd003f344d5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9fd003f344d502f65252963169df3dd237054e49",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9fd003f344d502f65252963169df3dd237054e49"
},
{
"url": "https://git.kernel.org/stable/c/8bc7c617642db6d8d20ee671fb6c4513017e7a7e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8bc7c617642db6d8d20ee671fb6c4513017e7a7e"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43817.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43817",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: missing check virtio\n\nTwo missing check in virtio_net_hdr_to_skb() allowed syzbot\nto crash kernels again\n\n1. After the skb_segment function the buffer may become non-linear\n(nr_frags != 0), but since the SKBTX_SHARED_FRAG flag is not set anywhere\nthe __skb_linearize function will not be executed, then the buffer will\nremain non-linear. Then the condition (offset >= skb_headlen(skb))\nbecomes true, which causes WARN_ON_ONCE in skb_checksum_help.\n\n2. The struct sk_buff and struct virtio_net_hdr members must be\nmathematically related.\n(gso_size) must be greater than (needed) otherwise WARN_ON_ONCE.\n(remainder) must be greater than (needed) otherwise WARN_ON_ONCE.\n(remainder) may be 0 if division is without remainder.\n\noffset+2 (4191) > skb_headlen() (1116)\nWARNING: CPU: 1 PID: 5084 at net/core/dev.c:3303 skb_checksum_help+0x5e2/0x740 net/core/dev.c:3303\nModules linked in:\nCPU: 1 PID: 5084 Comm: syz-executor336 Not tainted 6.7.0-rc3-syzkaller-00014-gdf60cee26a2e #0\nHardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023\nRIP: 0010:skb_checksum_help+0x5e2/0x740 net/core/dev.c:3303\nCode: 89 e8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 52 01 00 00 44 89 e2 2b 53 74 4c 89 ee 48 c7 c7 40 57 e9 8b e8 af 8f dd f8 90 <0f> 0b 90 90 e9 87 fe ff ff e8 40 0f 6e f9 e9 4b fa ff ff 48 89 ef\nRSP: 0018:ffffc90003a9f338 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888025125780 RCX: ffffffff814db209\nRDX: ffff888015393b80 RSI: ffffffff814db216 RDI: 0000000000000001\nRBP: ffff8880251257f4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 000000000000045c\nR13: 000000000000105f R14: ffff8880251257f0 R15: 000000000000105d\nFS: 0000555555c24380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000002000f000 CR3: 0000000023151000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n ip_do_fragment+0xa1b/0x18b0 net/ipv4/ip_output.c:777\n ip_fragment.constprop.0+0x161/0x230 net/ipv4/ip_output.c:584\n ip_finish_output_gso net/ipv4/ip_output.c:286 [inline]\n __ip_finish_output net/ipv4/ip_output.c:308 [inline]\n __ip_finish_output+0x49c/0x650 net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 net/ipv4/ip_output.c:323\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x13b/0x2a0 net/ipv4/ip_output.c:433\n dst_output include/net/dst.h:451 [inline]\n ip_local_out+0xaf/0x1a0 net/ipv4/ip_output.c:129\n iptunnel_xmit+0x5b4/0x9b0 net/ipv4/ip_tunnel_core.c:82\n ipip6_tunnel_xmit net/ipv6/sit.c:1034 [inline]\n sit_tunnel_xmit+0xed2/0x28f0 net/ipv6/sit.c:1076\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3545 [inline]\n dev_hard_start_xmit+0x13d/0x6d0 net/core/dev.c:3561\n __dev_queue_xmit+0x7c1/0x3d60 net/core/dev.c:4346\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n packet_xmit+0x257/0x380 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3087 [inline]\n packet_sendmsg+0x24ca/0x5240 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0xd5/0x180 net/socket.c:745\n __sys_sendto+0x255/0x340 net/socket.c:2190\n __do_sys_sendto net/socket.c:2202 [inline]\n __se_sys_sendto net/socket.c:2198 [inline]\n __x64_sys_sendto+0xe0/0x1b0 net/socket.c:2198\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0f6925b3e8da",
"version_value": "5b1997487a3f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.12",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5b1997487a3f3373b0f580c8a20b56c1b64b0775",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5b1997487a3f3373b0f580c8a20b56c1b64b0775"
},
{
"url": "https://git.kernel.org/stable/c/90d41ebe0cd4635f6410471efc1dd71b33e894cf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90d41ebe0cd4635f6410471efc1dd71b33e894cf"
},
{
"url": "https://git.kernel.org/stable/c/e9164903b8b303c34723177b02fe91e49e3c4cd7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e9164903b8b303c34723177b02fe91e49e3c4cd7"
},
{
"url": "https://git.kernel.org/stable/c/e269d79c7d35aa3808b1f3c1737d63dab504ddc8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e269d79c7d35aa3808b1f3c1737d63dab504ddc8"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43818.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43818",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: amd: Adjust error handling in case of absent codec device\n\nacpi_get_first_physical_node() can return NULL in several cases (no such\ndevice, ACPI table error, reference count drop to 0, etc).\nExisting check just emit error message, but doesn't perform return.\nThen this NULL pointer is passed to devm_acpi_dev_add_driver_gpios()\nwhere it is dereferenced.\n\nAdjust this error handling by adding error code return.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "02527c3f2300",
"version_value": "1ba9856cf7f6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1ba9856cf7f6492b47c1edf853137f320d583db5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1ba9856cf7f6492b47c1edf853137f320d583db5"
},
{
"url": "https://git.kernel.org/stable/c/99b642dac24f6d09ba3ebf1d690be8aefff86164",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/99b642dac24f6d09ba3ebf1d690be8aefff86164"
},
{
"url": "https://git.kernel.org/stable/c/b1173d64edd276c957b6d09e1f971c85b38f1519",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b1173d64edd276c957b6d09e1f971c85b38f1519"
},
{
"url": "https://git.kernel.org/stable/c/5080808c3339de2220c602ab7c7fa23dc6c1a5a3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5080808c3339de2220c602ab7c7fa23dc6c1a5a3"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43819.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43819",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkvm: s390: Reject memory region operations for ucontrol VMs\n\nThis change rejects the KVM_SET_USER_MEMORY_REGION and\nKVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM.\nThis is necessary since ucontrol VMs have kvm->arch.gmap set to 0 and\nwould thus result in a null pointer dereference further in.\nMemory management needs to be performed in userspace and using the\nioctls KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP.\n\nAlso improve s390 specific documentation for KVM_SET_USER_MEMORY_REGION\nand KVM_SET_USER_MEMORY_REGION2.\n\n[frankja@linux.ibm.com: commit message spelling fix, subject prefix fix]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "27e0393f15fc",
"version_value": "49c9945c054d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/49c9945c054df4c22008e2bf87ca74d3e2507aa6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49c9945c054df4c22008e2bf87ca74d3e2507aa6"
},
{
"url": "https://git.kernel.org/stable/c/7816e58967d0e6cadce05c8540b47ed027dc2499",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7816e58967d0e6cadce05c8540b47ed027dc2499"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43820.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43820",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, &mddev->recovery));\n\nThis check is designed to make sure that the sync thread isn't\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16c4770c75b1",
"version_value": "a5c15a78c0e1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a5c15a78c0e1631b7df822b56e8b6424e4d1ca3e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5c15a78c0e1631b7df822b56e8b6424e4d1ca3e"
},
{
"url": "https://git.kernel.org/stable/c/3199a34bfaf7561410e0be1e33a61eba870768fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3199a34bfaf7561410e0be1e33a61eba870768fc"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43821.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43821",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix a possible null pointer dereference\n\nIn function lpfc_xcvr_data_show, the memory allocation with kmalloc might\nfail, thereby making rdp_context a null pointer. In the following context\nand functions that use this pointer, there are dereferencing operations,\nleading to null pointer dereference.\n\nTo fix this issue, a null pointer check should be added. If it is null,\nuse scnprintf to notify the user and return len."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "479b0917e447",
"version_value": "57600a7dd2b5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/57600a7dd2b52c904f7c8d2cac0fd8c23868e680",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57600a7dd2b52c904f7c8d2cac0fd8c23868e680"
},
{
"url": "https://git.kernel.org/stable/c/45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c"
},
{
"url": "https://git.kernel.org/stable/c/5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43822.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43822",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoc: PCM6240: Return directly after a failed devm_kzalloc() in pcmdevice_i2c_probe()\n\nThe value \u201c-ENOMEM\u201d was assigned to the local variable \u201cret\u201d\nin one if branch after a devm_kzalloc() call failed at the beginning.\nThis error code will trigger then a pcmdevice_remove() call with a passed\nnull pointer so that an undesirable dereference will be performed.\nThus return the appropriate error code directly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1324eafd37aa",
"version_value": "fa6f16eff732"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fa6f16eff7320c91e908309e31be34cbbe4b7e58",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fa6f16eff7320c91e908309e31be34cbbe4b7e58"
