admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-03-27 17:01:02 +00:00
parent 1d3e363e6a
commit dae960f10f
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
100 changed files with 7846 additions and 274 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
2022/49xxx/CVE-2022-49739.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49739",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Always check inode size of inline inodes\n\nCheck if the inode size of stuffed (inline) inodes is within the allowed\nrange when reading inodes from disk (gfs2_dinode_in()). This prevents\nus from on-disk corruption.\n\nThe two checks in stuffed_readpage() and gfs2_unstuffer_page() that just\ntruncate inline data to the maximum allowed size don't actually make\nsense, and they can be removed now as well."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "45df749f827c286adbc951f2a4865b67f0442ba9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.280",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.240",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.177",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/45df749f827c286adbc951f2a4865b67f0442ba9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45df749f827c286adbc951f2a4865b67f0442ba9"
},
{
"url": "https://git.kernel.org/stable/c/4d4cb76636134bf9a0c9c3432dae936f99954586",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4d4cb76636134bf9a0c9c3432dae936f99954586"
},
{
"url": "https://git.kernel.org/stable/c/7c414f6f06e9a3934901b6edc3177ae5a1e07094",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7c414f6f06e9a3934901b6edc3177ae5a1e07094"
},
{
"url": "https://git.kernel.org/stable/c/46c9088cabd4d0469fdb61ac2a9c5003057fe94d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46c9088cabd4d0469fdb61ac2a9c5003057fe94d"
},
{
"url": "https://git.kernel.org/stable/c/d458a0984429c2d47e60254f5bc4119cbafe83a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d458a0984429c2d47e60254f5bc4119cbafe83a2"
},
{
"url": "https://git.kernel.org/stable/c/70376c7ff31221f1d21db5611d8209e677781d3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70376c7ff31221f1d21db5611d8209e677781d3a"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

115
2022/49xxx/CVE-2022-49740.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49740",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads\n\nThis patch fixes slab-out-of-bounds reads in brcmfmac that occur in\nbrcmf_construct_chaninfo() and brcmf_enable_bw40_2g() when the count\nvalue of channel specifications provided by the device is greater than\nthe length of 'list->element[]', decided by the size of the 'list'\nallocated with kzalloc(). The patch adds checks that make the functions\nfree the buffer and return -EINVAL if that is the case. Note that the\nnegative return is handled by the caller, brcmf_setup_wiphybands() or\nbrcmf_cfg80211_attach().\n\nFound by a modified version of syzkaller.\n\nCrash Report from brcmf_construct_chaninfo():\n==================================================================\nBUG: KASAN: slab-out-of-bounds in brcmf_setup_wiphybands+0x1238/0x1430\nRead of size 4 at addr ffff888115f24600 by task kworker/0:2/1896\n\nCPU: 0 PID: 1896 Comm: kworker/0:2 Tainted: G W O 5.14.0+ #132\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n dump_stack_lvl+0x57/0x7d\n print_address_description.constprop.0.cold+0x93/0x334\n kasan_report.cold+0x83/0xdf\n brcmf_setup_wiphybands+0x1238/0x1430\n brcmf_cfg80211_attach+0x2118/0x3fd0\n brcmf_attach+0x389/0xd40\n brcmf_usb_probe+0x12de/0x1690\n usb_probe_interface+0x25f/0x710\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n bus_for_each_drv+0x123/0x1a0\n __device_attach+0x207/0x330\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n usb_set_configuration+0x984/0x1770\n usb_generic_driver_probe+0x69/0x90\n usb_probe_device+0x9c/0x220\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n bus_for_each_drv+0x123/0x1a0\n __device_attach+0x207/0x330\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n usb_new_device.cold+0x463/0xf66\n hub_event+0x10d5/0x3330\n process_one_work+0x873/0x13e0\n worker_thread+0x8b/0xd10\n kthread+0x379/0x450\n ret_from_fork+0x1f/0x30\n\nAllocated by task 1896:\n kasan_save_stack+0x1b/0x40\n __kasan_kmalloc+0x7c/0x90\n kmem_cache_alloc_trace+0x19e/0x330\n brcmf_setup_wiphybands+0x290/0x1430\n brcmf_cfg80211_attach+0x2118/0x3fd0\n brcmf_attach+0x389/0xd40\n brcmf_usb_probe+0x12de/0x1690\n usb_probe_interface+0x25f/0x710\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n bus_for_each_drv+0x123/0x1a0\n __device_attach+0x207/0x330\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n usb_set_configuration+0x984/0x1770\n usb_generic_driver_probe+0x69/0x90\n usb_probe_device+0x9c/0x220\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n bus_for_each_drv+0x123/0x1a0\n __device_attach+0x207/0x330\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n usb_new_device.cold+0x463/0xf66\n hub_event+0x10d5/0x3330\n process_one_work+0x873/0x13e0\n worker_thread+0x8b/0xd10\n kthread+0x379/0x450\n ret_from_fork+0x1f/0x30\n\nThe buggy address belongs to the object at ffff888115f24000\n which belongs to the cache kmalloc-2k of size 2048\nThe buggy address is located 1536 bytes inside of\n 2048-byte region [ffff888115f24000, ffff888115f24800)\n\nMemory state around the buggy address:\n ffff888115f24500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888115f24580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n>ffff888115f24600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ^\n ffff888115f24680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff888115f24700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n==================================================================\n\nCrash Report from brcmf_enable_bw40_2g():\n==========\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "9cf5e99c1ae1a85286a76c9a970202750538394c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9cf5e99c1ae1a85286a76c9a970202750538394c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9cf5e99c1ae1a85286a76c9a970202750538394c"
},
{
"url": "https://git.kernel.org/stable/c/b2e412879595821ff1b5545cbed5f108fba7f5b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b2e412879595821ff1b5545cbed5f108fba7f5b6"
},
{
"url": "https://git.kernel.org/stable/c/e4991910f15013db72f6ec0db7038ea67a57052e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e4991910f15013db72f6ec0db7038ea67a57052e"
},
{
"url": "https://git.kernel.org/stable/c/f06de1bb6d61f0c18b0213bbc6298960037f9d42",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f06de1bb6d61f0c18b0213bbc6298960037f9d42"
},
{
"url": "https://git.kernel.org/stable/c/4920ab131b2dbae7464b72bdcac465d070254209",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4920ab131b2dbae7464b72bdcac465d070254209"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

115
2022/49xxx/CVE-2022-49741.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49741",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: smscufx: fix error handling code in ufx_usb_probe\n\nThe current error handling code in ufx_usb_probe have many unmatching\nissues, e.g., missing ufx_free_usb_list, destroy_modedb label should\nonly include framebuffer_release, fb_dealloc_cmap only matches\nfb_alloc_cmap.\n\nMy local syzkaller reports a memory leak bug:\n\nmemory leak in ufx_usb_probe\n\nBUG: memory leak\nunreferenced object 0xffff88802f879580 (size 128):\n comm \"kworker/0:7\", pid 17416, jiffies 4295067474 (age 46.710s)\n hex dump (first 32 bytes):\n 80 21 7c 2e 80 88 ff ff 18 d0 d0 0c 80 88 ff ff .!|.............\n 00 d0 d0 0c 80 88 ff ff e0 ff ff ff 0f 00 00 00 ................\n backtrace:\n [<ffffffff814c99a0>] kmalloc_trace+0x20/0x90 mm/slab_common.c:1045\n [<ffffffff824d219c>] kmalloc include/linux/slab.h:553 [inline]\n [<ffffffff824d219c>] kzalloc include/linux/slab.h:689 [inline]\n [<ffffffff824d219c>] ufx_alloc_urb_list drivers/video/fbdev/smscufx.c:1873 [inline]\n [<ffffffff824d219c>] ufx_usb_probe+0x11c/0x15a0 drivers/video/fbdev/smscufx.c:1655\n [<ffffffff82d17927>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [<ffffffff82712f0d>] call_driver_probe drivers/base/dd.c:560 [inline]\n [<ffffffff82712f0d>] really_probe+0x12d/0x390 drivers/base/dd.c:639\n [<ffffffff8271322f>] __driver_probe_device+0xbf/0x140 drivers/base/dd.c:778\n [<ffffffff827132da>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:808\n [<ffffffff82713c27>] __device_attach_driver+0xf7/0x150 drivers/base/dd.c:936\n [<ffffffff82710137>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427\n [<ffffffff827136b5>] __device_attach+0x105/0x2d0 drivers/base/dd.c:1008\n [<ffffffff82711d36>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487\n [<ffffffff8270e242>] device_add+0x642/0xdc0 drivers/base/core.c:3517\n [<ffffffff82d14d5f>] usb_set_configuration+0x8ef/0xb80 drivers/usb/core/message.c:2170\n [<ffffffff82d2576c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n [<ffffffff82d16ffc>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n [<ffffffff82712f0d>] call_driver_probe drivers/base/dd.c:560 [inline]\n [<ffffffff82712f0d>] really_probe+0x12d/0x390 drivers/base/dd.c:639\n [<ffffffff8271322f>] __driver_probe_device+0xbf/0x140 drivers/base/dd.c:778\n\nFix this bug by rewriting the error handling code in ufx_usb_probe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "3b3d3127f5b4291ae4caaf50f7b66089ad600480"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3b3d3127f5b4291ae4caaf50f7b66089ad600480",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b3d3127f5b4291ae4caaf50f7b66089ad600480"
},
{
"url": "https://git.kernel.org/stable/c/3931014367ef31d26af65386a4ca496f50f0cfdf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3931014367ef31d26af65386a4ca496f50f0cfdf"
},
{
"url": "https://git.kernel.org/stable/c/64fa364ad3245508d393e16ed4886f92d7eb423c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/64fa364ad3245508d393e16ed4886f92d7eb423c"
},
{
"url": "https://git.kernel.org/stable/c/1b4c08844628dfc8d72d3f51b657f2a5e63b7b4b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b4c08844628dfc8d72d3f51b657f2a5e63b7b4b"
},
{
"url": "https://git.kernel.org/stable/c/b76449ee75e21acfe9fa4c653d8598f191ed7d68",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b76449ee75e21acfe9fa4c653d8598f191ed7d68"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2022/49xxx/CVE-2022-49742.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49742",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: initialize locks earlier in f2fs_fill_super()\n\nsyzbot is reporting lockdep warning at f2fs_handle_error() [1], for\nspin_lock(&sbi->error_lock) is called before spin_lock_init() is called.\nFor safe locking in error handling, move initialization of locks (and\nobvious structures) in f2fs_fill_super() to immediately after memory\nallocation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "ddeff03bb33810fcf2f0c18e03d099cf0aacda62"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ddeff03bb33810fcf2f0c18e03d099cf0aacda62",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ddeff03bb33810fcf2f0c18e03d099cf0aacda62"
},
{
"url": "https://git.kernel.org/stable/c/92b4cf5b48955a4bdd15fe4e2067db8ebd87f04c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92b4cf5b48955a4bdd15fe4e2067db8ebd87f04c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

93
2022/49xxx/CVE-2022-49743.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49743",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: Use \"buf\" flexible array for memcpy() destination\n\nThe \"buf\" flexible array needs to be the memcpy() destination to avoid\nfalse positive run-time warning from the recent FORTIFY_SOURCE\nhardening:\n\n memcpy: detected field-spanning write (size 93) of single field \"&fh->fb\"\n at fs/overlayfs/export.c:799 (size 21)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a77141a06367825d639ac51b04703d551163e36c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a77141a06367825d639ac51b04703d551163e36c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a77141a06367825d639ac51b04703d551163e36c"
},
{
"url": "https://git.kernel.org/stable/c/07a96977b2f462337a9121302de64277b8747ab1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07a96977b2f462337a9121302de64277b8747ab1"
},
{
"url": "https://git.kernel.org/stable/c/cf8aa9bf97cadf85745506c6a3e244b22c268d63",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cf8aa9bf97cadf85745506c6a3e244b22c268d63"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2022/49xxx/CVE-2022-49744.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49744",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/uffd: fix pte marker when fork() without fork event\n\nPatch series \"mm: Fixes on pte markers\".\n\nPatch 1 resolves the syzkiller report from Pengfei.\n\nPatch 2 further harden pte markers when used with the recent swapin error\nmarkers. The major case is we should persist a swapin error marker after\nfork(), so child shouldn't read a corrupted page.\n\n\nThis patch (of 2):\n\nWhen fork(), dst_vma is not guaranteed to have VM_UFFD_WP even if src may\nhave it and has pte marker installed. The warning is improper along with\nthe comment. The right thing is to inherit the pte marker when needed, or\nkeep the dst pte empty.\n\nA vague guess is this happened by an accident when there's the prior patch\nto introduce src/dst vma into this helper during the uffd-wp feature got\ndeveloped and I probably messed up in the rebase, since if we replace\ndst_vma with src_vma the warning & comment it all makes sense too.\n\nHugetlb did exactly the right here (copy_hugetlb_page_range()). Fix the\ngeneral path.\n\nReproducer:\n\nhttps://github.com/xupengfe/syzkaller_logs/blob/main/221208_115556_copy_page_range/repro.c\n\nBugzilla report: https://bugzilla.kernel.org/show_bug.cgi?id=216808"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c56d1b62cce83695823c13e52f73e92eb568c0c1",
"version_value": "2d11727655bf931776fb541f5862daf04bd5bf02"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2d11727655bf931776fb541f5862daf04bd5bf02",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2d11727655bf931776fb541f5862daf04bd5bf02"
},
{
"url": "https://git.kernel.org/stable/c/49d6d7fb631345b0f2957a7c4be24ad63903150f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49d6d7fb631345b0f2957a7c4be24ad63903150f"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2022/49xxx/CVE-2022-49745.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49745",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: m10bmc-sec: Fix probe rollback\n\nHandle probe error rollbacks properly to avoid leaks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5cd339b370e29b04b85fbb83f40496991465318e",
"version_value": "74cff472d3d66db13b5ef64f40dfa42383f71ff7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/74cff472d3d66db13b5ef64f40dfa42383f71ff7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/74cff472d3d66db13b5ef64f40dfa42383f71ff7"
},
{
"url": "https://git.kernel.org/stable/c/60ce26d10e5850f33cc76fce52f5377045e75a15",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/60ce26d10e5850f33cc76fce52f5377045e75a15"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

126
2022/49xxx/CVE-2022-49746.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49746",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init\n\nIf the function sdma_load_context() fails, the sdma_desc will be\nfreed, but the allocated desc->bd is forgot to be freed.\n\nWe already met the sdma_load_context() failure case and the log as\nbelow:\n[ 450.699064] imx-sdma 30bd0000.dma-controller: Timeout waiting for CH0 ready\n...\n\nIn this case, the desc->bd will not be freed without this change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "80ee99e52936b2c04cc37b17a14b2ae2f9d282ac"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.167",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.92",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.10",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/80ee99e52936b2c04cc37b17a14b2ae2f9d282ac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/80ee99e52936b2c04cc37b17a14b2ae2f9d282ac"
},
{
"url": "https://git.kernel.org/stable/c/dbe634ce824329d8f14079c3e9f8f11670894bec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dbe634ce824329d8f14079c3e9f8f11670894bec"
},
{
"url": "https://git.kernel.org/stable/c/bd0050b7ffa87c7b260d563646af612f4112a778",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bd0050b7ffa87c7b260d563646af612f4112a778"
},
{
"url": "https://git.kernel.org/stable/c/43acd767bd90c5d4172ce7fee5d9007a9a08dea9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/43acd767bd90c5d4172ce7fee5d9007a9a08dea9"
},
{
"url": "https://git.kernel.org/stable/c/ce4745a6b8016fae74c95dcd457d4ceef7d98af1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ce4745a6b8016fae74c95dcd457d4ceef7d98af1"
},
{
"url": "https://git.kernel.org/stable/c/1417f59ac0b02130ee56c0c50794b9b257be3d17",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1417f59ac0b02130ee56c0c50794b9b257be3d17"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

93
2022/49xxx/CVE-2022-49747.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49747",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs/zmap.c: Fix incorrect offset calculation\n\nEffective offset to add to length was being incorrectly calculated,\nwhich resulted in iomap->length being set to 0, triggering a WARN_ON\nin iomap_iter_done().\n\nFix that, and describe it in comments.\n\nThis was reported as a crash by syzbot under an issue about a warning\nencountered in iomap_iter_done(), but unrelated to erofs.\n\nC reproducer: https://syzkaller.appspot.com/text?tag=ReproC&x=1037a6b2880000\nKernel config: https://syzkaller.appspot.com/text?tag=KernelConfig&x=e2021a61197ebe02\nDashboard link: https://syzkaller.appspot.com/bug?extid=a8e049cd3abd342936b6"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "2144859229c1e74f52d3ea067338d314a83a8afb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.92",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.10",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2144859229c1e74f52d3ea067338d314a83a8afb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2144859229c1e74f52d3ea067338d314a83a8afb"
},
{
"url": "https://git.kernel.org/stable/c/9f31d8c889d9a4e47bfcc6c4537d0c9f89fe582c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9f31d8c889d9a4e47bfcc6c4537d0c9f89fe582c"
},
{
"url": "https://git.kernel.org/stable/c/6acd87d50998ef0afafc441613aeaf5a8f5c9eff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6acd87d50998ef0afafc441613aeaf5a8f5c9eff"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

