From cba435c369559920eaf560f4bc1e21cf2470dffb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 27 Jun 2024 13:00:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/52xxx/CVE-2023-52445.json | 5 + 2023/52xxx/CVE-2023-52464.json | 5 + 2023/52xxx/CVE-2023-52469.json | 5 + 2023/52xxx/CVE-2023-52470.json | 5 + 2023/52xxx/CVE-2023-52486.json | 5 + 2023/52xxx/CVE-2023-52583.json | 5 + 2023/52xxx/CVE-2023-52600.json | 5 + 2023/52xxx/CVE-2023-52603.json | 5 + 2023/52xxx/CVE-2023-52604.json | 5 + 2023/52xxx/CVE-2023-52612.json | 5 + 2023/52xxx/CVE-2023-52622.json | 5 + 2023/52xxx/CVE-2023-52623.json | 5 + 2023/52xxx/CVE-2023-52650.json | 5 + 2023/52xxx/CVE-2023-52670.json | 5 + 2023/52xxx/CVE-2023-52683.json | 5 + 2023/52xxx/CVE-2023-52691.json | 5 + 2023/52xxx/CVE-2023-52699.json | 5 + 2023/6xxx/CVE-2023-6040.json | 5 + 2023/6xxx/CVE-2023-6270.json | 5 + 2024/0xxx/CVE-2024-0340.json | 5 + 2024/23xxx/CVE-2024-23849.json | 5 + 2024/23xxx/CVE-2024-23851.json | 5 + 2024/24xxx/CVE-2024-24861.json | 5 + 2024/25xxx/CVE-2024-25739.json | 5 + 2024/26xxx/CVE-2024-26625.json | 5 + 2024/26xxx/CVE-2024-26645.json | 5 + 2024/26xxx/CVE-2024-26651.json | 5 + 2024/26xxx/CVE-2024-26675.json | 5 + 2024/26xxx/CVE-2024-26696.json | 5 + 2024/26xxx/CVE-2024-26722.json | 5 + 2024/26xxx/CVE-2024-26754.json | 5 + 2024/26xxx/CVE-2024-26772.json | 5 + 2024/26xxx/CVE-2024-26777.json | 5 + 2024/26xxx/CVE-2024-26779.json | 5 + 2024/26xxx/CVE-2024-26791.json | 5 + 2024/26xxx/CVE-2024-26840.json | 5 + 2024/26xxx/CVE-2024-26851.json | 5 + 2024/26xxx/CVE-2024-26857.json | 5 + 2024/26xxx/CVE-2024-26874.json | 5 + 2024/26xxx/CVE-2024-26931.json | 5 + 2024/26xxx/CVE-2024-26934.json | 5 + 2024/26xxx/CVE-2024-26955.json | 5 + 2024/26xxx/CVE-2024-26956.json | 5 + 2024/26xxx/CVE-2024-26969.json | 5 + 2024/26xxx/CVE-2024-26984.json | 5 + 2024/26xxx/CVE-2024-26997.json | 5 + 2024/27xxx/CVE-2024-27008.json | 5 + 2024/27xxx/CVE-2024-27078.json | 5 + 2024/27xxx/CVE-2024-27388.json | 5 + 2024/27xxx/CVE-2024-27399.json | 5 + 2024/27xxx/CVE-2024-27405.json | 5 + 2024/27xxx/CVE-2024-27412.json | 5 + 2024/27xxx/CVE-2024-27413.json | 5 + 2024/27xxx/CVE-2024-27436.json | 5 + 2024/31xxx/CVE-2024-31076.json | 5 + 2024/35xxx/CVE-2024-35807.json | 5 + 2024/35xxx/CVE-2024-35809.json | 5 + 2024/35xxx/CVE-2024-35811.json | 5 + 2024/35xxx/CVE-2024-35815.json | 5 + 2024/35xxx/CVE-2024-35819.json | 5 + 2024/35xxx/CVE-2024-35821.json | 5 + 2024/35xxx/CVE-2024-35822.json | 5 + 2024/35xxx/CVE-2024-35823.json | 5 + 2024/35xxx/CVE-2024-35828.json | 5 + 2024/35xxx/CVE-2024-35933.json | 5 + 2024/35xxx/CVE-2024-35982.json | 5 + 2024/36xxx/CVE-2024-36014.json | 5 + 2024/36xxx/CVE-2024-36288.json | 5 + 2024/36xxx/CVE-2024-36883.json | 10 ++ 2024/36xxx/CVE-2024-36904.json | 168 ++++++++++++++++++++++++++++++++- 2024/36xxx/CVE-2024-36905.json | 163 +++++++++++++++++++++++++++++++- 2024/36xxx/CVE-2024-36934.json | 168 ++++++++++++++++++++++++++++++++- 2024/36xxx/CVE-2024-36941.json | 163 +++++++++++++++++++++++++++++++- 2024/36xxx/CVE-2024-36946.json | 163 +++++++++++++++++++++++++++++++- 2024/36xxx/CVE-2024-36950.json | 153 +++++++++++++++++++++++++++++- 2024/36xxx/CVE-2024-36959.json | 5 + 2024/37xxx/CVE-2024-37353.json | 5 + 2024/38xxx/CVE-2024-38381.json | 5 + 2024/38xxx/CVE-2024-38515.json | 8 +- 2024/38xxx/CVE-2024-38549.json | 5 + 2024/38xxx/CVE-2024-38552.json | 5 + 2024/38xxx/CVE-2024-38559.json | 5 + 2024/38xxx/CVE-2024-38560.json | 5 + 2024/38xxx/CVE-2024-38565.json | 5 + 2024/38xxx/CVE-2024-38578.json | 5 + 2024/38xxx/CVE-2024-38582.json | 5 + 2024/38xxx/CVE-2024-38583.json | 5 + 2024/38xxx/CVE-2024-38587.json | 5 + 2024/38xxx/CVE-2024-38599.json | 5 + 2024/38xxx/CVE-2024-38601.json | 5 + 2024/38xxx/CVE-2024-38612.json | 5 + 2024/38xxx/CVE-2024-38621.json | 5 + 2024/38xxx/CVE-2024-38634.json | 5 + 2024/38xxx/CVE-2024-38637.json | 5 + 2024/38xxx/CVE-2024-38659.json | 5 + 2024/6xxx/CVE-2024-6369.json | 100 +++++++++++++++++++- 2024/6xxx/CVE-2024-6370.json | 100 +++++++++++++++++++- 97 files changed, 1595 insertions(+), 36 deletions(-) diff --git a/2023/52xxx/CVE-2023-52445.json b/2023/52xxx/CVE-2023-52445.json index c457b69fef6..cdd1622bd88 100644 --- a/2023/52xxx/CVE-2023-52445.json +++ b/2023/52xxx/CVE-2023-52445.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52464.json b/2023/52xxx/CVE-2023-52464.json index d99a2dc3c97..63ffad12378 100644 --- a/2023/52xxx/CVE-2023-52464.json +++ b/2023/52xxx/CVE-2023-52464.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52469.json b/2023/52xxx/CVE-2023-52469.json index 8eb747f7f19..13b1d38a200 100644 --- a/2023/52xxx/CVE-2023-52469.json +++ b/2023/52xxx/CVE-2023-52469.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52470.json b/2023/52xxx/CVE-2023-52470.json index 767aee6b3aa..cb2921bc4e5 100644 --- a/2023/52xxx/CVE-2023-52470.json +++ b/2023/52xxx/CVE-2023-52470.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52486.json b/2023/52xxx/CVE-2023-52486.json index b3fbeb87b3e..65ff6fd70cb 100644 --- a/2023/52xxx/CVE-2023-52486.json +++ b/2023/52xxx/CVE-2023-52486.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52583.json b/2023/52xxx/CVE-2023-52583.json index df91207ed49..f51967738ee 100644 --- a/2023/52xxx/CVE-2023-52583.json +++ b/2023/52xxx/CVE-2023-52583.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52600.json b/2023/52xxx/CVE-2023-52600.json index 6a8fa3b8ee3..5dfa1cc5605 100644 --- a/2023/52xxx/CVE-2023-52600.json +++ b/2023/52xxx/CVE-2023-52600.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52603.json b/2023/52xxx/CVE-2023-52603.json index f6c6ee80b65..5340879ad0a 100644 --- a/2023/52xxx/CVE-2023-52603.json +++ b/2023/52xxx/CVE-2023-52603.