admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-02 16:03:22 +00:00
parent cb0cf76eeb
commit 8a27f22342
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 506 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
2023/53xxx/CVE-2023-53134.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53134",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Avoid order-5 memory allocation for TPA data\n\nThe driver needs to keep track of all the possible concurrent TPA (GRO/LRO)\ncompletions on the aggregation ring. On P5 chips, the maximum number\nof concurrent TPA is 256 and the amount of memory we allocate is order-5\non systems using 4K pages. Memory allocation failure has been reported:\n\nNetworkManager: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1\nCPU: 15 PID: 2995 Comm: NetworkManager Kdump: loaded Not tainted 5.10.156 #1\nHardware name: Dell Inc. PowerEdge R660/0M1CC5, BIOS 0.2.25 08/12/2022\nCall Trace:\n dump_stack+0x57/0x6e\n warn_alloc.cold.120+0x7b/0xdd\n ? _cond_resched+0x15/0x30\n ? __alloc_pages_direct_compact+0x15f/0x170\n __alloc_pages_slowpath.constprop.108+0xc58/0xc70\n __alloc_pages_nodemask+0x2d0/0x300\n kmalloc_order+0x24/0xe0\n kmalloc_order_trace+0x19/0x80\n bnxt_alloc_mem+0x1150/0x15c0 [bnxt_en]\n ? bnxt_get_func_stat_ctxs+0x13/0x60 [bnxt_en]\n __bnxt_open_nic+0x12e/0x780 [bnxt_en]\n bnxt_open+0x10b/0x240 [bnxt_en]\n __dev_open+0xe9/0x180\n __dev_change_flags+0x1af/0x220\n dev_change_flags+0x21/0x60\n do_setlink+0x35c/0x1100\n\nInstead of allocating this big chunk of memory and dividing it up for the\nconcurrent TPA instances, allocate each small chunk separately for each\nTPA instance. This will reduce it to order-0 allocations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "79632e9ba38671215fb193346ef6fb8db582744d",
"version_value": "16f3aae1aa2dd89bc8d073a67f190af580386ae9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.237",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.175",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.103",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.20",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.7",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/16f3aae1aa2dd89bc8d073a67f190af580386ae9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16f3aae1aa2dd89bc8d073a67f190af580386ae9"
},
{
"url": "https://git.kernel.org/stable/c/d16701a385b54f44bf41ff1d7485e7a11080deb3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d16701a385b54f44bf41ff1d7485e7a11080deb3"
},
{
"url": "https://git.kernel.org/stable/c/20fd0607acbf9770db9b99e3418dd75614f80b6c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20fd0607acbf9770db9b99e3418dd75614f80b6c"
},
{
"url": "https://git.kernel.org/stable/c/fcae40e65802547def39b4deaa2ae38a29864d81",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fcae40e65802547def39b4deaa2ae38a29864d81"
},
{
"url": "https://git.kernel.org/stable/c/ad529d1fae1565d38f929479d4ea8aea90054bd2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad529d1fae1565d38f929479d4ea8aea90054bd2"
},
{
"url": "https://git.kernel.org/stable/c/accd7e23693aaaa9aa0d3e9eca0ae77d1be80ab3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/accd7e23693aaaa9aa0d3e9eca0ae77d1be80ab3"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

136
2023/53xxx/CVE-2023-53135.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53135",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode\n\nWhen CONFIG_FRAME_POINTER is unset, the stack unwinding function\nwalk_stackframe randomly reads the stack and then, when KASAN is enabled,\nit can lead to the following backtrace:\n\n[ 0.000000] ==================================================================\n[ 0.000000] BUG: KASAN: stack-out-of-bounds in walk_stackframe+0xa6/0x11a\n[ 0.000000] Read of size 8 at addr ffffffff81807c40 by task swapper/0\n[ 0.000000]\n[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-12919-g24203e6db61f #43\n[ 0.000000] Hardware name: riscv-virtio,qemu (DT)\n[ 0.000000] Call Trace:\n[ 0.000000] [<ffffffff80007ba8>] walk_stackframe+0x0/0x11a\n[ 0.000000] [<ffffffff80099ecc>] init_param_lock+0x26/0x2a\n[ 0.000000] [<ffffffff80007c4a>] walk_stackframe+0xa2/0x11a\n[ 0.000000] [<ffffffff80c49c80>] dump_stack_lvl+0x22/0x36\n[ 