},
{
"url": "https://git.kernel.org/stable/c/3722873d49a1788d5420894d4f6f63e35f5c1f13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3722873d49a1788d5420894d4f6f63e35f5c1f13"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43823.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43823",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()\n\nIf IORESOURCE_MEM is not provided in Device Tree due to\nany error, resource_list_first_type() will return NULL and\npci_parse_request_of_pci_ranges() will just emit a warning.\n\nThis will cause a NULL pointer dereference. Fix this bug by adding NULL\nreturn check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0f71c60ffd26",
"version_value": "bbba48ad67c5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bbba48ad67c53feea05936ea1e029dcca8057506",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bbba48ad67c53feea05936ea1e029dcca8057506"
},
{
"url": "https://git.kernel.org/stable/c/0a6f1b5fe8ef8268aaa069035639968ceeea0a23",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a6f1b5fe8ef8268aaa069035639968ceeea0a23"
},
{
"url": "https://git.kernel.org/stable/c/dbcdd1863ba2ec9b76ec131df25d797709e05597",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dbcdd1863ba2ec9b76ec131df25d797709e05597"
},
{
"url": "https://git.kernel.org/stable/c/a231707a91f323af1e5d9f1722055ec2fc1c7775",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a231707a91f323af1e5d9f1722055ec2fc1c7775"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43824.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43824",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()\n\nInstead of getting the epc_features from pci_epc_get_features() API, use\nthe cached pci_epf_test::epc_features value to avoid the NULL check. Since\nthe NULL check is already performed in pci_epf_test_bind(), having one more\ncheck in pci_epf_test_core_init() is redundant and it is not possible to\nhit the NULL pointer dereference.\n\nAlso with commit a01e7214bef9 (\"PCI: endpoint: Remove \"core_init_notifier\"\nflag\"), 'epc_features' got dereferenced without the NULL check, leading to\nthe following false positive Smatch warning:\n\n drivers/pci/endpoint/functions/pci-epf-test.c:784 pci_epf_test_core_init() error: we previously assumed 'epc_features' could be null (see line 747)\n\nThus, remove the redundant NULL check and also use the epc_features::\n{msix_capable/msi_capable} flags directly to avoid local variables.\n\n[kwilczynski: commit log]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5e50ee27d4a5",
"version_value": "af4ad016abb1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/af4ad016abb1632ff7ee598a6037952b495e5b80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/af4ad016abb1632ff7ee598a6037952b495e5b80"
},
{
"url": "https://git.kernel.org/stable/c/5a5095a8bd1bd349cce1c879e5e44407a34dda8a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5a5095a8bd1bd349cce1c879e5e44407a34dda8a"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43825.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43825",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: Fix the sorting functionality in iio_gts_build_avail_time_table\n\nThe sorting in iio_gts_build_avail_time_table is not working as intended.\nIt could result in an out-of-bounds access when the time is zero.\n\nHere are more details:\n\n1. When the gts->itime_table[i].time_us is zero, e.g., the time\nsequence is `3, 0, 1`, the inner for-loop will not terminate and do\nout-of-bound writes. This is because once `times[j] > new`, the value\n`new` will be added in the current position and the `times[j]` will be\nmoved to `j+1` position, which makes the if-condition always hold.\nMeanwhile, idx will be added one, making the loop keep running without\ntermination and out-of-bound write.\n2. If none of the gts->itime_table[i].time_us is zero, the elements\nwill just be copied without being sorted as described in the comment\n\"Sort times from all tables to one and remove duplicates\".\n\nFor more details, please refer to\nhttps://lore.kernel.org/all/6dd0d822-046c-4dd2-9532-79d7ab96ec05@gmail.com."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "38416c28e168",
"version_value": "31ff8464ef54"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/31ff8464ef540785344994986a010031410f9ff3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31ff8464ef540785344994986a010031410f9ff3"
},
{
"url": "https://git.kernel.org/stable/c/b5046de32fd1532c3f67065197fc1da82f0b5193",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5046de32fd1532c3f67065197fc1da82f0b5193"
},
{
"url": "https://git.kernel.org/stable/c/5acc3f971a01be48d5ff4252d8f9cdb87998cdfb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5acc3f971a01be48d5ff4252d8f9cdb87998cdfb"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43826.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43826",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: pass explicit offset/count to trace events\n\nnfs_folio_length is unsafe to use without having the folio locked and a\ncheck for a NULL ->f_mapping that protects against truncations and can\nlead to kernel crashes. E.g. when running xfstests generic/065 with\nall nfs trace points enabled.\n\nFollow the model of the XFS trace points and pass in an expl\u0456cit offset\nand length. This has the additional benefit that these values can\nbe more accurate as some of the users touch partial folio ranges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "eb5654b3b89d",
"version_value": "387e6e9d1102"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/387e6e9d110250946df4d4ebef9c2def5c7a4722",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/387e6e9d110250946df4d4ebef9c2def5c7a4722"
},
{
"url": "https://git.kernel.org/stable/c/fada32ed6dbc748f447c8d050a961b75d946055a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fada32ed6dbc748f447c8d050a961b75d946055a"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43827.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43827",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check before access structs\n\nIn enable_phantom_plane, we should better check null pointer before\naccessing various structs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "09a4ec5da92c",
"version_value": "081ff4c0ef18"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/081ff4c0ef1884ae55f7adb8944efd22e22d8724",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/081ff4c0ef1884ae55f7adb8944efd22e22d8724"
},
{
"url": "https://git.kernel.org/stable/c/c96140000915b610d86f941450e15ca552de154a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c96140000915b610d86f941450e15ca552de154a"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43828.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43828",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix infinite loop when replaying fast_commit\n\nWhen doing fast_commit replay an infinite loop may occur due to an\nuninitialized extent_status struct. ext4_ext_determine_insert_hole() does\nnot detect the replay and calls ext4_es_find_extent_range(), which will\nreturn immediately without initializing the 'es' variable.\n\nBecause 'es' contains garbage, an integer overflow may happen causing an\ninfinite loop in this function, easily reproducible using fstest generic/039.\n\nThis commit fixes this issue by unconditionally initializing the structure\nin function ext4_es_find_extent_range().\n\nThanks to Zhang Yi, for figuring out the real problem!"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8016e29f4362",
"version_value": "181e63cd595c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/181e63cd595c688194e07332f9944b3a63193de2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/181e63cd595c688194e07332f9944b3a63193de2"
},
{
"url": "https://git.kernel.org/stable/c/c6e67df64783e99a657ef2b8c834ba2bf54c539c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c6e67df64783e99a657ef2b8c834ba2bf54c539c"
},
{
"url": "https://git.kernel.org/stable/c/81f819c537d29932e4b9267f02411cbc8b355178",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/81f819c537d29932e4b9267f02411cbc8b355178"
},
{
"url": "https://git.kernel.org/stable/c/907c3fe532253a6ef4eb9c4d67efb71fab58c706",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/907c3fe532253a6ef4eb9c4d67efb71fab58c706"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43829.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43829",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/qxl: Add check for drm_cvt_mode\n\nAdd check for the return value of drm_cvt_mode() and return the error if\nit fails in order to avoid NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1b043677d4be",
"version_value": "f28b353c0c6c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f28b353c0c6c7831a70ccca881bf2db5e6785cdd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f28b353c0c6c7831a70ccca881bf2db5e6785cdd"
},
{
"url": "https://git.kernel.org/stable/c/4b1f303bdeceac049e56e4b20eb5280bd9e02f4f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b1f303bdeceac049e56e4b20eb5280bd9e02f4f"
},
{
"url": "https://git.kernel.org/stable/c/d4c57354a06cb4a77998ff8aa40af89eee30e07b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d4c57354a06cb4a77998ff8aa40af89eee30e07b"
},
{