130
2022/49xxx/CVE-2022-49748.json
View File

@ -1,18 +1,140 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49748",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd: fix potential integer overflow on shift of a int\n\nThe left shift of int 32 bit integer constant 1 is evaluated using 32 bit\narithmetic and then passed as a 64 bit function argument. In the case where\ni is 32 or more this can lead to an overflow. Avoid this by shifting\nusing the BIT_ULL macro instead."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d8a6a443ff0aea5893f0a7f2726973b496b76420",
"version_value": "fbf7b0e4cef3b5470b610f14fb9faa5ee7f63954"
},
{
"version_affected": "<",
"version_name": "471af006a747f1c535c8a8c6c0973c320fe01b22",
"version_value": "f84c9b72fb200633774704d8020f769c88a4b249"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fbf7b0e4cef3b5470b610f14fb9faa5ee7f63954",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fbf7b0e4cef3b5470b610f14fb9faa5ee7f63954"
},
{
"url": "https://git.kernel.org/stable/c/f84c9b72fb200633774704d8020f769c88a4b249",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f84c9b72fb200633774704d8020f769c88a4b249"
},
{
"url": "https://git.kernel.org/stable/c/14cc13e433e1067557435b1adbf05608d7d47a93",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/14cc13e433e1067557435b1adbf05608d7d47a93"
},
{
"url": "https://git.kernel.org/stable/c/a4d01fb87ece45d4164fd725890211ccf9a307a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a4d01fb87ece45d4164fd725890211ccf9a307a9"
},
{
"url": "https://git.kernel.org/stable/c/08245672cdc6505550d1a5020603b0a8d4a6dcc7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/08245672cdc6505550d1a5020603b0a8d4a6dcc7"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

114
2022/49xxx/CVE-2022-49749.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49749",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: designware: use casting of u64 in clock multiplication to avoid overflow\n\nIn functions i2c_dw_scl_lcnt() and i2c_dw_scl_hcnt() may have overflow\nby depending on the values of the given parameters including the ic_clk.\nFor example in our use case where ic_clk is larger than one million,\nmultiplication of ic_clk * 4700 will result in 32 bit overflow.\n\nAdd cast of u64 to the calculation to avoid multiplication overflow, and\nuse the corresponding define for divide."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2373f6b9744d5373b886f3ce1a985193cca0a356",
"version_value": "ed173f77fd28a3e4fffc13b3f28687b9eba61157"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ed173f77fd28a3e4fffc13b3f28687b9eba61157",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed173f77fd28a3e4fffc13b3f28687b9eba61157"
},
{
"url": "https://git.kernel.org/stable/c/2f29d780bd691d20e89e5b35d5e6568607115e94",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2f29d780bd691d20e89e5b35d5e6568607115e94"
},
{
"url": "https://git.kernel.org/stable/c/9f36aae9e80e79b7a6d62227eaa96935166be9fe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9f36aae9e80e79b7a6d62227eaa96935166be9fe"
},
{
"url": "https://git.kernel.org/stable/c/c8c37bc514514999e62a17e95160ed9ebf75ca8d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8c37bc514514999e62a17e95160ed9ebf75ca8d"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2022/49xxx/CVE-2022-49750.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49750",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: CPPC: Add u64 casts to avoid overflowing\n\nThe fields of the _CPC object are unsigned 32-bits values.\nTo avoid overflows while using _CPC's values, add 'u64' casts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "7d596bbc66a52ff2c7a83d7e0ee840cb07e2a045"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7d596bbc66a52ff2c7a83d7e0ee840cb07e2a045",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7d596bbc66a52ff2c7a83d7e0ee840cb07e2a045"
},
{
"url": "https://git.kernel.org/stable/c/f5f94b9c8b805d87ff185caf9779c3a4d07819e3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f5f94b9c8b805d87ff185caf9779c3a4d07819e3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2022/49xxx/CVE-2022-49751.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nw1: fix WARNING after calling w1_process()\n\nI got the following WARNING message while removing driver(ds2482):\n\n------------[ cut here ]------------\ndo not call blocking ops when !TASK_RUNNING; state=1 set at [<000000002d50bfb6>] w1_process+0x9e/0x1d0 [wire]\nWARNING: CPU: 0 PID: 262 at kernel/sched/core.c:9817 __might_sleep+0x98/0xa0\nCPU: 0 PID: 262 Comm: w1_bus_master1 Tainted: G N 6.1.0-rc3+ #307\nRIP: 0010:__might_sleep+0x98/0xa0\nCall Trace:\n exit_signals+0x6c/0x550\n do_exit+0x2b4/0x17e0\n kthread_exit+0x52/0x60\n kthread+0x16d/0x1e0\n ret_from_fork+0x1f/0x30\n\nThe state of task is set to TASK_INTERRUPTIBLE in loop in w1_process(),\nset it to TASK_RUNNING when it breaks out of the loop to avoid the\nwarning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3c52e4e627896b42152cc6ff98216c302932227e",
"version_value": "190b5c3bbd5df685bb1063bda048831d72b8f1d4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.28",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.28",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/190b5c3bbd5df685bb1063bda048831d72b8f1d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/190b5c3bbd5df685bb1063bda048831d72b8f1d4"
},
{
"url": "https://git.kernel.org/stable/c/bccd6df4c177b1ad766f16565ccc298653d027d0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bccd6df4c177b1ad766f16565ccc298653d027d0"
},
{
"url": "https://git.kernel.org/stable/c/276052159ba94d4d9f5b453fb4707d6798c6b845",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/276052159ba94d4d9f5b453fb4707d6798c6b845"
},
{
"url": "https://git.kernel.org/stable/c/216f35db6ec6a667cd9db4838d657c1d2f4684da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/216f35db6ec6a667cd9db4838d657c1d2f4684da"
},
{
"url": "https://git.kernel.org/stable/c/89c62cee5d4d65ac75d99b5f986f7f94290e888f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89c62cee5d4d65ac75d99b5f986f7f94290e888f"
},
{
"url": "https://git.kernel.org/stable/c/cfc7462ff824ed6718ed0272ee9aae88e20d469a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cfc7462ff824ed6718ed0272ee9aae88e20d469a"
},
{
"url": "https://git.kernel.org/stable/c/36225a7c72e9e3e1ce4001b6ce72849f5c9a2d3b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36225a7c72e9e3e1ce4001b6ce72849f5c9a2d3b"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2022/49xxx/CVE-2022-49752.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49752",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevice property: fix of node refcount leak in fwnode_graph_get_next_endpoint()\n\nThe 'parent' returned by fwnode_graph_get_port_parent()\nwith refcount incremented when 'prev' is not NULL, it\nneeds be put when finish using it.\n\nBecause the parent is const, introduce a new variable to\nstore the returned fwnode, then put it before returning\nfrom fwnode_graph_get_next_endpoint()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b5b41ab6b0c1bb70fe37a0d193006c969e3b5909",
"version_value": "7701a4bd45c11f9a289d8f262fad05705a012339"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7701a4bd45c11f9a289d8f262fad05705a012339",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7701a4bd45c11f9a289d8f262fad05705a012339"
},
{
"url": "https://git.kernel.org/stable/c/e75485fc589ec729cc182aa9b41dfb6c15ae6f6e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e75485fc589ec729cc182aa9b41dfb6c15ae6f6e"
},
{
"url": "https://git.kernel.org/stable/c/39af728649b05e88a2b40e714feeee6451c3f18e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39af728649b05e88a2b40e714feeee6451c3f18e"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2022/49xxx/CVE-2022-49753.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49753",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: Fix double increment of client_count in dma_chan_get()\n\nThe first time dma_chan_get() is called for a channel the channel\nclient_count is incorrectly incremented twice for public channels,\nfirst in balance_ref_count(), and again prior to returning. This\nresults in an incorrect client count which will lead to the\nchannel resources not being freed when they should be. A simple\n test of repeated module load and unload of async_tx on a Dell\n Power Edge R7425 also shows this resulting in a kref underflow\n warning.\n\n[ 124.329662] async_tx: api initialized (async)\n[ 129.000627] async_tx: api initialized (async)\n[ 130.047839] ------------[ cut here ]------------\n[ 130.052472] refcount_t: underflow; use-after-free.\n[ 130.057279] WARNING: CPU: 3 PID: 19364 at lib/refcount.c:28\nrefcount_warn_saturate+0xba/0x110\n[ 130.065811] Modules linked in: async_tx(-) rfkill intel_rapl_msr\nintel_rapl_common amd64_edac edac_mce_amd ipmi_ssif kvm_amd dcdbas kvm\nmgag200 drm_shmem_helper acpi_ipmi irqbypass drm_kms_helper ipmi_si\nsyscopyarea sysfillrect rapl pcspkr ipmi_devintf sysimgblt fb_sys_fops\nk10temp i2c_piix4 ipmi_msghandler acpi_power_meter acpi_cpufreq vfat\nfat drm fuse xfs libcrc32c sd_mod t10_pi sg ahci crct10dif_pclmul\nlibahci crc32_pclmul crc32c_intel ghash_clmulni_intel igb megaraid_sas\ni40e libata i2c_algo_bit ccp sp5100_tco dca dm_mirror dm_region_hash\ndm_log dm_mod [last unloaded: async_tx]\n[ 130.117361] CPU: 3 PID: 19364 Comm: modprobe Kdump: loaded Not\ntainted 5.14.0-185.el9.x86_64 #1\n[ 130.126091] Hardware name: Dell Inc. PowerEdge R7425/02MJ3T, BIOS\n1.18.0 01/17/2022\n[ 130.133806] RIP: 0010:refcount_warn_saturate+0xba/0x110\n[ 130.139041] Code: 01 01 e8 6d bd 55 00 0f 0b e9 72 9d 8a 00 80 3d\n26 18 9c 01 00 75 85 48 c7 c7 f8 a3 03 9d c6 05 16 18 9c 01 01 e8 4a\nbd 55 00 <0f> 0b e9 4f 9d 8a 00 80 3d 01 18 9c 01 00 0f 85 5e ff ff ff\n48 c7\n[ 130.157807] RSP: 0018:ffffbf98898afe68 EFLAGS: 00010286\n[ 130.163036] RAX: 0000000000000000 RBX: ffff9da06028e598 RCX: 0000000000000000\n[ 130.170172] RDX: ffff9daf9de26480 RSI: ffff9daf9de198a0 RDI: ffff9daf9de198a0\n[ 130.177316] RBP: ffff9da7cddf3970 R08: 0000000000000000 R09: 00000000ffff7fff\n[ 130.184459] R10: ffffbf98898afd00 R11: ffffffff9d9e8c28 R12: ffff9da7cddf1970\n[ 130.191596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 130.198739] FS: 00007f646435c740(0000) GS:ffff9daf9de00000(0000)\nknlGS:0000000000000000\n[ 130.206832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 130.212586] CR2: 00007f6463b214f0 CR3: 00000008ab98c000 CR4: 00000000003506e0\n[ 130.219729] Call Trace:\n[ 130.222192] <TASK>\n[ 130.224305] dma_chan_put+0x10d/0x110\n[ 130.227988] dmaengine_put+0x7a/0xa0\n[ 130.231575] __do_sys_delete_module.constprop.0+0x178/0x280\n[ 130.237157] ? syscall_trace_enter.constprop.0+0x145/0x1d0\n[ 130.242652] do_syscall_64+0x5c/0x90\n[ 130.246240] ? exc_page_fault+0x62/0x150\n[ 130.250178] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 130.255243] RIP: 0033:0x7f6463a3f5ab\n[ 130.258830] Code: 73 01 c3 48 8b 0d 75 a8 1b 00 f7 d8 64 89 01 48\n83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 b0 00 00\n00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 45 a8 1b 00 f7 d8 64 89\n01 48\n[ 130.277591] RSP: 002b:00007fff22f972c8 EFLAGS: 00000206 ORIG_RAX:\n00000000000000b0\n[ 130.285164] RAX: ffffffffffffffda RBX: 000055b6786edd40 RCX: 00007f6463a3f5ab\n[ 130.292303] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 000055b6786edda8\n[ 130.299443] RBP: 000055b6786edd40 R08: 0000000000000000 R09: 0000000000000000\n[ 130.306584] R10: 00007f6463b9eac0 R11: 0000000000000206 R12: 000055b6786edda8\n[ 130.313731] R13: 0000000000000000 R14: 000055b6786edda8 R15: 00007fff22f995f8\n[ 130.320875] </TASK>\n[ 130.323081] ---[ end trace eff7156d56b5cf25 ]---\n\ncat /sys/class/dma/dma0chan*/in_use would get the wrong result.\n2\n2\n2\n\nTest-by: Jie Hai <haijie1@huawei.com>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d2f4f99db3e9ec8b063cf2e45704e2bb95428317",
"version_value": "1b409e14b4b7af034e0450f95c165b6c5c87dbc1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1b409e14b4b7af034e0450f95c165b6c5c87dbc1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b409e14b4b7af034e0450f95c165b6c5c87dbc1"
},
{
"url": "https://git.kernel.org/stable/c/c6221afe573413fd2981e291f7df4a58283e0654",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c6221afe573413fd2981e291f7df4a58283e0654"
},
{
"url": "https://git.kernel.org/stable/c/18dd3b30d4c7e8440c63118c7a7b687372b9567f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/18dd3b30d4c7e8440c63118c7a7b687372b9567f"
},
{
"url": "https://git.kernel.org/stable/c/42ecd72f02cd657b00b559621e7ef7d2c4d3e5f1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/42ecd72f02cd657b00b559621e7ef7d2c4d3e5f1"
},
{
"url": "https://git.kernel.org/stable/c/71c601965532c38030133535f7cd93c1efa75af1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/71c601965532c38030133535f7cd93c1efa75af1"
},
{
"url": "https://git.kernel.org/stable/c/142d644fd2cc059ffa042fbfb68e766433ef3afd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/142d644fd2cc059ffa042fbfb68e766433ef3afd"
},
{
"url": "https://git.kernel.org/stable/c/f3dc1b3b4750851a94212dba249703dd0e50bb20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f3dc1b3b4750851a94212dba249703dd0e50bb20"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2022/49xxx/CVE-2022-49754.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49754",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix a buffer overflow in mgmt_mesh_add()\n\nSmatch Warning:\nnet/bluetooth/mgmt_util.c:375 mgmt_mesh_add() error: __memcpy()\n'mesh_tx->param' too small (48 vs 50)\n\nAnalysis:\n\n'mesh_tx->param' is array of size 48. This is the destination.\nu8 param[sizeof(struct mgmt_cp_mesh_send) + 29]; // 19 + 29 = 48.\n\nBut in the caller 'mesh_send' we reject only when len > 50.\nlen > (MGMT_MESH_SEND_SIZE + 31) // 19 + 31 = 50."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b338d91703fae6f6afd67f3f75caa3b8f36ddef3",
"version_value": "ed818fd8c531abf561b379995ee7cc4c68029464"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ed818fd8c531abf561b379995ee7cc4c68029464",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed818fd8c531abf561b379995ee7cc4c68029464"
},
{
"url": "https://git.kernel.org/stable/c/2185e0fdbb2137f22a9dd9fcbf6481400d56299b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2185e0fdbb2137f22a9dd9fcbf6481400d56299b"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2022/49xxx/CVE-2022-49755.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49755",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait\n\nWhile performing fast composition switch, there is a possibility that the\nprocess of ffs_ep0_write/ffs_ep0_read get into a race condition\ndue to ep0req being freed up from functionfs_unbind.\n\nConsider the scenario that the ffs_ep0_write calls the ffs_ep0_queue_wait\nby taking a lock &ffs->ev.waitq.lock. However, the functionfs_unbind isn't\nbounded so it can go ahead and mark the ep0req to NULL, and since there\nis no NULL check in ffs_ep0_queue_wait we will end up in use-after-free.\n\nFix this by making a serialized execution between the two functions using\na mutex_lock(ffs->mutex)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ddf8abd2599491cbad959c700b90ba72a5dce8d0",
"version_value": "facf353c9e8d7885b686d9a4b173d4e0af6441d2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.35",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.35",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/facf353c9e8d7885b686d9a4b173d4e0af6441d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/facf353c9e8d7885b686d9a4b173d4e0af6441d2"
},
{
"url": "https://git.kernel.org/stable/c/e9036e951f93fb8d7b5e9d6e2c7f94a4da312ae4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e9036e951f93fb8d7b5e9d6e2c7f94a4da312ae4"
},
{
"url": "https://git.kernel.org/stable/c/a8d40942df074f4ebcb9bd3413596d92f323b064",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8d40942df074f4ebcb9bd3413596d92f323b064"
},
{
"url": "https://git.kernel.org/stable/c/6dd9ea05534f323668db94fcc2726c7a84547e78",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6dd9ea05534f323668db94fcc2726c7a84547e78"
},
{
"url": "https://git.kernel.org/stable/c/ae8e136bcaae96163b5821984de1036efc9abb1a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ae8e136bcaae96163b5821984de1036efc9abb1a"
},
{
"url": "https://git.kernel.org/stable/c/6aee197b7fbcd61596a78b47d553f2f99111f217",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6aee197b7fbcd61596a78b47d553f2f99111f217"
},
{
"url": "https://git.kernel.org/stable/c/6a19da111057f69214b97c62fb0ac59023970850",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6a19da111057f69214b97c62fb0ac59023970850"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2022/49xxx/CVE-2022-49756.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49756",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: usb: sunplus: Fix potential null-ptr-deref in sp_usb_phy_probe()\n\nsp_usb_phy_probe() will call platform_get_resource_byname() that may fail\nand return NULL. devm_ioremap() will use usbphy->moon4_res_mem->start as\ninput, which may causes null-ptr-deref. Check the ret value of\nplatform_get_resource_byname() to avoid the null-ptr-deref."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "99d9ccd97385208b78b3d88e756451f4b70119fc",
"version_value": "d838b5c99bcecd593b4710a93fce8fdbf122395b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d838b5c99bcecd593b4710a93fce8fdbf122395b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d838b5c99bcecd593b4710a93fce8fdbf122395b"
},
{
"url": "https://git.kernel.org/stable/c/17eee264ef386ef30a69dd70e36f29893b85c170",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/17eee264ef386ef30a69dd70e36f29893b85c170"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2022/49xxx/CVE-2022-49757.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49757",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/highbank: Fix memory leak in highbank_mc_probe()\n\nWhen devres_open_group() fails, it returns -ENOMEM without freeing memory\nallocated by edac_mc_alloc().\n\nCall edac_mc_free() on the error handling path to avoid a memory leak.\n\n [ bp: Massage commit message. ]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a1b01edb274518c7da6d69b84e7558c092282aad",
"version_value": "f1b3e23ed8df87d779ee86ac37f379e79a24169a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f1b3e23ed8df87d779ee86ac37f379e79a24169a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f1b3e23ed8df87d779ee86ac37f379e79a24169a"
},
{
"url": "https://git.kernel.org/stable/c/0db40e23b56d217eebd385bebb64057ef764b2c7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0db40e23b56d217eebd385bebb64057ef764b2c7"
},
{
"url": "https://git.kernel.org/stable/c/8d23f5d25264beb223ee79cdb530b88c237719fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8d23f5d25264beb223ee79cdb530b88c237719fc"
},
{
"url": "https://git.kernel.org/stable/c/329fbd260352a7b9a83781d8b8bd96f95844a51f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/329fbd260352a7b9a83781d8b8bd96f95844a51f"
},
{
"url": "https://git.kernel.org/stable/c/caffa7fed1397d1395052272c93900176de86557",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/caffa7fed1397d1395052272c93900176de86557"
},
{
"url": "https://git.kernel.org/stable/c/b7863ef8a8f0fee96b4eb41211f4918c0e047253",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7863ef8a8f0fee96b4eb41211f4918c0e047253"
},
{
"url": "https://git.kernel.org/stable/c/e7a293658c20a7945014570e1921bf7d25d68a36",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e7a293658c20a7945014570e1921bf7d25d68a36"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2022/49xxx/CVE-2022-49758.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49758",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nreset: uniphier-glue: Fix possible null-ptr-deref\n\nIt will cause null-ptr-deref when resource_size(res) invoked,\nif platform_get_resource() returns NULL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "499fef09a3237497906084da3eede0185fc9abb8",
"version_value": "95de286200b2a046da01c4aeba02ae9220d68ca4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/95de286200b2a046da01c4aeba02ae9220d68ca4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/95de286200b2a046da01c4aeba02ae9220d68ca4"
},
{
"url": "https://git.kernel.org/stable/c/633bad3dc81ce2aa561f704ec091e49eb647bd0b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/633bad3dc81ce2aa561f704ec091e49eb647bd0b"
},
{
"url": "https://git.kernel.org/stable/c/3a2390c6777e3f6662980c6cfc25cafe9e4fef98",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3a2390c6777e3f6662980c6cfc25cafe9e4fef98"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2022/49xxx/CVE-2022-49759.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49759",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Use threaded irqs instead of tasklets\n\nThe vmci_dispatch_dgs() tasklet function calls vmci_read_data()\nwhich uses wait_event() resulting in invalid sleep in an atomic\ncontext (and therefore potentially in a deadlock).\n\nUse threaded irqs to fix this issue and completely remove usage\nof tasklets.\n\n[ 20.264639] BUG: sleeping function called from invalid context at drivers/misc/vmw_vmci/vmci_guest.c:145\n[ 20.264643] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 762, name: vmtoolsd\n[ 20.264645] preempt_count: 101, expected: 0\n[ 20.264646] RCU nest depth: 0, expected: 0\n[ 20.264647] 1 lock held by vmtoolsd/762:\n[ 20.264648] #0: ffff0000874ae440 (sk_lock-AF_VSOCK){+.+.}-{0:0}, at: vsock_connect+0x60/0x330 [vsock]\n[ 20.264658] Preemption disabled at:\n[ 20.264659] [<ffff80000151d7d8>] vmci_send_datagram+0x44/0xa0 [vmw_vmci]\n[ 20.264665] CPU: 0 PID: 762 Comm: vmtoolsd Not tainted 5.19.0-0.rc8.20220727git39c3c396f813.60.fc37.aarch64 #1\n[ 20.264667] Hardware name: VMware, Inc. VBSA/VBSA, BIOS VEFI 12/31/2020\n[ 20.264668] Call trace:\n[ 20.264669] dump_backtrace+0xc4/0x130\n[ 20.264672] show_stack+0x24/0x80\n[ 20.264673] dump_stack_lvl+0x88/0xb4\n[ 20.264676] dump_stack+0x18/0x34\n[ 20.264677] __might_resched+0x1a0/0x280\n[ 20.264679] __might_sleep+0x58/0x90\n[ 20.264681] vmci_read_data+0x74/0x120 [vmw_vmci]\n[ 20.264683] vmci_dispatch_dgs+0x64/0x204 [vmw_vmci]\n[ 20.264686] tasklet_action_common.constprop.0+0x13c/0x150\n[ 20.264688] tasklet_action+0x40/0x50\n[ 20.264689] __do_softirq+0x23c/0x6b4\n[ 20.264690] __irq_exit_rcu+0x104/0x214\n[ 20.264691] irq_exit_rcu+0x1c/0x50\n[ 20.264693] el1_interrupt+0x38/0x6c\n[ 20.264695] el1h_64_irq_handler+0x18/0x24\n[ 20.264696] el1h_64_irq+0x68/0x6c\n[ 20.264697] preempt_count_sub+0xa4/0xe0\n[ 20.264698] _raw_spin_unlock_irqrestore+0x64/0xb0\n[ 20.264701] vmci_send_datagram+0x7c/0xa0 [vmw_vmci]\n[ 20.264703] vmci_datagram_dispatch+0x84/0x100 [vmw_vmci]\n[ 20.264706] vmci_datagram_send+0x2c/0x40 [vmw_vmci]\n[ 20.264709] vmci_transport_send_control_pkt+0xb8/0x120 [vmw_vsock_vmci_transport]\n[ 20.264711] vmci_transport_connect+0x40/0x7c [vmw_vsock_vmci_transport]\n[ 20.264713] vsock_connect+0x278/0x330 [vsock]\n[ 20.264715] __sys_connect_file+0x8c/0xc0\n[ 20.264718] __sys_connect+0x84/0xb4\n[ 20.264720] __arm64_sys_connect+0x2c/0x3c\n[ 20.264721] invoke_syscall+0x78/0x100\n[ 20.264723] el0_svc_common.constprop.0+0x68/0x124\n[ 20.264724] do_el0_svc+0x38/0x4c\n[ 20.264725] el0_svc+0x60/0x180\n[ 20.264726] el0t_64_sync_handler+0x11c/0x150\n[ 20.264728] el0t_64_sync+0x190/0x194"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "463713eb6164b6577f8e91447c7745628215531b",
"version_value": "548ea9dd5e01b0ecf53d2563004c80abd636743d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.8",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/548ea9dd5e01b0ecf53d2563004c80abd636743d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/548ea9dd5e01b0ecf53d2563004c80abd636743d"
},
{
"url": "https://git.kernel.org/stable/c/3daed6345d5880464f46adab871d208e1baa2f3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3daed6345d5880464f46adab871d208e1baa2f3a"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2022/49xxx/CVE-2022-49760.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49760",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix PTE marker handling in hugetlb_change_protection()\n\nPatch series \"mm/hugetlb: uffd-wp fixes for hugetlb_change_protection()\".\n\nPlaying with virtio-mem and background snapshots (using uffd-wp) on\nhugetlb in QEMU, I managed to trigger a VM_BUG_ON(). Looking into the\ndetails, hugetlb_change_protection() seems to not handle uffd-wp correctly\nin all cases.\n\nPatch #1 fixes my test case. I don't have reproducers for patch #2, as it\nrequires running into migration entries.\n\nI did not yet check in detail yet if !hugetlb code requires similar care.\n\n\nThis patch (of 2):\n\nThere are two problematic cases when stumbling over a PTE marker in\nhugetlb_change_protection():\n\n(1) We protect an uffd-wp PTE marker a second time using uffd-wp: we will\n end up in the \"!huge_pte_none(pte)\" case and mess up the PTE marker.\n\n(2) We unprotect a uffd-wp PTE marker: we will similarly end up in the\n \"!huge_pte_none(pte)\" case even though we cleared the PTE, because\n the \"pte\" variable is stale. We'll mess up the PTE marker.\n\nFor example, if we later stumble over such a \"wrongly modified\" PTE marker,\nwe'll treat it like a present PTE that maps some garbage page.\n\nThis can, for example, be triggered by mapping a memfd backed by huge\npages, registering uffd-wp, uffd-wp'ing an unmapped page and (a)\nuffd-wp'ing it a second time; or (b) uffd-unprotecting it; or (c)\nunregistering uffd-wp. Then, ff we trigger fallocate(FALLOC_FL_PUNCH_HOLE)\non that file range, we will run into a VM_BUG_ON:\n\n[ 195.039560] page:00000000ba1f2987 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x0\n[ 195.039565] flags: 0x7ffffc0001000(reserved|node=0|zone=0|lastcpupid=0x1fffff)\n[ 195.039568] raw: 0007ffffc0001000 ffffe742c0000008 ffffe742c0000008 0000000000000000\n[ 195.039569] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\n[ 195.039569] page dumped because: VM_BUG_ON_PAGE(compound && !PageHead(page))\n[ 195.039573] ------------[ cut here ]------------\n[ 195.039574] kernel BUG at mm/rmap.c:1346!\n[ 195.039579] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[ 195.039581] CPU: 7 PID: 4777 Comm: qemu-system-x86 Not tainted 6.0.12-200.fc36.x86_64 #1\n[ 195.039583] Hardware name: LENOVO 20WNS1F81N/20WNS1F81N, BIOS N35ET50W (1.50 ) 09/15/2022\n[ 195.039584] RIP: 0010:page_remove_rmap+0x45b/0x550\n[ 195.039588] Code: [...]\n[ 195.039589] RSP: 0018:ffffbc03c3633ba8 EFLAGS: 00010292\n[ 195.039591] RAX: 0000000000000040 RBX: ffffe742c0000000 RCX: 0000000000000000\n[ 195.039592] RDX: 0000000000000002 RSI: ffffffff8e7aac1a RDI: 00000000ffffffff\n[ 195.039592] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffbc03c3633a08\n[ 195.039593] R10: 0000000000000003 R11: ffffffff8f146328 R12: ffff9b04c42754b0\n[ 195.039594] R13: ffffffff8fcc6328 R14: ffffbc03c3633c80 R15: ffff9b0484ab9100\n[ 195.039595] FS: 00007fc7aaf68640(0000) GS:ffff9b0bbf7c0000(0000) knlGS:0000000000000000\n[ 195.039596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 195.039597] CR2: 000055d402c49110 CR3: 0000000159392003 CR4: 0000000000772ee0\n[ 195.039598] PKRU: 55555554\n[ 195.039599] Call Trace:\n[ 195.039600] <TASK>\n[ 195.039602] __unmap_hugepage_range+0x33b/0x7d0\n[ 195.039605] unmap_hugepage_range+0x55/0x70\n[ 195.039608] hugetlb_vmdelete_list+0x77/0xa0\n[ 195.039611] hugetlbfs_fallocate+0x410/0x550\n[ 195.039612] ? _raw_spin_unlock_irqrestore+0x23/0x40\n[ 195.039616] vfs_fallocate+0x12e/0x360\n[ 195.039618] __x64_sys_fallocate+0x40/0x70\n[ 195.039620] do_syscall_64+0x58/0x80\n[ 195.039623] ? syscall_exit_to_user_mode+0x17/0x40\n[ 195.039624] ? do_syscall_64+0x67/0x80\n[ 195.039626] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 195.039628] RIP: 0033:0x7fc7b590651f\n[ 195.039653] Code: [...]\n[ 195.039654] RSP: 002b:00007fc7aaf66e70 EFLAGS: 00000293 ORIG_RAX: 000000000000011d\n[ 195.039655] RAX: ffffffffffffffda RBX: 0000558ef4b7f370 RCX: 00007fc7b590651f\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "60dfaad65aa97fb6755b9798a6b3c9e79bcd5930",
"version_value": "6062c992e912df1eedad52cf64efb3d48e8d35c5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.8",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6062c992e912df1eedad52cf64efb3d48e8d35c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6062c992e912df1eedad52cf64efb3d48e8d35c5"
},
{
"url": "https://git.kernel.org/stable/c/0e678153f5be7e6c8d28835f5a678618da4b7a9c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0e678153f5be7e6c8d28835f5a678618da4b7a9c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