0.000000] [<ffffffff80c3783e>] print_report+0x198/0x4a8\n[ 0.000000] [<ffffffff80099ecc>] init_param_lock+0x26/0x2a\n[ 0.000000] [<ffffffff80007c4a>] walk_stackframe+0xa2/0x11a\n[ 0.000000] [<ffffffff8015f68a>] kasan_report+0x9a/0xc8\n[ 0.000000] [<ffffffff80007c4a>] walk_stackframe+0xa2/0x11a\n[ 0.000000] [<ffffffff80007c4a>] walk_stackframe+0xa2/0x11a\n[ 0.000000] [<ffffffff8006e99c>] desc_make_final+0x80/0x84\n[ 0.000000] [<ffffffff8009a04e>] stack_trace_save+0x88/0xa6\n[ 0.000000] [<ffffffff80099fc2>] filter_irq_stacks+0x72/0x76\n[ 0.000000] [<ffffffff8006b95e>] devkmsg_read+0x32a/0x32e\n[ 0.000000] [<ffffffff8015ec16>] kasan_save_stack+0x28/0x52\n[ 0.000000] [<ffffffff8006e998>] desc_make_final+0x7c/0x84\n[ 0.000000] [<ffffffff8009a04a>] stack_trace_save+0x84/0xa6\n[ 0.000000] [<ffffffff8015ec52>] kasan_set_track+0x12/0x20\n[ 0.000000] [<ffffffff8015f22e>] __kasan_slab_alloc+0x58/0x5e\n[ 0.000000] [<ffffffff8015e7ea>] __kmem_cache_create+0x21e/0x39a\n[ 0.000000] [<ffffffff80e133ac>] create_boot_cache+0x70/0x9c\n[ 0.000000] [<ffffffff80e17ab2>] kmem_cache_init+0x6c/0x11e\n[ 0.000000] [<ffffffff80e00fd6>] mm_init+0xd8/0xfe\n[ 0.000000] [<ffffffff80e011d8>] start_kernel+0x190/0x3ca\n[ 0.000000]\n[ 0.000000] The buggy address belongs to stack of task swapper/0\n[ 0.000000] and is located at offset 0 in frame:\n[ 0.000000] stack_trace_save+0x0/0xa6\n[ 0.000000]\n[ 0.000000] This frame has 1 object:\n[ 0.000000] [32, 56) 'c'\n[ 0.000000]\n[ 0.000000] The buggy address belongs to the physical page:\n[ 0.000000] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x81a07\n[ 0.000000] flags: 0x1000(reserved|zone=0)\n[ 0.000000] raw: 0000000000001000 ff600003f1e3d150 ff600003f1e3d150 0000000000000000\n[ 0.000000] raw: 0000000000000000 0000000000000000 00000001ffffffff\n[ 0.000000] page dumped because: kasan: bad access detected\n[ 0.000000]\n[ 0.000000] Memory state around the buggy address:\n[ 0.000000] ffffffff81807b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 0.000000] ffffffff81807b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 0.000000] >ffffffff81807c00: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 f3\n[ 0.000000] ^\n[ 0.000000] ffffffff81807c80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n[ 0.000000] ffffffff81807d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 0.000000] ==================================================================\n\nFix that by using READ_ONCE_NOCHECK when reading the stack in imprecise\nmode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5d8544e2d0075a5f3c9a2cf27152354d54360da1",
"version_value": "a99a61d9e1bfca2fc37d223a6a185c0eb66aba02"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.237",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.175",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.103",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.20",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.7",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a99a61d9e1bfca2fc37d223a6a185c0eb66aba02",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a99a61d9e1bfca2fc37d223a6a185c0eb66aba02"
},
{
"url": "https://git.kernel.org/stable/c/3de277af481ab931fab9e295ad8762692920732a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3de277af481ab931fab9e295ad8762692920732a"
},
{
"url": "https://git.kernel.org/stable/c/3a9418d2c93c1c86ce4d0595112d91c7a8e70c2c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3a9418d2c93c1c86ce4d0595112d91c7a8e70c2c"
},
{
"url": "https://git.kernel.org/stable/c/324912d6c0c4006711054d389faa2239c1655e1e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/324912d6c0c4006711054d389faa2239c1655e1e"
},
{
"url": "https://git.kernel.org/stable/c/17fa90ffba20743c946920fbb0afe160d0ead8c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/17fa90ffba20743c946920fbb0afe160d0ead8c9"
},
{
"url": "https://git.kernel.org/stable/c/76950340cf03b149412fe0d5f0810e52ac1df8cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/76950340cf03b149412fe0d5f0810e52ac1df8cb"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

114
