admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-05-01 13:00:35 +00:00
parent 59abad8747
commit b2b0901c55
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
51 changed files with 5724 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
2022/38xxx/CVE-2022-38386.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38386",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite for Software 1.10.12.0 through 1.10.19.0 does not set the SameSite attribute for sensitive cookies which could allow an attacker to obtain sensitive information using man-in-the-middle techniques. IBM X-Force ID: 233778."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1275 Sensitive Cookie with Improper SameSite Attribute",
"cweId": "CWE-1275"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Cloud Pak for Security",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.10.0.0",
"version_value": "1.10.11.0"
}
]
}
},
{
"product_name": "QRadar Suite for Software",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.10.12.0",
"version_value": "1.10.19.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7149811",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7149811"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/233778",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/233778"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

114
2023/52xxx/CVE-2023-52649.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52649",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Avoid reading beyond LUT array\n\nWhen the floor LUT index (drm_fixp2int(lut_index) is the last\nindex of the array the ceil LUT index will point to an entry\nbeyond the array. Make sure we guard against it and use the\nvalue of the floor LUT index.\n\nv3:\n - Drop bits from commit description that didn't contribute\n anything of value"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "db1f254f2cfa",
"version_value": "9556c1676730"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1"
},
{
"url": "https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bd"
},
{
"url": "https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d"
},
{
"url": "https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2023/52xxx/CVE-2023-52650.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52650",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e94236cde4d5",
"version_value": "47a13d0b9d85"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.311",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80"
},
{
"url": "https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5"
},
{
"url": "https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129"
},
{
"url": "https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d"
},
{
"url": "https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6"
},
{
"url": "https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976"
},
{
"url": "https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9"
},
{
"url": "https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc"
},
{
"url": "https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2023/52xxx/CVE-2023-52651.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52651",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()\n\nWe should check whether the WMI_TLV_TAG_STRUCT_MGMT_TX_COMPL_EVENT tlv is\npresent before accessing it, otherwise a null pointer deference error will\noccur."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "dc405152bb64",
"version_value": "0cd3b0a1dc98"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.311",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0cd3b0a1dc987697cba1fe93c784365aa1f8a230",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0cd3b0a1dc987697cba1fe93c784365aa1f8a230"
},
{
"url": "https://git.kernel.org/stable/c/88a9dffaec779504ab3680d33cf677741c029420",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/88a9dffaec779504ab3680d33cf677741c029420"
},
{
"url": "https://git.kernel.org/stable/c/e1dc7aa814a95aeeb1b2c05be2b62af8423b15cc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1dc7aa814a95aeeb1b2c05be2b62af8423b15cc"
},
{
"url": "https://git.kernel.org/stable/c/4c4e592266b6eec748ce90e82bd9cbc9838f3633",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4c4e592266b6eec748ce90e82bd9cbc9838f3633"
},
{
"url": "https://git.kernel.org/stable/c/90f089d77e38db1c48629f111f3c8c336be1bc38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90f089d77e38db1c48629f111f3c8c336be1bc38"
},
{
"url": "https://git.kernel.org/stable/c/10a342fa2fe4c4dd22f2c8fe917d3b1929582076",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/10a342fa2fe4c4dd22f2c8fe917d3b1929582076"
},
{
"url": "https://git.kernel.org/stable/c/db755cf93f5895bbac491d27a8e2fe04c5f9ae4a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/db755cf93f5895bbac491d27a8e2fe04c5f9ae4a"
},
{
"url": "https://git.kernel.org/stable/c/835c5d37f4b0ba99e9ec285ffa645bc532714191",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/835c5d37f4b0ba99e9ec285ffa645bc532714191"
},
{
"url": "https://git.kernel.org/stable/c/ad25ee36f00172f7d53242dc77c69fff7ced0755",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad25ee36f00172f7d53242dc77c69fff7ced0755"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

75
2024/0xxx/CVE-2024-0334.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0334",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attribute of a link in several Elementor widgets in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "jegtheme",
"product": {
"product_data": [
{
"product_name": "Jeg Elementor Kit",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/950e9042-1364-4200-8f57-171346075764?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/950e9042-1364-4200-8f57-171346075764?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3077328/jeg-elementor-kit",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3077328/jeg-elementor-kit"
}
]
},
"credits": [
{
"lang": "en",
"value": "Craig Smith"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

53
2024/23xxx/CVE-2024-23597.json
View File

@ -1,17 +1,62 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23597",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site request forgery (CSRF) vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TvRock",
"product": {
"product_data": [
{
"product_name": "TvRock",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.9t8a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://jvn.jp/en/jp/JVN24683352/",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN24683352/"
}
]
}