104
2022/49xxx/CVE-2022-49761.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49761",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: always report error in run_one_delayed_ref()\n\nCurrently we have a btrfs_debug() for run_one_delayed_ref() failure, but\nif end users hit such problem, there will be no chance that\nbtrfs_debug() is enabled. This can lead to very little useful info for\ndebugging.\n\nThis patch will:\n\n- Add extra info for error reporting\n Including:\n * logical bytenr\n * num_bytes\n * type\n * action\n * ref_mod\n\n- Replace the btrfs_debug() with btrfs_err()\n\n- Move the error reporting into run_one_delayed_ref()\n This is to avoid use-after-free, the @node can be freed in the caller.\n\nThis error should only be triggered at most once.\n\nAs if run_one_delayed_ref() failed, we trigger the error message, then\ncausing the call chain to error out:\n\nbtrfs_run_delayed_refs()\n`- btrfs_run_delayed_refs()\n `- btrfs_run_delayed_refs_for_head()\n `- run_one_delayed_ref()\n\nAnd we will abort the current transaction in btrfs_run_delayed_refs().\nIf we have to run delayed refs for the abort transaction,\nrun_one_delayed_ref() will just cleanup the refs and do nothing, thus no\nnew error messages would be output."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "18bd1c9c02e64a3567f90c83c2c8b855531c8098"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.165",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.90",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.8",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/18bd1c9c02e64a3567f90c83c2c8b855531c8098",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/18bd1c9c02e64a3567f90c83c2c8b855531c8098"
},
{
"url": "https://git.kernel.org/stable/c/fdb4a70bb768d2a87890409597529ad81cb3de8a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fdb4a70bb768d2a87890409597529ad81cb3de8a"
},
{
"url": "https://git.kernel.org/stable/c/853ffa1511b058c79a4c9bb1407b3b20ce311792",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/853ffa1511b058c79a4c9bb1407b3b20ce311792"
},
{
"url": "https://git.kernel.org/stable/c/39f501d68ec1ed5cd5c66ac6ec2a7131c517bb92",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39f501d68ec1ed5cd5c66ac6ec2a7131c517bb92"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/52xxx/CVE-2023-52973.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52973",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF\n\nAfter a call to console_unlock() in vcs_read() the vc_data struct can be\nfreed by vc_deallocate(). Because of that, the struct vc_data pointer\nload must be done at the top of while loop in vcs_read() to avoid a UAF\nwhen vcs_size() is called.\n\nSyzkaller reported a UAF in vcs_size().\n\nBUG: KASAN: use-after-free in vcs_size (drivers/tty/vt/vc_screen.c:215)\nRead of size 4 at addr ffff8881137479a8 by task 4a005ed81e27e65/1537\n\nCPU: 0 PID: 1537 Comm: 4a005ed81e27e65 Not tainted 6.2.0-rc5 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module\nCall Trace:\n <TASK>\n__asan_report_load4_noabort (mm/kasan/report_generic.c:350)\nvcs_size (drivers/tty/vt/vc_screen.c:215)\nvcs_read (drivers/tty/vt/vc_screen.c:415)\nvfs_read (fs/read_write.c:468 fs/read_write.c:450)\n...\n </TASK>\n\nAllocated by task 1191:\n...\nkmalloc_trace (mm/slab_common.c:1069)\nvc_allocate (./include/linux/slab.h:580 ./include/linux/slab.h:720\n drivers/tty/vt/vt.c:1128 drivers/tty/vt/vt.c:1108)\ncon_install (drivers/tty/vt/vt.c:3383)\ntty_init_dev (drivers/tty/tty_io.c:1301 drivers/tty/tty_io.c:1413\n drivers/tty/tty_io.c:1390)\ntty_open (drivers/tty/tty_io.c:2080 drivers/tty/tty_io.c:2126)\nchrdev_open (fs/char_dev.c:415)\ndo_dentry_open (fs/open.c:883)\nvfs_open (fs/open.c:1014)\n...\n\nFreed by task 1548:\n...\nkfree (mm/slab_common.c:1021)\nvc_port_destruct (drivers/tty/vt/vt.c:1094)\ntty_port_destructor (drivers/tty/tty_port.c:296)\ntty_port_put (drivers/tty/tty_port.c:312)\nvt_disallocate_all (drivers/tty/vt/vt_ioctl.c:662 (discriminator 2))\nvt_ioctl (drivers/tty/vt/vt_ioctl.c:903)\ntty_ioctl (drivers/tty/tty_io.c:2776)\n...\n\nThe buggy address belongs to the object at ffff888113747800\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 424 bytes inside of\n 1024-byte region [ffff888113747800, ffff888113747c00)\n\nThe buggy address belongs to the physical page:\npage:00000000b3fe6c7c refcount:1 mapcount:0 mapping:0000000000000000\n index:0x0 pfn:0x113740\nhead:00000000b3fe6c7c order:3 compound_mapcount:0 subpages_mapcount:0\n compound_pincount:0\nanon flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\nraw: 0017ffffc0010200 ffff888100042dc0 0000000000000000 dead000000000001\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888113747880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888113747900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n> ffff888113747980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888113747a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888113747a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n==================================================================\nDisabling lock debugging due to kernel taint"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff",
"version_value": "af79ea9a2443016f64d8fd8d72020cc874f0e066"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.38",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.38",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.329",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.273",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/af79ea9a2443016f64d8fd8d72020cc874f0e066",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/af79ea9a2443016f64d8fd8d72020cc874f0e066"
},
{
"url": "https://git.kernel.org/stable/c/6332f52f44b9776568bf3c0b714ddfb0bb175e78",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6332f52f44b9776568bf3c0b714ddfb0bb175e78"
},
{
"url": "https://git.kernel.org/stable/c/d0332cbf53dad06a22189cc341391237f4ea6d9f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d0332cbf53dad06a22189cc341391237f4ea6d9f"
},
{
"url": "https://git.kernel.org/stable/c/55515d7d8743b71b80bfe68e89eb9d92630626ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55515d7d8743b71b80bfe68e89eb9d92630626ab"
},
{
"url": "https://git.kernel.org/stable/c/fc9e27f3ba083534b8bbf72ab0f5c810ffdc7d18",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fc9e27f3ba083534b8bbf72ab0f5c810ffdc7d18"
},
{
"url": "https://git.kernel.org/stable/c/8506f16aae9daf354e3732bcfd447e2a97f023df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8506f16aae9daf354e3732bcfd447e2a97f023df"
},
{
"url": "https://git.kernel.org/stable/c/226fae124b2dac217ea5436060d623ff3385bc34",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/226fae124b2dac217ea5436060d623ff3385bc34"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

