admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-04-10 19:01:37 +00:00
parent 578ea27697
commit db531eb7f2
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
70 changed files with 2262 additions and 386 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2021/46xxx/CVE-2021-46915.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "3e0f64b7dd31",
"version_name": "c26844eda9d4",
"version_value": "9065ccb9ec92"
},
{
@ -141,6 +141,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-5f0117140d9a"
}
}

7
2021/46xxx/CVE-2021-46922.json
View File

@ -48,6 +48,11 @@
"version_name": "498b8fc1cdc1",
"version_value": "39c8d760d44c"
},
{
"version_affected": "<",
"version_name": "8c657a0590de",
"version_value": "9d5171eab462"
},
{
"version_affected": "<",
"version_name": "5.10.20",
@ -87,6 +92,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

12
2021/46xxx/CVE-2021-46959.json
View File

@ -40,27 +40,27 @@
"version_data": [
{
"version_affected": "<",
"version_name": "0713aa02f20d",
"version_name": "a4add022c155",
"version_value": "62bb2c7f2411"
},
{
"version_affected": "<",
"version_name": "2be1837b1737",
"version_name": "0870525cf94b",
"version_value": "8bf96425c90f"
},
{
"version_affected": "<",
"version_name": "e620a73d7ca7",
"version_name": "8c45a1c6c951",
"version_value": "8e029707f50a"
},
{
"version_affected": "<",
"version_name": "c886774bf583",
"version_name": "234b432c7b61",
"version_value": "28a5529068c5"
},
{
"version_affected": "<",
"version_name": "2737549129ec",
"version_name": "3e04a4976add",
"version_value": "001c8e83646a"
},
{
@ -199,6 +199,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/46xxx/CVE-2021-46961.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "rewrote",
"version_name": "3f1f3234bc2d",
"version_value": "e7ea8e46e3b7"
},
{
@ -130,6 +130,6 @@
]
},
"generator": {
"engine": "bippy-b01c2a820106"
"engine": "bippy-5f0117140d9a"
}
}

6
2021/46xxx/CVE-2021-46974.json
View File

@ -40,12 +40,12 @@
"version_data": [
{
"version_affected": "<",
"version_name": "12462c88e6e2",
"version_name": "ae03b6b1c880",
"version_value": "4d542ddb88fb"
},
{
"version_affected": "<",
"version_name": "eed84f94ff8d",
"version_name": "f92a819b4cbe",
"version_value": "0e2dfdc74a7f"
},
{
@ -162,6 +162,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47004.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "093749e296e2",
"version_name": "4354994f097d",
"version_value": "105155a8146d"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47014.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "7baf2429a1a9",
"version_name": "ae372cb1750f",
"version_value": "0648941f4c8b"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47016.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "19999a8b8782",
"version_name": "7529b90d051e",
"version_value": "f6a90818a320"
},
{
@ -130,6 +130,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47028.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "e4c5ead632ff",
"version_name": "e57b7901469f",
"version_value": "dfc8a71448c7"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47036.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "36707061d6ba",
"version_name": "9fd1ff5d2ac7",
"version_value": "450687386cd1"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-c298863b1525"
"engine": "bippy-5f0117140d9a"
}
}

8
2021/47xxx/CVE-2021-47058.json
View File

@ -40,17 +40,17 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1b8dd2d64ea9",
"version_name": "5b654b030079",
"version_value": "2dc1554d5f0f"
},
{
"version_affected": "<",
"version_name": "6f484096196b",
"version_name": "480c5e9c7e4c",
"version_value": "d8897f7b2283"
},
{
"version_affected": "<",
"version_name": "75e5e51acf59",
"version_name": "c9698380b01a",
"version_value": "eb949f891226"
},
{
@ -156,6 +156,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47094.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1af4a96025b3",
"version_name": "faaf05b00aec",
"version_value": "d884eefd75cc"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47108.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "c91026a938c2",
"version_name": "41ca9caaae0b",
"version_value": "71d07ebc5000"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-4986f5686161"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47126.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "706ec9191646",
"version_name": "f88d8ea67fbd",
"version_value": "7ba7fa78a92d"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-1e70cc10feda"
"engine": "bippy-5f0117140d9a"
}
}

4
2021/47xxx/CVE-2021-47136.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "d29334c15d33",
"version_name": "038ebb1a713d",
"version_value": "ac493452e937"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-b4257b672505"
"engine": "bippy-5f0117140d9a"
}
}

7
2021/47xxx/CVE-2021-47178.json
View File

@ -38,6 +38,11 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "008b936bbde3",
"version_value": "a222d2794c53"
},
{
"version_affected": "<",
"version_name": "1526d9f10c61",
@ -102,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

7
2021/47xxx/CVE-2021-47179.json
View File

@ -68,6 +68,11 @@
"version_name": "7e65ea887d0c",
"version_value": "b090d110e666"
},
{
"version_affected": "<",
"version_name": "de144ff4234f",
"version_value": "a421d218603f"
},
{
"version_affected": "<",
"version_name": "4.9.269",
@ -147,6 +152,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

22
2023/52xxx/CVE-2023-52433.json
View File

@ -38,6 +38,26 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c357648929c8",
"version_value": "03caf75da105"
},
{
"version_affected": "<",
"version_name": "146c76866795",
"version_value": "c323ed65f66e"
},
{
"version_affected": "<",
"version_name": "479a2cf52593",
"version_value": "9af7dfb3c9d7"
},
{
"version_affected": "<",
"version_name": "df650d6a4bf4",
"version_value": "9a8c544158f6"
},
{
"version_affected": "<",
"version_name": "f6c383b8c31a",
@ -117,6 +137,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2023/52xxx/CVE-2023-52447.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "638e4b825d52",
"version_name": "bba1dc0b55ac",
"version_value": "90c445799fd1"
},
{
@ -141,6 +141,6 @@
]
},
"generator": {
"engine": "bippy-b4257b672505"
"engine": "bippy-5f0117140d9a"
}
}

4
2023/52xxx/CVE-2023-52497.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "598162d05080",
"version_name": "0ffd71bcc3a0",
"version_value": "a0180e940cf1"
},
{
@ -141,6 +141,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-5f0117140d9a"
}
}

21
2023/52xxx/CVE-2023-52525.json
View File

@ -40,39 +40,44 @@
"version_data": [
{
"version_affected": "<",
"version_name": "a7a35f35b7a4",
"version_name": "f517c97fc129",
"version_value": "71b1d2b57f14"
},
{
"version_affected": "<",
"version_name": "68a1716869af",
"version_name": "8824aa4ab62c",
"version_value": "16cc18b90808"
},
{
"version_affected": "<",
"version_name": "df1753eae74b",
"version_name": "29eca8b7863d",
"version_value": "b8e260654a29"
},
{
"version_affected": "<",
"version_name": "08a6e99a334d",
"version_name": "3fe3923d092e",
"version_value": "10a18c8bac7f"
},
{
"version_affected": "<",
"version_name": "89f19a9a055d",
"version_name": "7c54b6fc39eb",
"version_value": "5afb996349cb"
},
{
"version_affected": "<",
"version_name": "cde525d61178",
"version_name": "3975e21d4d01",
"version_value": "6b706286473d"
},
{
"version_affected": "<",
"version_name": "7be3bf0bb299",
"version_name": "650d1bc02fba",
"version_value": "be2ff39b1504"
},
{
"version_affected": "<",
"version_name": "119585281617",
"version_value": "aef7a0300047"
},
{
"version_affected": "<",
"version_name": "4.14.326",
@ -162,6 +167,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2023/52xxx/CVE-2023-52563.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "50446ac34545",
"version_name": "e098989a9219",
"version_value": "66cb6d74f5a1"
},
{
@ -124,6 +124,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