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52604.json b/2023/52xxx/CVE-2023-52604.json index 0223d4a4363..cd2edee22be 100644 --- a/2023/52xxx/CVE-2023-52604.json +++ b/2023/52xxx/CVE-2023-52604.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52612.json b/2023/52xxx/CVE-2023-52612.json index 5d699442e3a..2f343a61c96 100644 --- a/2023/52xxx/CVE-2023-52612.json +++ b/2023/52xxx/CVE-2023-52612.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52622.json b/2023/52xxx/CVE-2023-52622.json index dc73810f2a3..932e6342a72 100644 --- a/2023/52xxx/CVE-2023-52622.json +++ b/2023/52xxx/CVE-2023-52622.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52623.json b/2023/52xxx/CVE-2023-52623.json index 873c660ec0e..e858f205dea 100644 --- a/2023/52xxx/CVE-2023-52623.json +++ b/2023/52xxx/CVE-2023-52623.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52650.json b/2023/52xxx/CVE-2023-52650.json index e1a81c34a6d..34f49a4dc05 100644 --- a/2023/52xxx/CVE-2023-52650.json +++ b/2023/52xxx/CVE-2023-52650.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52670.json b/2023/52xxx/CVE-2023-52670.json index 9da67cee85a..a8c7c532238 100644 --- a/2023/52xxx/CVE-2023-52670.json +++ b/2023/52xxx/CVE-2023-52670.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52683.json b/2023/52xxx/CVE-2023-52683.json index a66925afd47..976d39d91ae 100644 --- a/2023/52xxx/CVE-2023-52683.json +++ b/2023/52xxx/CVE-2023-52683.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52691.json b/2023/52xxx/CVE-2023-52691.json index 7a10ab14f3c..5f341e5e580 100644 --- a/2023/52xxx/CVE-2023-52691.json +++ b/2023/52xxx/CVE-2023-52691.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/52xxx/CVE-2023-52699.json b/2023/52xxx/CVE-2023-52699.json index b773940f3c8..e04572eb535 100644 --- a/2023/52xxx/CVE-2023-52699.json +++ b/2023/52xxx/CVE-2023-52699.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/6xxx/CVE-2023-6040.json b/2023/6xxx/CVE-2023-6040.json index 08f8b9ca644..1a7465b9a7e 100644 --- a/2023/6xxx/CVE-2023-6040.json +++ b/2023/6xxx/CVE-2023-6040.json @@ -79,6 +79,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2023/6xxx/CVE-2023-6270.json b/2023/6xxx/CVE-2023-6270.json index cbf4768270d..3ddd6bb632e 100644 --- a/2023/6xxx/CVE-2023-6270.json +++ b/2023/6xxx/CVE-2023-6270.json @@ -127,6 +127,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/0xxx/CVE-2024-0340.json b/2024/0xxx/CVE-2024-0340.json index 2f44d23ddc8..9f5f06da2a5 100644 --- a/2024/0xxx/CVE-2024-0340.json +++ b/2024/0xxx/CVE-2024-0340.json @@ -158,6 +158,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/23xxx/CVE-2024-23849.json b/2024/23xxx/CVE-2024-23849.json index 3c263e450c3..18cc0e5354a 100644 --- a/2024/23xxx/CVE-2024-23849.json +++ b/2024/23xxx/CVE-2024-23849.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] } diff --git a/2024/23xxx/CVE-2024-23851.json b/2024/23xxx/CVE-2024-23851.json index 86ca20d19f8..a4029643501 100644 --- a/2024/23xxx/CVE-2024-23851.json +++ b/2024/23xxx/CVE-2024-23851.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] } diff --git a/2024/24xxx/CVE-2024-24861.json b/2024/24xxx/CVE-2024-24861.json index 4ff799121ca..d4f1c3759bf 100644 --- a/2024/24xxx/CVE-2024-24861.json +++ b/2024/24xxx/CVE-2024-24861.json @@ -64,6 +64,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/25xxx/CVE-2024-25739.json b/2024/25xxx/CVE-2024-25739.json index f9fedb5af59..d05851d2074 100644 --- a/2024/25xxx/CVE-2024-25739.json +++ b/2024/25xxx/CVE-2024-25739.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] } diff --git a/2024/26xxx/CVE-2024-26625.json b/2024/26xxx/CVE-2024-26625.json index 315a70c73ce..062b070b3fd 100644 --- a/2024/26xxx/CVE-2024-26625.json +++ b/2024/26xxx/CVE-2024-26625.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26645.json b/2024/26xxx/CVE-2024-26645.json index 07454c2e8f6..f951c8b7e5e 100644 --- a/2024/26xxx/CVE-2024-26645.json +++ b/2024/26xxx/CVE-2024-26645.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26651.json b/2024/26xxx/CVE-2024-26651.json index 0dc00de4ece..6d7a96e3e12 100644 --- a/2024/26xxx/CVE-2024-26651.json +++ b/2024/26xxx/CVE-2024-26651.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26675.json b/2024/26xxx/CVE-2024-26675.json index 676c7ca5663..8fb4970e79e 100644 --- a/2024/26xxx/CVE-2024-26675.json +++ b/2024/26xxx/CVE-2024-26675.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26696.json b/2024/26xxx/CVE-2024-26696.json index 4e85c916fe1..304dbd3ef47 100644 --- a/2024/26xxx/CVE-2024-26696.json +++ b/2024/26xxx/CVE-2024-26696.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26722.json b/2024/26xxx/CVE-2024-26722.json index 54f83e6ee0d..5cad8203fe2 100644 --- a/2024/26xxx/CVE-2024-26722.json +++ b/2024/26xxx/CVE-2024-26722.json @@ -194,6 +194,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26754.json b/2024/26xxx/CVE-2024-26754.json index fea4d809cc6..a0a3de2acad 100644 --- a/2024/26xxx/CVE-2024-26754.json +++ b/2024/26xxx/CVE-2024-26754.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26772.json b/2024/26xxx/CVE-2024-26772.json index 6036c31e762..50991d312b3 100644 --- a/2024/26xxx/CVE-2024-26772.json +++ b/2024/26xxx/CVE-2024-26772.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26777.json b/2024/26xxx/CVE-2024-26777.json index 25fd0b332a1..455dc973dd4 100644 --- a/2024/26xxx/CVE-2024-26777.json +++ b/2024/26xxx/CVE-2024-26777.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26779.json b/2024/26xxx/CVE-2024-26779.json index 15a7d2df882..a750c677972 100644 --- a/2024/26xxx/CVE-2024-26779.json +++ b/2024/26xxx/CVE-2024-26779.