102
2024/27xxx/CVE-2024-27023.json
View File

@ -1,18 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27023",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Fix missing release of 'active_io' for flush\n\nsubmit_flushes\n atomic_set(&mddev->flush_pending, 1);\n rdev_for_each_rcu(rdev, mddev)\n atomic_inc(&mddev->flush_pending);\n bi->bi_end_io = md_end_flush\n submit_bio(bi);\n /* flush io is done first */\n md_end_flush\n if (atomic_dec_and_test(&mddev->flush_pending))\n percpu_ref_put(&mddev->active_io)\n -> active_io is not released\n\n if (atomic_dec_and_test(&mddev->flush_pending))\n -> missing release of active_io\n\nFor consequence, mddev_suspend() will wait for 'active_io' to be zero\nforever.\n\nFix this problem by releasing 'active_io' in submit_flushes() if\n'flush_pending' is decreased to zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f9f2d957a8ea",
"version_value": "6b2ff10390b1"
},
{
"version_affected": "<",
"version_name": "530cec617f5a",
"version_value": "02dad157ba11"
},
{
"version_affected": "<",
"version_name": "c4c2345214b6",
"version_value": "11f81438927f"
},
{
"version_affected": "<",
"version_name": "fa2bbff7b0b4",
"version_value": "855678ed8534"
},
{
"version_affected": "<",
"version_name": "6.1.75",
"version_value": "6.1.80"
},
{
"version_affected": "<",
"version_name": "6.6.14",
"version_value": "6.6.19"
},
{
"version_affected": "<",
"version_name": "6.7.2",
"version_value": "6.7.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6b2ff10390b19a2364af622b6666b690443f9f3f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6b2ff10390b19a2364af622b6666b690443f9f3f"
},
{
"url": "https://git.kernel.org/stable/c/02dad157ba11064d073f5499dc33552b227d5d3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/02dad157ba11064d073f5499dc33552b227d5d3a"
},
{
"url": "https://git.kernel.org/stable/c/11f81438927f84edfaaeb5d5f10856c3a1c1fc82",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/11f81438927f84edfaaeb5d5f10856c3a1c1fc82"
},
{
"url": "https://git.kernel.org/stable/c/855678ed8534518e2b428bcbcec695de9ba248e8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/855678ed8534518e2b428bcbcec695de9ba248e8"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2024/27xxx/CVE-2024-27024.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27024",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: fix WARNING in rds_conn_connect_if_down\n\nIf connection isn't established yet, get_mr() will fail, trigger connection after\nget_mr()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "584a8279a44a",
"version_value": "786854141057"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.310",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.272",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.213",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.152",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.82",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.22",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.10",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4"
},
{
"url": "https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b"
},
{
"url": "https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2"
},
{
"url": "https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0"
},
{
"url": "https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80"
},
{
"url": "https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85"
},
{
"url": "https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1"
},
{
"url": "https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2024/27xxx/CVE-2024-27025.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27025",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: null check for nla_nest_start\n\nnla_nest_start() may fail and return NULL. Insert a check and set errno\nbased on other call sites within the same source code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "47d902b90a32",
"version_value": "44214d744be3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.12",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e"
},
{
"url": "https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced"
},
{
"url": "https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797"
},
{
"url": "https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8"
},
{
"url": "https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983"
},
{
"url": "https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf"
},
{
"url": "https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a"
},
{
"url": "https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27026.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27026",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix missing reserved tailroom\n\nUse rbi->len instead of rcd->len for non-dataring packet.\n\nFound issue:\n XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom\n WARNING: CPU: 0 PID: 0 at net/core/xdp.c:586 xdp_warn+0xf/0x20\n CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.5.1 #1\n RIP: 0010:xdp_warn+0xf/0x20\n ...\n ? xdp_warn+0xf/0x20\n xdp_do_redirect+0x15f/0x1c0\n vmxnet3_run_xdp+0x17a/0x400 [vmxnet3]\n vmxnet3_process_xdp+0xe4/0x760 [vmxnet3]\n ? vmxnet3_tq_tx_complete.isra.0+0x21e/0x2c0 [vmxnet3]\n vmxnet3_rq_rx_complete+0x7ad/0x1120 [vmxnet3]\n vmxnet3_poll_rx_only+0x2d/0xa0 [vmxnet3]\n __napi_poll+0x20/0x180\n net_rx_action+0x177/0x390"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "54f00cce1178",
"version_value": "aba8659caf88"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/aba8659caf88017507419feea06069f529329ea6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aba8659caf88017507419feea06069f529329ea6"
},
{
"url": "https://git.kernel.org/stable/c/7c8505ecc2d15473d679b8e06335434b84fffe86",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7c8505ecc2d15473d679b8e06335434b84fffe86"
},
{
"url": "https://git.kernel.org/stable/c/91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262"
},
{
"url": "https://git.kernel.org/stable/c/e127ce7699c1e05279ee5ee61f00893e7bfa9671",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e127ce7699c1e05279ee5ee61f00893e7bfa9671"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2024/27xxx/CVE-2024-27027.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27027",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix dpll_xa_ref_*_del() for multiple registrations\n\nCurrently, if there are multiple registrations of the same pin on the\nsame dpll device, following warnings are observed:\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:143 dpll_xa_ref_pin_del.isra.0+0x21e/0x230\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:223 __dpll_pin_unregister+0x2b3/0x2c0\n\nThe problem is, that in both dpll_xa_ref_dpll_del() and\ndpll_xa_ref_pin_del() registration is only removed from list in case the\nreference count drops to zero. That is wrong, the registration has to\nbe removed always.\n\nTo fix this, remove the registration from the list and free\nit unconditionally, instead of doing it only when the ref reference\ncounter reaches zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9431063ad323",
"version_value": "769324eb3514"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/769324eb35143462542cdb15483cdaf4877bf661",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/769324eb35143462542cdb15483cdaf4877bf661"
},
{
"url": "https://git.kernel.org/stable/c/b27e32e9367dac024cd6f61f22655714f483fd67",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b27e32e9367dac024cd6f61f22655714f483fd67"
},
{
"url": "https://git.kernel.org/stable/c/b446631f355ece73b13c311dd712c47381a23172",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b446631f355ece73b13c311dd712c47381a23172"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2024/27xxx/CVE-2024-27028.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27028",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-mt65xx: Fix NULL pointer access in interrupt handler\n\nThe TX buffer in spi_transfer can be a NULL pointer, so the interrupt\nhandler may end up writing to the invalid memory and cause crashes.\n\nAdd a check to trans->tx_buf before using it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1ce24864bff4",
"version_value": "2342b05ec534"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.311",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38"
},
{
"url": "https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6"
},
{
"url": "https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11"
},
{
"url": "https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62"
},
{
"url": "https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4"
},
{
"url": "https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753"
},
{
"url": "https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4"
},
{
"url": "https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713"
},
{
"url": "https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2024/27xxx/CVE-2024-27029.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27029",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix mmhub client id out-of-bounds access\n\nProperly handle cid 0x140."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "aba2be41470a",
"version_value": "e1e076bda4fd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e1e076bda4fd6378ae650f2c6ef1a4ff93c5aea5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1e076bda4fd6378ae650f2c6ef1a4ff93c5aea5"
},
{
"url": "https://git.kernel.org/stable/c/1f24b3040f2b6ffcb97151fabb3070328254d923",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1f24b3040f2b6ffcb97151fabb3070328254d923"
},
{
"url": "https://git.kernel.org/stable/c/6540ff6482c1a5a6890ae44b23d0852ba1986d9e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6540ff6482c1a5a6890ae44b23d0852ba1986d9e"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2024/27xxx/CVE-2024-27030.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27030",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7304ac4567bc",
"version_value": "94cb17e5cf3a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"
},
{
"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"
},
{
"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"
},
{
"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"
},
{
"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"
},
{
"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"
},
{
"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"
},
{
"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27031.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27031",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt\n\nThe loop inside nfs_netfs_issue_read() currently does not disable\ninterrupts while iterating through pages in the xarray to submit\nfor NFS read. This is not safe though since after taking xa_lock,\nanother page in the mapping could be processed for writeback inside\nan interrupt, and deadlock can occur. The fix is simple and clean\nif we use xa_for_each_range(), which handles the iteration with RCU\nwhile reducing code complexity.\n\nThe problem is easily reproduced with the following test:\n mount -o vers=3,fsc 127.0.0.1:/export /mnt/nfs\n dd if=/dev/zero of=/mnt/nfs/file1.bin bs=4096 count=1\n echo 3 > /proc/sys/vm/drop_caches\n dd if=/mnt/nfs/file1.bin of=/dev/null\n umount /mnt/nfs\n\nOn the console with a lockdep-enabled kernel a message similar to\nthe following will be seen:\n\n ================================\n WARNING: inconsistent lock state\n 6.7.0-lockdbg+ #10 Not tainted\n --------------------------------\n inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.\n test5/1708 [HC0[0]:SC0[0]:HE1:SE1] takes:\n ffff888127baa598 (&xa->xa_lock#4){+.?.}-{3:3}, at:\nnfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n {IN-SOFTIRQ-W} state was registered at:\n lock_acquire+0x144/0x380\n _raw_spin_lock_irqsave+0x4e/0xa0\n __folio_end_writeback+0x17e/0x5c0\n folio_end_writeback+0x93/0x1b0\n iomap_finish_ioend+0xeb/0x6a0\n blk_update_request+0x204/0x7f0\n blk_mq_end_request+0x30/0x1c0\n blk_complete_reqs+0x7e/0xa0\n __do_softirq+0x113/0x544\n __irq_exit_rcu+0xfe/0x120\n irq_exit_rcu+0xe/0x20\n sysvec_call_function_single+0x6f/0x90\n asm_sysvec_call_function_single+0x1a/0x20\n pv_native_safe_halt+0xf/0x20\n default_idle+0x9/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x34/0x40\n start_secondary+0x19d/0x1c0\n secondary_startup_64_no_verify+0x18f/0x19b\n irq event stamp: 176891\n hardirqs last enabled at (176891): [<ffffffffa67a0be4>]\n_raw_spin_unlock_irqrestore+0x44/0x60\n hardirqs last disabled at (176890): [<ffffffffa67a0899>]\n_raw_spin_lock_irqsave+0x79/0xa0\n softirqs last enabled at (176646): [<ffffffffa515d91e>]\n__irq_exit_rcu+0xfe/0x120\n softirqs last disabled at (176633): [<ffffffffa515d91e>]\n__irq_exit_rcu+0xfe/0x120\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&xa->xa_lock#4);\n <Interrupt>\n lock(&xa->xa_lock#4);\n\n *** DEADLOCK ***\n\n 2 locks held by test5/1708:\n #0: ffff888127baa498 (&sb->s_type->i_mutex_key#22){++++}-{4:4}, at:\n nfs_start_io_read+0x28/0x90 [nfs]\n #1: ffff888127baa650 (mapping.invalidate_lock#3){.+.+}-{4:4}, at:\n page_cache_ra_unbounded+0xa4/0x280\n\n stack backtrace:\n CPU: 6 PID: 1708 Comm: test5 Kdump: loaded Not tainted 6.7.0-lockdbg+\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\n Call Trace:\n dump_stack_lvl+0x5b/0x90\n mark_lock+0xb3f/0xd20\n __lock_acquire+0x77b/0x3360\n _raw_spin_lock+0x34/0x80\n nfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n netfs_begin_read+0x77f/0x980 [netfs]\n nfs_netfs_readahead+0x45/0x60 [nfs]\n nfs_readahead+0x323/0x5a0 [nfs]\n read_pages+0xf3/0x5c0\n page_cache_ra_unbounded+0x1c8/0x280\n filemap_get_pages+0x38c/0xae0\n filemap_read+0x206/0x5e0\n nfs_file_read+0xb7/0x140 [nfs]\n vfs_read+0x2a9/0x460\n ksys_read+0xb7/0x140"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "000dbe0bec05",
"version_value": "ad27382f8495"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ad27382f8495f8ef6d2c66c413d756bfd13c0598",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad27382f8495f8ef6d2c66c413d756bfd13c0598"
},
{
"url": "https://git.kernel.org/stable/c/8df1678c021ffeb20ef8a203bd9413f3ed9b0e9a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8df1678c021ffeb20ef8a203bd9413f3ed9b0e9a"
},
{
"url": "https://git.kernel.org/stable/c/8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc"
},
{
"url": "https://git.kernel.org/stable/c/fd5860ab6341506004219b080aea40213b299d2e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fd5860ab6341506004219b080aea40213b299d2e"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