8
2023/52xxx/CVE-2023-52575.json
View File

@ -40,17 +40,17 @@
"version_data": [
{
"version_affected": "<",
"version_name": "8457fb5740b1",
"version_name": "3f9b7101bea1",
"version_value": "ae806c74c063"
},
{
"version_affected": "<",
"version_name": "153f9a7b02d4",
"version_name": "b35087763a44",
"version_value": "13ea4b92e875"
},
{
"version_affected": "<",
"version_name": "4f25355540ad",
"version_name": "ac41e90d8daa",
"version_value": "adbcec23c842"
},
{
@ -145,6 +145,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

7
2023/52xxx/CVE-2023-52577.json
View File

@ -73,6 +73,11 @@
"version_name": "ec620c34f5fa",
"version_value": "1512d8f45d3c"
},
{
"version_affected": "<",
"version_name": "977ad86c2a1b",
"version_value": "6af289746a63"
},
{
"version_affected": "<",
"version_name": "4.14.326",
@ -162,6 +167,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

22
2023/52xxx/CVE-2023-52581.json
View File

@ -38,6 +38,26 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bbdb3b65aa91",
"version_value": "a995a68e8a3b"
},
{
"version_affected": "<",
"version_name": "448be0774882",
"version_value": "09c85f2d21ab"
},
{
"version_affected": "<",
"version_name": "d19e8bf3ea41",
"version_value": "ef99506eaf1d"
},
{
"version_affected": "<",
"version_name": "ea3eb9f2192e",
"version_value": "7e5d732e6902"
},
{
"version_affected": "<",
"version_name": "5f68718b34a5",
@ -117,6 +137,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2023/52xxx/CVE-2023-52628.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "dbb5281a1f84",
"version_name": "49499c3e6e18",
"version_value": "a7d86a77c33b"
},
{
@ -130,6 +130,6 @@
]
},
"generator": {
"engine": "bippy-b4257b672505"
"engine": "bippy-5f0117140d9a"
}
}

5
2023/7xxx/CVE-2023-7152.json
View File

@ -86,6 +86,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEK46QAJOXXDZOWOIE2YACUOCZFWOBCK/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEK46QAJOXXDZOWOIE2YACUOCZFWOBCK/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4E2HYWCZB5R4SHY4SZZZSFDMD64N4SOZ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4E2HYWCZB5R4SHY4SZZZSFDMD64N4SOZ/"
}
]
},

5
2023/7xxx/CVE-2023-7158.json
View File

@ -124,6 +124,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEK46QAJOXXDZOWOIE2YACUOCZFWOBCK/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEK46QAJOXXDZOWOIE2YACUOCZFWOBCK/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4E2HYWCZB5R4SHY4SZZZSFDMD64N4SOZ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4E2HYWCZB5R4SHY4SZZZSFDMD64N4SOZ/"
}
]
},

4
2024/26xxx/CVE-2024-26584.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "94524d8fc965",
"version_name": "a54667f6728c",
"version_value": "cd1bbca03f3c"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26590.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "622ceaddb764",
"version_name": "8f89926290c4",
"version_value": "47467e04816c"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26602.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "c5f58bd58f43",
"version_name": "22e4ebb97582",
"version_value": "3cd139875e9a"
},
{
@ -163,6 +163,6 @@
]
},
"generator": {
"engine": "bippy-8df59b4913de"
"engine": "bippy-5f0117140d9a"
}
}

7
2024/26xxx/CVE-2024-26626.json
View File

@ -53,6 +53,11 @@
"version_name": "7d97858e21fb",
"version_value": "2e8c9ae40add"
},
{
"version_affected": "<",
"version_name": "bb7403655b3c",
"version_value": "e622502c310f"
},
{
"version_affected": "<",
"version_name": "6.1.75",
@ -102,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

7
2024/26xxx/CVE-2024-26639.json
View File

@ -53,6 +53,11 @@
"version_name": "3a01daace71b",
"version_value": "5a33420599fa"
},
{
"version_affected": "<",
"version_name": "5ec8e8ea8b77",
"version_value": "f6564fce256a"
},
{
"version_affected": "<",
"version_name": "6.1.76",
@ -102,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26643.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "1e4c03d530d8",
"version_name": "ea3eb9f2192e",
"version_value": "406b0241d0eb"
},
{
@ -124,6 +124,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

7
2024/26xxx/CVE-2024-26678.json
View File

@ -38,6 +38,11 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "686b58ce5052",
"version_value": "0a962f2fbaa9"
},
{
"version_affected": "<",
"version_name": "3e3eabe26dc8",
@ -102,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26708.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "4fd19a307016",
"version_name": "1e777f39b4d7",
"version_value": "4bfe217e075d"
},
{
@ -108,6 +108,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

7
2024/26xxx/CVE-2024-26710.json
View File

@ -53,6 +53,11 @@
"version_name": "58f396513cb1",
"version_value": "b29b16bd836a"
},
{
"version_affected": "<",
"version_name": "18f14afe2816",
"version_value": "f1acb109505d"
},
{
"version_affected": "<",
"version_name": "6.1.75",
@ -102,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26718.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "5721d4e5a9cd",
"version_name": "39d42fa96ba1",
"version_value": "30884a44e0ce"
},
{
@ -119,6 +119,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26729.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "65138eb72e1f",
"version_name": "028bac583449",
"version_value": "351080ba3414"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

22
2024/26xxx/CVE-2024-26750.json
View File

@ -43,6 +43,26 @@
"version_name": "36f7371de977",
"version_value": "6c480d0f1318"
},
{
"version_affected": "<",
"version_name": "2a3d40b4025f",
"version_value": "c4c795b21dd2"
},
{
"version_affected": "<",
"version_name": "69e0f04460f4",
"version_value": "e9eac260369d"
},
{
"version_affected": "<",
"version_name": "cb8890318dde",
"version_value": "43ba9e331559"
},
{
"version_affected": "<",
"version_name": "25236c91b5ab",
"version_value": "aa82ac51d633"
},
{
"version_affected": "<",
"version_name": "5.15.149",
@ -87,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26753.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "dfdb686d1b43",
"version_name": "1ff57428894f",
"version_value": "37077ed16c77"
},
{
@ -135,6 +135,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26756.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "f52f5c71f3d4",
"version_name": "f67055780caa",
"version_value": "13b520fb62b7"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26757.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "f52f5c71f3d4",
"version_name": "ecbfb9f118bc",
"version_value": "2ea169c5a0b1"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

4
2024/26xxx/CVE-2024-26758.json
View File

@ -40,7 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "f52f5c71f3d4",
"version_name": "68866e425be2",
"version_value": "a55f0d6179a1"
},
{
@ -97,6 +97,6 @@
]
},
"generator": {
"engine": "bippy-d3b290d2becc"
"engine": "bippy-5f0117140d9a"
}
}

12
2024/26xxx/CVE-2024-26780.json
View File

@ -38,6 +38,11 @@
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4fe505c63aa3",
"version_value": "36f7371de977"
},
{
"version_affected": "<",
"version_name": "e0e09186d882",
@ -53,6 +58,11 @@
"version_name": "82ae47c5c3a6",
"version_value": "cb8890318dde"
},
{
"version_affected": "<",
"version_name": "1279f9d9dec2",
"version_value": "25236c91b5ab"
},
{
"version_affected": "<",
"version_name": "6.1.78",
@ -107,6 +117,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

7
2024/26xxx/CVE-2024-26781.json
View File

@ -63,6 +63,11 @@
"version_name": "298ac00da8e6",
"version_value": "d487e7ba1bc7"
},
{
"version_affected": "<",
"version_name": "b8adb69a7d29",
"version_value": "d6a9608af9a7"
},
{
"version_affected": "<",
"version_name": "5.10.211",
@ -132,6 +137,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