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26791.json b/2024/26xxx/CVE-2024-26791.json index 6f43a998726..466a94c4c51 100644 --- a/2024/26xxx/CVE-2024-26791.json +++ b/2024/26xxx/CVE-2024-26791.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26840.json b/2024/26xxx/CVE-2024-26840.json index 271cbffcbdd..9b52ddd3fc8 100644 --- a/2024/26xxx/CVE-2024-26840.json +++ b/2024/26xxx/CVE-2024-26840.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26851.json b/2024/26xxx/CVE-2024-26851.json index 90874816268..b63dfb3aa9f 100644 --- a/2024/26xxx/CVE-2024-26851.json +++ b/2024/26xxx/CVE-2024-26851.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26857.json b/2024/26xxx/CVE-2024-26857.json index de5665b86be..e93bee9ae50 100644 --- a/2024/26xxx/CVE-2024-26857.json +++ b/2024/26xxx/CVE-2024-26857.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26874.json b/2024/26xxx/CVE-2024-26874.json index b0e4c551c4b..585bba4299b 100644 --- a/2024/26xxx/CVE-2024-26874.json +++ b/2024/26xxx/CVE-2024-26874.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26931.json b/2024/26xxx/CVE-2024-26931.json index b46b384edde..c6611869ef4 100644 --- a/2024/26xxx/CVE-2024-26931.json +++ b/2024/26xxx/CVE-2024-26931.json @@ -165,6 +165,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26934.json b/2024/26xxx/CVE-2024-26934.json index 06f6551f732..2fc614bad60 100644 --- a/2024/26xxx/CVE-2024-26934.json +++ b/2024/26xxx/CVE-2024-26934.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26955.json b/2024/26xxx/CVE-2024-26955.json index 5cf4138abb1..b070cba4456 100644 --- a/2024/26xxx/CVE-2024-26955.json +++ b/2024/26xxx/CVE-2024-26955.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26956.json b/2024/26xxx/CVE-2024-26956.json index 13dfe98eec2..d728db23ac7 100644 --- a/2024/26xxx/CVE-2024-26956.json +++ b/2024/26xxx/CVE-2024-26956.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26969.json b/2024/26xxx/CVE-2024-26969.json index 83d7b874403..f066e8061f9 100644 --- a/2024/26xxx/CVE-2024-26969.json +++ b/2024/26xxx/CVE-2024-26969.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26984.json b/2024/26xxx/CVE-2024-26984.json index d126c8ed9ba..99c32fdc360 100644 --- a/2024/26xxx/CVE-2024-26984.json +++ b/2024/26xxx/CVE-2024-26984.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/26xxx/CVE-2024-26997.json b/2024/26xxx/CVE-2024-26997.json index a75a60ffd9e..555d659cd5b 100644 --- a/2024/26xxx/CVE-2024-26997.json +++ b/2024/26xxx/CVE-2024-26997.json @@ -168,6 +168,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27008.json b/2024/27xxx/CVE-2024-27008.json index 9b5d8afec55..3bdb90b5084 100644 --- a/2024/27xxx/CVE-2024-27008.json +++ b/2024/27xxx/CVE-2024-27008.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27078.json b/2024/27xxx/CVE-2024-27078.json index 6caeee736ef..056163bdc93 100644 --- a/2024/27xxx/CVE-2024-27078.json +++ b/2024/27xxx/CVE-2024-27078.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27388.json b/2024/27xxx/CVE-2024-27388.json index ff1d368f9e1..47e764e4ebe 100644 --- a/2024/27xxx/CVE-2024-27388.json +++ b/2024/27xxx/CVE-2024-27388.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27399.json b/2024/27xxx/CVE-2024-27399.json index 4f9a82c79ac..0ae64e94c5e 100644 --- a/2024/27xxx/CVE-2024-27399.json +++ b/2024/27xxx/CVE-2024-27399.json @@ -169,6 +169,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27405.json b/2024/27xxx/CVE-2024-27405.json index a8d6abd6d9a..a88f8fd2e57 100644 --- a/2024/27xxx/CVE-2024-27405.json +++ b/2024/27xxx/CVE-2024-27405.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27412.json b/2024/27xxx/CVE-2024-27412.json index 5f508a00b5f..96d0c97b01a 100644 --- a/2024/27xxx/CVE-2024-27412.json +++ b/2024/27xxx/CVE-2024-27412.json @@ -189,6 +189,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27413.json b/2024/27xxx/CVE-2024-27413.json index 78de07e7a94..31d184b7014 100644 --- a/2024/27xxx/CVE-2024-27413.json +++ b/2024/27xxx/CVE-2024-27413.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/27xxx/CVE-2024-27436.json b/2024/27xxx/CVE-2024-27436.json index 6e8f580f78c..e75d2dcc936 100644 --- a/2024/27xxx/CVE-2024-27436.json +++ b/2024/27xxx/CVE-2024-27436.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/31xxx/CVE-2024-31076.json b/2024/31xxx/CVE-2024-31076.json index ceb012f25ff..aac77ff09af 100644 --- a/2024/31xxx/CVE-2024-31076.json +++ b/2024/31xxx/CVE-2024-31076.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35807.json b/2024/35xxx/CVE-2024-35807.json index 44e1bfc4f2d..9450f216dfc 100644 --- a/2024/35xxx/CVE-2024-35807.json +++ b/2024/35xxx/CVE-2024-35807.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35809.json b/2024/35xxx/CVE-2024-35809.json index 0b5a06d3c78..9f6a32f097d 100644 --- a/2024/35xxx/CVE-2024-35809.json +++ b/2024/35xxx/CVE-2024-35809.json @@ -165,6 +165,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35811.json b/2024/35xxx/CVE-2024-35811.json index 117400d4933..37734832c71 100644 --- a/2024/35xxx/CVE-2024-35811.json +++ b/2024/35xxx/CVE-2024-35811.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35815.json b/2024/35xxx/CVE-2024-35815.json index b308d75a904..bdf80ca2422 100644 --- a/2024/35xxx/CVE-2024-35815.json +++ b/2024/35xxx/CVE-2024-35815.json @@ -168,6 +168,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35819.json b/2024/35xxx/CVE-2024-35819.json index 2b672f43673..641d8932dd9 100644 --- a/2024/35xxx/CVE-2024-35819.json +++ b/2024/35xxx/CVE-2024-35819.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35821.json b/2024/35xxx/CVE-2024-35821.json index b7e2e554b35..53667f92e2a 100644 --- a/2024/35xxx/CVE-2024-35821.json +++ b/2024/35xxx/CVE-2024-35821.