140
2024/27xxx/CVE-2024-27032.json
View File

@ -1,18 +1,150 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27032",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid potential panic during recovery\n\nDuring recovery, if FAULT_BLOCK is on, it is possible that\nf2fs_reserve_new_block() will return -ENOSPC during recovery,\nthen it may trigger panic.\n\nAlso, if fault injection rate is 1 and only FAULT_BLOCK fault\ntype is on, it may encounter deadloop in loop of block reservation.\n\nLet's change as below to fix these issues:\n- remove bug_on() to avoid panic.\n- limit the loop count of block reservation to avoid potential\ndeadloop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b1020a546779",
"version_value": "fe4de493572a"
},
{
"version_affected": "<",
"version_name": "2a7b12d4705b",
"version_value": "8844b2f8a3f0"
},
{
"version_affected": "<",
"version_name": "b29cc6e29b5e",
"version_value": "d034810d02a5"
},
{
"version_affected": "<",
"version_name": "956fa1ddc132",
"version_value": "f26091a98131"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0"
},
{
"url": "https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c"
},
{
"url": "https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1"
},
{
"url": "https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67"
},
{
"url": "https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27033.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27033",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic\n\nverify_blkaddr() will trigger panic once we inject fault into\nf2fs_is_valid_blkaddr(), fix to remove this unnecessary f2fs_bug_on()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "18792e64c86d",
"version_value": "0386408036bf"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0386408036bfc8b50296d9e544ff91c4d52af2db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0386408036bfc8b50296d9e544ff91c4d52af2db"
},
{
"url": "https://git.kernel.org/stable/c/6633cdc8b2ebefcddcfcdacfd063105e60f39a49",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6633cdc8b2ebefcddcfcdacfd063105e60f39a49"
},
{
"url": "https://git.kernel.org/stable/c/abe98a05e7162f64759bf9111108ebcb11322dec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abe98a05e7162f64759bf9111108ebcb11322dec"
},
{
"url": "https://git.kernel.org/stable/c/b896e302f79678451a94769ddd9e52e954c64fbb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b896e302f79678451a94769ddd9e52e954c64fbb"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