136
2024/26xxx/CVE-2024-26782.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26782",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix double-free on socket dismantle\n\nwhen MPTCP server accepts an incoming connection, it clones its listener\nsocket. However, the pointer to 'inet_opt' for the new socket has the same\nvalue as the original one: as a consequence, on program exit it's possible\nto observe the following splat:\n\n BUG: KASAN: double-free in inet_sock_destruct+0x54f/0x8b0\n Free of addr ffff888485950880 by task swapper/25/0\n\n CPU: 25 PID: 0 Comm: swapper/25 Kdump: loaded Not tainted 6.8.0-rc1+ #609\n Hardware name: Supermicro SYS-6027R-72RF/X9DRH-7TF/7F/iTF/iF, BIOS 3.0 07/26/2013\n Call Trace:\n <IRQ>\n dump_stack_lvl+0x32/0x50\n print_report+0xca/0x620\n kasan_report_invalid_free+0x64/0x90\n __kasan_slab_free+0x1aa/0x1f0\n kfree+0xed/0x2e0\n inet_sock_destruct+0x54f/0x8b0\n __sk_destruct+0x48/0x5b0\n rcu_do_batch+0x34e/0xd90\n rcu_core+0x559/0xac0\n __do_softirq+0x183/0x5a4\n irq_exit_rcu+0x12d/0x170\n sysvec_apic_timer_interrupt+0x6b/0x80\n </IRQ>\n <TASK>\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n RIP: 0010:cpuidle_enter_state+0x175/0x300\n Code: 30 00 0f 84 1f 01 00 00 83 e8 01 83 f8 ff 75 e5 48 83 c4 18 44 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc fb 45 85 ed <0f> 89 60 ff ff ff 48 c1 e5 06 48 c7 43 18 00 00 00 00 48 83 44 2b\n RSP: 0018:ffff888481cf7d90 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: ffff88887facddc8 RCX: 0000000000000000\n RDX: 1ffff1110ff588b1 RSI: 0000000000000019 RDI: ffff88887fac4588\n RBP: 0000000000000004 R08: 0000000000000002 R09: 0000000000043080\n R10: 0009b02ea273363f R11: ffff88887fabf42b R12: ffffffff932592e0\n R13: 0000000000000004 R14: 0000000000000000 R15: 00000022c880ec80\n cpuidle_enter+0x4a/0xa0\n do_idle+0x310/0x410\n cpu_startup_entry+0x51/0x60\n start_secondary+0x211/0x270\n secondary_startup_64_no_verify+0x184/0x18b\n </TASK>\n\n Allocated by task 6853:\n kasan_save_stack+0x1c/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0xa6/0xb0\n __kmalloc+0x1eb/0x450\n cipso_v4_sock_setattr+0x96/0x360\n netlbl_sock_setattr+0x132/0x1f0\n selinux_netlbl_socket_post_create+0x6c/0x110\n selinux_socket_post_create+0x37b/0x7f0\n security_socket_post_create+0x63/0xb0\n __sock_create+0x305/0x450\n __sys_socket_create.part.23+0xbd/0x130\n __sys_socket+0x37/0xb0\n __x64_sys_socket+0x6f/0xb0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\n Freed by task 6858:\n kasan_save_stack+0x1c/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x12c/0x1f0\n kfree+0xed/0x2e0\n inet_sock_destruct+0x54f/0x8b0\n __sk_destruct+0x48/0x5b0\n subflow_ulp_release+0x1f0/0x250\n tcp_cleanup_ulp+0x6e/0x110\n tcp_v4_destroy_sock+0x5a/0x3a0\n inet_csk_destroy_sock+0x135/0x390\n tcp_fin+0x416/0x5c0\n tcp_data_queue+0x1bc8/0x4310\n tcp_rcv_state_process+0x15a3/0x47b0\n tcp_v4_do_rcv+0x2c1/0x990\n tcp_v4_rcv+0x41fb/0x5ed0\n ip_protocol_deliver_rcu+0x6d/0x9f0\n ip_local_deliver_finish+0x278/0x360\n ip_local_deliver+0x182/0x2c0\n ip_rcv+0xb5/0x1c0\n __netif_receive_skb_one_core+0x16e/0x1b0\n process_backlog+0x1e3/0x650\n __napi_poll+0xa6/0x500\n net_rx_action+0x740/0xbb0\n __do_softirq+0x183/0x5a4\n\n The buggy address belongs to the object at ffff888485950880\n which belongs to the cache kmalloc-64 of size 64\n The buggy address is located 0 bytes inside of\n 64-byte region [ffff888485950880, ffff8884859508c0)\n\n The buggy address belongs to the physical page:\n page:0000000056d1e95e refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888485950700 pfn:0x485950\n flags: 0x57ffffc0000800(slab|node=1|zone=2|lastcpupid=0x1fffff)\n page_type: 0xffffffff()\n raw: 0057ffffc0000800 ffff88810004c640 ffffea00121b8ac0 dead000000000006\n raw: ffff888485950700 0000000000200019 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff888485950780: fa fb fb\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cf7da0d66cc1",
"version_value": "f74362a00422"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f74362a004225df935863dea6eb7d82daaa5b16e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f74362a004225df935863dea6eb7d82daaa5b16e"
},
{
"url": "https://git.kernel.org/stable/c/4a4eeb6912538c2d0b158e8d11b62d96c1dada4e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4a4eeb6912538c2d0b158e8d11b62d96c1dada4e"
},
{
"url": "https://git.kernel.org/stable/c/d93fd40c62397326046902a2c5cb75af50882a85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d93fd40c62397326046902a2c5cb75af50882a85"
},
{
"url": "https://git.kernel.org/stable/c/ce0809ada38dca8d6d41bb57ab40494855c30582",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ce0809ada38dca8d6d41bb57ab40494855c30582"
},
{
"url": "https://git.kernel.org/stable/c/85933e80d077c9ae2227226beb86c22f464059cc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/85933e80d077c9ae2227226beb86c22f464059cc"
},
{
"url": "https://git.kernel.org/stable/c/10048689def7e40a4405acda16fdc6477d4ecc5c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/10048689def7e40a4405acda16fdc6477d4ecc5c"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

103
2024/26xxx/CVE-2024-26783.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26783",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index\n\nWith numa balancing on, when a numa system is running where a numa node\ndoesn't have its local memory so it has no managed zones, the following\noops has been observed. It's because wakeup_kswapd() is called with a\nwrong zone index, -1. Fixed it by checking the index before calling\nwakeup_kswapd().\n\n> BUG: unable to handle page fault for address: 00000000000033f3\n> #PF: supervisor read access in kernel mode\n> #PF: error_code(0x0000) - not-present page\n> PGD 0 P4D 0\n> Oops: 0000 [#1] PREEMPT SMP NOPTI\n> CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255\n> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n> rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n> RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812)\n> Code: (omitted)\n> RSP: 0000:ffffc90004257d58 EFLAGS: 00010286\n> RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003\n> RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480\n> RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff\n> R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003\n> R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940\n> FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000\n> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n> CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0\n> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n> PKRU: 55555554\n> Call Trace:\n> <TASK>\n> ? __die\n> ? page_fault_oops\n> ? __pte_offset_map_lock\n> ? exc_page_fault\n> ? asm_exc_page_fault\n> ? wakeup_kswapd\n> migrate_misplaced_page\n> __handle_mm_fault\n> handle_mm_fault\n> do_user_addr_fault\n> exc_page_fault\n> asm_exc_page_fault\n> RIP: 0033:0x55b897ba0808\n> Code: (omitted)\n> RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287\n> RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0\n> RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0\n> RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075\n> R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n> R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000\n> </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c574bbe91703",
"version_value": "d6159bd4c005"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.22",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e"
},
{
"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080"
},
{
"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