137
2023/52xxx/CVE-2023-52974.json
View File

@ -1,18 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52974",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress\n\nIf during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails,\nuserspace could be accessing the host's ipaddress attr. If we then free the\nsession via iscsi_session_teardown() while userspace is still accessing the\nsession we will hit a use after free bug.\n\nSet the tcp_sw_host->session after we have completed session creation and\ncan no longer fail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "496af9d3682ed4c28fb734342a09e6cc0c056ea4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.14.306",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.273",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/496af9d3682ed4c28fb734342a09e6cc0c056ea4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/496af9d3682ed4c28fb734342a09e6cc0c056ea4"
},
{
"url": "https://git.kernel.org/stable/c/6abd4698f4c8a78e7bbfc421205c060c199554a0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6abd4698f4c8a78e7bbfc421205c060c199554a0"
},
{
"url": "https://git.kernel.org/stable/c/d4d765f4761f9e3a2d62992f825aeee593bcb6b9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d4d765f4761f9e3a2d62992f825aeee593bcb6b9"
},
{
"url": "https://git.kernel.org/stable/c/9758ffe1c07b86aefd7ca8e40d9a461293427ca0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9758ffe1c07b86aefd7ca8e40d9a461293427ca0"
},
{
"url": "https://git.kernel.org/stable/c/0aaabdb900c7415caa2006ef580322f7eac5f6b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0aaabdb900c7415caa2006ef580322f7eac5f6b6"
},
{
"url": "https://git.kernel.org/stable/c/61e43ebfd243bcbad11be26bd921723027b77441",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/61e43ebfd243bcbad11be26bd921723027b77441"
},
{
"url": "https://git.kernel.org/stable/c/f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

93
2023/52xxx/CVE-2023-52975.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress\n\nBug report and analysis from Ding Hui.\n\nDuring iSCSI session logout, if another task accesses the shost ipaddress\nattr, we can get a KASAN UAF report like this:\n\n[ 276.942144] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x78/0xe0\n[ 276.942535] Write of size 4 at addr ffff8881053b45b8 by task cat/4088\n[ 276.943511] CPU: 2 PID: 4088 Comm: cat Tainted: G E 6.1.0-rc8+ #3\n[ 276.943997] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\n[ 276.944470] Call Trace:\n[ 276.944943] <TASK>\n[ 276.945397] dump_stack_lvl+0x34/0x48\n[ 276.945887] print_address_description.constprop.0+0x86/0x1e7\n[ 276.946421] print_report+0x36/0x4f\n[ 276.947358] kasan_report+0xad/0x130\n[ 276.948234] kasan_check_range+0x35/0x1c0\n[ 276.948674] _raw_spin_lock_bh+0x78/0xe0\n[ 276.949989] iscsi_sw_tcp_host_get_param+0xad/0x2e0 [iscsi_tcp]\n[ 276.951765] show_host_param_ISCSI_HOST_PARAM_IPADDRESS+0xe9/0x130 [scsi_transport_iscsi]\n[ 276.952185] dev_attr_show+0x3f/0x80\n[ 276.953005] sysfs_kf_seq_show+0x1fb/0x3e0\n[ 276.953401] seq_read_iter+0x402/0x1020\n[ 276.954260] vfs_read+0x532/0x7b0\n[ 276.955113] ksys_read+0xed/0x1c0\n[ 276.955952] do_syscall_64+0x38/0x90\n[ 276.956347] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 276.956769] RIP: 0033:0x7f5d3a679222\n[ 276.957161] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 32 c0 0b 00 e8 a5 fe 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n[ 276.958009] RSP: 002b:00007ffc864d16a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[ 276.958431] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5d3a679222\n[ 276.958857] RDX: 0000000000020000 RSI: 00007f5d3a4fe000 RDI: 0000000000000003\n[ 276.959281] RBP: 00007f5d3a4fe000 R08: 00000000ffffffff R09: 0000000000000000\n[ 276.959682] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000020000\n[ 276.960126] R13: 0000000000000003 R14: 0000000000000000 R15: 0000557a26dada58\n[ 276.960536] </TASK>\n[ 276.961357] Allocated by task 2209:\n[ 276.961756] kasan_save_stack+0x1e/0x40\n[ 276.962170] kasan_set_track+0x21/0x30\n[ 276.962557] __kasan_kmalloc+0x7e/0x90\n[ 276.962923] __kmalloc+0x5b/0x140\n[ 276.963308] iscsi_alloc_session+0x28/0x840 [scsi_transport_iscsi]\n[ 276.963712] iscsi_session_setup+0xda/0xba0 [libiscsi]\n[ 276.964078] iscsi_sw_tcp_session_create+0x1fd/0x330 [iscsi_tcp]\n[ 276.964431] iscsi_if_create_session.isra.0+0x50/0x260 [scsi_transport_iscsi]\n[ 276.964793] iscsi_if_recv_msg+0xc5a/0x2660 [scsi_transport_iscsi]\n[ 276.965153] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[ 276.965546] netlink_unicast+0x4d5/0x7b0\n[ 276.965905] netlink_sendmsg+0x78d/0xc30\n[ 276.966236] sock_sendmsg+0xe5/0x120\n[ 276.966576] ____sys_sendmsg+0x5fe/0x860\n[ 276.966923] ___sys_sendmsg+0xe0/0x170\n[ 276.967300] __sys_sendmsg+0xc8/0x170\n[ 276.967666] do_syscall_64+0x38/0x90\n[ 276.968028] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 276.968773] Freed by task 2209:\n[ 276.969111] kasan_save_stack+0x1e/0x40\n[ 276.969449] kasan_set_track+0x21/0x30\n[ 276.969789] kasan_save_free_info+0x2a/0x50\n[ 276.970146] __kasan_slab_free+0x106/0x190\n[ 276.970470] __kmem_cache_free+0x133/0x270\n[ 276.970816] device_release+0x98/0x210\n[ 276.971145] kobject_cleanup+0x101/0x360\n[ 276.971462] iscsi_session_teardown+0x3fb/0x530 [libiscsi]\n[ 276.971775] iscsi_sw_tcp_session_destroy+0xd8/0x130 [iscsi_tcp]\n[ 276.972143] iscsi_if_recv_msg+0x1bf1/0x2660 [scsi_transport_iscsi]\n[ 276.972485] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[ 276.972808] netlink_unicast+0x4d5/0x7b0\n[ 276.973201] netlink_sendmsg+0x78d/0xc30\n[ 276.973544] sock_sendmsg+0xe5/0x120\n[ 276.973864] ____sys_sendmsg+0x5fe/0x860\n[ 276.974248] ___sys_\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "17b738590b97fb3fc287289971d1519ff9b875a1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/17b738590b97fb3fc287289971d1519ff9b875a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/17b738590b97fb3fc287289971d1519ff9b875a1"
},
{
"url": "https://git.kernel.org/stable/c/8859687f5b242c0b057461df0a9ff51d5500783b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8859687f5b242c0b057461df0a9ff51d5500783b"
},
{
"url": "https://git.kernel.org/stable/c/6f1d64b13097e85abda0f91b5638000afc5f9a06",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f1d64b13097e85abda0f91b5638000afc5f9a06"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2023/52xxx/CVE-2023-52976.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52976",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: fix potential NULL deref in efi_mem_reserve_persistent\n\nWhen iterating on a linked list, a result of memremap is dereferenced\nwithout checking it for NULL.\n\nThis patch adds a check that falls back on allocating a new page in\ncase memremap doesn't succeed.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ardb: return -ENOMEM instead of breaking out of the loop]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "18df7577adae6c6c778bf774b3aebcacbc1fb439",
"version_value": "d92a25627bcdf264183670da73c9a60c0bac327e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d92a25627bcdf264183670da73c9a60c0bac327e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d92a25627bcdf264183670da73c9a60c0bac327e"
},
{
"url": "https://git.kernel.org/stable/c/87d4ff18738fd71e7e3c10827c80257da6283697",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87d4ff18738fd71e7e3c10827c80257da6283697"
},
{
"url": "https://git.kernel.org/stable/c/d8fc0b5fb3e816a4a8684bcd3ed02cbef0fce23c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d8fc0b5fb3e816a4a8684bcd3ed02cbef0fce23c"
},
{
"url": "https://git.kernel.org/stable/c/a2e6a9ff89f13666a1c3ff7195612ab949ea9afc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a2e6a9ff89f13666a1c3ff7195612ab949ea9afc"
},
{
"url": "https://git.kernel.org/stable/c/966d47e1f27c45507c5df82b2a2157e5a4fd3909",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/966d47e1f27c45507c5df82b2a2157e5a4fd3909"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/52xxx/CVE-2023-52977.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52977",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix flow memory leak in ovs_flow_cmd_new\n\nSyzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is\nnot freed when an allocation of a key fails.\n\nBUG: memory leak\nunreferenced object 0xffff888116668000 (size 632):\n comm \"syz-executor231\", pid 1090, jiffies 4294844701 (age 18.871s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline]\n [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77\n [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957\n [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739\n [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800\n [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515\n [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339\n [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934\n [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline]\n [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671\n [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356\n [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410\n [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439\n [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nTo fix this the patch rearranges the goto labels to reflect the order of\nobject allocations and adds appropriate goto statements on the error\npaths.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "655e873bf528f0f46ce6b069f9a2daee9621197c",
"version_value": "1ac653cf886cdfc082708c82dc6ac6115cebd2ee"
},
{
"version_affected": "<",
"version_name": "ee27d70556a47c3a07e65a60f47e3ea12a255af8",
"version_value": "af4e720bc00a2653f7b9df21755b9978b3d7f386"
},
{
"version_affected": "<",
"version_name": "8b74211bf60b3e0c0ed4fe3d16c92ffdcaaf34eb",
"version_value": "ed6c5e8caf55778500202775167e8ccdb1a030cb"
},
{
"version_affected": "<",
"version_name": "6736b61ecf230dd656464de0f514bdeadb384f20",
"version_value": "70154489f531587996f3e9d7cceeee65cff0001d"
},
{
"version_affected": "<",
"version_name": "0133615a06007684df648feb9d327714e399afd4",
"version_value": "f423c2efd51d7eb1d143c2be7eea233241d9bbbf"
},
{
"version_affected": "<",
"version_name": "32d5fa5bdccec2361fc6c4ed05a7367155b3a1e9",
"version_value": "70d40674a549d498bd63d5432acf46205da1534b"
},
{
"version_affected": "<",
"version_name": "68bb10101e6b0a6bb44e9c908ef795fc4af99eae",
"version_value": "0c598aed445eb45b0ee7ba405f7ece99ee349c30"
},
{
"version_affected": "<",
"version_name": "4.14.303",
"version_value": "4.14.306"
},
{
"version_affected": "<",
"version_name": "4.19.270",
"version_value": "4.19.273"
},
{
"version_affected": "<",
"version_name": "5.4.229",
"version_value": "5.4.232"
},
{
"version_affected": "<",
"version_name": "5.10.163",
"version_value": "5.10.168"
},
{
"version_affected": "<",
"version_name": "5.15.86",
"version_value": "5.15.93"
},
{
"version_affected": "<",
"version_name": "6.1.2",
"version_value": "6.1.11"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee"
},
{
"url": "https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386"
},
{
"url": "https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb"
},
{
"url": "https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d"
},
{
"url": "https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf"
},
{
"url": "https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b"
},
{
"url": "https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2023/52xxx/CVE-2023-52978.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: kprobe: Fixup kernel panic when probing an illegal position\n\nThe kernel would panic when probed for an illegal position. eg:\n\n(CONFIG_RISCV_ISA_C=n)\n\necho 'p:hello kernel_clone+0x16 a0=%a0' >> kprobe_events\necho 1 > events/kprobes/hello/enable\ncat trace\n\nKernel panic - not syncing: stack-protector: Kernel stack\nis corrupted in: __do_sys_newfstatat+0xb8/0xb8\nCPU: 0 PID: 111 Comm: sh Not tainted\n6.2.0-rc1-00027-g2d398fe49a4d #490\nHardware name: riscv-virtio,qemu (DT)\nCall Trace:\n[<ffffffff80007268>] dump_backtrace+0x38/0x48\n[<ffffffff80c5e83c>] show_stack+0x50/0x68\n[<ffffffff80c6da28>] dump_stack_lvl+0x60/0x84\n[<ffffffff80c6da6c>] dump_stack+0x20/0x30\n[<ffffffff80c5ecf4>] panic+0x160/0x374\n[<ffffffff80c6db94>] generic_handle_arch_irq+0x0/0xa8\n[<ffffffff802deeb0>] sys_newstat+0x0/0x30\n[<ffffffff800158c0>] sys_clone+0x20/0x30\n[<ffffffff800039e8>] ret_from_syscall+0x0/0x4\n---[ end Kernel panic - not syncing: stack-protector:\nKernel stack is corrupted in: __do_sys_newfstatat+0xb8/0xb8 ]---\n\nThat is because the kprobe's ebreak instruction broke the kernel's\noriginal code. The user should guarantee the correction of the probe\nposition, but it couldn't make the kernel panic.\n\nThis patch adds arch_check_kprobe in arch_prepare_kprobe to prevent an\nillegal position (Such as the middle of an instruction)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c22b0bcb1dd024cb9caad9230e3a387d8b061df5",
"version_value": "04a73558209554da17f46490ec4faaaf1b2bab68"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/04a73558209554da17f46490ec4faaaf1b2bab68",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/04a73558209554da17f46490ec4faaaf1b2bab68"
},
{
"url": "https://git.kernel.org/stable/c/12316538b1d193064109ce1a28fc9bacd43950de",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12316538b1d193064109ce1a28fc9bacd43950de"
},
{
"url": "https://git.kernel.org/stable/c/87f48c7ccc73afc78630530d9af51f458f58cab8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87f48c7ccc73afc78630530d9af51f458f58cab8"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