136
2024/27xxx/CVE-2024-27034.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27034",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to cover normal cluster write with cp_rwsem\n\nWhen we overwrite compressed cluster w/ normal cluster, we should\nnot unlock cp_rwsem during f2fs_write_raw_pages(), otherwise data\nwill be corrupted if partial blocks were persisted before CP & SPOR,\ndue to cluster metadata wasn't updated atomically."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4c8ff7095bef",
"version_value": "7d420eaaa18e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416"
},
{
"url": "https://git.kernel.org/stable/c/542c8b3c774a480bfd0804291a12f6f2391b0cd1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/542c8b3c774a480bfd0804291a12f6f2391b0cd1"
},
{
"url": "https://git.kernel.org/stable/c/75abfd61392b1db391bde6d738a30d685b843286",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/75abfd61392b1db391bde6d738a30d685b843286"
},
{
"url": "https://git.kernel.org/stable/c/2b1b14d9fc94b8feae20808684c8af28ec80f45b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b1b14d9fc94b8feae20808684c8af28ec80f45b"
},
{
"url": "https://git.kernel.org/stable/c/52982edfcefd475cc34af663d5c47c0cddaa5739",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/52982edfcefd475cc34af663d5c47c0cddaa5739"
},
{
"url": "https://git.kernel.org/stable/c/fd244524c2cf07b5f4c3fe8abd6a99225c76544b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fd244524c2cf07b5f4c3fe8abd6a99225c76544b"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

125
2024/27xxx/CVE-2024-27035.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27035",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to guarantee persisting compressed blocks by CP\n\nIf data block in compressed cluster is not persisted with metadata\nduring checkpoint, after SPOR, the data may be corrupted, let's\nguarantee to write compressed page by checkpoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4c8ff7095bef",
"version_value": "e54cce813725"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"
},
{
"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"
},
{
"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"
},
{
"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"
},
{
"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27036.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix writeback data corruption\n\ncifs writeback doesn't correctly handle the case where\ncifs_extend_writeback() hits a point where it is considering an additional\nfolio, but this would overrun the wsize - at which point it drops out of\nthe xarray scanning loop and calls xas_pause(). The problem is that\nxas_pause() advances the loop counter - thereby skipping that page.\n\nWhat needs to happen is for xas_reset() to be called any time we decide we\ndon't want to process the page we're looking at, but rather send the\nrequest we are building and start a new one.\n\nFix this by copying and adapting the netfslib writepages code as a\ntemporary measure, with cifs writeback intending to be offloaded to\nnetfslib in the near future.\n\nThis also fixes the issue with the use of filemap_get_folios_tag() causing\nretry of a bunch of pages which the extender already dealt with.\n\nThis can be tested by creating, say, a 64K file somewhere not on cifs\n(otherwise copy-offload may get underfoot), mounting a cifs share with a\nwsize of 64000, copying the file to it and then comparing the original file\nand the copy:\n\n dd if=/dev/urandom of=/tmp/64K bs=64k count=1\n mount //192.168.6.1/test /mnt -o user=...,pass=...,wsize=64000\n cp /tmp/64K /mnt/64K\n cmp /tmp/64K /mnt/64K\n\nWithout the fix, the cmp fails at position 64000 (or shortly thereafter)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d08089f649a0",
"version_value": "e45deec35bf7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e45deec35bf7f1f4f992a707b2d04a8c162f2240",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e45deec35bf7f1f4f992a707b2d04a8c162f2240"
},
{
"url": "https://git.kernel.org/stable/c/65f2ced695982ccd516196d0a9447d85dbe2eed5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65f2ced695982ccd516196d0a9447d85dbe2eed5"
},
{
"url": "https://git.kernel.org/stable/c/844b4e132f57f1333dc79feaa035075a096762e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/844b4e132f57f1333dc79feaa035075a096762e4"
},
{
"url": "https://git.kernel.org/stable/c/f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