92
2024/26xxx/CVE-2024-26784.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26784",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: arm: Fix NULL dereference on scmi_perf_domain removal\n\nOn unloading of the scmi_perf_domain module got the below splat, when in\nthe DT provided to the system under test the '#power-domain-cells' property\nwas missing. Indeed, this particular setup causes the probe to bail out\nearly without giving any error, which leads to the ->remove() callback gets\nto run too, but without all the expected initialized structures in place.\n\nAdd a check and bail out early on remove too.\n\n Call trace:\n scmi_perf_domain_remove+0x28/0x70 [scmi_perf_domain]\n scmi_dev_remove+0x28/0x40 [scmi_core]\n device_remove+0x54/0x90\n device_release_driver_internal+0x1dc/0x240\n driver_detach+0x58/0xa8\n bus_remove_driver+0x78/0x108\n driver_unregister+0x38/0x70\n scmi_driver_unregister+0x28/0x180 [scmi_core]\n scmi_perf_domain_driver_exit+0x18/0xb78 [scmi_perf_domain]\n __arm64_sys_delete_module+0x1a8/0x2c0\n invoke_syscall+0x50/0x128\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x34/0xb8\n el0t_64_sync_handler+0x100/0x130\n el0t_64_sync+0x190/0x198\n Code: a90153f3 f9403c14 f9414800 955f8a05 (b9400a80)\n ---[ end trace 0000000000000000 ]---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2af23ceb8624",
"version_value": "f6aaf131e4d4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f6aaf131e4d4a9a26040ecc018eb70ab8b3d355d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f6aaf131e4d4a9a26040ecc018eb70ab8b3d355d"
},
{
"url": "https://git.kernel.org/stable/c/eb5555d422d0fc325e1574a7353d3c616f82d8b5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb5555d422d0fc325e1574a7353d3c616f82d8b5"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

92
2024/26xxx/CVE-2024-26785.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26785",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix protection fault in iommufd_test_syz_conv_iova\n\nSyzkaller reported the following bug:\n\n general protection fault, probably for non-canonical address 0xdffffc0000000038: 0000 [#1] SMP KASAN\n KASAN: null-ptr-deref in range [0x00000000000001c0-0x00000000000001c7]\n Call Trace:\n lock_acquire\n lock_acquire+0x1ce/0x4f0\n down_read+0x93/0x4a0\n iommufd_test_syz_conv_iova+0x56/0x1f0\n iommufd_test_access_rw.isra.0+0x2ec/0x390\n iommufd_test+0x1058/0x1e30\n iommufd_fops_ioctl+0x381/0x510\n vfs_ioctl\n __do_sys_ioctl\n __se_sys_ioctl\n __x64_sys_ioctl+0x170/0x1e0\n do_syscall_x64\n do_syscall_64+0x71/0x140\n\nThis is because the new iommufd_access_change_ioas() sets access->ioas to\nNULL during its process, so the lock might be gone in a concurrent racing\ncontext.\n\nFix this by doing the same access->ioas sanity as iommufd_access_rw() and\niommufd_access_pin_pages() functions do."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9227da7816dd",
"version_value": "fc719ecbca45"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/fc719ecbca45c9c046640d72baddba3d83e0bc0b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fc719ecbca45c9c046640d72baddba3d83e0bc0b"
},
{
"url": "https://git.kernel.org/stable/c/cf7c2789822db8b5efa34f5ebcf1621bc0008d48",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cf7c2789822db8b5efa34f5ebcf1621bc0008d48"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

103
2024/26xxx/CVE-2024-26786.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26786",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix iopt_access_list_id overwrite bug\n\nSyzkaller reported the following WARN_ON:\n WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360\n\n Call Trace:\n iommufd_access_change_ioas+0x2fe/0x4e0\n iommufd_access_destroy_object+0x50/0xb0\n iommufd_object_remove+0x2a3/0x490\n iommufd_object_destroy_user\n iommufd_access_destroy+0x71/0xb0\n iommufd_test_staccess_release+0x89/0xd0\n __fput+0x272/0xb50\n __fput_sync+0x4b/0x60\n __do_sys_close\n __se_sys_close\n __x64_sys_close+0x8b/0x110\n do_syscall_x64\n\nThe mismatch between the access pointer in the list and the passed-in\npointer is resulting from an overwrite of access->iopt_access_list_id, in\niopt_add_access(). Called from iommufd_access_change_ioas() when\nxa_alloc() succeeds but iopt_calculate_iova_alignment() fails.\n\nAdd a new_id in iopt_add_access() and only update iopt_access_list_id when\nreturning successfully."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9227da7816dd",
"version_value": "f1fb745ee0a6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f1fb745ee0a6fe43f1d84ec369c7e6af2310fda9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f1fb745ee0a6fe43f1d84ec369c7e6af2310fda9"
},
{
"url": "https://git.kernel.org/stable/c/9526a46cc0c378d381560279bea9aa34c84298a0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9526a46cc0c378d381560279bea9aa34c84298a0"
},
{
"url": "https://git.kernel.org/stable/c/aeb004c0cd6958e910123a1607634401009c9539",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aeb004c0cd6958e910123a1607634401009c9539"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

136
2024/26xxx/CVE-2024-26787.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26787",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: mmci: stm32: fix DMA API overlapping mappings warning\n\nTurning on CONFIG_DMA_API_DEBUG_SG results in the following warning:\n\nDMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST,\noverlapping mappings aren't supported\nWARNING: CPU: 1 PID: 51 at kernel/dma/debug.c:568\nadd_dma_entry+0x234/0x2f4\nModules linked in:\nCPU: 1 PID: 51 Comm: kworker/1:2 Not tainted 6.1.28 #1\nHardware name: STMicroelectronics STM32MP257F-EV1 Evaluation Board (DT)\nWorkqueue: events_freezable mmc_rescan\nCall trace:\nadd_dma_entry+0x234/0x2f4\ndebug_dma_map_sg+0x198/0x350\n__dma_map_sg_attrs+0xa0/0x110\ndma_map_sg_attrs+0x10/0x2c\nsdmmc_idma_prep_data+0x80/0xc0\nmmci_prep_data+0x38/0x84\nmmci_start_data+0x108/0x2dc\nmmci_request+0xe4/0x190\n__mmc_start_request+0x68/0x140\nmmc_start_request+0x94/0xc0\nmmc_wait_for_req+0x70/0x100\nmmc_send_tuning+0x108/0x1ac\nsdmmc_execute_tuning+0x14c/0x210\nmmc_execute_tuning+0x48/0xec\nmmc_sd_init_uhs_card.part.0+0x208/0x464\nmmc_sd_init_card+0x318/0x89c\nmmc_attach_sd+0xe4/0x180\nmmc_rescan+0x244/0x320\n\nDMA API debug brings to light leaking dma-mappings as dma_map_sg and\ndma_unmap_sg are not correctly balanced.\n\nIf an error occurs in mmci_cmd_irq function, only mmci_dma_error\nfunction is called and as this API is not managed on stm32 variant,\ndma_unmap_sg is never called in this error path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "46b723dd867d",
"version_value": "0224cbc53ba8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.213",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.152",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0224cbc53ba82b84affa7619b6d1b1a254bc2c53",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0224cbc53ba82b84affa7619b6d1b1a254bc2c53"
},
{
"url": "https://git.kernel.org/stable/c/5ae5060e17a3fc38e54c3e5bd8abd6b1d5bfae7c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5ae5060e17a3fc38e54c3e5bd8abd6b1d5bfae7c"
},
{
"url": "https://git.kernel.org/stable/c/70af82bb9c897faa25a44e4181f36c60312b71ef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70af82bb9c897faa25a44e4181f36c60312b71ef"
},
{
"url": "https://git.kernel.org/stable/c/176e66269f0de327375fc0ea51c12c2f5a97e4c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/176e66269f0de327375fc0ea51c12c2f5a97e4c4"
},
{
"url": "https://git.kernel.org/stable/c/d610a307225951929b9dff807788439454476f85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d610a307225951929b9dff807788439454476f85"
},
{
"url": "https://git.kernel.org/stable/c/6b1ba3f9040be5efc4396d86c9752cdc564730be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6b1ba3f9040be5efc4396d86c9752cdc564730be"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