167
2023/52xxx/CVE-2023-52979.json
View File

@ -1,18 +1,177 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52979",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsquashfs: harden sanity check in squashfs_read_xattr_id_table\n\nWhile mounting a corrupted filesystem, a signed integer '*xattr_ids' can\nbecome less than zero. This leads to the incorrect computation of 'len'\nand 'indexes' values which can cause null-ptr-deref in copy_bio_to_actor()\nor out-of-bounds accesses in the next sanity checks inside\nsquashfs_read_xattr_id_table().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ff49cace7b8cf00d27665f7536a863d406963d06",
"version_value": "cf5d6612092408157db6bb500c70bf6d67c40fbc"
},
{
"version_affected": "<",
"version_name": "a8717b34003f4f7353b23826617ad872f85d85d8",
"version_value": "b30a74f83265c24d1d0842c6c3928cd2e775a3fb"
},
{
"version_affected": "<",
"version_name": "3654a0ed0bdc6d70502bfc7c9fec9f1e243dfcad",
"version_value": "db76fc535fbdfbf29fd0b93e49627537ad794c8c"
},
{
"version_affected": "<",
"version_name": "bddcce15cd1fb9675ddd46a76d8fe2d0a571313b",
"version_value": "de2785aa3448d1ee7be3ab47fd4a873025f1b3d7"
},
{
"version_affected": "<",
"version_name": "506220d2ba21791314af569211ffd8870b8208fa",
"version_value": "b7398efe24a965cf3937b716c0b1011c201c5d6e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.306",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.273",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cf5d6612092408157db6bb500c70bf6d67c40fbc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cf5d6612092408157db6bb500c70bf6d67c40fbc"
},
{
"url": "https://git.kernel.org/stable/c/b30a74f83265c24d1d0842c6c3928cd2e775a3fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b30a74f83265c24d1d0842c6c3928cd2e775a3fb"
},
{
"url": "https://git.kernel.org/stable/c/db76fc535fbdfbf29fd0b93e49627537ad794c8c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/db76fc535fbdfbf29fd0b93e49627537ad794c8c"
},
{
"url": "https://git.kernel.org/stable/c/de2785aa3448d1ee7be3ab47fd4a873025f1b3d7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/de2785aa3448d1ee7be3ab47fd4a873025f1b3d7"
},
{
"url": "https://git.kernel.org/stable/c/b7398efe24a965cf3937b716c0b1011c201c5d6e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7398efe24a965cf3937b716c0b1011c201c5d6e"
},
{
"url": "https://git.kernel.org/stable/c/29e774dcb27116c06b9c57b1f1f14a1623738989",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/29e774dcb27116c06b9c57b1f1f14a1623738989"
},
{
"url": "https://git.kernel.org/stable/c/72e544b1b28325fe78a4687b980871a7e4101f76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/72e544b1b28325fe78a4687b980871a7e4101f76"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/52xxx/CVE-2023-52980.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52980",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: ublk: extending queue_size to fix overflow\n\nWhen validating drafted SPDK ublk target, in a case that\nassigning large queue depth to multiqueue ublk device,\nublk target would run into a weird incorrect state. During\nrounds of review and debug, An overflow bug was found\nin ublk driver.\n\nIn ublk_cmd.h, UBLK_MAX_QUEUE_DEPTH is 4096 which means\neach ublk queue depth can be set as large as 4096. But\nwhen setting qd for a ublk device,\nsizeof(struct ublk_queue) + depth * sizeof(struct ublk_io)\nwill be larger than 65535 if qd is larger than 2728.\nThen queue_size is overflowed, and ublk_get_queue()\nreferences a wrong pointer position. The wrong content of\nublk_queue elements will lead to out-of-bounds memory\naccess.\n\nExtend queue_size in ublk_device as \"unsigned int\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "71f28f3136aff5890cd56de78abc673f8393cad9",
"version_value": "ee1e3fe4b4579f856997190a00ea4db0307b4332"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ee1e3fe4b4579f856997190a00ea4db0307b4332",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ee1e3fe4b4579f856997190a00ea4db0307b4332"
},
{
"url": "https://git.kernel.org/stable/c/29baef789c838bd5c02f50c88adbbc6b955aaf61",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/29baef789c838bd5c02f50c88adbbc6b955aaf61"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/52xxx/CVE-2023-52981.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52981",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Fix request ref counting during error capture & debugfs dump\n\nWhen GuC support was added to error capture, the reference counting\naround the request object was broken. Fix it up.\n\nThe context based search manages the spinlocking around the search\ninternally. So it needs to grab the reference count internally as\nwell. The execlist only request based search relies on external\nlocking, so it needs an external reference count but within the\nspinlock not outside it.\n\nThe only other caller of the context based search is the code for\ndumping engine state to debugfs. That code wasn't previously getting\nan explicit reference at all as it does everything while holding the\nexeclist specific spinlock. So, that needs updaing as well as that\nspinlock doesn't help when using GuC submission. Rather than trying to\nconditionally get/put depending on submission model, just change it to\nalways do the get/put.\n\nv2: Explicitly document adding an extra blank line in some dense code\n(Andy Shevchenko). Fix multiple potential null pointer derefs in case\nof no request found (some spotted by Tvrtko, but there was more!).\nAlso fix a leaked request in case of !started and another in\n__guc_reset_context now that intel_context_find_active_request is\nactually reference counting the returned request.\nv3: Add a _get suffix to intel_context_find_active_request now that it\ngrabs a reference (Daniele).\nv4: Split the intel_guc_find_hung_context change to a separate patch\nand rename intel_context_find_active_request_get to\nintel_context_get_active_request (Tvrtko).\nv5: s/locking/reference counting/ in commit message (Tvrtko)\n\n(cherry picked from commit 3700e353781e27f1bc7222f51f2cc36cbeb9b4ec)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "573ba126aef37c8315e5bb68d2dad515efa96994",
"version_value": "9467397f417dd7b5d0db91452f0474e79716a527"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9467397f417dd7b5d0db91452f0474e79716a527",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9467397f417dd7b5d0db91452f0474e79716a527"
},
{
"url": "https://git.kernel.org/stable/c/86d8ddc74124c3fdfc139f246ba6da15e45e86e3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/86d8ddc74124c3fdfc139f246ba6da15e45e86e3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/52xxx/CVE-2023-52982.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52982",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfscache: Use wait_on_bit() to wait for the freeing of relinquished volume\n\nThe freeing of relinquished volume will wake up the pending volume\nacquisition by using wake_up_bit(), however it is mismatched with\nwait_var_event() used in fscache_wait_on_volume_collision() and it will\nnever wake up the waiter in the wait-queue because these two functions\noperate on different wait-queues.\n\nAccording to the implementation in fscache_wait_on_volume_collision(),\nif the wake-up of pending acquisition is delayed longer than 20 seconds\n(e.g., due to the delay of on-demand fd closing), the first\nwait_var_event_timeout() will timeout and the following wait_var_event()\nwill hang forever as shown below:\n\n FS-Cache: Potential volume collision new=00000024 old=00000022\n ......\n INFO: task mount:1148 blocked for more than 122 seconds.\n Not tainted 6.1.0-rc6+ #1\n task:mount state:D stack:0 pid:1148 ppid:1\n Call Trace:\n <TASK>\n __schedule+0x2f6/0xb80\n schedule+0x67/0xe0\n fscache_wait_on_volume_collision.cold+0x80/0x82\n __fscache_acquire_volume+0x40d/0x4e0\n erofs_fscache_register_volume+0x51/0xe0 [erofs]\n erofs_fscache_register_fs+0x19c/0x240 [erofs]\n erofs_fc_fill_super+0x746/0xaf0 [erofs]\n vfs_get_super+0x7d/0x100\n get_tree_nodev+0x16/0x20\n erofs_fc_get_tree+0x20/0x30 [erofs]\n vfs_get_tree+0x24/0xb0\n path_mount+0x2fa/0xa90\n do_mount+0x7c/0xa0\n __x64_sys_mount+0x8b/0xe0\n do_syscall_64+0x30/0x60\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nConsidering that wake_up_bit() is more selective, so fix it by using\nwait_on_bit() instead of wait_var_event() to wait for the freeing of\nrelinquished volume. In addition because waitqueue_active() is used in\nwake_up_bit() and clear_bit() doesn't imply any memory barrier, use\nclear_and_wake_up_bit() to add the missing memory barrier between\ncursor->flags and waitqueue_active()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "62ab63352350e881ae693a8236b35d7d0516c78b",
"version_value": "3be069f42a7b79d3149194f21cdf24bf23864cac"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3be069f42a7b79d3149194f21cdf24bf23864cac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3be069f42a7b79d3149194f21cdf24bf23864cac"
},
{
"url": "https://git.kernel.org/stable/c/8226e37d82f43657da34dd770e2b38f20242ada7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8226e37d82f43657da34dd770e2b38f20242ada7"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

97
2023/52xxx/CVE-2023-52983.json
View File

@ -1,18 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52983",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix uaf for bfqq in bic_set_bfqq()\n\nAfter commit 64dc8c732f5c (\"block, bfq: fix possible uaf for 'bfqq->bic'\"),\nbic->bfqq will be accessed in bic_set_bfqq(), however, in some context\nbic->bfqq will be freed, and bic_set_bfqq() is called with the freed\nbic->bfqq.\n\nFix the problem by always freeing bfqq after bic_set_bfqq()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5533742c7cb1bc9b1f0bf401cc397d44a3a9e07a",
"version_value": "7f77f3dab5066a7c9da73d72d1eee895ff84a8d5"
},
{
"version_affected": "<",
"version_name": "094f3d9314d67691cb21ba091c1b528f6e3c4893",
"version_value": "511c922c5bf6c8a166bea826e702336bc2424140"
},
{
"version_affected": "<",
"version_name": "761564d93c8265f65543acf0a576b32d66bfa26a",
"version_value": "cb1876fc33af26d00efdd473311f1b664c77c44e"
},
{
"version_affected": "<",
"version_name": "64dc8c732f5c2b406cc752e6aaa1bd5471159cab",
"version_value": "b600de2d7d3a16f9007fad1bdae82a3951a26af2"
},
{
"version_affected": "<",
"version_name": "5.15.86",
"version_value": "5.15.93"
},
{
"version_affected": "<",
"version_name": "6.1.2",
"version_value": "6.1.11"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7f77f3dab5066a7c9da73d72d1eee895ff84a8d5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7f77f3dab5066a7c9da73d72d1eee895ff84a8d5"
},
{
"url": "https://git.kernel.org/stable/c/511c922c5bf6c8a166bea826e702336bc2424140",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/511c922c5bf6c8a166bea826e702336bc2424140"
},
{
"url": "https://git.kernel.org/stable/c/cb1876fc33af26d00efdd473311f1b664c77c44e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb1876fc33af26d00efdd473311f1b664c77c44e"
},
{
"url": "https://git.kernel.org/stable/c/b600de2d7d3a16f9007fad1bdae82a3951a26af2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b600de2d7d3a16f9007fad1bdae82a3951a26af2"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

114
2023/52xxx/CVE-2023-52984.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52984",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices\n\nThe probe() function is only used for the DP83822 PHY, leaving the\nprivate data pointer uninitialized for the smaller DP83825/26 models.\nWhile all uses of the private data structure are hidden in 82822 specific\ncallbacks, configuring the interrupt is shared across all models.\nThis causes a NULL pointer dereference on the smaller PHYs as it accesses\nthe private data unchecked. Verifying the pointer avoids that."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5dc39fd5ef35bc6919759fa99246581b1adc6b82",
"version_value": "362a2f5531dc0e5b0b5b3e3a541000dbffa75461"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.10",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/362a2f5531dc0e5b0b5b3e3a541000dbffa75461",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/362a2f5531dc0e5b0b5b3e3a541000dbffa75461"
},
{
"url": "https://git.kernel.org/stable/c/2cd1e9c013ec56421c58921b1ddf1d2d53bd47fa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2cd1e9c013ec56421c58921b1ddf1d2d53bd47fa"
},
{
"url": "https://git.kernel.org/stable/c/78901b10522cdf6badf24acf65a892637596bccc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/78901b10522cdf6badf24acf65a892637596bccc"
},
{
"url": "https://git.kernel.org/stable/c/422ae7d9c7221e8d4c8526d0f54106307d69d2dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/422ae7d9c7221e8d4c8526d0f54106307d69d2dc"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/52xxx/CVE-2023-52985.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52985",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: imx8mm-verdin: Do not power down eth-phy\n\nCurrently if suspending using either freeze or memory state, the fec\ndriver tries to power down the phy which leads to crash of the kernel\nand non-responsible kernel with the following call trace:\n\n[ 24.839889 ] Call trace:\n[ 24.839892 ] phy_error+0x18/0x60\n[ 24.839898 ] kszphy_handle_interrupt+0x6c/0x80\n[ 24.839903 ] phy_interrupt+0x20/0x2c\n[ 24.839909 ] irq_thread_fn+0x30/0xa0\n[ 24.839919 ] irq_thread+0x178/0x2c0\n[ 24.839925 ] kthread+0x154/0x160\n[ 24.839932 ] ret_from_fork+0x10/0x20\n\nSince there is currently no functionality in the phy subsystem to power\ndown phys let's just disable the feature of powering-down the ethernet\nphy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6a57f224f7346c8d23596f2ef1ce360669926f54",
"version_value": "0bdd5a7b517f16fdffc444be6516c45788548d08"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0bdd5a7b517f16fdffc444be6516c45788548d08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0bdd5a7b517f16fdffc444be6516c45788548d08"
},
{
"url": "https://git.kernel.org/stable/c/39c95d0c357d7ef76aea958c1bece6b24f9b2e7e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39c95d0c357d7ef76aea958c1bece6b24f9b2e7e"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

114
2023/52xxx/CVE-2023-52986.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52986",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener\n\nA listening socket linked to a sockmap has its sk_prot overridden. It\npoints to one of the struct proto variants in tcp_bpf_prots. The variant\ndepends on the socket's family and which sockmap programs are attached.\n\nA child socket cloned from a TCP listener initially inherits their sk_prot.\nBut before cloning is finished, we restore the child's proto to the\nlistener's original non-tcp_bpf_prots one. This happens in\ntcp_create_openreq_child -> tcp_bpf_clone.\n\nToday, in tcp_bpf_clone we detect if the child's proto should be restored\nby checking only for the TCP_BPF_BASE proto variant. This is not\ncorrect. The sk_prot of listening socket linked to a sockmap can point to\nto any variant in tcp_bpf_prots.\n\nIf the listeners sk_prot happens to be not the TCP_BPF_BASE variant, then\nthe child socket unintentionally is left if the inherited sk_prot by\ntcp_bpf_clone.\n\nThis leads to issues like infinite recursion on close [1], because the\nchild state is otherwise not set up for use with tcp_bpf_prot operations.\n\nAdjust the check in tcp_bpf_clone to detect all of tcp_bpf_prots variants.\n\nNote that it wouldn't be sufficient to check the socket state when\noverriding the sk_prot in tcp_bpf_update_proto in order to always use the\nTCP_BPF_BASE variant for listening sockets. Since commit\nb8b8315e39ff (\"bpf, sockmap: Remove unhash handler for BPF sockmap usage\")\nit is possible for a socket to transition to TCP_LISTEN state while already\nlinked to a sockmap, e.g. connect() -> insert into map ->\nconnect(AF_UNSPEC) -> listen().\n\n[1]: https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e80251555f0befd1271e74b080bccf0ff0348bfc",
"version_value": "9bd6074e1872d22190a8da30e796cbf937d334f0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9bd6074e1872d22190a8da30e796cbf937d334f0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9bd6074e1872d22190a8da30e796cbf937d334f0"
},
{
"url": "https://git.kernel.org/stable/c/c681d7a4ed3d360de0574f4d6b7305a8de8dc54f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c681d7a4ed3d360de0574f4d6b7305a8de8dc54f"
},
{
"url": "https://git.kernel.org/stable/c/12b0ec7c6953e1602957926439e5297095d7d065",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12b0ec7c6953e1602957926439e5297095d7d065"
},
{
"url": "https://git.kernel.org/stable/c/ddce1e091757d0259107c6c0c7262df201de2b66",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ddce1e091757d0259107c6c0c7262df201de2b66"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/52xxx/CVE-2023-52987.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52987",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write()\n\nThe \"id\" comes from the user. Change the type to unsigned to prevent\nan array underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f4ea22f7aa7536560097d765be56445933d07e0d",
"version_value": "d52f34784e4e2f6e77671a9f104d8a69a3b5d24c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d52f34784e4e2f6e77671a9f104d8a69a3b5d24c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d52f34784e4e2f6e77671a9f104d8a69a3b5d24c"
},
{
"url": "https://git.kernel.org/stable/c/ea57680af47587397f5005d7758022441ed66d54",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ea57680af47587397f5005d7758022441ed66d54"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/52xxx/CVE-2023-52988.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52988",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()\n\nsnd_hda_get_connections() can return a negative error code.\nIt may lead to accessing 'conn' array at a negative index.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "30b4503378c976cf66201a1e81820519f6bd79ac",
"version_value": "437e50ef6290ac835d526d0e45f466a0aa69ba1b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.306",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.273",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b"
},
{
"url": "https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8"
},
{
"url": "https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c"
},
{
"url": "https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2"
},
{
"url": "https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46"
},
{
"url": "https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6"
},
{
"url": "https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/52xxx/CVE-2023-52989.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52989",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region\n\nThis patch is fix for Linux kernel v2.6.33 or later.\n\nFor request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem\nhave had an issue of use-after-free. The subsystem allows multiple\nuser space listeners to the region, while data of the payload was likely\nreleased before the listeners execute read(2) to access to it for copying\nto user space.\n\nThe issue was fixed by a commit 281e20323ab7 (\"firewire: core: fix\nuse-after-free regression in FCP handler\"). The object of payload is\nduplicated in kernel space for each listener. When the listener executes\nioctl(2) with FW_CDEV_IOC_SEND_RESPONSE request, the object is going to\nbe released.\n\nHowever, it causes memory leak since the commit relies on call of\nrelease_request() in drivers/firewire/core-cdev.c. Against the\nexpectation, the function is never called due to the design of\nrelease_client_resource(). The function delegates release task\nto caller when called with non-NULL fourth argument. The implementation\nof ioctl_send_response() is the case. It should release the object\nexplicitly.\n\nThis commit fixes the bug."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "281e20323ab72180137824a298ee9e21e6f9acf6",
"version_value": "b2cd3947d116bb9ba7ff097b5fc747a8956764db"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.33",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.33",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.306",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.273",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.232",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.168",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.93",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.11",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b2cd3947d116bb9ba7ff097b5fc747a8956764db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b2cd3947d116bb9ba7ff097b5fc747a8956764db"
},
{
"url": "https://git.kernel.org/stable/c/356ff89acdbe6a66019154bc7eb2d300f5b15103",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/356ff89acdbe6a66019154bc7eb2d300f5b15103"
},
{
"url": "https://git.kernel.org/stable/c/53785fd9b315583cf029e39f72b73d23704a2253",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/53785fd9b315583cf029e39f72b73d23704a2253"
},
{
"url": "https://git.kernel.org/stable/c/d5a2dcee53fa6e6e2822f93cb3f1b0cd23163bee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d5a2dcee53fa6e6e2822f93cb3f1b0cd23163bee"
},
{
"url": "https://git.kernel.org/stable/c/5f4543c9382ae2d5062f6aa4fecae0c9258d0b0e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f4543c9382ae2d5062f6aa4fecae0c9258d0b0e"
},
{
"url": "https://git.kernel.org/stable/c/c8bdc88216f09cb7387fedbdf613524367328616",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8bdc88216f09cb7387fedbdf613524367328616"
},
{
"url": "https://git.kernel.org/stable/c/531390a243ef47448f8bad01c186c2787666bf4d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/531390a243ef47448f8bad01c186c2787666bf4d"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2023/52xxx/CVE-2023-52990.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52990",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390: workaround invalid gcc-11 out of bounds read warning\n\nGCC 11.1.0 and 11.2.0 generate a wrong warning when compiling the\nkernel e.g. with allmodconfig:\n\narch/s390/kernel/setup.c: In function \u2018setup_lowcore_dat_on\u2019:\n./include/linux/fortify-string.h:57:33: error: \u2018__builtin_memcpy\u2019 reading 128 bytes from a region of size 0 [-Werror=stringop-overread]\n...\narch/s390/kernel/setup.c:526:9: note: in expansion of macro \u2018memcpy\u2019\n 526 | memcpy(abs_lc->cregs_save_area, S390_lowcore.cregs_save_area,\n | ^~~~~~\n\nThis could be addressed by using absolute_pointer() with the\nS390_lowcore macro, but this is not a good idea since this generates\nworse code for performance critical paths.\n\nTherefore simply use a for loop to copy the array in question and get\nrid of the warning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "1fc24f9da259b675c3cc74ad5aa92dac286543b3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.10",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1fc24f9da259b675c3cc74ad5aa92dac286543b3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1fc24f9da259b675c3cc74ad5aa92dac286543b3"
},
{
"url": "https://git.kernel.org/stable/c/41e1992665a2701fa025a8b76970c43b4148446f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41e1992665a2701fa025a8b76970c43b4148446f"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