136
2024/27xxx/CVE-2024-27037.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27037",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: zynq: Prevent null pointer dereference caused by kmalloc failure\n\nThe kmalloc() in zynq_clk_setup() will return null if the\nphysical memory has run out. As a result, if we use snprintf()\nto write data to the null address, the null pointer dereference\nbug will happen.\n\nThis patch uses a stack variable to replace the kmalloc()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0ee52b157b8e",
"version_value": "01511ac7be8e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/01511ac7be8e45f80e637f6bf61af2d3d2dee9db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/01511ac7be8e45f80e637f6bf61af2d3d2dee9db"
},
{
"url": "https://git.kernel.org/stable/c/8c4889a9ea861d7be37463c10846eb75e1b49c9d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8c4889a9ea861d7be37463c10846eb75e1b49c9d"
},
{
"url": "https://git.kernel.org/stable/c/0801c893fd48cdba66a3c8f44c3fe43cc67d3b85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0801c893fd48cdba66a3c8f44c3fe43cc67d3b85"
},
{
"url": "https://git.kernel.org/stable/c/ca976c6a592f789700200069ef9052493c0b73d8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ca976c6a592f789700200069ef9052493c0b73d8"
},
{
"url": "https://git.kernel.org/stable/c/58a946ab43501f2eba058d24d96af0ad1122475b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/58a946ab43501f2eba058d24d96af0ad1122475b"
},
{
"url": "https://git.kernel.org/stable/c/7938e9ce39d6779d2f85d822cc930f73420e54a6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7938e9ce39d6779d2f85d822cc930f73420e54a6"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2024/27xxx/CVE-2024-27038.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27038",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Fix clk_core_get NULL dereference\n\nIt is possible for clk_core_get to dereference a NULL in the following\nsequence:\n\nclk_core_get()\n of_clk_get_hw_from_clkspec()\n __of_clk_get_hw_from_provider()\n __clk_get_hw()\n\n__clk_get_hw() can return NULL which is dereferenced by clk_core_get() at\nhw->core.\n\nPrior to commit dde4eff47c82 (\"clk: Look for parents with clkdev based\nclk_lookups\") the check IS_ERR_OR_NULL() was performed which would have\ncaught the NULL.\n\nReading the description of this function it talks about returning NULL but\nthat cannot be so at the moment.\n\nUpdate the function to check for hw before dereferencing it and return NULL\nif hw is NULL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "dde4eff47c82",
"version_value": "d7ae7d126568"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d7ae7d1265686b55832a445b1db8cdd69738ac07",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d7ae7d1265686b55832a445b1db8cdd69738ac07"
},
{
"url": "https://git.kernel.org/stable/c/239174535dba11f7b83de0eaaa27909024f8c185",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/239174535dba11f7b83de0eaaa27909024f8c185"
},
{
"url": "https://git.kernel.org/stable/c/0efb9ef6fb95384ba631d6819e66f10392aabfa2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0efb9ef6fb95384ba631d6819e66f10392aabfa2"
},
{
"url": "https://git.kernel.org/stable/c/a8b2b26fdd011ebe36d68a9a321ca45801685959",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8b2b26fdd011ebe36d68a9a321ca45801685959"
},
{
"url": "https://git.kernel.org/stable/c/a5d9b1aa61b401867b9066d54086b3e4ee91f8ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5d9b1aa61b401867b9066d54086b3e4ee91f8ed"
},
{
"url": "https://git.kernel.org/stable/c/c554badcae9c45b737a22d23454170c6020b90e6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c554badcae9c45b737a22d23454170c6020b90e6"
},
{
"url": "https://git.kernel.org/stable/c/6f073b24a9e2becd25ac4505a9780a87e621bb51",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f073b24a9e2becd25ac4505a9780a87e621bb51"
},
{
"url": "https://git.kernel.org/stable/c/e97fe4901e0f59a0bfd524578fe3768f8ca42428",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e97fe4901e0f59a0bfd524578fe3768f8ca42428"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

136
2024/27xxx/CVE-2024-27039.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: hisilicon: hi3559a: Fix an erroneous devm_kfree()\n\n'p_clk' is an array allocated just before the for loop for all clk that\nneed to be registered.\nIt is incremented at each loop iteration.\n\nIf a clk_register() call fails, 'p_clk' may point to something different\nfrom what should be freed.\n\nThe best we can do, is to avoid this wrong release of memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6c81966107dc",
"version_value": "3f8445f1c746"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3f8445f1c746fda180a7f75372ed06b24e9cefe2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3f8445f1c746fda180a7f75372ed06b24e9cefe2"
},
{
"url": "https://git.kernel.org/stable/c/e0b0d1c46a2ce1e46b79d004a7270fdef872e097",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0b0d1c46a2ce1e46b79d004a7270fdef872e097"
},
{
"url": "https://git.kernel.org/stable/c/95d1f1228c1bb54803ae57525b76db60e99b37e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/95d1f1228c1bb54803ae57525b76db60e99b37e4"
},
{
"url": "https://git.kernel.org/stable/c/2cc572e0085ebd4b662b74a0f43222bc00df9a00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2cc572e0085ebd4b662b74a0f43222bc00df9a00"
},
{
"url": "https://git.kernel.org/stable/c/d575765b1b62e8bdb00af11caa1aabeb01763d9f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d575765b1b62e8bdb00af11caa1aabeb01763d9f"
},
{
"url": "https://git.kernel.org/stable/c/64c6a38136b74a2f18c42199830975edd9fbc379",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/64c6a38136b74a2f18c42199830975edd9fbc379"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27040.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()'\n\nIn the first if statement, we're checking if 'replay' is NULL. But in\nthe second if statement, we're not checking if 'replay' is NULL again\nbefore calling replay->funcs->replay_set_power_opt().\n\nif (replay == NULL && force_static)\n return false;\n\n...\n\nif (link->replay_settings.replay_feature_enabled &&\n replay->funcs->replay_set_power_opt) {\n\treplay->funcs->replay_set_power_opt(replay, *power_opts, panel_inst);\n\tlink->replay_settings.replay_power_opt_active = *power_opts;\n}\n\nIf 'replay' is NULL, this will cause a null pointer dereference.\n\nFixes the below found by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed 'replay' could be null (see line 887)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c7ddc0a800bc",
"version_value": "f610c46771ef"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f610c46771ef1047e46d61807aa7c69cd29e63d8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f610c46771ef1047e46d61807aa7c69cd29e63d8"
},
{
"url": "https://git.kernel.org/stable/c/e7cadd5d3a8ffe334d0229ba9eda4290138d56e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e7cadd5d3a8ffe334d0229ba9eda4290138d56e7"
},
{
"url": "https://git.kernel.org/stable/c/d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3"
},
{
"url": "https://git.kernel.org/stable/c/f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27041.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27041",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini()\n\nSince 'adev->dm.dc' in amdgpu_dm_fini() might turn out to be NULL\nbefore the call to dc_enable_dmub_notifications(), check\nbeforehand to ensure there will not be a possible NULL-ptr-deref\nthere.\n\nAlso, since commit 1e88eb1b2c25 (\"drm/amd/display: Drop\nCONFIG_DRM_AMD_DC_HDCP\") there are two separate checks for NULL in\n'adev->dm.dc' before dc_deinit_callbacks() and dc_dmub_srv_destroy().\nClean up by combining them all under one 'if'.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "81927e2808be",
"version_value": "e040f1fbe9ab"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e040f1fbe9abae91b12b074cfc3bbb5367b79811",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e040f1fbe9abae91b12b074cfc3bbb5367b79811"
},
{
"url": "https://git.kernel.org/stable/c/ca2eb375db76fd50f31afdd67d6ca4f833254957",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ca2eb375db76fd50f31afdd67d6ca4f833254957"
},
{
"url": "https://git.kernel.org/stable/c/1c62697e4086de988b31124fb8c79c244ea05f2b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1c62697e4086de988b31124fb8c79c244ea05f2b"
},
{
"url": "https://git.kernel.org/stable/c/2a3cfb9a24a28da9cc13d2c525a76548865e182c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2a3cfb9a24a28da9cc13d2c525a76548865e182c"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27042.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27042",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'\n\nThe issue arises when the array 'adev->vcn.vcn_config' is accessed\nbefore checking if the index 'adev->vcn.num_vcn_inst' is within the\nbounds of the array.\n\nThe fix involves moving the bounds check before the array access. This\nensures that 'adev->vcn.num_vcn_inst' is within the bounds of the array\nbefore it is used as an index.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset 'adev->vcn.num_vcn_inst' after use."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a0ccc717c4ab",
"version_value": "8f3e68c6a3ff"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775"
},
{
"url": "https://git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058"
},
{
"url": "https://git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d"
},
{
"url": "https://git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2024/27xxx/CVE-2024-27043.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27043",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev's deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-> dvb_dmxdev_init\n |-> dvb_register_device\n |-> dvb_dmxdev_release\n |-> dvb_unregister_device\n |-> dvb_remove_device\n |-> dvb_device_put\n |-> kref_put\n\nWhen calling dvb_unregister_device, dmxdev->dvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b61901024776",
"version_value": "d0f5c2833382"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.21",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.21",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.311",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856"
},
{
"url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086"
},
{
"url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644"
},
{
"url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e"
},
{
"url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712"
},
{
"url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62"
},
{
"url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d"
},
{
"url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b"
},
{
"url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2024/27xxx/CVE-2024-27044.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27044",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()'\n\nThe 'stream' pointer is used in dcn10_set_output_transfer_func() before\nthe check if 'stream' is NULL.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn10/dcn10_hwseq.c:1892 dcn10_set_output_transfer_func() warn: variable dereferenced before check 'stream' (see line 1875)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ddef02de0d71",
"version_value": "e019d87e02f1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a"
},
{
"url": "https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08"
},
{
"url": "https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb"
},
{
"url": "https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0"
},
{
"url": "https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7"
},
{
"url": "https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7"
},
{
"url": "https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484"
},
{
"url": "https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