147
2024/26xxx/CVE-2024-26788.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26788",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: init irq after reg initialization\n\nInitialize the qDMA irqs after the registers are configured so that\ninterrupts that may have been pending from a primary kernel don't get\nprocessed by the irq handler before it is ready to and cause panic with\nthe following trace:\n\n Call trace:\n fsl_qdma_queue_handler+0xf8/0x3e8\n __handle_irq_event_percpu+0x78/0x2b0\n handle_irq_event_percpu+0x1c/0x68\n handle_irq_event+0x44/0x78\n handle_fasteoi_irq+0xc8/0x178\n generic_handle_irq+0x24/0x38\n __handle_domain_irq+0x90/0x100\n gic_handle_irq+0x5c/0xb8\n el1_irq+0xb8/0x180\n _raw_spin_unlock_irqrestore+0x14/0x40\n __setup_irq+0x4bc/0x798\n request_threaded_irq+0xd8/0x190\n devm_request_threaded_irq+0x74/0xe8\n fsl_qdma_probe+0x4d4/0xca8\n platform_drv_probe+0x50/0xa0\n really_probe+0xe0/0x3f8\n driver_probe_device+0x64/0x130\n device_driver_attach+0x6c/0x78\n __driver_attach+0xbc/0x158\n bus_for_each_dev+0x5c/0x98\n driver_attach+0x20/0x28\n bus_add_driver+0x158/0x220\n driver_register+0x60/0x110\n __platform_driver_register+0x44/0x50\n fsl_qdma_driver_init+0x18/0x20\n do_one_initcall+0x48/0x258\n kernel_init_freeable+0x1a4/0x23c\n kernel_init+0x10/0xf8\n ret_from_fork+0x10/0x18"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b092529e0aa0",
"version_value": "3cc5fb824c21"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478"
},
{
"url": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1"
},
{
"url": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b"
},
{
"url": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99"
},
{
"url": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d"
},
{
"url": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8"
},
{
"url": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

114
2024/26xxx/CVE-2024-26789.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26789",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: arm64/neonbs - fix out-of-bounds access on short input\n\nThe bit-sliced implementation of AES-CTR operates on blocks of 128\nbytes, and will fall back to the plain NEON version for tail blocks or\ninputs that are shorter than 128 bytes to begin with.\n\nIt will call straight into the plain NEON asm helper, which performs all\nmemory accesses in granules of 16 bytes (the size of a NEON register).\nFor this reason, the associated plain NEON glue code will copy inputs\nshorter than 16 bytes into a temporary buffer, given that this is a rare\noccurrence and it is not worth the effort to work around this in the asm\ncode.\n\nThe fallback from the bit-sliced NEON version fails to take this into\naccount, potentially resulting in out-of-bounds accesses. So clone the\nsame workaround, and use a temp buffer for short in/outputs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fc074e130051",
"version_value": "034e2d70b5c7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/034e2d70b5c7f578200ad09955aeb2aa65d1164a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/034e2d70b5c7f578200ad09955aeb2aa65d1164a"
},
{
"url": "https://git.kernel.org/stable/c/1291d278b5574819a7266568ce4c28bce9438705",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1291d278b5574819a7266568ce4c28bce9438705"
},
{
"url": "https://git.kernel.org/stable/c/9e8ecd4908b53941ab6f0f51584ab80c6c6606c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9e8ecd4908b53941ab6f0f51584ab80c6c6606c4"
},
{
"url": "https://git.kernel.org/stable/c/1c0cf6d19690141002889d72622b90fc01562ce4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1c0cf6d19690141002889d72622b90fc01562ce4"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

147
2024/26xxx/CVE-2024-26790.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26790",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read\n\nThere is chip (ls1028a) errata:\n\nThe SoC may hang on 16 byte unaligned read transactions by QDMA.\n\nUnaligned read transactions initiated by QDMA may stall in the NOC\n(Network On-Chip), causing a deadlock condition. Stalled transactions will\ntrigger completion timeouts in PCIe controller.\n\nWorkaround:\nEnable prefetch by setting the source descriptor prefetchable bit\n( SD[PF] = 1 ).\n\nImplement this workaround."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b092529e0aa0",
"version_value": "518d78b4fac6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da"
},
{
"url": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580"
},
{
"url": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce"
},
{
"url": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa"
},
{
"url": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367"
},
{
"url": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471"
},
{
"url": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

148
2024/26xxx/CVE-2024-26791.json
View File

@ -1,18 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26791",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere's a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "11d7a2e429c0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.309",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/11d7a2e429c02d51e2dc90713823ea8b8d3d3a84",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/11d7a2e429c02d51e2dc90713823ea8b8d3d3a84"
},
{
"url": "https://git.kernel.org/stable/c/c6652e20d7d783d060fe5f987eac7b5cabe31311",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c6652e20d7d783d060fe5f987eac7b5cabe31311"
},
{
"url": "https://git.kernel.org/stable/c/2886fe308a83968dde252302884a1e63351cf16d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2886fe308a83968dde252302884a1e63351cf16d"
},
{
"url": "https://git.kernel.org/stable/c/ab2d68655d0f04650bef09fee948ff80597c5fb9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ab2d68655d0f04650bef09fee948ff80597c5fb9"
},
{
"url": "https://git.kernel.org/stable/c/f590040ce2b712177306b03c2a63b16f7d48d3c8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f590040ce2b712177306b03c2a63b16f7d48d3c8"
},
{
"url": "https://git.kernel.org/stable/c/b1690ced4d2d8b28868811fb81cd33eee5aefee1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b1690ced4d2d8b28868811fb81cd33eee5aefee1"
},
{
"url": "https://git.kernel.org/stable/c/343eecb4ff49a7b1cc1dfe86958a805cf2341cfb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/343eecb4ff49a7b1cc1dfe86958a805cf2341cfb"
},
{
"url": "https://git.kernel.org/stable/c/9845664b9ee47ce7ee7ea93caf47d39a9d4552c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9845664b9ee47ce7ee7ea93caf47d39a9d4552c4"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

7
2024/26xxx/CVE-2024-26792.json
View File

@ -53,6 +53,11 @@
"version_name": "5a172344bfda",
"version_value": "c8ab7521665b"
},
{
"version_affected": "<",
"version_name": "e03ee2fe873e",
"version_value": "e2b54eaf28df"
},
{
"version_affected": "<",
"version_name": "6.1.79",
@ -102,6 +107,6 @@
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-5f0117140d9a"
}
}