114
2023/52xxx/CVE-2023-52991.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52991",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer in skb_segment_list\n\nCommit 3a1296a38d0c (\"net: Support GRO/GSO fraglist chaining.\")\nintroduced UDP listifyed GRO. The segmentation relies on frag_list being\nuntouched when passing through the network stack. This assumption can be\nbroken sometimes, where frag_list itself gets pulled into linear area,\nleaving frag_list being NULL. When this happens it can trigger\nfollowing NULL pointer dereference, and panic the kernel. Reverse the\ntest condition should fix it.\n\n[19185.577801][ C1] BUG: kernel NULL pointer dereference, address:\n...\n[19185.663775][ C1] RIP: 0010:skb_segment_list+0x1cc/0x390\n...\n[19185.834644][ C1] Call Trace:\n[19185.841730][ C1] <TASK>\n[19185.848563][ C1] __udp_gso_segment+0x33e/0x510\n[19185.857370][ C1] inet_gso_segment+0x15b/0x3e0\n[19185.866059][ C1] skb_mac_gso_segment+0x97/0x110\n[19185.874939][ C1] __skb_gso_segment+0xb2/0x160\n[19185.883646][ C1] udp_queue_rcv_skb+0xc3/0x1d0\n[19185.892319][ C1] udp_unicast_rcv_skb+0x75/0x90\n[19185.900979][ C1] ip_protocol_deliver_rcu+0xd2/0x200\n[19185.910003][ C1] ip_local_deliver_finish+0x44/0x60\n[19185.918757][ C1] __netif_receive_skb_one_core+0x8b/0xa0\n[19185.927834][ C1] process_backlog+0x88/0x130\n[19185.935840][ C1] __napi_poll+0x27/0x150\n[19185.943447][ C1] net_rx_action+0x27e/0x5f0\n[19185.951331][ C1] ? mlx5_cq_tasklet_cb+0x70/0x160 [mlx5_core]\n[19185.960848][ C1] __do_softirq+0xbc/0x25d\n[19185.968607][ C1] irq_exit_rcu+0x83/0xb0\n[19185.976247][ C1] common_interrupt+0x43/0xa0\n[19185.984235][ C1] asm_common_interrupt+0x22/0x40\n...\n[19186.094106][ C1] </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3a1296a38d0cf62bffb9a03c585cbd5dbf15d596",
"version_value": "6446369fb9f083ce032448c5047da08e298b22e6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.167",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.92",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.10",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6446369fb9f083ce032448c5047da08e298b22e6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6446369fb9f083ce032448c5047da08e298b22e6"
},
{
"url": "https://git.kernel.org/stable/c/046de74f9af92ae9ffce75fa22a1795223f4fb54",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/046de74f9af92ae9ffce75fa22a1795223f4fb54"
},
{
"url": "https://git.kernel.org/stable/c/888dad6f3e85e3b2f8389bd6478f181efc72534d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/888dad6f3e85e3b2f8389bd6478f181efc72534d"
},
{
"url": "https://git.kernel.org/stable/c/876e8ca8366735a604bac86ff7e2732fc9d85d2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/876e8ca8366735a604bac86ff7e2732fc9d85d2d"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

115
2023/52xxx/CVE-2023-52992.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52992",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Skip task with pid=1 in send_signal_common()\n\nThe following kernel panic can be triggered when a task with pid=1 attaches\na prog that attempts to send killing signal to itself, also see [1] for more\ndetails:\n\n Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b\n CPU: 3 PID: 1 Comm: systemd Not tainted 6.1.0-09652-g59fe41b5255f #148\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x100/0x178 lib/dump_stack.c:106\n panic+0x2c4/0x60f kernel/panic.c:275\n do_exit.cold+0x63/0xe4 kernel/exit.c:789\n do_group_exit+0xd4/0x2a0 kernel/exit.c:950\n get_signal+0x2460/0x2600 kernel/signal.c:2858\n arch_do_signal_or_restart+0x78/0x5d0 arch/x86/kernel/signal.c:306\n exit_to_user_mode_loop kernel/entry/common.c:168 [inline]\n exit_to_user_mode_prepare+0x15f/0x250 kernel/entry/common.c:203\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296\n do_syscall_64+0x44/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nSo skip task with pid=1 in bpf_send_signal_common() to avoid the panic.\n\n [1] https://lore.kernel.org/bpf/20221222043507.33037-1-sunhao.th@gmail.com"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "4923160393b06a34759a11b17930d71e06f396f2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.167",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.92",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.10",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/4923160393b06a34759a11b17930d71e06f396f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4923160393b06a34759a11b17930d71e06f396f2"
},
{
"url": "https://git.kernel.org/stable/c/a1c0263f1eb4deee132e11e52ee6982435460d81",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1c0263f1eb4deee132e11e52ee6982435460d81"
},
{
"url": "https://git.kernel.org/stable/c/0dfef503133565fa0bcf3268d8eeb5b181191a65",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0dfef503133565fa0bcf3268d8eeb5b181191a65"
},
{
"url": "https://git.kernel.org/stable/c/1283a01b6e19d05f7ed49584ea653947245cd41e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1283a01b6e19d05f7ed49584ea653947245cd41e"
},
{
"url": "https://git.kernel.org/stable/c/a3d81bc1eaef48e34dd0b9b48eefed9e02a06451",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a3d81bc1eaef48e34dd0b9b48eefed9e02a06451"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/52xxx/CVE-2023-52993.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52993",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL\n\nBaoquan reported that after triggering a crash the subsequent crash-kernel\nfails to boot about half of the time. It triggers a NULL pointer\ndereference in the periodic tick code.\n\nThis happens because the legacy timer interrupt (IRQ0) is resent in\nsoftware which happens in soft interrupt (tasklet) context. In this context\nget_irq_regs() returns NULL which leads to the NULL pointer dereference.\n\nThe reason for the resend is a spurious APIC interrupt on the IRQ0 vector\nwhich is captured and leads to a resend when the legacy timer interrupt is\nenabled. This is wrong because the legacy PIC interrupts are level\ntriggered and therefore should never be resent in software, but nothing\never sets the IRQ_LEVEL flag on those interrupts, so the core code does not\nknow about their trigger type.\n\nEnsure that IRQ_LEVEL is set when the legacy PCI interrupts are set up."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a4633adcdbc15ac51afcd0e1395de58cee27cf92",
"version_value": "744fe9be9665227335539b7a77ece8d9ff62b6c0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/744fe9be9665227335539b7a77ece8d9ff62b6c0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/744fe9be9665227335539b7a77ece8d9ff62b6c0"
},
{
"url": "https://git.kernel.org/stable/c/496975d1a2937f4baadf3d985991b13fc4fc4f27",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/496975d1a2937f4baadf3d985991b13fc4fc4f27"
},
{
"url": "https://git.kernel.org/stable/c/8770cd9d7c14aa99c255a0d08186f0be953e1638",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8770cd9d7c14aa99c255a0d08186f0be953e1638"
},
{
"url": "https://git.kernel.org/stable/c/e284c273dbb4c1ed68d4204bff94d0b10e4a90f5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e284c273dbb4c1ed68d4204bff94d0b10e4a90f5"
},
{
"url": "https://git.kernel.org/stable/c/0b08201158f177aab469e356b4d6af24fdd118df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0b08201158f177aab469e356b4d6af24fdd118df"
},
{
"url": "https://git.kernel.org/stable/c/137f1b47da5f58805da42c1b7811e28c1e353f39",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/137f1b47da5f58805da42c1b7811e28c1e353f39"
},
{
"url": "https://git.kernel.org/stable/c/5fa55950729d0762a787451dc52862c3f850f859",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5fa55950729d0762a787451dc52862c3f850f859"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

72
2023/52xxx/CVE-2023-52994.json
View File

@ -1,18 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52994",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: Fix suspend with Xen PV\n\nCommit f1e525009493 (\"x86/boot: Skip realmode init code when running as\nXen PV guest\") missed one code path accessing real_mode_header, leading\nto dereferencing NULL when suspending the system under Xen:\n\n [ 348.284004] PM: suspend entry (deep)\n [ 348.289532] Filesystems sync: 0.005 seconds\n [ 348.291545] Freezing user space processes ... (elapsed 0.000 seconds) done.\n [ 348.292457] OOM killer disabled.\n [ 348.292462] Freezing remaining freezable tasks ... (elapsed 0.104 seconds) done.\n [ 348.396612] printk: Suspending console(s) (use no_console_suspend to debug)\n [ 348.749228] PM: suspend devices took 0.352 seconds\n [ 348.769713] ACPI: EC: interrupt blocked\n [ 348.816077] BUG: kernel NULL pointer dereference, address: 000000000000001c\n [ 348.816080] #PF: supervisor read access in kernel mode\n [ 348.816081] #PF: error_code(0x0000) - not-present page\n [ 348.816083] PGD 0 P4D 0\n [ 348.816086] Oops: 0000 [#1] PREEMPT SMP NOPTI\n [ 348.816089] CPU: 0 PID: 6764 Comm: systemd-sleep Not tainted 6.1.3-1.fc32.qubes.x86_64 #1\n [ 348.816092] Hardware name: Star Labs StarBook/StarBook, BIOS 8.01 07/03/2022\n [ 348.816093] RIP: e030:acpi_get_wakeup_address+0xc/0x20\n\nFix that by adding an optional acpi callback allowing to skip setting\nthe wakeup address, as in the Xen PV case this will be handled by the\nhypervisor anyway."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b1898793777fe10a31c160bb8bc385d6eea640c6",
"version_value": "b96903b7fc8c82ddfd92df4cdd83db3e567da0a5"
},
{
"version_affected": "<",
"version_name": "f1e525009493cbd569e7c8dd7d58157855f8658d",
"version_value": "fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41"
},
{
"version_affected": "<",
"version_name": "6.1.2",
"version_value": "6.1.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b96903b7fc8c82ddfd92df4cdd83db3e567da0a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b96903b7fc8c82ddfd92df4cdd83db3e567da0a5"
},
{
"url": "https://git.kernel.org/stable/c/fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2023/52xxx/CVE-2023-52995.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52995",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv/kprobe: Fix instruction simulation of JALR\n\nSet kprobe at 'jalr 1140(ra)' of vfs_write results in the following\ncrash:\n\n[ 32.092235] Unable to handle kernel access to user memory without uaccess routines at virtual address 00aaaaaad77b1170\n[ 32.093115] Oops [#1]\n[ 32.093251] Modules linked in:\n[ 32.093626] CPU: 0 PID: 135 Comm: ftracetest Not tainted 6.2.0-rc2-00013-gb0aa5e5df0cb-dirty #16\n[ 32.093985] Hardware name: riscv-virtio,qemu (DT)\n[ 32.094280] epc : ksys_read+0x88/0xd6\n[ 32.094855] ra : ksys_read+0xc0/0xd6\n[ 32.095016] epc : ffffffff801cda80 ra : ffffffff801cdab8 sp : ff20000000d7bdc0\n[ 32.095227] gp : ffffffff80f14000 tp : ff60000080f9cb40 t0 : ffffffff80f13e80\n[ 32.095500] t1 : ffffffff8000c29c t2 : ffffffff800dbc54 s0 : ff20000000d7be60\n[ 32.095716] s1 : 0000000000000000 a0 : ffffffff805a64ae a1 : ffffffff80a83708\n[ 32.095921] a2 : ffffffff80f160a0 a3 : 0000000000000000 a4 : f229b0afdb165300\n[ 32.096171] a5 : f229b0afdb165300 a6 : ffffffff80eeebd0 a7 : 00000000000003ff\n[ 32.096411] s2 : ff6000007ff76800 s3 : fffffffffffffff7 s4 : 00aaaaaad77b1170\n[ 32.096638] s5 : ffffffff80f160a0 s6 : ff6000007ff76800 s7 : 0000000000000030\n[ 32.096865] s8 : 00ffffffc3d97be0 s9 : 0000000000000007 s10: 00aaaaaad77c9410\n[ 32.097092] s11: 0000000000000000 t3 : ffffffff80f13e48 t4 : ffffffff8000c29c\n[ 32.097317] t5 : ffffffff8000c29c t6 : ffffffff800dbc54\n[ 32.097505] status: 0000000200000120 badaddr: 00aaaaaad77b1170 cause: 000000000000000d\n[ 32.098011] [<ffffffff801cdb72>] ksys_write+0x6c/0xd6\n[ 32.098222] [<ffffffff801cdc06>] sys_write+0x2a/0x38\n[ 32.098405] [<ffffffff80003c76>] ret_from_syscall+0x0/0x2\n\nSince the rs1 and rd might be the same one, such as 'jalr 1140(ra)',\nhence it requires obtaining the target address from rs1 followed by\nupdating rd.\n\n[Palmer: Pick Guo's cleanup]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c22b0bcb1dd024cb9caad9230e3a387d8b061df5",
"version_value": "614471b7f7cd28a2c96ab9c90b37471c82258ffb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/614471b7f7cd28a2c96ab9c90b37471c82258ffb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/614471b7f7cd28a2c96ab9c90b37471c82258ffb"
},
{
"url": "https://git.kernel.org/stable/c/f4c8fc775fcbc9e9047b22671c55ca18f9a127d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f4c8fc775fcbc9e9047b22671c55ca18f9a127d4"
},
{
"url": "https://git.kernel.org/stable/c/ca0254998be4d74cf6add70ccfab0d2dbd362a10",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ca0254998be4d74cf6add70ccfab0d2dbd362a10"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2023/52xxx/CVE-2023-52996.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: prevent potential spectre v1 gadget in fib_metrics_match()\n\nif (!type)\n continue;\n if (type > RTAX_MAX)\n return false;\n ...\n fi_val = fi->fib_metrics->metrics[type - 1];\n\n@type being used as an array index, we need to prevent\ncpu speculation or risk leaking kernel memory content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5f9ae3d9e7e4ad6db0491abc7c4ae5452dbeadd8",
"version_value": "8f0eb24f1a7a60ce635f0d757a46f1a37a4d467d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8f0eb24f1a7a60ce635f0d757a46f1a37a4d467d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8f0eb24f1a7a60ce635f0d757a46f1a37a4d467d"
},
{
"url": "https://git.kernel.org/stable/c/7f9828fb1f688210e681268490576f0ca65c322a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7f9828fb1f688210e681268490576f0ca65c322a"
},
{
"url": "https://git.kernel.org/stable/c/ca3cf947760de050d558293002ad3e7f4b8745d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ca3cf947760de050d558293002ad3e7f4b8745d2"
},
{
"url": "https://git.kernel.org/stable/c/f9753ebd61be2d957b5504cbd3fd719674f05b7a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f9753ebd61be2d957b5504cbd3fd719674f05b7a"
},
{
"url": "https://git.kernel.org/stable/c/5e9398a26a92fc402d82ce1f97cc67d832527da0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5e9398a26a92fc402d82ce1f97cc67d832527da0"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