147
2024/27xxx/CVE-2024-27045.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27045",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'\n\nTell snprintf() to store at most 10 bytes in the output buffer\ninstead of 30.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c06e09b76639",
"version_value": "ff28893c96c5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515"
},
{
"url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877"
},
{
"url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab"
},
{
"url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7"
},
{
"url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65"
},
{
"url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4"
},
{
"url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

169
2024/27xxx/CVE-2024-27046.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27046",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bb9a8d031140",
"version_value": "d746889db75a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.311",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e"
},
{
"url": "https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d"
},
{
"url": "https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f"
},
{
"url": "https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5"
},
{
"url": "https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3"
},
{
"url": "https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642"
},
{
"url": "https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d"
},
{
"url": "https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2"
},
{
"url": "https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

147
2024/27xxx/CVE-2024-27047.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27047",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: fix phy_get_internal_delay accessing an empty array\n\nThe phy_get_internal_delay function could try to access to an empty\narray in the case that the driver is calling phy_get_internal_delay\nwithout defining delay_values and rx-internal-delay-ps or\ntx-internal-delay-ps is defined to 0 in the device-tree.\nThis will lead to \"unable to handle kernel NULL pointer dereference at\nvirtual address 0\". To avoid this kernel oops, the test should be delay\n>= 0. As there is already delay < 0 test just before, the test could\nonly be size == 0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "92252eec913b",
"version_value": "06dd21045a7e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b"
},
{
"url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a"
},
{
"url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8"
},
{
"url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563"
},
{
"url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b"
},
{
"url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad"
},
{
"url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27048.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27048",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: handle pmk_op allocation failure\n\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\n\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a96202acaea4",
"version_value": "df62e22c2e27"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"
},
{
"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"
},
{
"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"
},
{
"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

103
2024/27xxx/CVE-2024-27049.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27049",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925e: fix use-after-free in free_irq()\n\nFrom commit a304e1b82808 (\"[PATCH] Debug shared irqs\"), there is a test\nto make sure the shared irq handler should be able to handle the unexpected\nevent after deregistration. For this case, let's apply MT76_REMOVED flag to\nindicate the device was removed and do not run into the resource access\nanymore."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c948b5da6bbe",
"version_value": "84470b48af03"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/84470b48af03a818039d587478b415cbcb264ff5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/84470b48af03a818039d587478b415cbcb264ff5"
},
{
"url": "https://git.kernel.org/stable/c/6d9930096e1f13cf6d9aabfbf95d0e05fb04144f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d9930096e1f13cf6d9aabfbf95d0e05fb04144f"
},
{
"url": "https://git.kernel.org/stable/c/a5a5f4413d91f395cb2d89829d376d7393ad48b9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5a5f4413d91f395cb2d89829d376d7393ad48b9"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27050.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27050",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Use OPTS_SET() macro in bpf_xdp_query()\n\nWhen the feature_flags and xdp_zc_max_segs fields were added to the libbpf\nbpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro.\nThis causes libbpf to write to those fields unconditionally, which means\nthat programs compiled against an older version of libbpf (with a smaller\nsize of the bpf_xdp_query_opts struct) will have its stack corrupted by\nlibbpf writing out of bounds.\n\nThe patch adding the feature_flags field has an early bail out if the\nfeature_flags field is not part of the opts struct (via the OPTS_HAS)\nmacro, but the patch adding xdp_zc_max_segs does not. For consistency, this\nfix just changes the assignments to both fields to use the OPTS_SET()\nmacro."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13ce2daa259a",
"version_value": "fa5bef5e80c6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fa5bef5e80c6a3321b2b1a7070436f3bc5daf07c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fa5bef5e80c6a3321b2b1a7070436f3bc5daf07c"
},
{
"url": "https://git.kernel.org/stable/c/682ddd62abd4bdcee7584246903e7a2df005fe0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/682ddd62abd4bdcee7584246903e7a2df005fe0d"
},
{
"url": "https://git.kernel.org/stable/c/cd3be9843247edb8fc6fcd8d8237cbce2bc19f5e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cd3be9843247edb8fc6fcd8d8237cbce2bc19f5e"
},
{
"url": "https://git.kernel.org/stable/c/92a871ab9fa59a74d013bc04f321026a057618e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92a871ab9fa59a74d013bc04f321026a057618e7"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