158
2024/26xxx/CVE-2024-26793.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26793",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()\n\nThe gtp_link_ops operations structure for the subsystem must be\nregistered after registering the gtp_net_ops pernet operations structure.\n\nSyzkaller hit 'general protection fault in gtp_genl_dump_pdp' bug:\n\n[ 1010.702740] gtp: GTP module unloaded\n[ 1010.715877] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI\n[ 1010.715888] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 1010.715895] CPU: 1 PID: 128616 Comm: a.out Not tainted 6.8.0-rc6-std-def-alt1 #1\n[ 1010.715899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\n[ 1010.715908] RIP: 0010:gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.715915] Code: 80 3c 02 00 0f 85 41 04 00 00 48 8b bb d8 05 00 00 e8 ed f6 ff ff 48 89 c2 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 4f 04 00 00 4c 89 e2 4c 8b 6d 00 48 b8 00 00 00\n[ 1010.715920] RSP: 0018:ffff888020fbf180 EFLAGS: 00010203\n[ 1010.715929] RAX: dffffc0000000000 RBX: ffff88800399c000 RCX: 0000000000000000\n[ 1010.715933] RDX: 0000000000000001 RSI: ffffffff84805280 RDI: 0000000000000282\n[ 1010.715938] RBP: 000000000000000d R08: 0000000000000001 R09: 0000000000000000\n[ 1010.715942] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800399cc80\n[ 1010.715947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000400\n[ 1010.715953] FS: 00007fd1509ab5c0(0000) GS:ffff88805b300000(0000) knlGS:0000000000000000\n[ 1010.715958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1010.715962] CR2: 0000000000000000 CR3: 000000001c07a000 CR4: 0000000000750ee0\n[ 1010.715968] PKRU: 55555554\n[ 1010.715972] Call Trace:\n[ 1010.715985] ? __die_body.cold+0x1a/0x1f\n[ 1010.715995] ? die_addr+0x43/0x70\n[ 1010.716002] ? exc_general_protection+0x199/0x2f0\n[ 1010.716016] ? asm_exc_general_protection+0x1e/0x30\n[ 1010.716026] ? gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.716034] ? gtp_net_exit+0x150/0x150 [gtp]\n[ 1010.716042] __rtnl_newlink+0x1063/0x1700\n[ 1010.716051] ? rtnl_setlink+0x3c0/0x3c0\n[ 1010.716063] ? is_bpf_text_address+0xc0/0x1f0\n[ 1010.716070] ? kernel_text_address.part.0+0xbb/0xd0\n[ 1010.716076] ? __kernel_text_address+0x56/0xa0\n[ 1010.716084] ? unwind_get_return_address+0x5a/0xa0\n[ 1010.716091] ? create_prof_cpu_mask+0x30/0x30\n[ 1010.716098] ? arch_stack_walk+0x9e/0xf0\n[ 1010.716106] ? stack_trace_save+0x91/0xd0\n[ 1010.716113] ? stack_trace_consume_entry+0x170/0x170\n[ 1010.716121] ? __lock_acquire+0x15c5/0x5380\n[ 1010.716139] ? mark_held_locks+0x9e/0xe0\n[ 1010.716148] ? kmem_cache_alloc_trace+0x35f/0x3c0\n[ 1010.716155] ? __rtnl_newlink+0x1700/0x1700\n[ 1010.716160] rtnl_newlink+0x69/0xa0\n[ 1010.716166] rtnetlink_rcv_msg+0x43b/0xc50\n[ 1010.716172] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716179] ? lock_acquire+0x1fe/0x560\n[ 1010.716188] ? netlink_deliver_tap+0x12f/0xd50\n[ 1010.716196] netlink_rcv_skb+0x14d/0x440\n[ 1010.716202] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716208] ? netlink_ack+0xab0/0xab0\n[ 1010.716213] ? netlink_deliver_tap+0x202/0xd50\n[ 1010.716220] ? netlink_deliver_tap+0x218/0xd50\n[ 1010.716226] ? __virt_addr_valid+0x30b/0x590\n[ 1010.716233] netlink_unicast+0x54b/0x800\n[ 1010.716240] ? netlink_attachskb+0x870/0x870\n[ 1010.716248] ? __check_object_size+0x2de/0x3b0\n[ 1010.716254] netlink_sendmsg+0x938/0xe40\n[ 1010.716261] ? netlink_unicast+0x800/0x800\n[ 1010.716269] ? __import_iovec+0x292/0x510\n[ 1010.716276] ? netlink_unicast+0x800/0x800\n[ 1010.716284] __sock_sendmsg+0x159/0x190\n[ 1010.716290] ____sys_sendmsg+0x712/0x880\n[ 1010.716297] ? sock_write_iter+0x3d0/0x3d0\n[ 1010.716304] ? __ia32_sys_recvmmsg+0x270/0x270\n[ 1010.716309] ? lock_acquire+0x1fe/0x560\n[ 1010.716315] ? drain_array_locked+0x90/0x90\n[ 1010.716324] ___sys_sendmsg+0xf8/0x170\n[ 1010.716331] ? sendmsg_copy_msghdr+0x170/0x170\n[ 1010.716337] ? lockdep_init_map\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "459aa660eb1d",
"version_value": "01129059d514"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.309",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/01129059d5141d62fae692f7a336ae3bc712d3eb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/01129059d5141d62fae692f7a336ae3bc712d3eb"
},
{
"url": "https://git.kernel.org/stable/c/ec92aa2cab6f0048f10d6aa4f025c5885cb1a1b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ec92aa2cab6f0048f10d6aa4f025c5885cb1a1b6"
},
{
"url": "https://git.kernel.org/stable/c/e668b92a3a01429923fd5ca13e99642aab47de69",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e668b92a3a01429923fd5ca13e99642aab47de69"
},
{
"url": "https://git.kernel.org/stable/c/9376d059a705c5dfaac566c2d09891242013ae16",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9376d059a705c5dfaac566c2d09891242013ae16"
},
{
"url": "https://git.kernel.org/stable/c/abd32d7f5c0294c1b2454c5a3b13b18446bac627",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abd32d7f5c0294c1b2454c5a3b13b18446bac627"
},
{
"url": "https://git.kernel.org/stable/c/93dd420bc41531c9a31498b9538ca83ba6ec191e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93dd420bc41531c9a31498b9538ca83ba6ec191e"
},
{
"url": "https://git.kernel.org/stable/c/5366969a19a8a0d2ffb3d27ef6e8905e5e4216f8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5366969a19a8a0d2ffb3d27ef6e8905e5e4216f8"
},
{
"url": "https://git.kernel.org/stable/c/616d82c3cfa2a2146dd7e3ae47bda7e877ee549e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/616d82c3cfa2a2146dd7e3ae47bda7e877ee549e"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

7
2024/26xxx/CVE-2024-26794.json
View File

@ -78,15 +78,10 @@
"url": "https://git.kernel.org/stable/c/31d07a757c6d3430e03cc22799921569999b9a12",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31d07a757c6d3430e03cc22799921569999b9a12"
},
{
"url": "https://git.kernel.org/stable/c/a1a4a9ca77f143c00fce69c1239887ff8b813bec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1a4a9ca77f143c00fce69c1239887ff8b813bec"
}
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-e0c11145c45e"
}
}