2023/53xxx/CVE-2023-53136.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53136",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix struct pid leaks in OOB support\n\nsyzbot reported struct pid leak [1].\n\nIssue is that queue_oob() calls maybe_add_creds() which potentially\nholds a reference on a pid.\n\nBut skb->destructor is not set (either directly or by calling\nunix_scm_to_skb())\n\nThis means that subsequent kfree_skb() or consume_skb() would leak\nthis reference.\n\nIn this fix, I chose to fully support scm even for the OOB message.\n\n[1]\nBUG: memory leak\nunreferenced object 0xffff8881053e7f80 (size 128):\ncomm \"syz-executor242\", pid 5066, jiffies 4294946079 (age 13.220s)\nhex dump (first 32 bytes):\n01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<ffffffff812ae26a>] alloc_pid+0x6a/0x560 kernel/pid.c:180\n[<ffffffff812718df>] copy_process+0x169f/0x26c0 kernel/fork.c:2285\n[<ffffffff81272b37>] kernel_clone+0xf7/0x610 kernel/fork.c:2684\n[<ffffffff812730cc>] __do_sys_clone+0x7c/0xb0 kernel/fork.c:2825\n[<ffffffff849ad699>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n[<ffffffff849ad699>] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n[<ffffffff84a0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "314001f0bf927015e459c9d387d62a231fe93af3",
"version_value": "f3969427fb06a2c3cd6efd7faab63505cfa76e76"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.103",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.20",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.7",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f3969427fb06a2c3cd6efd7faab63505cfa76e76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f3969427fb06a2c3cd6efd7faab63505cfa76e76"
},
{
"url": "https://git.kernel.org/stable/c/ac1968ac399205fda9ee3b18f7de7416cb3a5d0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac1968ac399205fda9ee3b18f7de7416cb3a5d0d"
},
{
"url": "https://git.kernel.org/stable/c/a59d6306263c38e5c0592ea4451ca26a0778c947",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a59d6306263c38e5c0592ea4451ca26a0778c947"
},
{
"url": "https://git.kernel.org/stable/c/2aab4b96900272885bc157f8b236abf1cdc02e08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2aab4b96900272885bc157f8b236abf1cdc02e08"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}

136
2023/53xxx/CVE-2023-53137.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53137",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: Fix possible corruption when moving a directory\n\nWhen we are renaming a directory to a different directory, we need to\nupdate '..' entry in the moved directory. However nothing prevents moved\ndirectory from being modified and even converted from the inline format\nto the normal format. When such race happens the rename code gets\nconfused and we crash. Fix the problem by locking the moved directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "32f7f22c0b52e8189fef83986b16dc7abe95f2c4",
"version_value": "8dac5a63cf79707b547ea3d425fead5f4482198f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.237",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.175",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.103",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.20",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2.7",
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8dac5a63cf79707b547ea3d425fead5f4482198f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8dac5a63cf79707b547ea3d425fead5f4482198f"
},
{
"url": "https://git.kernel.org/stable/c/0c440f14558bfacd22c6935ae1fd4b2a09e96b5d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c440f14558bfacd22c6935ae1fd4b2a09e96b5d"
},
{
"url": "https://git.kernel.org/stable/c/c50fc503ee1b97f12c98e26afc39fdaebebcf04f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c50fc503ee1b97f12c98e26afc39fdaebebcf04f"
},
{
"url": "https://git.kernel.org/stable/c/b0bb13612292ca90fa4c2a7e425375649bc50d3e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0bb13612292ca90fa4c2a7e425375649bc50d3e"
},
{
"url": "https://git.kernel.org/stable/c/291cd19d107e197306869cb3237c1bba62d13182",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/291cd19d107e197306869cb3237c1bba62d13182"
},
{
"url": "https://git.kernel.org/stable/c/0813299c586b175d7edb25f56412c54b812d0379",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0813299c586b175d7edb25f56412c54b812d0379"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}