"url": "https://git.kernel.org/stable/c/7bd09a2db0f617377027a2bb0b9179e6959edff3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7bd09a2db0f617377027a2bb0b9179e6959edff3"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43830.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43830",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nleds: trigger: Unregister sysfs attributes before calling deactivate()\n\nTriggers which have trigger specific sysfs attributes typically store\nrelated data in trigger-data allocated by the activate() callback and\nfreed by the deactivate() callback.\n\nCalling device_remove_groups() after calling deactivate() leaves a window\nwhere the sysfs attributes show/store functions could be called after\ndeactivation and then operate on the just freed trigger-data.\n\nMove the device_remove_groups() call to before deactivate() to close\nthis race window.\n\nThis also makes the deactivation path properly do things in reverse order\nof the activation path which calls the activate() callback before calling\ndevice_add_groups()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a7e7a3156300",
"version_value": "734ba6437e80"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/734ba6437e80dfc780e9ee9d95f912392d12b5ea",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/734ba6437e80dfc780e9ee9d95f912392d12b5ea"
},
{
"url": "https://git.kernel.org/stable/c/cb8aa9d2a4c8a15d6a43ccf901ef3d094aa60374",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb8aa9d2a4c8a15d6a43ccf901ef3d094aa60374"
},
{
"url": "https://git.kernel.org/stable/c/0788a6f3523d3686a9eed5ea1e6fcce6841277b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0788a6f3523d3686a9eed5ea1e6fcce6841277b2"
},
{
"url": "https://git.kernel.org/stable/c/c0dc9adf9474ecb7106e60e5472577375aedaed3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c0dc9adf9474ecb7106e60e5472577375aedaed3"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43831.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43831",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Handle invalid decoder vsi\n\nHandle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi\nis valid for future use."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "590577a4e525",
"version_value": "1c109f23b271"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db"
},
{
"url": "https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280"
},
{
"url": "https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43832.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43832",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/uv: Don't call folio_wait_writeback() without a folio reference\n\nfolio_wait_writeback() requires that no spinlocks are held and that\na folio reference is held, as documented. After we dropped the PTL, the\nfolio could get freed concurrently. So grab a temporary reference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "214d9bbcd3a6",
"version_value": "1a1eb2f3fc45"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1a1eb2f3fc453dcd52726d13e863938561489cb7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a1eb2f3fc453dcd52726d13e863938561489cb7"
},
{
"url": "https://git.kernel.org/stable/c/8736604ef53359a718c246087cd21dcec232d2fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8736604ef53359a718c246087cd21dcec232d2fb"
},
{
"url": "https://git.kernel.org/stable/c/b21aba72aadd94bdac275deab021fc84d6c72b16",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b21aba72aadd94bdac275deab021fc84d6c72b16"
},
{
"url": "https://git.kernel.org/stable/c/3f29f6537f54d74e64bac0a390fb2e26da25800d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3f29f6537f54d74e64bac0a390fb2e26da25800d"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43833.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43833",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Fix NULL pointer dereference in adding ancillary links\n\nIn v4l2_async_create_ancillary_links(), ancillary links are created for\nlens and flash sub-devices. These are sub-device to sub-device links and\nif the async notifier is related to a V4L2 device, the source sub-device\nof the ancillary link is NULL, leading to a NULL pointer dereference.\nCheck the notifier's sd field is non-NULL in\nv4l2_async_create_ancillary_links().\n\n[Sakari Ailus: Reword the subject and commit messages slightly.]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "aa4faf6eb271",
"version_value": "fe0f92fd5320"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fe0f92fd5320b393e44ca210805e653ea90cc982",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fe0f92fd5320b393e44ca210805e653ea90cc982"
},
{
"url": "https://git.kernel.org/stable/c/249212ceb4187783af3801c57b92a5a25d410621",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/249212ceb4187783af3801c57b92a5a25d410621"
},
{
"url": "https://git.kernel.org/stable/c/b87e28050d9b0959de24574d587825cfab2f13fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b87e28050d9b0959de24574d587825cfab2f13fb"
},
{
"url": "https://git.kernel.org/stable/c/9b4667ea67854f0b116fe22ad11ef5628c5b5b5f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b4667ea67854f0b116fe22ad11ef5628c5b5b5f"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43834.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43834",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: fix invalid wait context of page_pool_destroy()\n\nIf the driver uses a page pool, it creates a page pool with\npage_pool_create().\nThe reference count of page pool is 1 as default.\nA page pool will be destroyed only when a reference count reaches 0.\npage_pool_destroy() is used to destroy page pool, it decreases a\nreference count.\nWhen a page pool is destroyed, ->disconnect() is called, which is\nmem_allocator_disconnect().\nThis function internally acquires mutex_lock().\n\nIf the driver uses XDP, it registers a memory model with\nxdp_rxq_info_reg_mem_model().\nThe xdp_rxq_info_reg_mem_model() internally increases a page pool\nreference count if a memory model is a page pool.\nNow the reference count is 2.\n\nTo destroy a page pool, the driver should call both page_pool_destroy()\nand xdp_unreg_mem_model().\nThe xdp_unreg_mem_model() internally calls page_pool_destroy().\nOnly page_pool_destroy() decreases a reference count.\n\nIf a driver calls page_pool_destroy() then xdp_unreg_mem_model(), we\nwill face an invalid wait context warning.\nBecause xdp_unreg_mem_model() calls page_pool_destroy() with\nrcu_read_lock().\nThe page_pool_destroy() internally acquires mutex_lock().\n\nSplat looks like:\n=============================\n[ BUG: Invalid wait context ]\n6.10.0-rc6+ #4 Tainted: G W\n-----------------------------\nethtool/1806 is trying to lock:\nffffffff90387b90 (mem_id_lock){+.+.}-{4:4}, at: mem_allocator_disconnect+0x73/0x150\nother info that might help us debug this:\ncontext-{5:5}\n3 locks held by ethtool/1806:\nstack backtrace:\nCPU: 0 PID: 1806 Comm: ethtool Tainted: G W 6.10.0-rc6+ #4 f916f41f172891c800f2fed\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nCall Trace:\n<TASK>\ndump_stack_lvl+0x7e/0xc0\n__lock_acquire+0x1681/0x4de0\n? _printk+0x64/0xe0\n? __pfx_mark_lock.part.0+0x10/0x10\n? __pfx___lock_acquire+0x10/0x10\nlock_acquire+0x1b3/0x580\n? mem_allocator_disconnect+0x73/0x150\n? __wake_up_klogd.part.0+0x16/0xc0\n? __pfx_lock_acquire+0x10/0x10\n? dump_stack_lvl+0x91/0xc0\n__mutex_lock+0x15c/0x1690\n? mem_allocator_disconnect+0x73/0x150\n? __pfx_prb_read_valid+0x10/0x10\n? mem_allocator_disconnect+0x73/0x150\n? __pfx_llist_add_batch+0x10/0x10\n? console_unlock+0x193/0x1b0\n? lockdep_hardirqs_on+0xbe/0x140\n? __pfx___mutex_lock+0x10/0x10\n? tick_nohz_tick_stopped+0x16/0x90\n? __irq_work_queue_local+0x1e5/0x330\n? irq_work_queue+0x39/0x50\n? __wake_up_klogd.part.0+0x79/0xc0\n? mem_allocator_disconnect+0x73/0x150\nmem_allocator_disconnect+0x73/0x150\n? __pfx_mem_allocator_disconnect+0x10/0x10\n? mark_held_locks+0xa5/0xf0\n? rcu_is_watching+0x11/0xb0\npage_pool_release+0x36e/0x6d0\npage_pool_destroy+0xd7/0x440\nxdp_unreg_mem_model+0x1a7/0x2a0\n? __pfx_xdp_unreg_mem_model+0x10/0x10\n? kfree+0x125/0x370\n? bnxt_free_ring.isra.0+0x2eb/0x500\n? bnxt_free_mem+0x5ac/0x2500\nxdp_rxq_info_unreg+0x4a/0xd0\nbnxt_free_mem+0x1356/0x2500\nbnxt_close_nic+0xf0/0x3b0\n? __pfx_bnxt_close_nic+0x10/0x10\n? ethnl_parse_bit+0x2c6/0x6d0\n? __pfx___nla_validate_parse+0x10/0x10\n? __pfx_ethnl_parse_bit+0x10/0x10\nbnxt_set_features+0x2a8/0x3e0\n__netdev_update_features+0x4dc/0x1370\n? ethnl_parse_bitset+0x4ff/0x750\n? __pfx_ethnl_parse_bitset+0x10/0x10\n? __pfx___netdev_update_features+0x10/0x10\n? mark_held_locks+0xa5/0xf0\n? _raw_spin_unlock_irqrestore+0x42/0x70\n? __pm_runtime_resume+0x7d/0x110\nethnl_set_features+0x32d/0xa20\n\nTo fix this problem, it uses rhashtable_lookup_fast() instead of\nrhashtable_lookup() with rcu_read_lock().\nUsing xa without rcu_read_lock() here is safe.\nxa is freed by __xdp_mem_allocator_rcu_free() and this is called by\ncall_rcu() of mem_xa_remove().\nThe mem_xa_remove() is called by page_pool_destroy() if a reference\ncount reaches 0.\nThe xa is already protected by the reference count mechanism well in the\ncontrol plane.\nSo removing rcu_read_lock() for page_pool_destroy() is safe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c3f812cea0d7",
"version_value": "3fc1be360b99"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3fc1be360b99baeea15cdee3cf94252cd3a72d26",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3fc1be360b99baeea15cdee3cf94252cd3a72d26"
},
{
"url": "https://git.kernel.org/stable/c/bf0ce5aa5f2525ed1b921ba36de96e458e77f482",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bf0ce5aa5f2525ed1b921ba36de96e458e77f482"
},
{
"url": "https://git.kernel.org/stable/c/12144069209eec7f2090ce9afa15acdcc2c2a537",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12144069209eec7f2090ce9afa15acdcc2c2a537"
},
{