136
2024/26xxx/CVE-2024-26795.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26795",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Sparse-Memory/vmemmap out-of-bounds fix\n\nOffset vmemmap so that the first page of vmemmap will be mapped\nto the first page of physical memory in order to ensure that\nvmemmap\u2019s bounds will be respected during\npfn_to_page()/page_to_pfn() operations.\nThe conversion macros will produce correct SV39/48/57 addresses\nfor every possible/valid DRAM_BASE inside the physical memory limits.\n\nv2:Address Alex's comments"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d95f1a542c3d",
"version_value": "8af1c121b010"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8af1c121b0102041809bc137ec600d1865eaeedd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8af1c121b0102041809bc137ec600d1865eaeedd"
},
{
"url": "https://git.kernel.org/stable/c/5941a90c55d3bfba732b32208d58d997600b44ef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5941a90c55d3bfba732b32208d58d997600b44ef"
},
{
"url": "https://git.kernel.org/stable/c/8310080799b40fd9f2a8b808c657269678c149af",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8310080799b40fd9f2a8b808c657269678c149af"
},
{
"url": "https://git.kernel.org/stable/c/a278d5c60f21aa15d540abb2f2da6e6d795c3e6e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a278d5c60f21aa15d540abb2f2da6e6d795c3e6e"
},
{
"url": "https://git.kernel.org/stable/c/2a1728c15ec4f45ed9248ae22f626541c179bfbe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2a1728c15ec4f45ed9248ae22f626541c179bfbe"
},
{
"url": "https://git.kernel.org/stable/c/a11dd49dcb9376776193e15641f84fcc1e5980c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a11dd49dcb9376776193e15641f84fcc1e5980c9"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

103
2024/26xxx/CVE-2024-26796.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: perf: ctr_get_width function for legacy is not defined\n\nWith parameters CONFIG_RISCV_PMU_LEGACY=y and CONFIG_RISCV_PMU_SBI=n\nlinux kernel crashes when you try perf record:\n\n$ perf record ls\n[ 46.749286] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 46.750199] Oops [#1]\n[ 46.750342] Modules linked in:\n[ 46.750608] CPU: 0 PID: 107 Comm: perf-exec Not tainted 6.6.0 #2\n[ 46.750906] Hardware name: riscv-virtio,qemu (DT)\n[ 46.751184] epc : 0x0\n[ 46.751430] ra : arch_perf_update_userpage+0x54/0x13e\n[ 46.751680] epc : 0000000000000000 ra : ffffffff8072ee52 sp : ff2000000022b8f0\n[ 46.751958] gp : ffffffff81505988 tp : ff6000000290d400 t0 : ff2000000022b9c0\n[ 46.752229] t1 : 0000000000000001 t2 : 0000000000000003 s0 : ff2000000022b930\n[ 46.752451] s1 : ff600000028fb000 a0 : 0000000000000000 a1 : ff600000028fb000\n[ 46.752673] a2 : 0000000ae2751268 a3 : 00000000004fb708 a4 : 0000000000000004\n[ 46.752895] a5 : 0000000000000000 a6 : 000000000017ffe3 a7 : 00000000000000d2\n[ 46.753117] s2 : ff600000028fb000 s3 : 0000000ae2751268 s4 : 0000000000000000\n[ 46.753338] s5 : ffffffff8153e290 s6 : ff600000863b9000 s7 : ff60000002961078\n[ 46.753562] s8 : ff60000002961048 s9 : ff60000002961058 s10: 0000000000000001\n[ 46.753783] s11: 0000000000000018 t3 : ffffffffffffffff t4 : ffffffffffffffff\n[ 46.754005] t5 : ff6000000292270c t6 : ff2000000022bb30\n[ 46.754179] status: 0000000200000100 badaddr: 0000000000000000 cause: 000000000000000c\n[ 46.754653] Code: Unable to access instruction at 0xffffffffffffffec.\n[ 46.754939] ---[ end trace 0000000000000000 ]---\n[ 46.755131] note: perf-exec[107] exited with irqs disabled\n[ 46.755546] note: perf-exec[107] exited with preempt_count 4\n\nThis happens because in the legacy case the ctr_get_width function was not\ndefined, but it is used in arch_perf_update_userpage.\n\nAlso remove extra check in riscv_pmu_ctr_get_width_mask"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cc4c07c89aad",
"version_value": "e0d17ee872cf"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e0d17ee872cf8d0f51cc561329b8e1a0aa792bbb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0d17ee872cf8d0f51cc561329b8e1a0aa792bbb"
},
{
"url": "https://git.kernel.org/stable/c/e4f50e85de5a6b21dfdc0d7ca435eba4f62935c3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e4f50e85de5a6b21dfdc0d7ca435eba4f62935c3"
},
{
"url": "https://git.kernel.org/stable/c/682dc133f83e0194796e6ea72eb642df1c03dfbe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/682dc133f83e0194796e6ea72eb642df1c03dfbe"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

92
2024/26xxx/CVE-2024-26797.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26797",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Prevent potential buffer overflow in map_hw_resources\n\nAdds a check in the map_hw_resources function to prevent a potential\nbuffer overflow. The function was accessing arrays using an index that\ncould potentially be greater than the size of the arrays, leading to a\nbuffer overflow.\n\nAdds a check to ensure that the index is within the bounds of the\narrays. If the index is out of bounds, an error message is printed and\nbreak it will continue execution with just ignoring extra data early to\nprevent the buffer overflow.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2_wrapper.c:79 map_hw_resources() error: buffer overflow 'dml2->v20.scratch.dml_to_dc_pipe_mapping.disp_cfg_to_stream_id' 6 <= 7\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2_wrapper.c:81 map_hw_resources() error: buffer overflow 'dml2->v20.scratch.dml_to_dc_pipe_mapping.disp_cfg_to_plane_id' 6 <= 7"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7966f319c66d",
"version_value": "50a6302cf881"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/50a6302cf881f67f1410461a68fe9eabd00ff31d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/50a6302cf881f67f1410461a68fe9eabd00ff31d"
},
{
"url": "https://git.kernel.org/stable/c/0f8ca019544a252d1afb468ce840c6dcbac73af4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0f8ca019544a252d1afb468ce840c6dcbac73af4"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

12
2024/26xxx/CVE-2024-26798.json
View File

@ -52,16 +52,6 @@
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
@ -135,6 +125,6 @@
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
"engine": "bippy-e0c11145c45e"
}
}

103
2024/26xxx/CVE-2024-26799.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26799",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix uninitialized pointer dmactl\n\nIn the case where __lpass_get_dmactl_handle is called and the driver\nid dai_id is invalid the pointer dmactl is not being assigned a value,\nand dmactl contains a garbage value since it has not been initialized\nand so the null check may not work. Fix this to initialize dmactl to\nNULL. One could argue that modern compilers will set this to zero, but\nit is useful to keep this initialized as per the same way in functions\n__lpass_platform_codec_intf_init and lpass_cdc_dma_daiops_hw_params.\n\nCleans up clang scan build warning:\nsound/soc/qcom/lpass-cdc-dma.c:275:7: warning: Branch condition\nevaluates to a garbage value [core.uninitialized.Branch]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b81af585ea54",
"version_value": "99adc8b4d2f3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/99adc8b4d2f38bf0d06483ec845bc48f60c3f8cf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/99adc8b4d2f38bf0d06483ec845bc48f60c3f8cf"
},
{
"url": "https://git.kernel.org/stable/c/d5a7726e6ea62d447b79ab5baeb537ea6bdb225b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d5a7726e6ea62d447b79ab5baeb537ea6bdb225b"
},
{
"url": "https://git.kernel.org/stable/c/1382d8b55129875b2e07c4d2a7ebc790183769ee",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1382d8b55129875b2e07c4d2a7ebc790183769ee"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

12
2024/26xxx/CVE-2024-26800.json
View File

@ -69,11 +69,6 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f2b85a4cc763841843de693bbd7308fe9a2c4c89",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f2b85a4cc763841843de693bbd7308fe9a2c4c89"
},
{
"url": "https://git.kernel.org/stable/c/81be85353b0f5a7b660635634b655329b429eefe",
"refsource": "MISC",
@ -83,15 +78,10 @@
"url": "https://git.kernel.org/stable/c/1ac9fb84bc7ecd4bc6428118301d9d864d2a58d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1ac9fb84bc7ecd4bc6428118301d9d864d2a58d1"
},
{
"url": "https://git.kernel.org/stable/c/13114dc5543069f7b97991e3b79937b6da05f5b0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/13114dc5543069f7b97991e3b79937b6da05f5b0"
}
]
},
"generator": {
"engine": "bippy-7f0d2821bfb2"
"engine": "bippy-e0c11145c45e"
}
}