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35822.json b/2024/35xxx/CVE-2024-35822.json index bb715d23107..9dbee31e20b 100644 --- a/2024/35xxx/CVE-2024-35822.json +++ b/2024/35xxx/CVE-2024-35822.json @@ -165,6 +165,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35823.json b/2024/35xxx/CVE-2024-35823.json index 8dce48ac7f3..db89b950eb6 100644 --- a/2024/35xxx/CVE-2024-35823.json +++ b/2024/35xxx/CVE-2024-35823.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35828.json b/2024/35xxx/CVE-2024-35828.json index 1a7a9349e4e..30b2b26fbbc 100644 --- a/2024/35xxx/CVE-2024-35828.json +++ b/2024/35xxx/CVE-2024-35828.json @@ -175,6 +175,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35933.json b/2024/35xxx/CVE-2024-35933.json index 4bdbe3482c0..118a30552d1 100644 --- a/2024/35xxx/CVE-2024-35933.json +++ b/2024/35xxx/CVE-2024-35933.json @@ -154,6 +154,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/35xxx/CVE-2024-35982.json b/2024/35xxx/CVE-2024-35982.json index 9c3a0880030..2f717c4cac9 100644 --- a/2024/35xxx/CVE-2024-35982.json +++ b/2024/35xxx/CVE-2024-35982.json @@ -164,6 +164,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/36xxx/CVE-2024-36014.json b/2024/36xxx/CVE-2024-36014.json index 8ab5188cee8..34564b95d9f 100644 --- a/2024/36xxx/CVE-2024-36014.json +++ b/2024/36xxx/CVE-2024-36014.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/36xxx/CVE-2024-36288.json b/2024/36xxx/CVE-2024-36288.json index a668e557155..69d0310a4f8 100644 --- a/2024/36xxx/CVE-2024-36288.json +++ b/2024/36xxx/CVE-2024-36288.json @@ -158,6 +158,11 @@ "url": "https://git.kernel.org/stable/c/4a77c3dead97339478c7422eb07bf4bf63577008", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/4a77c3dead97339478c7422eb07bf4bf63577008" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/36xxx/CVE-2024-36883.json b/2024/36xxx/CVE-2024-36883.json index 0aa7558c14a..7492b1eacd9 100644 --- a/2024/36xxx/CVE-2024-36883.json +++ b/2024/36xxx/CVE-2024-36883.json @@ -159,6 +159,16 @@ "url": "https://git.kernel.org/stable/c/a26ff37e624d12e28077e5b24d2b264f62764ad6", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/a26ff37e624d12e28077e5b24d2b264f62764ad6" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html" } ] }, diff --git a/2024/36xxx/CVE-2024-36904.json b/2024/36xxx/CVE-2024-36904.json index 047107d0322..d01d00d2790 100644 --- a/2024/36xxx/CVE-2024-36904.json +++ b/2024/36xxx/CVE-2024-36904.json @@ -1,18 +1,178 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36904", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket's\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff <0f> 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n " } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "ec94c2696f0b", + "version_value": "84546cc1aeeb" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "4.16", + "status": "affected" + }, + { + "version": "0", + "lessThan": "4.16", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.314", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.276", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.217", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.159", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.91", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.31", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.10", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.9", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/84546cc1aeeb4df3e444b18a4293c9823f974be9", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/84546cc1aeeb4df3e444b18a4293c9823f974be9" + }, + { + "url": "https://git.kernel.org/stable/c/1796ca9c6f5bd50554214053af5f47d112818ee3", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/1796ca9c6f5bd50554214053af5f47d112818ee3" + }, + { + "url": "https://git.kernel.org/stable/c/1d9cf07810c30ef7948879567d10fd1f01121d34", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/1d9cf07810c30ef7948879567d10fd1f01121d34" + }, + { + "url": "https://git.kernel.org/stable/c/27b0284d8be182a81feb65581ab6a724dfd596e8", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/27b0284d8be182a81feb65581ab6a724dfd596e8" + }, + { + "url": "https://git.kernel.org/stable/c/13ed7cdf079686ccd3618335205700c03f6fb446", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/13ed7cdf079686ccd3618335205700c03f6fb446" + }, + { + "url": "https://git.kernel.org/stable/c/6e48faad92be13166184d21506e4e54c79c13adc", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/6e48faad92be13166184d21506e4e54c79c13adc" + }, + { + "url": "https://git.kernel.org/stable/c/517e32ea0a8c72202d0d8aa8df50a7cd3d6fdefc", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/517e32ea0a8c72202d0d8aa8df50a7cd3d6fdefc" + }, + { + "url": "https://git.kernel.org/stable/c/f2db7230f73a80dbb179deab78f88a7947f0ab7e", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/f2db7230f73a80dbb179deab78f88a7947f0ab7e" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html" + } + ] + }, + "generator": { + "engine": "bippy-a5840b7849dd" } } \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36905.json b/2024/36xxx/CVE-2024-36905.json index aab9bb4a82b..1f0f57ec083 100644 --- a/2024/36xxx/CVE-2024-36905.json +++ b/2024/36xxx/CVE-2024-36905.json @@ -1,18 +1,173 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36905", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk->sk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 <48> f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n \n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1da177e4c3f4", + "version_value": "34e41a031fd7" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "2.6.12", + "status": "affected" + }, + { + "version": "0", + "lessThan": "2.6.12", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.314", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.276", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.217", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.159", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.91", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.31", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.10", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.9", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/34e41a031fd7523bf1cd00a2adca2370aebea270", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/34e41a031fd7523bf1cd00a2adca2370aebea270" + }, + { + "url": "https://git.kernel.org/stable/c/ed5e279b69e007ce6c0fe82a5a534c1b19783214", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ed5e279b69e007ce6c0fe82a5a534c1b19783214" + }, + { + "url": "https://git.kernel.org/stable/c/413c33b9f3bc36fdf719690a78824db9f88a9485", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/413c33b9f3bc36fdf719690a78824db9f88a9485" + }, + { + "url": "https://git.kernel.org/stable/c/2552c9d9440f8e7a2ed0660911ff00f25b90a0a4", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/2552c9d9440f8e7a2ed0660911ff00f25b90a0a4" + }, + { + "url": "https://git.kernel.org/stable/c/3fe4ef0568a48369b1891395d13ac593b1ba41b1", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/3fe4ef0568a48369b1891395d13ac593b1ba41b1" + }, + { + "url": "https://git.kernel.org/stable/c/f47d0d32fa94e815fdd78b8b88684873e67939f4", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/f47d0d32fa94e815fdd78b8b88684873e67939f4" + }, + { + "url": "https://git.kernel.org/stable/c/cbf232ba11bc86a5281b4f00e1151349ef4d45cf", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/cbf232ba11bc86a5281b4f00e1151349ef4d45cf" + }, + { + "url": "https://git.kernel.org/stable/c/94062790aedb505bdda209b10bea47b294d6394f", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/94062790aedb505bdda209b10bea47b294d6394f" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + } + ] + }, + "generator": { + "engine": "bippy-a5840b7849dd" } } \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36934.json b/2024/36xxx/CVE-2024-36934.json index 08745fdc383..3d81352431a 100644 --- a/2024/36xxx/CVE-2024-36934.json +++ b/2024/36xxx/CVE-2024-36934.json @@ -1,18 +1,178 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36934", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don't\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "7afc5dbde091", + "version_value": "bd502ba81cd1" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "3.3", + "status": "affected" + }, + { + "version": "0", + "lessThan": "3.3", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.314", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.276", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.217", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.159", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.91", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.31", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.10", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.9", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147" + }, + { + "url": "https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd" + }, + { + "url": "https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4" + }, + { + "url": "https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9" + }, + { + "url": "https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32" + }, + { + "url": "https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91" + }, + { + "url": "https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35" + }, + { + "url": "https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html" + } + ] + }, + "generator": { + "engine": "bippy-a5840b7849dd" } } \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36941.json b/2024/36xxx/CVE-2024-36941.json index 0b94a418dd6..5be03c9db3d 100644 --- a/2024/36xxx/CVE-2024-36941.json +++ b/2024/36xxx/CVE-2024-36941.json @@ -1,18 +1,173 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36941", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: don't free NULL coalescing rule\n\nIf the parsing fails, we can dereference a NULL pointer here." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "be29b99a9b51", + "version_value": "327382dc0f16" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "3.12", + "status": "affected" + }, + { + "version": "0", + "lessThan": "3.12", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.314", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.276", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.217", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.159", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.91", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.31", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.10", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.9", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/327382dc0f16b268950b96e0052595efd80f7b0a", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/327382dc0f16b268950b96e0052595efd80f7b0a" + }, + { + "url": "https://git.kernel.org/stable/c/97792d0611ae2e6fe3ccefb0a94a1d802317c457", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/97792d0611ae2e6fe3ccefb0a94a1d802317c457" + }, + { + "url": "https://git.kernel.org/stable/c/5a730a161ac2290d46d49be76b2b1aee8d2eb307", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/5a730a161ac2290d46d49be76b2b1aee8d2eb307" + }, + { + "url": "https://git.kernel.org/stable/c/ad12c74e953b68ad85c78adc6408ed8435c64af4", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ad12c74e953b68ad85c78adc6408ed8435c64af4" + }, + { + "url": "https://git.kernel.org/stable/c/b0db4caa10f2e4e811cf88744fbf0d074b67ec1f", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/b0db4caa10f2e4e811cf88744fbf0d074b67ec1f" + }, + { + "url": "https://git.kernel.org/stable/c/244822c09b4f9aedfb5977f03c0deeb39da8ec7d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/244822c09b4f9aedfb5977f03c0deeb39da8ec7d" + }, + { + "url": "https://git.kernel.org/stable/c/f92772a642485394db5c9a17bd0ee73fc6902383", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/f92772a642485394db5c9a17bd0ee73fc6902383" + }, + { + "url": "https://git.kernel.org/stable/c/801ea33ae82d6a9d954074fbcf8ea9d18f1543a7", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/801ea33ae82d6a9d954074fbcf8ea9d18f1543a7" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + } + ] + }, + "generator": { + "engine": "bippy-a5840b7849dd" } } \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36946.json b/2024/36xxx/CVE-2024-36946.json index 73f06f97cdc..829c22eeb66 100644 --- a/2024/36xxx/CVE-2024-36946.json +++ b/2024/36xxx/CVE-2024-36946.json @@ -1,18 +1,173 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36946", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphonet: fix rtm_phonet_notify() skb allocation\n\nfill_route() stores three components in the skb:\n\n- struct rtmsg\n- RTA_DST (u8)\n- RTA_OIF (u32)\n\nTherefore, rtm_phonet_notify() should use\n\nNLMSG_ALIGN(sizeof(struct rtmsg)) +\nnla_total_size(1) +\nnla_total_size(4)" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "f062f41d0657", + "version_value": "ec1f71c05cae" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "2.6.33", + "status": "affected" + }, + { + "version": "0", + "lessThan": "2.6.33", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.314", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.276", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.217", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.159", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.91", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.31", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.10", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.9", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/ec1f71c05caeba0f814df77e0f511d8b4618623a", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ec1f71c05caeba0f814df77e0f511d8b4618623a" + }, + { + "url": "https://git.kernel.org/stable/c/dc6beac059f0331de97155a89d84058d4a9e49c7", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/dc6beac059f0331de97155a89d84058d4a9e49c7" + }, + { + "url": "https://git.kernel.org/stable/c/f085e02f0a32f6dfcfabc6535c9c4a1707cef86b", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/f085e02f0a32f6dfcfabc6535c9c4a1707cef86b" + }, + { + "url": "https://git.kernel.org/stable/c/4ff334cade9dae50e4be387f71e94fae634aa9b4", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/4ff334cade9dae50e4be387f71e94fae634aa9b4" + }, + { + "url": "https://git.kernel.org/stable/c/728a83160f98ee6b60df0d890141b9b7240182fe", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/728a83160f98ee6b60df0d890141b9b7240182fe" + }, + { + "url": "https://git.kernel.org/stable/c/ee9e39a6cb3ca2a3d35b4ae25547ee3526a44d00", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ee9e39a6cb3ca2a3d35b4ae25547ee3526a44d00" + }, + { + "url": "https://git.kernel.org/stable/c/9a77226440008cf04ba68faf641a2d50f4998137", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/9a77226440008cf04ba68faf641a2d50f4998137" + }, + { + "url": "https://git.kernel.org/stable/c/d8cac8568618dcb8a51af3db1103e8d4cc4aeea7", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/d8cac8568618dcb8a51af3db1103e8d4cc4aeea7" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + } + ] + }, + "generator": { + "engine": "bippy-a5840b7849dd" } } \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36950.json b/2024/36xxx/CVE-2024-36950.json index 4163fef2283..fce2c1231bb 100644 --- a/2024/36xxx/CVE-2024-36950.json +++ b/2024/36xxx/CVE-2024-36950.json @@ -1,18 +1,163 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-36950", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can't clear the bus\nreset event flag in irq_handler, because we won't service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won't be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1da177e4c3f4", + "version_value": "b3948c69d602" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "4.19.314", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.276", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.217", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.159", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.91", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.31", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8.10", + "lessThanOrEqual": "6.8.