136
2023/52xxx/CVE-2023-52997.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52997",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: prevent potential spectre v1 gadget in ip_metrics_convert()\n\nif (!type)\n\t\tcontinue;\n\tif (type > RTAX_MAX)\n\t\treturn -EINVAL;\n\t...\n\tmetrics[type - 1] = val;\n\n@type being used as an array index, we need to prevent\ncpu speculation or risk leaking kernel memory content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6cf9dfd3bd62edfff69f11c0f111bc261166e4c7",
"version_value": "ef050cf5fb70d995a0d03244e25179b7c66a924a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.3",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ef050cf5fb70d995a0d03244e25179b7c66a924a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ef050cf5fb70d995a0d03244e25179b7c66a924a"
},
{
"url": "https://git.kernel.org/stable/c/746db9ec1e672eee13965625ddac0d97e16fa20c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/746db9ec1e672eee13965625ddac0d97e16fa20c"
},
{
"url": "https://git.kernel.org/stable/c/34c6142f0df9cd75cba5a7aa9df0960d2854b415",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/34c6142f0df9cd75cba5a7aa9df0960d2854b415"
},
{
"url": "https://git.kernel.org/stable/c/d50e7348b44f1e046121ff5be01b7fb6978a1149",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d50e7348b44f1e046121ff5be01b7fb6978a1149"
},
{
"url": "https://git.kernel.org/stable/c/6850fe301d015a7d2012d1de8caf43dafb7cc2f6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6850fe301d015a7d2012d1de8caf43dafb7cc2f6"
},
{
"url": "https://git.kernel.org/stable/c/1d1d63b612801b3f0a39b7d4467cad0abd60e5c8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d1d63b612801b3f0a39b7d4467cad0abd60e5c8"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/52xxx/CVE-2023-52998.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52998",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: Use page_pool_put_full_page when freeing rx buffers\n\nThe page_pool_release_page was used when freeing rx buffers, and this\nfunction just unmaps the page (if mapped) and does not recycle the page.\nSo after hundreds of down/up the eth0, the system will out of memory.\nFor more details, please refer to the following reproduce steps and\nbug logs. To solve this issue and refer to the doc of page pool, the\npage_pool_put_full_page should be used to replace page_pool_release_page.\nBecause this API will try to recycle the page if the page refcnt equal to\n1. After testing 20000 times, the issue can not be reproduced anymore\n(about testing 391 times the issue will occur on i.MX8MN-EVK before).\n\nReproduce steps:\nCreate the test script and run the script. The script content is as\nfollows:\nLOOPS=20000\ni=1\nwhile [ $i -le $LOOPS ]\ndo\n echo \"TINFO:ENET $curface up and down test $i times\"\n org_macaddr=$(cat /sys/class/net/eth0/address)\n ifconfig eth0 down\n ifconfig eth0 hw ether $org_macaddr up\n i=$(expr $i + 1)\ndone\nsleep 5\nif cat /sys/class/net/eth0/operstate | grep 'up';then\n echo \"TEST PASS\"\nelse\n echo \"TEST FAIL\"\nfi\n\nBug detail logs:\nTINFO:ENET up and down test 391 times\n[ 850.471205] Qualcomm Atheros AR8031/AR8033 30be0000.ethernet-1:00: attached PHY driver (mii_bus:phy_addr=30be0000.ethernet-1:00, irq=POLL)\n[ 853.535318] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready\n[ 853.541694] fec 30be0000.ethernet eth0: Link is Up - 1Gbps/Full - flow control rx/tx\n[ 870.590531] page_pool_release_retry() stalled pool shutdown 199 inflight 60 sec\n[ 931.006557] page_pool_release_retry() stalled pool shutdown 199 inflight 120 sec\nTINFO:ENET up and down test 392 times\n[ 991.426544] page_pool_release_retry() stalled pool shutdown 192 inflight 181 sec\n[ 1051.838531] page_pool_release_retry() stalled pool shutdown 170 inflight 241 sec\n[ 1093.751217] Qualcomm Atheros AR8031/AR8033 30be0000.ethernet-1:00: attached PHY driver (mii_bus:phy_addr=30be0000.ethernet-1:00, irq=POLL)\n[ 1096.446520] page_pool_release_retry() stalled pool shutdown 308 inflight 60 sec\n[ 1096.831245] fec 30be0000.ethernet eth0: Link is Up - 1Gbps/Full - flow control rx/tx\n[ 1096.839092] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready\n[ 1112.254526] page_pool_release_retry() stalled pool shutdown 103 inflight 302 sec\n[ 1156.862533] page_pool_release_retry() stalled pool shutdown 308 inflight 120 sec\n[ 1172.674516] page_pool_release_retry() stalled pool shutdown 103 inflight 362 sec\n[ 1217.278532] page_pool_release_retry() stalled pool shutdown 308 inflight 181 sec\nTINFO:ENET up and down test 393 times\n[ 1233.086535] page_pool_release_retry() stalled pool shutdown 103 inflight 422 sec\n[ 1277.698513] page_pool_release_retry() stalled pool shutdown 308 inflight 241 sec\n[ 1293.502525] page_pool_release_retry() stalled pool shutdown 86 inflight 483 sec\n[ 1338.110518] page_pool_release_retry() stalled pool shutdown 308 inflight 302 sec\n[ 1353.918540] page_pool_release_retry() stalled pool shutdown 32 inflight 543 sec\n[ 1361.179205] Qualcomm Atheros AR8031/AR8033 30be0000.ethernet-1:00: attached PHY driver (mii_bus:phy_addr=30be0000.ethernet-1:00, irq=POLL)\n[ 1364.255298] fec 30be0000.ethernet eth0: Link is Up - 1Gbps/Full - flow control rx/tx\n[ 1364.263189] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready\n[ 1371.998532] page_pool_release_retry() stalled pool shutdown 310 inflight 60 sec\n[ 1398.530542] page_pool_release_retry() stalled pool shutdown 308 inflight 362 sec\n[ 1414.334539] page_pool_release_retry() stalled pool shutdown 16 inflight 604 sec\n[ 1432.414520] page_pool_release_retry() stalled pool shutdown 310 inflight 120 sec\n[ 1458.942523] page_pool_release_retry() stalled pool shutdown 308 inflight 422 sec\n[ 1474.750521] page_pool_release_retry() stalled pool shutdown 16 inflight 664 sec\nTINFO:ENET up and down test 394 times\n[ 1492.8305\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "95698ff6177b5f1f13f251da60e7348413046ae4",
"version_value": "554484a34e985a307756ee4794e60be31e3db2e5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/554484a34e985a307756ee4794e60be31e3db2e5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/554484a34e985a307756ee4794e60be31e3db2e5"
},
{
"url": "https://git.kernel.org/stable/c/e38553bdc377e3e7a6caa9dd9770d8b644d8dac3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e38553bdc377e3e7a6caa9dd9770d8b644d8dac3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

156
2023/52xxx/CVE-2023-52999.json
View File

@ -1,18 +1,166 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52999",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix UaF in netns ops registration error path\n\nIf net_assign_generic() fails, the current error path in ops_init() tries\nto clear the gen pointer slot. Anyway, in such error path, the gen pointer\nitself has not been modified yet, and the existing and accessed one is\nsmaller than the accessed index, causing an out-of-bounds error:\n\n BUG: KASAN: slab-out-of-bounds in ops_init+0x2de/0x320\n Write of size 8 at addr ffff888109124978 by task modprobe/1018\n\n CPU: 2 PID: 1018 Comm: modprobe Not tainted 6.2.0-rc2.mptcp_ae5ac65fbed5+ #1641\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.1-2.fc37 04/01/2014\n Call Trace:\n <TASK>\n dump_stack_lvl+0x6a/0x9f\n print_address_description.constprop.0+0x86/0x2b5\n print_report+0x11b/0x1fb\n kasan_report+0x87/0xc0\n ops_init+0x2de/0x320\n register_pernet_operations+0x2e4/0x750\n register_pernet_subsys+0x24/0x40\n tcf_register_action+0x9f/0x560\n do_one_initcall+0xf9/0x570\n do_init_module+0x190/0x650\n load_module+0x1fa5/0x23c0\n __do_sys_finit_module+0x10d/0x1b0\n do_syscall_64+0x58/0x80\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n RIP: 0033:0x7f42518f778d\n Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48\n 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff\n ff 73 01 c3 48 8b 0d cb 56 2c 00 f7 d8 64 89 01 48\n RSP: 002b:00007fff96869688 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n RAX: ffffffffffffffda RBX: 00005568ef7f7c90 RCX: 00007f42518f778d\n RDX: 0000000000000000 RSI: 00005568ef41d796 RDI: 0000000000000003\n RBP: 00005568ef41d796 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000\n R13: 00005568ef7f7d30 R14: 0000000000040000 R15: 0000000000000000\n </TASK>\n\nThis change addresses the issue by skipping the gen pointer\nde-reference in the mentioned error-path.\n\nFound by code inspection and verified with explicit error injection\non a kasan-enabled kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5a2ea549be94924364f6911227d99be86e8cf34a",
"version_value": "ad0dfe9bcf0d78e699c7efb64c90ed062dc48bea"
},
{
"version_affected": "<",
"version_name": "97ad240fd9aa9214497d14af2b91608e20856cac",
"version_value": "ddd49cbbd4c1ceb38032018b589b44208e54f55e"
},
{
"version_affected": "<",
"version_name": "c3edc6e808209aa705185f732e682a370981ced1",
"version_value": "d4c008f3b7f7d4ffd311eb2dae5e75b3cbddacd0"
},
{
"version_affected": "<",
"version_name": "a1e18acb0246bfb001b08b8b1b830b5ec92a0f13",
"version_value": "66689a72ba73575e76d4f6a8748d3fa2690ec1c4"
},
{
"version_affected": "<",
"version_name": "d266935ac43d57586e311a087510fe6a084af742",
"version_value": "12075708f2e77ee6a9f8bb2cf512c38be3099794"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ad0dfe9bcf0d78e699c7efb64c90ed062dc48bea",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad0dfe9bcf0d78e699c7efb64c90ed062dc48bea"
},
{
"url": "https://git.kernel.org/stable/c/ddd49cbbd4c1ceb38032018b589b44208e54f55e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ddd49cbbd4c1ceb38032018b589b44208e54f55e"
},
{
"url": "https://git.kernel.org/stable/c/d4c008f3b7f7d4ffd311eb2dae5e75b3cbddacd0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d4c008f3b7f7d4ffd311eb2dae5e75b3cbddacd0"
},
{
"url": "https://git.kernel.org/stable/c/66689a72ba73575e76d4f6a8748d3fa2690ec1c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66689a72ba73575e76d4f6a8748d3fa2690ec1c4"
},
{
"url": "https://git.kernel.org/stable/c/12075708f2e77ee6a9f8bb2cf512c38be3099794",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12075708f2e77ee6a9f8bb2cf512c38be3099794"
},
{
"url": "https://git.kernel.org/stable/c/71ab9c3e2253619136c31c89dbb2c69305cc89b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/71ab9c3e2253619136c31c89dbb2c69305cc89b1"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2023/53xxx/CVE-2023-53000.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53000",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: prevent potential spectre v1 gadgets\n\nMost netlink attributes are parsed and validated from\n__nla_validate_parse() or validate_nla()\n\n u16 type = nla_type(nla);\n\n if (type == 0 || type > maxtype) {\n /* error or continue */\n }\n\n@type is then used as an array index and can be used\nas a Spectre v1 gadget.\n\narray_index_nospec() can be used to prevent leaking\ncontent of kernel memory to malicious users.\n\nThis should take care of vast majority of netlink uses,\nbut an audit is needed to take care of others where\nvalidation is not yet centralized in core netlink functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bfa83a9e03cf8d501c6272999843470afecb32ed",
"version_value": "3e5082b1c66c7783fbcd79b5b178573230e528ff"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3e5082b1c66c7783fbcd79b5b178573230e528ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3e5082b1c66c7783fbcd79b5b178573230e528ff"
},
{
"url": "https://git.kernel.org/stable/c/539ca5dcbc91134bbe2c45677811c31d8b030d2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/539ca5dcbc91134bbe2c45677811c31d8b030d2d"
},
{
"url": "https://git.kernel.org/stable/c/41b74e95f297ac360ca7ed6bf200100717cb6c45",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41b74e95f297ac360ca7ed6bf200100717cb6c45"
},
{
"url": "https://git.kernel.org/stable/c/992e4ff7116a77968039277b5d6aaa535c2f2184",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/992e4ff7116a77968039277b5d6aaa535c2f2184"
},
{
"url": "https://git.kernel.org/stable/c/f0950402e8c76e7dcb08563f1b4e8000fbc62455",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f0950402e8c76e7dcb08563f1b4e8000fbc62455"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2023/53xxx/CVE-2023-53001.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/drm_vma_manager: Add drm_vma_node_allow_once()\n\nCurrently there is no easy way for a drm driver to safely check and allow\ndrm_vma_offset_node for a drm file just once. Allow drm drivers to call\nnon-refcounted version of drm_vma_node_allow() so that a driver doesn't\nneed to keep track of each drm_vma_node_allow() to call subsequent\ndrm_vma_node_revoke() to prevent memory leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "67444f8ca31cdaf45e0b761241ad49b1ae04bcf9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/67444f8ca31cdaf45e0b761241ad49b1ae04bcf9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/67444f8ca31cdaf45e0b761241ad49b1ae04bcf9"
},
{
"url": "https://git.kernel.org/stable/c/899d3a3c19ac0e5da013ce34833dccb97d19b5e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/899d3a3c19ac0e5da013ce34833dccb97d19b5e4"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/53xxx/CVE-2023-53002.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Fix a memory leak with reused mmap_offset\n\ndrm_vma_node_allow() and drm_vma_node_revoke() should be called in\nbalanced pairs. We call drm_vma_node_allow() once per-file everytime a\nuser calls mmap_offset, but only call drm_vma_node_revoke once per-file\non each mmap_offset. As the mmap_offset is reused by the client, the\nper-file vm_count may remain non-zero and the rbtree leaked.\n\nCall drm_vma_node_allow_once() instead to prevent that memory leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7865559872074a9ab169c87915504661d630addf",
"version_value": "0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb"
},
{
"url": "https://git.kernel.org/stable/c/0220e4fe178c3390eb0291cdb34912d66972db8a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0220e4fe178c3390eb0291cdb34912d66972db8a"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2023/53xxx/CVE-2023-53003.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53003",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info\n\nThe memory for llcc_driv_data is allocated by the LLCC driver. But when\nit is passed as the private driver info to the EDAC core, it will get freed\nduring the qcom_edac driver release. So when the qcom_edac driver gets probed\nagain, it will try to use the freed data leading to the use-after-free bug.\n\nHence, do not pass llcc_driv_data as pvt_info but rather reference it\nusing the platform_data pointer in the qcom_edac driver."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "27450653f1db0b9d5b5048a246c850c52ee4aa61",
"version_value": "66e10d5f399629ef7877304d9ba2b35d0474e7eb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/66e10d5f399629ef7877304d9ba2b35d0474e7eb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66e10d5f399629ef7877304d9ba2b35d0474e7eb"
},
{
"url": "https://git.kernel.org/stable/c/76d9ebb7f0bc10fbc78b6d576751552edf743968",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/76d9ebb7f0bc10fbc78b6d576751552edf743968"
},
{
"url": "https://git.kernel.org/stable/c/bff5243bd32661cf9ce66f6d9210fc8f89bda145",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bff5243bd32661cf9ce66f6d9210fc8f89bda145"
},
{
"url": "https://git.kernel.org/stable/c/6f0351d0c311951b8b3064db91e61841e85b2b96",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f0351d0c311951b8b3064db91e61841e85b2b96"
},
{
"url": "https://git.kernel.org/stable/c/977c6ba624f24ae20cf0faee871257a39348d4a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/977c6ba624f24ae20cf0faee871257a39348d4a9"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/53xxx/CVE-2023-53004.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53004",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix tmpfile leak\n\nMissed an error cleanup."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2b1a77461f1602f870d6fe61fc65610bb8c8dd05",
"version_value": "caa0ea92503f8afa1941f6ac899e5c4e3f6ec8bb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/caa0ea92503f8afa1941f6ac899e5c4e3f6ec8bb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/caa0ea92503f8afa1941f6ac899e5c4e3f6ec8bb"
},
{
"url": "https://git.kernel.org/stable/c/baabaa505563362b71f2637aedd7b807d270656c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/baabaa505563362b71f2637aedd7b807d270656c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