147
2024/27xxx/CVE-2024-27051.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27051",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "de322e085995",
"version_value": "9127599c075c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
},
{
"url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
},
{
"url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
},
{
"url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
},
{
"url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
},
{
"url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
},
{
"url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

147
2024/27xxx/CVE-2024-27052.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27052",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work\n\nThe workqueue might still be running, when the driver is stopped. To\navoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e542e66b7c2e",
"version_value": "dddedfa3b29a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4"
},
{
"url": "https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59"
},
{
"url": "https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e"
},
{
"url": "https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e"
},
{
"url": "https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707"
},
{
"url": "https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a"
},
{
"url": "https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

158
2024/27xxx/CVE-2024-27053.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27053",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c460495ee072",
"version_value": "e556006de4ea"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.273",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"
},
{
"url": "https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"
},
{
"url": "https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"
},
{
"url": "https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"
},
{
"url": "https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"
},
{
"url": "https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"
},
{
"url": "https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"
},
{
"url": "https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

136
2024/27xxx/CVE-2024-27054.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27054",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module's refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c020d722b110",
"version_value": "edbdb0d94143"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.153",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"
},
{
"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"
},
{
"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"
},
{
"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"
},
{
"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"
},
{
"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

107
2024/27xxx/CVE-2024-27055.json
View File

@ -1,18 +1,117 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27055",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()\n\nFor wq_update_node_max_active(), @off_cpu of -1 indicates that no CPU is\ngoing down. The function was incorrectly calling cpumask_test_cpu() with -1\nCPU leading to oopses like the following on some archs:\n\n Unable to handle kernel paging request at virtual address ffff0002100296e0\n ..\n pc : wq_update_node_max_active+0x50/0x1fc\n lr : wq_update_node_max_active+0x1f0/0x1fc\n ...\n Call trace:\n wq_update_node_max_active+0x50/0x1fc\n apply_wqattrs_commit+0xf0/0x114\n apply_workqueue_attrs_locked+0x58/0xa0\n alloc_workqueue+0x5ac/0x774\n workqueue_init_early+0x460/0x540\n start_kernel+0x258/0x684\n __primary_switched+0xb8/0xc0\n Code: 9100a273 35000d01 53067f00 d0016dc1 (f8607a60)\n ---[ end trace 0000000000000000 ]---\n Kernel panic - not syncing: Attempted to kill the idle task!\n ---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---\n\nFix it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5a70baec2294",
"version_value": "7df62b8cca38"
},
{
"version_affected": "<",
"version_name": "fc67aebe34f2",
"version_value": "38c19c44cc05"
},
{
"version_affected": "<",
"version_name": "843288afd3cc",
"version_value": "9fc557d489f8"
},
{
"version_affected": "<",
"version_name": "5797b1c18919",
"version_value": "15930da42f89"
},
{
"version_affected": "<",
"version_name": "6.6.23",
"version_value": "6.6.25"
},
{
"version_affected": "<",
"version_name": "6.8.2",
"version_value": "6.8.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7df62b8cca38aa452b508b477b16544cba615084",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7df62b8cca38aa452b508b477b16544cba615084"
},
{
"url": "https://git.kernel.org/stable/c/a75ac2693d734d20724f0e10e039ca85f1fcfc4e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a75ac2693d734d20724f0e10e039ca85f1fcfc4e"
},
{
"url": "https://git.kernel.org/stable/c/38c19c44cc05ec1e84d2e31a9a289b83b6c7ec85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/38c19c44cc05ec1e84d2e31a9a289b83b6c7ec85"
},
{
"url": "https://git.kernel.org/stable/c/9fc557d489f8163c1aabcb89114b8eba960f4097",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9fc557d489f8163c1aabcb89114b8eba960f4097"
},
{
"url": "https://git.kernel.org/stable/c/adc646d2126988a64234502f579e4bc2b080d7cf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/adc646d2126988a64234502f579e4bc2b080d7cf"
},
{
"url": "https://git.kernel.org/stable/c/15930da42f8981dc42c19038042947b475b19f47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/15930da42f8981dc42c19038042947b475b19f47"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

82
2024/27xxx/CVE-2024-27056.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27056",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: ensure offloading TID queue exists\n\nThe resume code path assumes that the TX queue for the offloading TID\nhas been configured. At resume time it then tries to sync the write\npointer as it may have been updated by the firmware.\n\nIn the unusual event that no packets have been send on TID 0, the queue\nwill not have been allocated and this causes a crash. Fix this by\nensuring the queue exist at suspend time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "ed35a509390e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ed35a509390ef4011ea2226da5dd6f62b73873b5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed35a509390ef4011ea2226da5dd6f62b73873b5"
},
{
"url": "https://git.kernel.org/stable/c/78f65fbf421a61894c14a1b91fe2fb4437b3fe5f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/78f65fbf421a61894c14a1b91fe2fb4437b3fe5f"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

93
2024/27xxx/CVE-2024-27057.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27057",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend\n\nWhen the system is suspended while audio is active, the\nsof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during\nsuspend the DSP is turned off, streams will be re-started after resume.\n\nIf the firmware crashes during while audio is running (or when we reset\nthe stream before suspend) then the sof_ipc4_set_multi_pipeline_state()\nwill fail with IPC error and the state change is interrupted.\nThis will cause misalignment between the kernel and firmware state on next\nDSP boot resulting errors returned by firmware for IPC messages, eventually\nfailing the audio resume.\nOn stream close the errors are ignored so the kernel state will be\ncorrected on the next DSP boot, so the second boot after the DSP panic.\n\nIf sof_ipc4_trigger_pipelines() is called from sof_ipc4_pcm_hw_free() then\nstate parameter is SOF_IPC4_PIPE_RESET and only in this case.\n\nTreat a forced pipeline reset similarly to how we treat a pcm_free by\nignoring error on state sending to allow the kernel's state to be\nconsistent with the state the firmware will have after the next boot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "3cac6eebea9b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3cac6eebea9b4bc5f041e157e45c76e212ad6759",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cac6eebea9b4bc5f041e157e45c76e212ad6759"
},
{
"url": "https://git.kernel.org/stable/c/d153e8b154f9746ac969c85a4e6474760453647c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d153e8b154f9746ac969c85a4e6474760453647c"
},
{
"url": "https://git.kernel.org/stable/c/c40aad7c81e5fba34b70123ed7ce3397fa62a4d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c40aad7c81e5fba34b70123ed7ce3397fa62a4d2"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