"url": "https://git.kernel.org/stable/c/59a931c5b732ca5fc2ca727f5a72aeabaafa85ec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/59a931c5b732ca5fc2ca727f5a72aeabaafa85ec"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43835.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43835",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix napi_skb_cache_put warning\n\nAfter the commit bdacf3e34945 (\"net: Use nested-BH locking for\nnapi_alloc_cache.\") was merged, the following warning began to appear:\n\n\t WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451 napi_skb_cache_put+0x82/0x4b0\n\n\t __warn+0x12f/0x340\n\t napi_skb_cache_put+0x82/0x4b0\n\t napi_skb_cache_put+0x82/0x4b0\n\t report_bug+0x165/0x370\n\t handle_bug+0x3d/0x80\n\t exc_invalid_op+0x1a/0x50\n\t asm_exc_invalid_op+0x1a/0x20\n\t __free_old_xmit+0x1c8/0x510\n\t napi_skb_cache_put+0x82/0x4b0\n\t __free_old_xmit+0x1c8/0x510\n\t __free_old_xmit+0x1c8/0x510\n\t __pfx___free_old_xmit+0x10/0x10\n\nThe issue arises because virtio is assuming it's running in NAPI context\neven when it's not, such as in the netpoll case.\n\nTo resolve this, modify virtnet_poll_tx() to only set NAPI when budget\nis available. Same for virtnet_poll_cleantx(), which always assumed that\nit was in a NAPI context."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "df133f3f9625",
"version_value": "468a729b7889"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/468a729b78895893d0e580ceea49bed8ada2a2bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/468a729b78895893d0e580ceea49bed8ada2a2bd"
},
{
"url": "https://git.kernel.org/stable/c/f8321fa75102246d7415a6af441872f6637c93ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f8321fa75102246d7415a6af441872f6637c93ab"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43836.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43836",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethtool: pse-pd: Fix possible null-deref\n\nFix a possible null dereference when a PSE supports both c33 and PoDL, but\nonly one of the netlink attributes is specified. The c33 or PoDL PSE\ncapabilities are already validated in the ethnl_set_pse_validate() call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4d18e3ddf427",
"version_value": "e187690b125a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e187690b125a297499eadeec53c32c5ed6d7436a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e187690b125a297499eadeec53c32c5ed6d7436a"
},
{
"url": "https://git.kernel.org/stable/c/4cddb0f15ea9c62f81b4889ea69a99368cc63a86",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4cddb0f15ea9c62f81b4889ea69a99368cc63a86"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43837.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43837",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT\n\nWhen loading a EXT program without specifying `attr->attach_prog_fd`,\nthe `prog->aux->dst_prog` will be null. At this time, calling\nresolve_prog_type() anywhere will result in a null pointer dereference.\n\nExample stack trace:\n\n[ 8.107863] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n[ 8.108262] Mem abort info:\n[ 8.108384] ESR = 0x0000000096000004\n[ 8.108547] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 8.108722] SET = 0, FnV = 0\n[ 8.108827] EA = 0, S1PTW = 0\n[ 8.108939] FSC = 0x04: level 0 translation fault\n[ 8.109102] Data abort info:\n[ 8.109203] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 8.109399] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 8.109614] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 8.109836] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000101354000\n[ 8.110011] [0000000000000004] pgd=0000000000000000, p4d=0000000000000000\n[ 8.112624] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 8.112783] Modules linked in:\n[ 8.113120] CPU: 0 PID: 99 Comm: may_access_dire Not tainted 6.10.0-rc3-next-20240613-dirty #1\n[ 8.113230] Hardware name: linux,dummy-virt (DT)\n[ 8.113390] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 8.113429] pc : may_access_direct_pkt_data+0x24/0xa0\n[ 8.113746] lr : add_subprog_and_kfunc+0x634/0x8e8\n[ 8.113798] sp : ffff80008283b9f0\n[ 8.113813] x29: ffff80008283b9f0 x28: ffff800082795048 x27: 0000000000000001\n[ 8.113881] x26: ffff0000c0bb2600 x25: 0000000000000000 x24: 0000000000000000\n[ 8.113897] x23: ffff0000c1134000 x22: 000000000001864f x21: ffff0000c1138000\n[ 8.113912] x20: 0000000000000001 x19: ffff0000c12b8000 x18: ffffffffffffffff\n[ 8.113929] x17: 0000000000000000 x16: 0000000000000000 x15: 0720072007200720\n[ 8.113944] x14: 0720072007200720 x13: 0720072007200720 x12: 0720072007200720\n[ 8.113958] x11: 0720072007200720 x10: 0000000000f9fca4 x9 : ffff80008021f4e4\n[ 8.113991] x8 : 0101010101010101 x7 : 746f72705f6d656d x6 : 000000001e0e0f5f\n[ 8.114006] x5 : 000000000001864f x4 : ffff0000c12b8000 x3 : 000000000000001c\n[ 8.114020] x2 : 0000000000000002 x1 : 0000000000000000 x0 : 0000000000000000\n[ 8.114126] Call trace:\n[ 8.114159] may_access_direct_pkt_data+0x24/0xa0\n[ 8.114202] bpf_check+0x3bc/0x28c0\n[ 8.114214] bpf_prog_load+0x658/0xa58\n[ 8.114227] __sys_bpf+0xc50/0x2250\n[ 8.114240] __arm64_sys_bpf+0x28/0x40\n[ 8.114254] invoke_syscall.constprop.0+0x54/0xf0\n[ 8.114273] do_el0_svc+0x4c/0xd8\n[ 8.114289] el0_svc+0x3c/0x140\n[ 8.114305] el0t_64_sync_handler+0x134/0x150\n[ 8.114331] el0t_64_sync+0x168/0x170\n[ 8.114477] Code: 7100707f 54000081 f9401c00 f9403800 (b9400403)\n[ 8.118672] ---[ end trace 0000000000000000 ]---\n\nOne way to fix it is by forcing `attach_prog_fd` non-empty when\nbpf_prog_load(). But this will lead to `libbpf_probe_bpf_prog_type`\nAPI broken which use verifier log to probe prog type and will log\nnothing if we reject invalid EXT prog before bpf_check().\n\nAnother way is by adding null check in resolve_prog_type().\n\nThe issue was introduced by commit 4a9c7bbe2ed4 (\"bpf: Resolve to\nprog->aux->dst_prog->type only for BPF_PROG_TYPE_EXT\") which wanted\nto correct type resolution for BPF_PROG_TYPE_TRACING programs. Before\nthat, the type resolution of BPF_PROG_TYPE_EXT prog actually follows\nthe logic below:\n\n prog->aux->dst_prog ? prog->aux->dst_prog->type : prog->type;\n\nIt implies that when EXT program is not yet attached to `dst_prog`,\nthe prog type should be EXT itself. This code worked fine in the past.\nSo just keep using it.\n\nFix this by returning `prog->type` for BPF_PROG_TYPE_EXT if `dst_prog`\nis not present in resolve_prog_type()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4a9c7bbe2ed4",
"version_value": "fcac5feb06f3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fcac5feb06f31ee4c88bca9bf98d8bc3ca7d2615",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fcac5feb06f31ee4c88bca9bf98d8bc3ca7d2615"
},
{
"url": "https://git.kernel.org/stable/c/9d40fd516aeae6779e3c84c6b96700ca76285847",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9d40fd516aeae6779e3c84c6b96700ca76285847"
},
{
"url": "https://git.kernel.org/stable/c/b29a880bb145e1f1c1df5ab88ed26b1495ff9f09",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b29a880bb145e1f1c1df5ab88ed26b1495ff9f09"
},
{
"url": "https://git.kernel.org/stable/c/f7866c35873377313ff94398f17d425b28b71de1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f7866c35873377313ff94398f17d425b28b71de1"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43838.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43838",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix overflow check in adjust_jmp_off()\n\nadjust_jmp_off() incorrectly used the insn->imm field for all overflow check,\nwhich is incorrect as that should only be done or the BPF_JMP32 | BPF_JA case,\nnot the general jump instruction case. Fix it by using insn->off for overflow\ncheck in the general case."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5337ac4c9b80",
"version_value": "345652866a88"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/345652866a8869825a2a582ee5a28d75141f184a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/345652866a8869825a2a582ee5a28d75141f184a"
},
{
"url": "https://git.kernel.org/stable/c/4a04b4f0de59dd5c621e78f15803ee0b0544eeb8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4a04b4f0de59dd5c621e78f15803ee0b0544eeb8"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43839.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43839",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: adjust 'name' buf size of bna_tcb and bna_ccb structures\n\nTo have enough space to write all possible sprintf() args. Currently\n'name' size is 16, but the first '%s' specifier may already need at\nleast 16 characters, since 'bnad->netdev->name' is used there.\n\nFor '%d' specifiers, assume that they require:\n * 1 char for 'tx_id + tx_info->tcb[i]->id' sum, BNAD_MAX_TXQ_PER_TX is 8\n * 2 chars for 'rx_id + rx_info->rx_ctrl[i].ccb->id', BNAD_MAX_RXP_PER_RX\n is 16\n\nAnd replace sprintf with snprintf.\n\nDetected using the static analysis tool - Svace."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8b230ed8ec96",
"version_value": "ab748dd10d87"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.37",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.37",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ab748dd10d8742561f2980fea08ffb4f0cacfdef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ab748dd10d8742561f2980fea08ffb4f0cacfdef"
},
{
"url": "https://git.kernel.org/stable/c/b0ff0cd0847b03c0a0abe20cfa900eabcfcb9e43",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0ff0cd0847b03c0a0abe20cfa900eabcfcb9e43"
},
{
"url": "https://git.kernel.org/stable/c/e0f48f51d55fb187400e9787192eda09fa200ff5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0f48f51d55fb187400e9787192eda09fa200ff5"
},
{
"url": "https://git.kernel.org/stable/c/c9741a03dc8e491e57b95fba0058ab46b7e506da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c9741a03dc8e491e57b95fba0058ab46b7e506da"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43840.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43840",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG\n\nWhen BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls\n__bpf_tramp_enter() and __bpf_tramp_exit() functions, passing them\nthe struct bpf_tramp_image *im pointer as an argument in R0.\n\nThe trampoline generation code uses emit_addr_mov_i64() to emit\ninstructions for moving the bpf_tramp_image address into R0, but\nemit_addr_mov_i64() assumes the address to be in the vmalloc() space\nand uses only 48 bits. Because bpf_tramp_image is allocated using\nkzalloc(), its address can use more than 48-bits, in this case the\ntrampoline will pass an invalid address to __bpf_tramp_enter/exit()\ncausing a kernel crash.\n\nFix this by using emit_a64_mov_i64() in place of emit_addr_mov_i64()\nas it can work with addresses that are greater than 48-bits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "efc9909fdce0",