136
2023/53xxx/CVE-2023-53005.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53005",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntrace_events_hist: add check for return value of 'create_hist_field'\n\nFunction 'create_hist_field' is called recursively at\ntrace_events_hist.c:1954 and can return NULL-value that's why we have\nto check it to avoid null pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "30350d65ac5676c6d08d4fc935bc9a9cb0fd4ed3",
"version_value": "d2d1ada58e7cc100b8d7d6b082d19321ba4a700a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.17",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d2d1ada58e7cc100b8d7d6b082d19321ba4a700a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d2d1ada58e7cc100b8d7d6b082d19321ba4a700a"
},
{
"url": "https://git.kernel.org/stable/c/31b2414abeaa6de0490e85164badc6dcb1bb8ec9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31b2414abeaa6de0490e85164badc6dcb1bb8ec9"
},
{
"url": "https://git.kernel.org/stable/c/886aa449235f478e262bbd5dcdee6ed6bc202949",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/886aa449235f478e262bbd5dcdee6ed6bc202949"
},
{
"url": "https://git.kernel.org/stable/c/592ba7116fa620425725ff0972691f352ba3caf6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/592ba7116fa620425725ff0972691f352ba3caf6"
},
{
"url": "https://git.kernel.org/stable/c/b4e7e81b4fdfcf457daee6b7a61769f62198d840",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4e7e81b4fdfcf457daee6b7a61769f62198d840"
},
{
"url": "https://git.kernel.org/stable/c/8b152e9150d07a885f95e1fd401fc81af202d9a4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b152e9150d07a885f95e1fd401fc81af202d9a4"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

136
2023/53xxx/CVE-2023-53006.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53006",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix oops due to uncleared server->smbd_conn in reconnect\n\nIn smbd_destroy(), clear the server->smbd_conn pointer after freeing the\nsmbd_connection struct that it points to so that reconnection doesn't get\nconfused."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8ef130f9ec27973f7b49e20c5a3b9134ca33026c",
"version_value": "a9640c0b268405f2540e8203a545e930ea88bb7d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a9640c0b268405f2540e8203a545e930ea88bb7d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a9640c0b268405f2540e8203a545e930ea88bb7d"
},
{
"url": "https://git.kernel.org/stable/c/91be54849d5392050f5b847b42bd5e6221551ac8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91be54849d5392050f5b847b42bd5e6221551ac8"
},
{
"url": "https://git.kernel.org/stable/c/e037baee16e0b9ace7e730888fcae9cec11daff2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e037baee16e0b9ace7e730888fcae9cec11daff2"
},
{
"url": "https://git.kernel.org/stable/c/4b83bc6f87eedab4599b0123e572a422689444be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b83bc6f87eedab4599b0123e572a422689444be"
},
{
"url": "https://git.kernel.org/stable/c/5109607a4ece7cd8536172bf7549eb4dce1f3576",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5109607a4ece7cd8536172bf7549eb4dce1f3576"
},
{
"url": "https://git.kernel.org/stable/c/b7ab9161cf5ddc42a288edf9d1a61f3bdffe17c7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b7ab9161cf5ddc42a288edf9d1a61f3bdffe17c7"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/53xxx/CVE-2023-53007.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53007",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Make sure trace_printk() can output as soon as it can be used\n\nCurrently trace_printk() can be used as soon as early_trace_init() is\ncalled from start_kernel(). But if a crash happens, and\n\"ftrace_dump_on_oops\" is set on the kernel command line, all you get will\nbe:\n\n [ 0.456075] <idle>-0 0dN.2. 347519us : Unknown type 6\n [ 0.456075] <idle>-0 0dN.2. 353141us : Unknown type 6\n [ 0.456075] <idle>-0 0dN.2. 358684us : Unknown type 6\n\nThis is because the trace_printk() event (type 6) hasn't been registered\nyet. That gets done via an early_initcall(), which may be early, but not\nearly enough.\n\nInstead of registering the trace_printk() event (and other ftrace events,\nwhich are not trace events) via an early_initcall(), have them registered at\nthe same time that trace_printk() can be used. This way, if there is a\ncrash before early_initcall(), then the trace_printk()s will actually be\nuseful."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e725c731e3bb1e892e7b564c945b121cb41d1087",
"version_value": "f97eb0ab066133483a65c93eb894748de2f6b598"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f97eb0ab066133483a65c93eb894748de2f6b598",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f97eb0ab066133483a65c93eb894748de2f6b598"
},
{
"url": "https://git.kernel.org/stable/c/b94d7c7654356860dd7719120c7d15ba38b6162a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b94d7c7654356860dd7719120c7d15ba38b6162a"
},
{
"url": "https://git.kernel.org/stable/c/76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce"
},
{
"url": "https://git.kernel.org/stable/c/de3930a4883ddad2244efd6d349013294c62c75c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/de3930a4883ddad2244efd6d349013294c62c75c"
},
{
"url": "https://git.kernel.org/stable/c/b0af180514edea6c83dc9a299d9f383009c99f25",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0af180514edea6c83dc9a299d9f383009c99f25"
},
{
"url": "https://git.kernel.org/stable/c/198c83963f6335ca6d690cff067679560f2a3a22",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/198c83963f6335ca6d690cff067679560f2a3a22"
},
{
"url": "https://git.kernel.org/stable/c/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2023/53xxx/CVE-2023-53008.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53008",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential memory leaks in session setup\n\nMake sure to free cifs_ses::auth_key.response before allocating it as\nwe might end up leaking memory in reconnect or mounting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b"
},
{
"url": "https://git.kernel.org/stable/c/2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

82
2023/53xxx/CVE-2023-53009.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53009",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Add sync after creating vram bo\n\nThere will be data corruption on vram allocated by svm\nif the initialization is not complete and application is\nwritting on the memory. Adding sync to wait for the\ninitialization completion is to resolve this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb"
},
{
"url": "https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/53xxx/CVE-2023-53010.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53010",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt: Do not read past the end of test names\n\nTest names were being concatenated based on a offset beyond the end of\nthe first name, which tripped the buffer overflow detection logic:\n\n detected buffer overflow in strnlen\n [...]\n Call Trace:\n bnxt_ethtool_init.cold+0x18/0x18\n\nRefactor struct hwrm_selftest_qlist_output to use an actual array,\nand adjust the concatenation to use snprintf() rather than a series of\nstrncat() calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "eb51365846bc418687af4c4f41b68b6e84cdd449",
"version_value": "cefa85480ac99c0bef5a09daadb48d65fc28e279"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cefa85480ac99c0bef5a09daadb48d65fc28e279",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cefa85480ac99c0bef5a09daadb48d65fc28e279"
},
{
"url": "https://git.kernel.org/stable/c/d3e599c090fc6977331150c5f0a69ab8ce87da21",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d3e599c090fc6977331150c5f0a69ab8ce87da21"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2023/53xxx/CVE-2023-53011.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53011",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: enable all safety features by default\n\nIn the original implementation of dwmac5\ncommit 8bf993a5877e (\"net: stmmac: Add support for DWMAC5 and implement Safety Features\")\nall safety features were enabled by default.\n\nLater it seems some implementations didn't have support for all the\nfeatures, so in\ncommit 5ac712dcdfef (\"net: stmmac: enable platform specific safety features\")\nthe safety_feat_cfg structure was added to the callback and defined for\nsome platforms to selectively enable these safety features.\n\nThe problem is that only certain platforms were given that software\nsupport. If the automotive safety package bit is set in the hardware\nfeatures register the safety feature callback is called for the platform,\nand for platforms that didn't get a safety_feat_cfg defined this results\nin the following NULL pointer dereference:\n\n[ 7.933303] Call trace:\n[ 7.935812] dwmac5_safety_feat_config+0x20/0x170 [stmmac]\n[ 7.941455] __stmmac_open+0x16c/0x474 [stmmac]\n[ 7.946117] stmmac_open+0x38/0x70 [stmmac]\n[ 7.950414] __dev_open+0x100/0x1dc\n[ 7.954006] __dev_change_flags+0x18c/0x204\n[ 7.958297] dev_change_flags+0x24/0x6c\n[ 7.962237] do_setlink+0x2b8/0xfa4\n[ 7.965827] __rtnl_newlink+0x4ec/0x840\n[ 7.969766] rtnl_newlink+0x50/0x80\n[ 7.973353] rtnetlink_rcv_msg+0x12c/0x374\n[ 7.977557] netlink_rcv_skb+0x5c/0x130\n[ 7.981500] rtnetlink_rcv+0x18/0x2c\n[ 7.985172] netlink_unicast+0x2e8/0x340\n[ 7.989197] netlink_sendmsg+0x1a8/0x420\n[ 7.993222] ____sys_sendmsg+0x218/0x280\n[ 7.997249] ___sys_sendmsg+0xac/0x100\n[ 8.001103] __sys_sendmsg+0x84/0xe0\n[ 8.004776] __arm64_sys_sendmsg+0x24/0x30\n[ 8.008983] invoke_syscall+0x48/0x114\n[ 8.012840] el0_svc_common.constprop.0+0xcc/0xec\n[ 8.017665] do_el0_svc+0x38/0xb0\n[ 8.021071] el0_svc+0x2c/0x84\n[ 8.024212] el0t_64_sync_handler+0xf4/0x120\n[ 8.028598] el0t_64_sync+0x190/0x194\n\nGo back to the original behavior, if the automotive safety package\nis found to be supported in hardware enable all the features unless\nsafety_feat_cfg is passed in saying this particular platform only\nsupports a subset of the features."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5ac712dcdfefb1a783384db85e0507d161e87812",
"version_value": "120b8e527e07c65de7f2b9018dcd9d17e66f2427"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/120b8e527e07c65de7f2b9018dcd9d17e66f2427",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/120b8e527e07c65de7f2b9018dcd9d17e66f2427"
},
{
"url": "https://git.kernel.org/stable/c/aebf7e62708ba706ee7bf484c9023b15c214e92a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aebf7e62708ba706ee7bf484c9023b15c214e92a"
},
{
"url": "https://git.kernel.org/stable/c/fdfc76a116b5e9d3e98e6c96fe83b42d011d21d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fdfc76a116b5e9d3e98e6c96fe83b42d011d21d4"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

83
2023/53xxx/CVE-2023-53012.json
View File

@ -1,18 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53012",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: call put_device() only after device_register() fails\n\nput_device() shouldn't be called before a prior call to\ndevice_register(). __thermal_cooling_device_register() doesn't follow\nthat properly and needs fixing. Also\nthermal_cooling_device_destroy_sysfs() is getting called unnecessarily\non few error paths.\n\nFix all this by placing the calls at the right place.\n\nBased on initial work done by Caleb Connolly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "108a6f91e2766a6d9142b1f2d90c07ac547eae7e",
"version_value": "a7d736cc3c6cb0d7498bbfb56515d414e35e9510"
},
{
"version_affected": "<",
"version_name": "80bb3b901abe6560620505e5c734d140c4f73a07",
"version_value": "2846a7412f6246fd5171f51011bf76dfebcec0ee"
},
{
"version_affected": "<",
"version_name": "4748f9687caaeefab8578285b97b2f30789fc4b4",
"version_value": "6c54b7bc8a31ce0f7cc7f8deef05067df414f1d8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a7d736cc3c6cb0d7498bbfb56515d414e35e9510",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7d736cc3c6cb0d7498bbfb56515d414e35e9510"
},
{
"url": "https://git.kernel.org/stable/c/2846a7412f6246fd5171f51011bf76dfebcec0ee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2846a7412f6246fd5171f51011bf76dfebcec0ee"
},
{
"url": "https://git.kernel.org/stable/c/6c54b7bc8a31ce0f7cc7f8deef05067df414f1d8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c54b7bc8a31ce0f7cc7f8deef05067df414f1d8"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2023/53xxx/CVE-2023-53013.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53013",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptdma: pt_core_execute_cmd() should use spinlock\n\nThe interrupt handler (pt_core_irq_handler()) of the ptdma\ndriver can be called from interrupt context. The code flow\nin this function can lead down to pt_core_execute_cmd() which\nwill attempt to grab a mutex, which is not appropriate in\ninterrupt context and ultimately leads to a kernel panic.\nThe fix here changes this mutex to a spinlock, which has\nbeen verified to resolve the issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fa5d823b16a9442d609617abeec31da8b6afa224",
"version_value": "ed0d8f731e0bf1bb12a7a37698ac613db20e2794"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ed0d8f731e0bf1bb12a7a37698ac613db20e2794",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed0d8f731e0bf1bb12a7a37698ac613db20e2794"
},
{
"url": "https://git.kernel.org/stable/c/13ba563c2c8055ba8a637c9f70bb833b43cb4207",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/13ba563c2c8055ba8a637c9f70bb833b43cb4207"
},
{
"url": "https://git.kernel.org/stable/c/95e5fda3b5f9ed8239b145da3fa01e641cf5d53c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/95e5fda3b5f9ed8239b145da3fa01e641cf5d53c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

92
2023/53xxx/CVE-2023-53014.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53014",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: tegra: Fix memory leak in terminate_all()\n\nTerminate vdesc when terminating an ongoing transfer.\nThis will ensure that the vdesc is present in the desc_terminated list\nThe descriptor will be freed later in desc_free_list().\n\nThis fixes the memory leaks which can happen when terminating an\nongoing transfer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ee17028009d49fffed8cc963455d33b1fd3f1d08",
"version_value": "567128076d554e41609c61b7d447089094ff72c5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/567128076d554e41609c61b7d447089094ff72c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/567128076d554e41609c61b7d447089094ff72c5"
},
{
"url": "https://git.kernel.org/stable/c/a7a7ee6f5a019ad72852c001abbce50d35e992f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7a7ee6f5a019ad72852c001abbce50d35e992f2"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2023/53xxx/CVE-2023-53015.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: check shape of output reports\n\nbetopff_init() only checks the total sum of the report counts for each\nreport field to be at least 4, but hid_betopff_play() expects 4 report\nfields.\nA device advertising an output report with one field and 4 report counts\nwould pass the check but crash the kernel with a NULL pointer dereference\nin hid_betopff_play()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "52cd7785f3cdd2724f4efb5b21dbc75d6f9ccef4",
"version_value": "dbab4dba400d6ea9a9697fbbd287adbf7db1dac4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.305",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.272",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.231",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.166",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dbab4dba400d6ea9a9697fbbd287adbf7db1dac4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dbab4dba400d6ea9a9697fbbd287adbf7db1dac4"
},
{
"url": "https://git.kernel.org/stable/c/7317326f685824c7c29bd80841fd18041af6bb73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7317326f685824c7c29bd80841fd18041af6bb73"
},
{
"url": "https://git.kernel.org/stable/c/d3065cc56221d1a5eda237e94eaf2a627b88ab79",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d3065cc56221d1a5eda237e94eaf2a627b88ab79"
},
{
"url": "https://git.kernel.org/stable/c/28fc6095da22dc88433d79578ae1c495ebe8ca43",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/28fc6095da22dc88433d79578ae1c495ebe8ca43"
},
{
"url": "https://git.kernel.org/stable/c/1a2a47b85cab50a3c146731bfeaf2d860f5344ee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a2a47b85cab50a3c146731bfeaf2d860f5344ee"
},
{
"url": "https://git.kernel.org/stable/c/07bc32e53c7bd5c91472cc485231ef6274db9b76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07bc32e53c7bd5c91472cc485231ef6274db9b76"
},
{
"url": "https://git.kernel.org/stable/c/3782c0d6edf658b71354a64d60aa7a296188fc90",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3782c0d6edf658b71354a64d60aa7a296188fc90"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2023/53xxx/CVE-2023-53016.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53016",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix possible deadlock in rfcomm_sk_state_change\n\nsyzbot reports a possible deadlock in rfcomm_sk_state_change [1].\nWhile rfcomm_sock_connect acquires the sk lock and waits for\nthe rfcomm lock, rfcomm_sock_release could have the rfcomm\nlock and hit a deadlock for acquiring the sk lock.\nHere's a simplified flow:\n\nrfcomm_sock_connect:\n lock_sock(sk)\n rfcomm_dlc_open:\n rfcomm_lock()\n\nrfcomm_sock_release:\n rfcomm_sock_shutdown:\n rfcomm_lock()\n __rfcomm_dlc_close:\n rfcomm_k_state_change:\n\t lock_sock(sk)\n\nThis patch drops the sk lock before calling rfcomm_dlc_open to\navoid the possible deadlock and holds sk's reference count to\nprevent use-after-free after rfcomm_dlc_open completes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1804fdf6e494e5e2938c65d8391690b59bcff897",
"version_value": "98aec50ff7f60cc6f2d6a4396b475c547e58b04d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.91",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.9",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/98aec50ff7f60cc6f2d6a4396b475c547e58b04d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98aec50ff7f60cc6f2d6a4396b475c547e58b04d"
},
{
"url": "https://git.kernel.org/stable/c/17511bd84871f4a6106cb335616e086880313f3f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/17511bd84871f4a6106cb335616e086880313f3f"
},
{
"url": "https://git.kernel.org/stable/c/1d80d57ffcb55488f0ec0b77928d4f82d16b6a90",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d80d57ffcb55488f0ec0b77928d4f82d16b6a90"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

18
2023/53xxx/CVE-2023-53034.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53034",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/53xxx/CVE-2023-53035.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53035",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/53xxx/CVE-2023-53036.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/53xxx/CVE-2023-53037.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-53037",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2025/25xxx/CVE-2025-25686.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25686",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-25686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/J1095/fkapfxx",
"refsource": "MISC",
"name": "https://github.com/J1095/fkapfxx"
}
]
}

18
2025/31xxx/CVE-2025-31182.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31183.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31183",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31184.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31185.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31186.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31187.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31188.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31188",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31189.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31189",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31190.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31190",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31191.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31191",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31192.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31192",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31193.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31194.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31194",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31195.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31196.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31197.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31198.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31199.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31200.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31201.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31201",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31202.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31202",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31203.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31203",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31204.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31204",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31205.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31206.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31206",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31207.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31207",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31208.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31208",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/31xxx/CVE-2025-31209.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-31209",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}