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.9", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/b3948c69d60279fce5b2eeda92a07d66296c8130", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/b3948c69d60279fce5b2eeda92a07d66296c8130" + }, + { + "url": "https://git.kernel.org/stable/c/31279bbca40d2f40cb3bbb6d538ec9620a645dec", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/31279bbca40d2f40cb3bbb6d538ec9620a645dec" + }, + { + "url": "https://git.kernel.org/stable/c/fa273f312334246c909475c5868e6daab889cc8c", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/fa273f312334246c909475c5868e6daab889cc8c" + }, + { + "url": "https://git.kernel.org/stable/c/4f9cc355c328fc4f41cbd9c4cd58b235184fa420", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/4f9cc355c328fc4f41cbd9c4cd58b235184fa420" + }, + { + "url": "https://git.kernel.org/stable/c/6fafe3661712b143d9c69a7322294bd53f559d5d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/6fafe3661712b143d9c69a7322294bd53f559d5d" + }, + { + "url": "https://git.kernel.org/stable/c/5982887de60c1b84f9c0ca07c835814d07fd1da0", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/5982887de60c1b84f9c0ca07c835814d07fd1da0" + }, + { + "url": "https://git.kernel.org/stable/c/8643332aac0576581cfdf01798ea3e4e0d624b61", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/8643332aac0576581cfdf01798ea3e4e0d624b61" + }, + { + "url": "https://git.kernel.org/stable/c/752e3c53de0fa3b7d817a83050b6699b8e9c6ec9", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/752e3c53de0fa3b7d817a83050b6699b8e9c6ec9" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" + } + ] + }, + "generator": { + "engine": "bippy-a5840b7849dd" } } \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36959.json b/2024/36xxx/CVE-2024-36959.json index 1bcf93cd42f..f7206664d17 100644 --- a/2024/36xxx/CVE-2024-36959.json +++ b/2024/36xxx/CVE-2024-36959.json @@ -179,6 +179,11 @@ "url": "https://git.kernel.org/stable/c/a0cedbcc8852d6c77b00634b81e41f17f29d9404", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/a0cedbcc8852d6c77b00634b81e41f17f29d9404" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/37xxx/CVE-2024-37353.json b/2024/37xxx/CVE-2024-37353.json index 9171aaf63df..08b2b78606e 100644 --- a/2024/37xxx/CVE-2024-37353.json +++ b/2024/37xxx/CVE-2024-37353.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38381.json b/2024/38xxx/CVE-2024-38381.json index 7529162f219..c8d5f0d2627 100644 --- a/2024/38xxx/CVE-2024-38381.json +++ b/2024/38xxx/CVE-2024-38381.json @@ -189,6 +189,11 @@ "url": "https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38515.json b/2024/38xxx/CVE-2024-38515.json index 2300782e9a6..f57e24823de 100644 --- a/2024/38xxx/CVE-2024-38515.json +++ b/2024/38xxx/CVE-2024-38515.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-38515", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE is a duplicate of CVE-2024-38374." } ] } diff --git a/2024/38xxx/CVE-2024-38549.json b/2024/38xxx/CVE-2024-38549.json index eaaab67cbdf..ba028a8771a 100644 --- a/2024/38xxx/CVE-2024-38549.json +++ b/2024/38xxx/CVE-2024-38549.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38552.json b/2024/38xxx/CVE-2024-38552.json index 9243c6aa9c7..bff989d7b5f 100644 --- a/2024/38xxx/CVE-2024-38552.json +++ b/2024/38xxx/CVE-2024-38552.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/63ae548f1054a0b71678d0349c7dc9628ddd42ca", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/63ae548f1054a0b71678d0349c7dc9628ddd42ca" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38559.json b/2024/38xxx/CVE-2024-38559.json index 61a43b05c0c..35c283e83e3 100644 --- a/2024/38xxx/CVE-2024-38559.json +++ b/2024/38xxx/CVE-2024-38559.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38560.json b/2024/38xxx/CVE-2024-38560.json index c2f1a4fed4f..17a4c6c95d9 100644 --- a/2024/38xxx/CVE-2024-38560.json +++ b/2024/38xxx/CVE-2024-38560.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/13d0cecb4626fae67c00c84d3c7851f6b62f7df3", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/13d0cecb4626fae67c00c84d3c7851f6b62f7df3" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38565.json b/2024/38xxx/CVE-2024-38565.json index daab0d8053b..09db936397e 100644 --- a/2024/38xxx/CVE-2024-38565.json +++ b/2024/38xxx/CVE-2024-38565.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/e120b6388d7d88635d67dcae6483f39c37111850", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/e120b6388d7d88635d67dcae6483f39c37111850" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38578.json b/2024/38xxx/CVE-2024-38578.json index 9dc789d09c0..5eb488def6e 100644 --- a/2024/38xxx/CVE-2024-38578.json +++ b/2024/38xxx/CVE-2024-38578.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/85a6a1aff08ec9f5b929d345d066e2830e8818e5", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/85a6a1aff08ec9f5b929d345d066e2830e8818e5" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38582.json b/2024/38xxx/CVE-2024-38582.json index fd0db254c1a..9403ae9e297 100644 --- a/2024/38xxx/CVE-2024-38582.json +++ b/2024/38xxx/CVE-2024-38582.json @@ -160,6 +160,11 @@ "url": "https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38583.json b/2024/38xxx/CVE-2024-38583.json index 1751d4d368e..5567e086ded 100644 --- a/2024/38xxx/CVE-2024-38583.json +++ b/2024/38xxx/CVE-2024-38583.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38587.json b/2024/38xxx/CVE-2024-38587.json index b5b179597d2..2465278081f 100644 --- a/2024/38xxx/CVE-2024-38587.json +++ b/2024/38xxx/CVE-2024-38587.json @@ -205,6 +205,11 @@ "url": "https://git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38599.json b/2024/38xxx/CVE-2024-38599.json index 2e37757a45c..62148caaa9d 100644 --- a/2024/38xxx/CVE-2024-38599.json +++ b/2024/38xxx/CVE-2024-38599.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/c6854e5a267c28300ff045480b5a7ee7f6f1d913", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/c6854e5a267c28300ff045480b5a7ee7f6f1d913" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38601.json b/2024/38xxx/CVE-2024-38601.json index 4b29b8149b2..834ab77659c 100644 --- a/2024/38xxx/CVE-2024-38601.json +++ b/2024/38xxx/CVE-2024-38601.