114
2024/27xxx/CVE-2024-27058.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-27058",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntmpfs: fix race on handling dquot rbtree\n\nA syzkaller reproducer found a race while attempting to remove dquot\ninformation from the rb tree.\n\nFetching the rb_tree root node must also be protected by the\ndqopt->dqio_sem, otherwise, giving the right timing, shmem_release_dquot()\nwill trigger a warning because it couldn't find a node in the tree, when\nthe real reason was the root node changing before the search starts:\n\nThread 1\t\t\t\tThread 2\n- shmem_release_dquot()\t\t\t- shmem_{acquire,release}_dquot()\n\n- fetch ROOT\t\t\t\t- Fetch ROOT\n\n\t\t\t\t\t- acquire dqio_sem\n- wait dqio_sem\n\n\t\t\t\t\t- do something, triger a tree rebalance\n\t\t\t\t\t- release dqio_sem\n\n- acquire dqio_sem\n- start searching for the node, but\n from the wrong location, missing\n the node, and triggering a warning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "eafc474e2029",
"version_value": "c7077f43f30d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.24",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.12",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.3",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c7077f43f30d817d10a9f8245e51576ac114b2f0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c7077f43f30d817d10a9f8245e51576ac114b2f0"
},
{
"url": "https://git.kernel.org/stable/c/617d55b90e73c7b4aa2733ca6cc3f9b72d1124bb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/617d55b90e73c7b4aa2733ca6cc3f9b72d1124bb"
},
{
"url": "https://git.kernel.org/stable/c/f82f184874d2761ebaa60dccf577921a0dbb3810",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f82f184874d2761ebaa60dccf577921a0dbb3810"
},
{
"url": "https://git.kernel.org/stable/c/0a69b6b3a026543bc215ccc866d0aea5579e6ce2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a69b6b3a026543bc215ccc866d0aea5579e6ce2"
}
]
},
"generator": {
"engine": "bippy-d175d3acf727"
}
}

83
2024/28xxx/CVE-2024-28775.json
View File

@ -1,17 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285648."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "WebSphere Automation",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7149856",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7149856"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/285648",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/285648"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

58
2024/31xxx/CVE-2024-31412.json
View File

@ -1,17 +1,67 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31412",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being crashed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OMRON Corporation",
"product": {
"product_data": [
{
"product_name": "CX-Programmer",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-003_en.pdf",
"refsource": "MISC",
"name": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-003_en.pdf"
},
{
"url": "https://jvn.jp/en/vu/JVNVU98274902/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU98274902/"
}
]
}

77
2024/31xxx/CVE-2024-31413.json
View File

@ -1,17 +1,86 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31413",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto update in January 2024 or prior) and Sysmac Studio SYSMAC-SE2[][][] (The version which was installed with a DVD ver. 1.56 or lower, and was updated through Sysmac Studio V1 auto update in January 2024 or prior). Opening a specially crafted project file may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Free of pointer not at start of buffer"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OMRON Corporation",
"product": {
"product_data": [
{
"product_name": "CX-One CX-One CXONE-AL[][]D-V4 ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "The version which was installed with a DVD ver. 4.61.1 or lower"
},
{
"version_affected": "=",
"version_value": " and was updated through CX-One V4 auto update in January 2024 or prior"
}
]
}
},
{
"product_name": "Sysmac Studio SYSMAC-SE2[][][] ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "The version which was installed with a DVD ver. 1.56 or lower"
},
{
"version_affected": "=",
"version_value": " and was updated through Sysmac Studio V1 auto update in January 2024 or prior"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-002_en.pdf",
"refsource": "MISC",
"name": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-002_en.pdf"
},
{
"url": "https://jvn.jp/en/vu/JVNVU98274902/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU98274902/"
}
]
}

56
2024/33xxx/CVE-2024-33775.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-33775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-33775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.nagios.com/changelog/#nagios-xi",
"refsource": "MISC",
"name": "https://www.nagios.com/changelog/#nagios-xi"
}
]
}

59
2024/4xxx/CVE-2024-4058.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4058",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "124.0.6367.78",
"version_value": "124.0.6367.78"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://issues.chromium.org/issues/332546345",
"refsource": "MISC",
"name": "https://issues.chromium.org/issues/332546345"
}
]
}

59
2024/4xxx/CVE-2024-4059.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4059",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds read"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "124.0.6367.78",
"version_value": "124.0.6367.78"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://issues.chromium.org/issues/333182464",
"refsource": "MISC",
"name": "https://issues.chromium.org/issues/333182464"
}
]
}

59
2024/4xxx/CVE-2024-4060.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Dawn in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "124.0.6367.78",
"version_value": "124.0.6367.78"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://issues.chromium.org/issues/333420620",
"refsource": "MISC",
"name": "https://issues.chromium.org/issues/333420620"
}
]
}

59
2024/4xxx/CVE-2024-4331.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4331",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "124.0.6367.118",
"version_value": "124.0.6367.118"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html"
},
{
"url": "https://issues.chromium.org/issues/335003891",
"refsource": "MISC",
"name": "https://issues.chromium.org/issues/335003891"
}
]
}

59
2024/4xxx/CVE-2024-4368.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4368",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "124.0.6367.118",
"version_value": "124.0.6367.118"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html"
},
{
"url": "https://issues.chromium.org/issues/333508731",
"refsource": "MISC",
"name": "https://issues.chromium.org/issues/333508731"
}
]
}