"version_value": "6d218fcc707d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6d218fcc707d6b2c3616b6cd24b948fd4825cfec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d218fcc707d6b2c3616b6cd24b948fd4825cfec"
},
{
"url": "https://git.kernel.org/stable/c/19d3c179a37730caf600a97fed3794feac2b197b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/19d3c179a37730caf600a97fed3794feac2b197b"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43841.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43841",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: virt_wifi: avoid reporting connection success with wrong SSID\n\nWhen user issues a connection with a different SSID than the one\nvirt_wifi has advertised, the __cfg80211_connect_result() will\ntrigger the warning: WARN_ON(bss_not_found).\n\nThe issue is because the connection code in virt_wifi does not\ncheck the SSID from user space (it only checks the BSSID), and\nvirt_wifi will call cfg80211_connect_result() with WLAN_STATUS_SUCCESS\neven if the SSID is different from the one virt_wifi has advertised.\nEventually cfg80211 won't be able to find the cfg80211_bss and generate\nthe warning.\n\nFixed it by checking the SSID (from user space) in the connection code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c7cdba31ed8b",
"version_value": "d3cc85a10abc"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d3cc85a10abc8eae48988336cdd3689ab92581b3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d3cc85a10abc8eae48988336cdd3689ab92581b3"
},
{
"url": "https://git.kernel.org/stable/c/36e92b5edc8e0daa18e9325674313802ce3fbc29",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36e92b5edc8e0daa18e9325674313802ce3fbc29"
},
{
"url": "https://git.kernel.org/stable/c/416d3c1538df005195721a200b0371d39636e05d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/416d3c1538df005195721a200b0371d39636e05d"
},
{
"url": "https://git.kernel.org/stable/c/b5d14b0c6716fad7f0c94ac6e1d6f60a49f985c7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5d14b0c6716fad7f0c94ac6e1d6f60a49f985c7"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43842.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43842",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()\n\nIn rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size.\nBut then 'rate->he_gi' is used as array index instead of 'status->he_gi'.\nThis can lead to go beyond array boundaries in case of 'rate->he_gi' is\nnot equal to 'status->he_gi' and is bigger than array size. Looks like\n\"copy-paste\" mistake.\n\nFix this mistake by replacing 'rate->he_gi' with 'status->he_gi'.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e3ec7017f6a2",
"version_value": "a2a095c08b95"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.16",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a2a095c08b95372d6d0c5819b77f071af5e75366",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a2a095c08b95372d6d0c5819b77f071af5e75366"
},
{
"url": "https://git.kernel.org/stable/c/7a0edc3d83aff3a48813d78c9cad9daf38decc74",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a0edc3d83aff3a48813d78c9cad9daf38decc74"
},
{
"url": "https://git.kernel.org/stable/c/96ae4de5bc4c8ba39fd072369398f59495b73f58",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/96ae4de5bc4c8ba39fd072369398f59495b73f58"
},
{
"url": "https://git.kernel.org/stable/c/85099c7ce4f9e64c66aa397cd9a37473637ab891",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/85099c7ce4f9e64c66aa397cd9a37473637ab891"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43843.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43843",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv, bpf: Fix out-of-bounds issue when preparing trampoline image\n\nWe get the size of the trampoline image during the dry run phase and\nallocate memory based on that size. The allocated image will then be\npopulated with instructions during the real patch phase. But after\ncommit 26ef208c209a (\"bpf: Use arch_bpf_trampoline_size\"), the `im`\nargument is inconsistent in the dry run and real patch phase. This may\ncause emit_imm in RV64 to generate a different number of instructions\nwhen generating the 'im' address, potentially causing out-of-bounds\nissues. Let's emit the maximum number of instructions for the \"im\"\naddress during dry run to fix this problem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "26ef208c209a",
"version_value": "3e6a1b1b179a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3e6a1b1b179abb643ec3560c02bc3082bc92285f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3e6a1b1b179abb643ec3560c02bc3082bc92285f"
},
{
"url": "https://git.kernel.org/stable/c/9f1e16fb1fc9826001c69e0551d51fbbcd2d74e9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9f1e16fb1fc9826001c69e0551d51fbbcd2d74e9"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43844.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43844",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: wow: fix GTK offload H2C skbuff issue\n\nWe mistakenly put skb too large and that may exceed skb->end.\nTherefore, we fix it.\n\nskbuff: skb_over_panic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780 data:ffff8fba04eca7e0 tail:0x200 end:0x140 dev:<NULL>\n------------[ cut here ]------------\nkernel BUG at net/core/skbuff.c:192!\ninvalid opcode: 0000 [#1] PREEMPT SMP PTI\nCPU: 1 PID: 4747 Comm: kworker/u4:44 Tainted: G O 6.6.30-02659-gc18865c4dfbd #1 86547039b47e46935493f615ee31d0b2d711d35e\nHardware name: HP Meep/Meep, BIOS Google_Meep.11297.262.0 03/18/2021\nWorkqueue: events_unbound async_run_entry_fn\nRIP: 0010:skb_panic+0x5d/0x60\nCode: c6 63 8b 8f bb 4c 0f 45 f6 48 c7 c7 4d 89 8b bb 48 89 ce 44 89 d1 41 56 53 41 53 ff b0 c8 00 00 00 e8 27 5f 23 00 48 83 c4 20 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44\nRSP: 0018:ffffaa700144bad0 EFLAGS: 00010282\nRAX: 0000000000000089 RBX: 0000000000000140 RCX: 14432c5aad26c900\nRDX: 0000000000000000 RSI: 00000000ffffdfff RDI: 0000000000000001\nRBP: ffffaa700144bae0 R08: 0000000000000000 R09: ffffaa700144b920\nR10: 00000000ffffdfff R11: ffffffffbc28fbc0 R12: ffff8fba4e57a010\nR13: 0000000000000000 R14: ffffffffbb8f8b63 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8fba7bd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007999c4ad1000 CR3: 000000015503a000 CR4: 0000000000350ee0\nCall Trace:\n <TASK>\n ? __die_body+0x1f/0x70\n ? die+0x3d/0x60\n ? do_trap+0xa4/0x110\n ? skb_panic+0x5d/0x60\n ? do_error_trap+0x6d/0x90\n ? skb_panic+0x5d/0x60\n ? handle_invalid_op+0x30/0x40\n ? skb_panic+0x5d/0x60\n ? exc_invalid_op+0x3c/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_panic+0x5d/0x60\n skb_put+0x49/0x50\n rtw89_fw_h2c_wow_gtk_ofld+0xbd/0x220 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5]\n rtw89_wow_resume+0x31f/0x540 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5]\n rtw89_ops_resume+0x2b/0xa0 [rtw89_core 778b32de31cd1f14df2d6721ae99ba8a83636fa5]\n ieee80211_reconfig+0x84/0x13e0 [mac80211 818a894e3b77da6298269c59ed7cdff065a4ed52]\n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d]\n ? dev_printk_emit+0x51/0x70\n ? _dev_info+0x6e/0x90\n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d]\n wiphy_resume+0x89/0x180 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d]\n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 1a793119e2aeb157c4ca4091ff8e1d9ae233b59d]\n dpm_run_callback+0x3c/0x140\n device_resume+0x1f9/0x3c0\n ? __pfx_dpm_watchdog_handler+0x10/0x10\n async_resume+0x1d/0x30\n async_run_entry_fn+0x29/0xd0\n process_scheduled_works+0x1d8/0x3d0\n worker_thread+0x1fc/0x2f0\n kthread+0xed/0x110\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x38/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n </TASK>\nModules linked in: ccm 8021q r8153_ecm cdc_ether usbnet r8152 mii dm_integrity async_xor xor async_tx lz4 lz4_compress zstd zstd_compress zram zsmalloc uinput rfcomm cmac algif_hash rtw89_8922ae(O) algif_skcipher rtw89_8922a(O) af_alg rtw89_pci(O) rtw89_core(O) btusb(O) snd_soc_sst_bxt_da7219_max98357a btbcm(O) snd_soc_hdac_hdmi btintel(O) snd_soc_intel_hda_dsp_common snd_sof_probes btrtl(O) btmtk(O) snd_hda_codec_hdmi snd_soc_dmic uvcvideo videobuf2_vmalloc uvc videobuf2_memops videobuf2_v4l2 videobuf2_common snd_sof_pci_intel_apl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_intel_hda soundwire_intel soundwire_generic_allocation snd_sof_intel_hda_mlink soundwire_cadence snd_sof_pci snd_sof_xtensa_dsp mac80211 snd_soc_acpi_intel_match snd_soc_acpi snd_sof snd_sof_utils soundwire_bus snd_soc_max98357a snd_soc_avs snd_soc_hda_codec snd_hda_ext_core snd_intel_dspcfg snd_intel_sdw_acpi snd_soc_da7219 snd_hda_codec snd_hwdep snd_hda_core veth ip6table_nat xt_MASQUERADE xt_cgroup fuse bluetooth ecdh_generic\n cfg80211 ecc\ngsmi: Log Shutdown \n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ed9a3c0d4dd9",
"version_value": "ef0d9d2f0dc1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ef0d9d2f0dc1133db3d3a1c5167190c6627146b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ef0d9d2f0dc1133db3d3a1c5167190c6627146b2"
},
{