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/c2274b908db05529980ec056359fae916939fdaa", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/c2274b908db05529980ec056359fae916939fdaa" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38612.json b/2024/38xxx/CVE-2024-38612.json index 367672a4085..1ddb25fe1fd 100644 --- a/2024/38xxx/CVE-2024-38612.json +++ b/2024/38xxx/CVE-2024-38612.json @@ -170,6 +170,11 @@ "url": "https://git.kernel.org/stable/c/160e9d2752181fcf18c662e74022d77d3164cd45", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/160e9d2752181fcf18c662e74022d77d3164cd45" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38621.json b/2024/38xxx/CVE-2024-38621.json index 7ad5fd98faf..f8ce77089bd 100644 --- a/2024/38xxx/CVE-2024-38621.json +++ b/2024/38xxx/CVE-2024-38621.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38634.json b/2024/38xxx/CVE-2024-38634.json index b23d27c8321..c06e8b9d247 100644 --- a/2024/38xxx/CVE-2024-38634.json +++ b/2024/38xxx/CVE-2024-38634.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/77ab53371a2066fdf9b895246505f5ef5a4b5d47", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/77ab53371a2066fdf9b895246505f5ef5a4b5d47" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38637.json b/2024/38xxx/CVE-2024-38637.json index 39bfbc9f8eb..f6c03222975 100644 --- a/2024/38xxx/CVE-2024-38637.json +++ b/2024/38xxx/CVE-2024-38637.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/a1ba19a1ae7cd1e324685ded4ab563e78fe68648", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/a1ba19a1ae7cd1e324685ded4ab563e78fe68648" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/38xxx/CVE-2024-38659.json b/2024/38xxx/CVE-2024-38659.json index 8dc216327ca..9b08b72eb04 100644 --- a/2024/38xxx/CVE-2024-38659.json +++ b/2024/38xxx/CVE-2024-38659.json @@ -159,6 +159,11 @@ "url": "https://git.kernel.org/stable/c/e8021b94b0412c37bcc79027c2e382086b6ce449", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/e8021b94b0412c37bcc79027c2e382086b6ce449" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ] }, diff --git a/2024/6xxx/CVE-2024-6369.json b/2024/6xxx/CVE-2024-6369.json index d6a5d70221b..f0d4a39dc44 100644 --- a/2024/6xxx/CVE-2024-6369.json +++ b/2024/6xxx/CVE-2024-6369.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6369", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as problematic has been found in LabVantage LIMS 2017. Affected is an unknown function of the file /labvantage/rc?command=page&sdcid=LV_ReagentLot of the component POST Request Handler. The manipulation of the argument mode leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-269802 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine problematische Schwachstelle in LabVantage LIMS 2017 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Datei /labvantage/rc?command=page&sdcid=LV_ReagentLot der Komponente POST Request Handler. Mittels dem Manipulieren des Arguments mode mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LabVantage", + "product": { + "product_data": [ + { + "product_name": "LIMS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2017" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.269802", + "refsource": "MISC", + "name": "https://vuldb.com/?id.269802" + }, + { + "url": "https://vuldb.com/?ctiid.269802", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.269802" + }, + { + "url": "https://vuldb.com/?submit.359373", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.359373" + }, + { + "url": "https://gentle-khaan-c53.notion.site/Reflected-XSS-in-Labvantage-LIMS-960bf61d35124c858e3360785cfe40b3?pvs=4", + "refsource": "MISC", + "name": "https://gentle-khaan-c53.notion.site/Reflected-XSS-in-Labvantage-LIMS-960bf61d35124c858e3360785cfe40b3?pvs=4" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Farouk (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/6xxx/CVE-2024-6370.json b/2024/6xxx/CVE-2024-6370.json index 8f4960bdd1b..60e39c047f4 100644 --- a/2024/6xxx/CVE-2024-6370.json +++ b/2024/6xxx/CVE-2024-6370.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as problematic was found in LabVantage LIMS 2017. Affected by this vulnerability is an unknown functionality of the file /labvantage/rc?command=file&file=WEB-OPAL/pagetypes/bulletins/sendbulletin.jsp of the component POST Request Handler. The manipulation of the argument bulletinbody leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269803." + }, + { + "lang": "deu", + "value": "In LabVantage LIMS 2017 wurde eine problematische Schwachstelle entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /labvantage/rc?command=file&file=WEB-OPAL/pagetypes/bulletins/sendbulletin.jsp der Komponente POST Request Handler. Mittels Manipulieren des Arguments bulletinbody mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LabVantage", + "product": { + "product_data": [ + { + "product_name": "LIMS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2017" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.269803", + "refsource": "MISC", + "name": "https://vuldb.com/?id.269803" + }, + { + "url": "https://vuldb.com/?ctiid.269803", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.269803" + }, + { + "url": "https://vuldb.com/?submit.359374", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.359374" + }, + { + "url": "https://gentle-khaan-c53.notion.site/HTML-Injection-in-Labvantage-LIMS-a229aae13fa14977a677921e7a442619?pvs=4", + "refsource": "MISC", + "name": "https://gentle-khaan-c53.notion.site/HTML-Injection-in-Labvantage-LIMS-a229aae13fa14977a677921e7a442619?pvs=4" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Farouk (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] }