158
2024/26xxx/CVE-2024-26801.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26801",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Avoid potential use-after-free in hci_error_reset\n\nWhile handling the HCI_EV_HARDWARE_ERROR event, if the underlying\nBT controller is not responding, the GPIO reset mechanism would\nfree the hci_dev and lead to a use-after-free in hci_error_reset.\n\nHere's the call trace observed on a ChromeOS device with Intel AX201:\n queue_work_on+0x3e/0x6c\n __hci_cmd_sync_sk+0x2ee/0x4c0 [bluetooth <HASH:3b4a6>]\n ? init_wait_entry+0x31/0x31\n __hci_cmd_sync+0x16/0x20 [bluetooth <HASH:3b4a 6>]\n hci_error_reset+0x4f/0xa4 [bluetooth <HASH:3b4a 6>]\n process_one_work+0x1d8/0x33f\n worker_thread+0x21b/0x373\n kthread+0x13a/0x152\n ? pr_cont_work+0x54/0x54\n ? kthread_blkcg+0x31/0x31\n ret_from_fork+0x1f/0x30\n\nThis patch holds the reference count on the hci_dev while processing\na HCI_EV_HARDWARE_ERROR event to avoid potential crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c7741d16a57c",
"version_value": "e0b278650f07"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.309",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e0b278650f07acf2e0932149183458468a731c03",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0b278650f07acf2e0932149183458468a731c03"
},
{
"url": "https://git.kernel.org/stable/c/98fb98fd37e42fd4ce13ff657ea64503e24b6090",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98fb98fd37e42fd4ce13ff657ea64503e24b6090"
},
{
"url": "https://git.kernel.org/stable/c/6dd0a9dfa99f8990a08eb8fdd8e79bee31c7d8e2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6dd0a9dfa99f8990a08eb8fdd8e79bee31c7d8e2"
},
{
"url": "https://git.kernel.org/stable/c/da4569d450b193e39e87119fd316c0291b585d14",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da4569d450b193e39e87119fd316c0291b585d14"
},
{
"url": "https://git.kernel.org/stable/c/45085686b9559bfbe3a4f41d3d695a520668f5e1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45085686b9559bfbe3a4f41d3d695a520668f5e1"
},
{
"url": "https://git.kernel.org/stable/c/2ab9a19d896f5a0dd386e1f001c5309bc35f433b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ab9a19d896f5a0dd386e1f001c5309bc35f433b"
},
{
"url": "https://git.kernel.org/stable/c/dd594cdc24f2e48dab441732e6dfcafd6b0711d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd594cdc24f2e48dab441732e6dfcafd6b0711d1"
},
{
"url": "https://git.kernel.org/stable/c/2449007d3f73b2842c9734f45f0aadb522daf592",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2449007d3f73b2842c9734f45f0aadb522daf592"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

125
2024/26xxx/CVE-2024-26802.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-26802",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstmmac: Clear variable when destroying workqueue\n\nCurrently when suspending driver and stopping workqueue it is checked whether\nworkqueue is not NULL and if so, it is destroyed.\nFunction destroy_workqueue() does drain queue and does clear variable, but\nit does not set workqueue variable to NULL. This can cause kernel/module\npanic if code attempts to clear workqueue that was not initialized.\n\nThis scenario is possible when resuming suspended driver in stmmac_resume(),\nbecause there is no handling for failed stmmac_hw_setup(),\nwhich can fail and return if DMA engine has failed to initialize,\nand workqueue is initialized after DMA engine.\nShould DMA engine fail to initialize, resume will proceed normally,\nbut interface won't work and TX queue will eventually timeout,\ncausing 'Reset adapter' error.\nThis then does destroy workqueue during reset process.\nAnd since workqueue is initialized after DMA engine and can be skipped,\nit will cause kernel/module panic.\n\nTo secure against this possible crash, set workqueue variable to NULL when\ndestroying workqueue.\n\nLog/backtrace from crash goes as follows:\n[88.031977]------------[ cut here ]------------\n[88.031985]NETDEV WATCHDOG: eth0 (sxgmac): transmit queue 1 timed out\n[88.032017]WARNING: CPU: 0 PID: 0 at net/sched/sch_generic.c:477 dev_watchdog+0x390/0x398\n <Skipping backtrace for watchdog timeout>\n[88.032251]---[ end trace e70de432e4d5c2c0 ]---\n[88.032282]sxgmac 16d88000.ethernet eth0: Reset adapter.\n[88.036359]------------[ cut here ]------------\n[88.036519]Call trace:\n[88.036523] flush_workqueue+0x3e4/0x430\n[88.036528] drain_workqueue+0xc4/0x160\n[88.036533] destroy_workqueue+0x40/0x270\n[88.036537] stmmac_fpe_stop_wq+0x4c/0x70\n[88.036541] stmmac_release+0x278/0x280\n[88.036546] __dev_close_many+0xcc/0x158\n[88.036551] dev_close_many+0xbc/0x190\n[88.036555] dev_close.part.0+0x70/0xc0\n[88.036560] dev_close+0x24/0x30\n[88.036564] stmmac_service_task+0x110/0x140\n[88.036569] process_one_work+0x1d8/0x4a0\n[88.036573] worker_thread+0x54/0x408\n[88.036578] kthread+0x164/0x170\n[88.036583] ret_from_fork+0x10/0x20\n[88.036588]---[ end trace e70de432e4d5c2c1 ]---\n[88.036597]Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5a5586112b92",
"version_value": "8e9955630117"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8e99556301172465c8fe33c7f78c39a3d4ce8462",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e99556301172465c8fe33c7f78c39a3d4ce8462"
},
{
"url": "https://git.kernel.org/stable/c/17ccd9798fe0beda3db212cfa3ebe373f605cbd6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/17ccd9798fe0beda3db212cfa3ebe373f605cbd6"
},
{
"url": "https://git.kernel.org/stable/c/699b103e48ce32d03fc86c35b37ee8ae4288c7e3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/699b103e48ce32d03fc86c35b37ee8ae4288c7e3"
},
{
"url": "https://git.kernel.org/stable/c/f72cf22dccc94038cbbaa1029cb575bf52e5cbc8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f72cf22dccc94038cbbaa1029cb575bf52e5cbc8"
},
{
"url": "https://git.kernel.org/stable/c/8af411bbba1f457c33734795f024d0ef26d0963f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8af411bbba1f457c33734795f024d0ef26d0963f"
}
]
},
"generator": {
"engine": "bippy-e0c11145c45e"
}
}

4
2024/3xxx/CVE-2024-3273.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Durch die Manipulation des Arguments system mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Es wurde eine Schwachstelle in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Durch die Manipulation des Arguments system mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},

4
2024/3xxx/CVE-2024-3274.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259285 was assigned to this vulnerability. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259285 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "deu",
"value": "In D-Link DNS-320L, DNS-320LW and DNS-327L bis 20240403 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /cgi-bin/info.cgi der Komponente HTTP GET Request Handler. Durch Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** In D-Link DNS-320L, DNS-320LW and DNS-327L bis 20240403 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /cgi-bin/info.cgi der Komponente HTTP GET Request Handler. Durch Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},

199
2024/3xxx/CVE-2024-3296.json
View File

@ -1,208 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3296",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A timing-based side-channel exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Observable Discrepancy",
"cweId": "CWE-203"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "upstream",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Extra Packages for Enterprise Linux",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3296",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2024-3296"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269723",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2269723"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}