"url": "https://git.kernel.org/stable/c/dda364c345913fe03ddbe4d5ae14a2754c100296",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dda364c345913fe03ddbe4d5ae14a2754c100296"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43845.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43845",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix bogus checksum computation in udf_rename()\n\nSyzbot reports uninitialized memory access in udf_rename() when updating\nchecksum of '..' directory entry of a moved directory. This is indeed\ntrue as we pass on-stack diriter.fi to the udf_update_tag() and because\nthat has only struct fileIdentDesc included in it and not the impUse or\nname fields, the checksumming function is going to checksum random stack\ncontents beyond the end of the structure. This is actually harmless\nbecause the following udf_fiiter_write_fi() will recompute the checksum\nfrom on-disk buffers where everything is properly included. So all that\nis needed is just removing the bogus calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e9109a92d2a9",
"version_value": "fe2ead240c31"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fe2ead240c31e8d158713beca9d0681a6e6a53ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fe2ead240c31e8d158713beca9d0681a6e6a53ab"
},
{
"url": "https://git.kernel.org/stable/c/40d7b3ed52449d36143bab8d3e70926aa61a60f4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40d7b3ed52449d36143bab8d3e70926aa61a60f4"
},
{
"url": "https://git.kernel.org/stable/c/27ab33854873e6fb958cb074681a0107cc2ecc4c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/27ab33854873e6fb958cb074681a0107cc2ecc4c"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43846.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43846",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib: objagg: Fix general protection fault\n\nThe library supports aggregation of objects into other objects only if\nthe parent object does not have a parent itself. That is, nesting is not\nsupported.\n\nAggregation happens in two cases: Without and with hints, where hints\nare a pre-computed recommendation on how to aggregate the provided\nobjects.\n\nNesting is not possible in the first case due to a check that prevents\nit, but in the second case there is no check because the assumption is\nthat nesting cannot happen when creating objects based on hints. The\nviolation of this assumption leads to various warnings and eventually to\na general protection fault [1].\n\nBefore fixing the root cause, error out when nesting happens and warn.\n\n[1]\ngeneral protection fault, probably for non-canonical address 0xdead000000000d90: 0000 [#1] PREEMPT SMP PTI\nCPU: 1 PID: 1083 Comm: kworker/1:9 Tainted: G W 6.9.0-rc6-custom-gd9b4f1cca7fb #7\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_sp_acl_erp_bf_insert+0x25/0x80\n[...]\nCall Trace:\n <TASK>\n mlxsw_sp_acl_atcam_entry_add+0x256/0x3c0\n mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0\n mlxsw_sp_acl_tcam_vchunk_migrate_one+0x16b/0x270\n mlxsw_sp_acl_tcam_vregion_rehash_work+0xbe/0x510\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9069a3817d82",
"version_value": "5adc61d29bbb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5adc61d29bbb461d7f7c2b48dceaa90ecd182eb7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5adc61d29bbb461d7f7c2b48dceaa90ecd182eb7"
},
{
"url": "https://git.kernel.org/stable/c/1936fa05a180834c3b52e0439a6bddc07814d3eb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1936fa05a180834c3b52e0439a6bddc07814d3eb"
},
{
"url": "https://git.kernel.org/stable/c/499f742fed42e74f1321f4b12ca196a66a2b49fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/499f742fed42e74f1321f4b12ca196a66a2b49fc"
},
{
"url": "https://git.kernel.org/stable/c/b4a3a89fffcdf09702b1f161b914e52abca1894d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4a3a89fffcdf09702b1f161b914e52abca1894d"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43847.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43847",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix invalid memory access while processing fragmented packets\n\nThe monitor ring and the reo reinject ring share the same ring mask index.\nWhen the driver receives an interrupt for the reo reinject ring, the\nmonitor ring is also processed, leading to invalid memory access. Since\nmonitor support is not yet enabled in ath12k, the ring mask for the monitor\nring should be removed.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.1.1-00209-QCAHKSWPL_SILICONZ-1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d889913205cf",
"version_value": "8126f82dab7b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8126f82dab7bd8b2e04799342b19fff0a1fd8575",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8126f82dab7bd8b2e04799342b19fff0a1fd8575"
},
{
"url": "https://git.kernel.org/stable/c/36fc66a7d9ca3e5c6eac25362cac63f83df8bed6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36fc66a7d9ca3e5c6eac25362cac63f83df8bed6"
},
{
"url": "https://git.kernel.org/stable/c/073f9f249eecd64ab9d59c91c4a23cfdcc02afe4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/073f9f249eecd64ab9d59c91c4a23cfdcc02afe4"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43848.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43848",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix TTLM teardown work\n\nThe worker calculates the wrong sdata pointer, so if it ever\nruns, it'll crash. Fix that."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a17a58ad2ff2",
"version_value": "9750899410c8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9750899410c8478ef043c42029f4f6144c096eac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9750899410c8478ef043c42029f4f6144c096eac"
},
{
"url": "https://git.kernel.org/stable/c/2fe0a605d083b884490ee4de02be071b5b4291b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fe0a605d083b884490ee4de02be071b5b4291b1"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43849.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43849",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: protect locator_addr with the main mutex\n\nIf the service locator server is restarted fast enough, the PDR can\nrewrite locator_addr fields concurrently. Protect them by placing\nmodification of those fields under the main pdr->lock."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fbe639b44a82",
"version_value": "475a77fb3f0e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/475a77fb3f0e1d527f56c60b79f5879661df5b80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/475a77fb3f0e1d527f56c60b79f5879661df5b80"
},
{
"url": "https://git.kernel.org/stable/c/3e815626d73e05152a8142f6e44aecc4133e6e08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3e815626d73e05152a8142f6e44aecc4133e6e08"
},
{
"url": "https://git.kernel.org/stable/c/8543269567e2fb3d976a8255c5e348aed14f98bc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8543269567e2fb3d976a8255c5e348aed14f98bc"
},
{
"url": "https://git.kernel.org/stable/c/107924c14e3ddd85119ca43c26a4ee1056fa9b84",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/107924c14e3ddd85119ca43c26a4ee1056fa9b84"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43850.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43850",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove\n\nThe following warning is seen during bwmon_remove due to refcount\nimbalance, fix this by releasing the OPPs after use.\n\nLogs:\nWARNING: at drivers/opp/core.c:1640 _opp_table_kref_release+0x150/0x158\nHardware name: Qualcomm Technologies, Inc. X1E80100 CRD (DT)\n...\nCall trace:\n_opp_table_kref_release+0x150/0x158\ndev_pm_opp_remove_table+0x100/0x1b4\ndevm_pm_opp_of_table_release+0x10/0x1c\ndevm_action_release+0x14/0x20\ndevres_release_all+0xa4/0x104\ndevice_unbind_cleanup+0x18/0x60\ndevice_release_driver_internal+0x1ec/0x228\ndriver_detach+0x50/0x98\nbus_remove_driver+0x6c/0xbc\ndriver_unregister+0x30/0x60\nplatform_driver_unregister+0x14/0x20\nbwmon_driver_exit+0x18/0x524 [icc_bwmon]\n__arm64_sys_delete_module+0x184/0x264\ninvoke_syscall+0x48/0x118\nel0_svc_common.constprop.0+0xc8/0xe8\ndo_el0_svc+0x20/0x2c\nel0_svc+0x34/0xdc\nel0t_64_sync_handler+0x13c/0x158\nel0t_64_sync+0x190/0x194\n--[ end trace 0000000000000000 ]---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b9c2ae6cac40",
"version_value": "aad41f4c169b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/aad41f4c169bcb800ae88123799bdf8cdec3d366",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aad41f4c169bcb800ae88123799bdf8cdec3d366"
},
{
"url": "https://git.kernel.org/stable/c/4100d4d019f8e140be1d4d3a9d8d93c1285f5d1c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4100d4d019f8e140be1d4d3a9d8d93c1285f5d1c"
},
{
"url": "https://git.kernel.org/stable/c/24086640ab39396eb1a92d1cb1cd2f31b2677c52",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/24086640ab39396eb1a92d1cb1cd2f31b2677c52"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

134
2024/43xxx/CVE-2024-43851.json Normal file
View File

@ -0,0 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43851",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: xilinx: rename cpu_number1 to dummy_cpu_number\n\nThe per cpu variable cpu_number1 is passed to xlnx_event_handler as\nargument \"dev_id\", but it is not used in this function. So drop the\ninitialization of this variable and rename it to dummy_cpu_number.\nThis patch is to fix the following call trace when the kernel option\nCONFIG_DEBUG_ATOMIC_SLEEP is enabled:\n\nBUG: sleeping function called from invalid context at include/linux/sched/mm.h:274\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper/0\n preempt_count: 1, expected: 0\n CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.1.0 #53\n Hardware name: Xilinx Versal vmk180 Eval board rev1.1 (QSPI) (DT)\n Call trace:\n dump_backtrace+0xd0/0xe0\n show_stack+0x18/0x40\n dump_stack_lvl+0x7c/0xa0\n dump_stack+0x18/0x34\n __might_resched+0x10c/0x140\n __might_sleep+0x4c/0xa0\n __kmem_cache_alloc_node+0xf4/0x168\n kmalloc_trace+0x28/0x38\n __request_percpu_irq+0x74/0x138\n xlnx_event_manager_probe+0xf8/0x298\n platform_probe+0x68/0xd8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "01946c3c83b2",
"version_value": "a5e507fadab7"
},
{
"version_affected": "<",
"version_name": "4722924e7a62",
"version_value": "a96e60a6ea68"
},
{
"version_affected": "<",
"version_name": "daed80ed0758",
"version_value": "f762acdaff9e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a5e507fadab76393cbc12344ebd65a417a09aa46",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5e507fadab76393cbc12344ebd65a417a09aa46"
},
{
"url": "https://git.kernel.org/stable/c/a96e60a6ea6818fd37b1853283a512c49af38cf5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a96e60a6ea6818fd37b1853283a512c49af38cf5"
},
{
"url": "https://git.kernel.org/stable/c/f762acdaff9e54688be16e6c832c73a61533c1df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f762acdaff9e54688be16e6c832c73a61533c1df"
},
{
"url": "https://git.kernel.org/stable/c/4a95449dd975e2ea6629a034f3e74b46c9634916",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4a95449dd975e2ea6629a034f3e74b46c9634916"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43852.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43852",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (ltc2991) re-order conditions to fix off by one bug\n\nLTC2991_T_INT_CH_NR is 4. The st->temp_en[] array has LTC2991_MAX_CHANNEL\n(4) elements. Thus if \"channel\" is equal to LTC2991_T_INT_CH_NR then we\nhave read one element beyond the end of the array. Flip the conditions\naround so that we check if \"channel\" is valid before using it as an array\nindex."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2b9ea4262ae9",
"version_value": "c180311c0a52"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c180311c0a520692e2d0e9ca44dcd6c2ff1b41c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c180311c0a520692e2d0e9ca44dcd6c2ff1b41c4"
},
{
"url": "https://git.kernel.org/stable/c/99bf7c2eccff82760fa23ce967cc67c8c219c6a6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/99bf7c2eccff82760fa23ce967cc67c8c219c6a6"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43853.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43853",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup/cpuset: Prevent UAF in proc_cpuset_show()\n\nAn UAF can happen when /proc/cpuset is read as reported in [1].\n\nThis can be reproduced by the following methods:\n1.add an mdelay(1000) before acquiring the cgroup_lock In the\n cgroup_path_ns function.\n2.$cat /proc/<pid>/cpuset repeatly.\n3.$mount -t cgroup -o cpuset cpuset /sys/fs/cgroup/cpuset/\n$umount /sys/fs/cgroup/cpuset/ repeatly.\n\nThe race that cause this bug can be shown as below:\n\n(umount)\t\t|\t(cat /proc/<pid>/cpuset)\ncss_release\t\t|\tproc_cpuset_show\ncss_release_work_fn\t|\tcss = task_get_css(tsk, cpuset_cgrp_id);\ncss_free_rwork_fn\t|\tcgroup_path_ns(css->cgroup, ...);\ncgroup_destroy_root\t|\tmutex_lock(&cgroup_mutex);\nrebind_subsystems\t|\ncgroup_free_root \t|\n\t\t\t|\t// cgrp was freed, UAF\n\t\t\t|\tcgroup_path_ns_locked(cgrp,..);\n\nWhen the cpuset is initialized, the root node top_cpuset.css.cgrp\nwill point to &cgrp_dfl_root.cgrp. In cgroup v1, the mount operation will\nallocate cgroup_root, and top_cpuset.css.cgrp will point to the allocated\n&cgroup_root.cgrp. When the umount operation is executed,\ntop_cpuset.css.cgrp will be rebound to &cgrp_dfl_root.cgrp.\n\nThe problem is that when rebinding to cgrp_dfl_root, there are cases\nwhere the cgroup_root allocated by setting up the root for cgroup v1\nis cached. This could lead to a Use-After-Free (UAF) if it is\nsubsequently freed. The descendant cgroups of cgroup v1 can only be\nfreed after the css is released. However, the css of the root will never\nbe released, yet the cgroup_root should be freed when it is unmounted.\nThis means that obtaining a reference to the css of the root does\nnot guarantee that css.cgrp->root will not be freed.\n\nFix this problem by using rcu_read_lock in proc_cpuset_show().\nAs cgroup_root is kfree_rcu after commit d23b5c577715\n(\"cgroup: Make operations on the cgroup root_list RCU safe\"),\ncss->cgroup won't be freed during the critical section.\nTo call cgroup_path_ns_locked, css_set_lock is needed, so it is safe to\nreplace task_get_css with task_css.\n\n[1] https://syzkaller.appspot.com/bug?extid=9b1ff7be974a403aa4cd"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a79a908fd2b0",
"version_value": "29a8d4e02fd4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/29a8d4e02fd4840028c38ceb1536cc8f82a257d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/29a8d4e02fd4840028c38ceb1536cc8f82a257d4"
},
{
"url": "https://git.kernel.org/stable/c/96226fbed566f3f686f53a489a29846f2d538080",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/96226fbed566f3f686f53a489a29846f2d538080"
},
{
"url": "https://git.kernel.org/stable/c/29ac1d238b3bf126af36037df80d7ecc4822341e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/29ac1d238b3bf126af36037df80d7ecc4822341e"
},
{
"url": "https://git.kernel.org/stable/c/1be59c97c83ccd67a519d8a49486b3a8a73ca28a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1be59c97c83ccd67a519d8a49486b3a8a73ca28a"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43854.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43854",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: initialize integrity buffer to zero before writing it to media\n\nMetadata added by bio_integrity_prep is using plain kmalloc, which leads\nto random kernel memory being written media. For PI metadata this is\nlimited to the app tag that isn't used by kernel generated metadata,\nbut for non-PI metadata the entire buffer leaks kernel memory.\n\nFix this by adding the __GFP_ZERO flag to allocations for writes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7ba1ba12eeef",
"version_value": "d418313bd8f5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.27",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.27",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d418313bd8f55c079a7da12651951b489a638ac1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d418313bd8f55c079a7da12651951b489a638ac1"
},
{
"url": "https://git.kernel.org/stable/c/23a19655fb56f241e592041156dfb1c6d04da644",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/23a19655fb56f241e592041156dfb1c6d04da644"
},
{
"url": "https://git.kernel.org/stable/c/ebc0e91ba76dc6544fff9f5b66408b1982806a00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ebc0e91ba76dc6544fff9f5b66408b1982806a00"
},
{
"url": "https://git.kernel.org/stable/c/899ee2c3829c5ac14bfc7d3c4a5846c0b709b78f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/899ee2c3829c5ac14bfc7d3c4a5846c0b709b78f"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

134
2024/43xxx/CVE-2024-43855.json Normal file
View File

@ -0,0 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43855",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix deadlock between mddev_suspend and flush bio\n\nDeadlock occurs when mddev is being suspended while some flush bio is in\nprogress. It is a complex issue.\n\nT1. the first flush is at the ending stage, it clears 'mddev->flush_bio'\n and tries to submit data, but is blocked because mddev is suspended\n by T4.\nT2. the second flush sets 'mddev->flush_bio', and attempts to queue\n md_submit_flush_data(), which is already running (T1) and won't\n execute again if on the same CPU as T1.\nT3. the third flush inc active_io and tries to flush, but is blocked because\n 'mddev->flush_bio' is not NULL (set by T2).\nT4. mddev_suspend() is called and waits for active_io dec to 0 which is inc\n by T3.\n\n T1\t\tT2\t\tT3\t\tT4\n (flush 1)\t(flush 2)\t(third 3)\t(suspend)\n md_submit_flush_data\n mddev->flush_bio = NULL;\n .\n .\t \tmd_flush_request\n .\t \t mddev->flush_bio = bio\n .\t \t queue submit_flushes\n .\t\t .\n .\t\t .\t\tmd_handle_request\n .\t\t .\t\t active_io + 1\n .\t\t .\t\t md_flush_request\n .\t\t .\t\t wait !mddev->flush_bio\n .\t\t .\n .\t\t .\t\t\t\tmddev_suspend\n .\t\t .\t\t\t\t wait !active_io\n .\t\t .\n .\t\t submit_flushes\n .\t\t queue_work md_submit_flush_data\n .\t\t //md_submit_flush_data is already running (T1)\n .\n md_handle_request\n wait resume\n\nThe root issue is non-atomic inc/dec of active_io during flush process.\nactive_io is dec before md_submit_flush_data is queued, and inc soon\nafter md_submit_flush_data() run.\n md_flush_request\n active_io + 1\n submit_flushes\n active_io - 1\n md_submit_flush_data\n md_handle_request\n active_io + 1\n make_request\n active_io - 1\n\nIf active_io is dec after md_handle_request() instead of within\nsubmit_flushes(), make_request() can be called directly intead of\nmd_handle_request() in md_submit_flush_data(), and active_io will\nonly inc and dec once in the whole flush process. Deadlock will be\nfixed.\n\nAdditionally, the only difference between fixing the issue and before is\nthat there is no return error handling of make_request(). But after\nprevious patch cleaned md_write_start(), make_requst() only return error\nin raid5_make_request() by dm-raid, see commit 41425f96d7aa (\"dm-raid456,\nmd/raid456: fix a deadlock for dm-raid456 while io concurrent with\nreshape)\". Since dm always splits data and flush operation into two\nseparate io, io size of flush submitted by dm always is 0, make_request()\nwill not be called in md_submit_flush_data(). To prevent future\nmodifications from introducing issues, add WARN_ON to ensure\nmake_request() no error is returned in this context."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f9f2d957a8ea",
"version_value": "322260708131"
},
{
"version_affected": "<",
"version_name": "530cec617f5a",
"version_value": "2d0738a8322b"
},
{
"version_affected": "<",
"version_name": "fa2bbff7b0b4",
"version_value": "ca963eefbc33"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/32226070813140234b6c507084738e8e8385c5c6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/32226070813140234b6c507084738e8e8385c5c6"
},
{
"url": "https://git.kernel.org/stable/c/2d0738a8322bf4e5bfe693d16b3111928a9ccfbf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2d0738a8322bf4e5bfe693d16b3111928a9ccfbf"
},
{
"url": "https://git.kernel.org/stable/c/ca963eefbc3331222b6121baa696d49ba2008811",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ca963eefbc3331222b6121baa696d49ba2008811"
},
{
"url": "https://git.kernel.org/stable/c/611d5cbc0b35a752e657a83eebadf40d814d006b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/611d5cbc0b35a752e657a83eebadf40d814d006b"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43856.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43856",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma: fix call order in dmam_free_coherent\n\ndmam_free_coherent() frees a DMA allocation, which makes the\nfreed vaddr available for reuse, then calls devres_destroy()\nto remove and free the data structure used to track the DMA\nallocation. Between the two calls, it is possible for a\nconcurrent task to make an allocation with the same vaddr\nand add it to the devres list.\n\nIf this happens, there will be two entries in the devres list\nwith the same vaddr and devres_destroy() can free the wrong\nentry, triggering the WARN_ON() in dmam_match.\n\nFix by destroying the devres entry before freeing the DMA\nallocation.\n\n kokonut //net/encryption\n http://sponge2/b9145fe6-0f72-4325-ac2f-a84d81075b03"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9ac7849e35f7",
"version_value": "f993a4baf6b6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.21",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.21",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f993a4baf6b622232e4c190d34c220179e5d61eb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f993a4baf6b622232e4c190d34c220179e5d61eb"
},
{
"url": "https://git.kernel.org/stable/c/1fe97f68fce1ba24bf823bfb0eb0956003473130",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1fe97f68fce1ba24bf823bfb0eb0956003473130"
},
{
"url": "https://git.kernel.org/stable/c/22094f5f52e7bc16c5bf9613365049383650b02e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/22094f5f52e7bc16c5bf9613365049383650b02e"
},
{
"url": "https://git.kernel.org/stable/c/28e8b7406d3a1f5329a03aa25a43aa28e087cb20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/28e8b7406d3a1f5329a03aa25a43aa28e087cb20"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

102
2024/43xxx/CVE-2024-43857.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43857",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix null reference error when checking end of zone\n\nThis patch fixes a potentially null pointer being accessed by\nis_end_zone_blkaddr() that checks the last block of a zone\nwhen f2fs is mounted as a single device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e067dc3c6b9c",
"version_value": "381cbe85592c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/381cbe85592c78fbaeb3e770e3e9f3bfa3e67efb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/381cbe85592c78fbaeb3e770e3e9f3bfa3e67efb"
},
{
"url": "https://git.kernel.org/stable/c/c82bc1ab2a8a5e73d9728e80c4c2ed87e8921a38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c82bc1ab2a8a5e73d9728e80c4c2ed87e8921a38"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43858.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43858",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix array-index-out-of-bounds in diFree"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "8d8f9a477de0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.12",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8d8f9a477de0d7962342eedf2a599215b7c63d28",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8d8f9a477de0d7962342eedf2a599215b7c63d28"
},
{
"url": "https://git.kernel.org/stable/c/ff14eadc278663cac69d57d3ca7fb2f394e1f8a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ff14eadc278663cac69d57d3ca7fb2f394e1f8a7"
},
{
"url": "https://git.kernel.org/stable/c/6aa6892a90a5a7fabffe5692ab9f06a7a46c6e42",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6aa6892a90a5a7fabffe5692ab9f06a7a46c6e42"
},
{
"url": "https://git.kernel.org/stable/c/f73f969b2eb39ad8056f6c7f3a295fa2f85e313a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f73f969b2eb39ad8056f6c7f3a295fa2f85e313a"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

113
2024/43xxx/CVE-2024-43859.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43859",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to truncate preallocated blocks in f2fs_file_open()\n\nchenyuwen reports a f2fs bug as below:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000011\n fscrypt_set_bio_crypt_ctx+0x78/0x1e8\n f2fs_grab_read_bio+0x78/0x208\n f2fs_submit_page_read+0x44/0x154\n f2fs_get_read_data_page+0x288/0x5f4\n f2fs_get_lock_data_page+0x60/0x190\n truncate_partial_data_page+0x108/0x4fc\n f2fs_do_truncate_blocks+0x344/0x5f0\n f2fs_truncate_blocks+0x6c/0x134\n f2fs_truncate+0xd8/0x200\n f2fs_iget+0x20c/0x5ac\n do_garbage_collect+0x5d0/0xf6c\n f2fs_gc+0x22c/0x6a4\n f2fs_disable_checkpoint+0xc8/0x310\n f2fs_fill_super+0x14bc/0x1764\n mount_bdev+0x1b4/0x21c\n f2fs_mount+0x20/0x30\n legacy_get_tree+0x50/0xbc\n vfs_get_tree+0x5c/0x1b0\n do_new_mount+0x298/0x4cc\n path_mount+0x33c/0x5fc\n __arm64_sys_mount+0xcc/0x15c\n invoke_syscall+0x60/0x150\n el0_svc_common+0xb8/0xf8\n do_el0_svc+0x28/0xa0\n el0_svc+0x24/0x84\n el0t_64_sync_handler+0x88/0xec\n\nIt is because inode.i_crypt_info is not initialized during below path:\n- mount\n - f2fs_fill_super\n - f2fs_disable_checkpoint\n - f2fs_gc\n - f2fs_iget\n - f2fs_truncate\n\nSo, let's relocate truncation of preallocated blocks to f2fs_file_open(),\nafter fscrypt_file_open()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d4dd19ec1ea0",
"version_value": "f44a25a8bfe0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f44a25a8bfe0c15d33244539696cd9119cf44d18",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f44a25a8bfe0c15d33244539696cd9119cf44d18"
},
{
"url": "https://git.kernel.org/stable/c/3ba0ae885215b325605ff7ebf6de12ac2adf204d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3ba0ae885215b325605ff7ebf6de12ac2adf204d"
},
{
"url": "https://git.kernel.org/stable/c/298b1e4182d657c3e388adcc29477904e9600ed5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/298b1e4182d657c3e388adcc29477904e9600ed5"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/43xxx/CVE-2024-43860.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-43860",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: imx_rproc: Skip over memory region when node value is NULL\n\nIn imx_rproc_addr_init() \"nph = of_count_phandle_with_args()\" just counts\nnumber of phandles. But phandles may be empty. So of_parse_phandle() in\nthe parsing loop (0 < a < nph) may return NULL which is later dereferenced.\nAdjust this issue by adding NULL-return check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[Fixed title to fit within the prescribed 70-75 charcters]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a0ff4aa6f010",
"version_value": "9a17cf8b2ce4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.14",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.103",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.44",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.3",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9a17cf8b2ce483fa75258bc2cdcf628f24bcf5f8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9a17cf8b2ce483fa75258bc2cdcf628f24bcf5f8"
},
{
"url": "https://git.kernel.org/stable/c/6c9ea3547fad252fe9ae5d3ed7e066e2085bf3a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c9ea3547fad252fe9ae5d3ed7e066e2085bf3a2"
},
{
"url": "https://git.kernel.org/stable/c/c877a5f5268d4ab8224b9c9fbce3d746e4e72bc9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c877a5f5268d4ab8224b9c9fbce3d746e4e72bc9"
},
{
"url": "https://git.kernel.org/stable/c/2fa26ca8b786888673689ccc9da6094150939982",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fa26ca8b786888673689ccc9da6094150939982"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

12
2024/7xxx/CVE-2024-7709.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in OcoMon 4.0. This issue affects some unknown processing of the file /includes/common/require_access_recovery.php of the component URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.1 and 5.0 is able to address this issue. It is recommended to upgrade the affected component."
"value": "A vulnerability, which was classified as problematic, has been found in OcoMon 4.0RC1/4.0/5.0RC1. This issue affects some unknown processing of the file /includes/common/require_access_recovery.php of the component URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.1 and 5.0 is able to address this issue. It is recommended to upgrade the affected component."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in OcoMon 4.0 entdeckt. Sie wurde als problematisch eingestuft. Davon betroffen ist unbekannter Code der Datei /includes/common/require_access_recovery.php der Komponente URL Handler. Durch Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 4.0.1 and 5.0 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
"value": "Eine Schwachstelle wurde in OcoMon 4.0RC1/4.0/5.0RC1 entdeckt. Sie wurde als problematisch eingestuft. Davon betroffen ist unbekannter Code der Datei /includes/common/require_access_recovery.php der Komponente URL Handler. Durch Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 4.0.1 and 5.0 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
@ -46,6 +46,14 @@
{
"version_affected": "=",
"version_value": "4.0"
},
{
"version_affected": "=",
"version_value": "4.0RC1"
},
{
"version_affected": "=",
"version_value": "5.0RC1"
}
]
}