admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-02-26 02:00:58 +00:00
parent fc671a63ac
commit dc66c15eff
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
78 changed files with 5531 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
2021/47xxx/CVE-2021-47631.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47631",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: davinci: da850-evm: Avoid NULL pointer dereference\n\nWith newer versions of GCC, there is a panic in da850_evm_config_emac()\nwhen booting multi_v5_defconfig in QEMU under the palmetto-bmc machine:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000020\npgd = (ptrval)\n[00000020] *pgd=00000000\nInternal error: Oops: 5 [#1] PREEMPT ARM\nModules linked in:\nCPU: 0 PID: 1 Comm: swapper Not tainted 5.15.0 #1\nHardware name: Generic DT based system\nPC is at da850_evm_config_emac+0x1c/0x120\nLR is at do_one_initcall+0x50/0x1e0\n\nThe emac_pdata pointer in soc_info is NULL because davinci_soc_info only\ngets populated on davinci machines but da850_evm_config_emac() is called\non all machines via device_initcall().\n\nMove the rmii_en assignment below the machine check so that it is only\ndereferenced when running on a supported SoC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bae105879f2f2404155da6f50b3636193d228a62",
"version_value": "c06f476e5b74bcabb8c4a2fba55864a37e62843b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.33",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.33",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.239",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.190",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.112",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b"
},
{
"url": "https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3"
},
{
"url": "https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b"
},
{
"url": "https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f"
},
{
"url": "https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da"
},
{
"url": "https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a"
},
{
"url": "https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d"
},
{
"url": "https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

104
2021/47xxx/CVE-2021-47632.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47632",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/set_memory: Avoid spinlock recursion in change_page_attr()\n\nCommit 1f9ad21c3b38 (\"powerpc/mm: Implement set_memory() routines\")\nincluded a spin_lock() to change_page_attr() in order to\nsafely perform the three step operations. But then\ncommit 9f7853d7609d (\"powerpc/mm: Fix set_memory_*() against\nconcurrent accesses\") modify it to use pte_update() and do\nthe operation safely against concurrent access.\n\nIn the meantime, Maxime reported some spinlock recursion.\n\n[ 15.351649] BUG: spinlock recursion on CPU#0, kworker/0:2/217\n[ 15.357540] lock: init_mm+0x3c/0x420, .magic: dead4ead, .owner: kworker/0:2/217, .owner_cpu: 0\n[ 15.366563] CPU: 0 PID: 217 Comm: kworker/0:2 Not tainted 5.15.0+ #523\n[ 15.373350] Workqueue: events do_free_init\n[ 15.377615] Call Trace:\n[ 15.380232] [e4105ac0] [800946a4] do_raw_spin_lock+0xf8/0x120 (unreliable)\n[ 15.387340] [e4105ae0] [8001f4ec] change_page_attr+0x40/0x1d4\n[ 15.393413] [e4105b10] [801424e0] __apply_to_page_range+0x164/0x310\n[ 15.400009] [e4105b60] [80169620] free_pcp_prepare+0x1e4/0x4a0\n[ 15.406045] [e4105ba0] [8016c5a0] free_unref_page+0x40/0x2b8\n[ 15.411979] [e4105be0] [8018724c] kasan_depopulate_vmalloc_pte+0x6c/0x94\n[ 15.418989] [e4105c00] [801424e0] __apply_to_page_range+0x164/0x310\n[ 15.425451] [e4105c50] [80187834] kasan_release_vmalloc+0xbc/0x134\n[ 15.431898] [e4105c70] [8015f7a8] __purge_vmap_area_lazy+0x4e4/0xdd8\n[ 15.438560] [e4105d30] [80160d10] _vm_unmap_aliases.part.0+0x17c/0x24c\n[ 15.445283] [e4105d60] [801642d0] __vunmap+0x2f0/0x5c8\n[ 15.450684] [e4105db0] [800e32d0] do_free_init+0x68/0x94\n[ 15.456181] [e4105dd0] [8005d094] process_one_work+0x4bc/0x7b8\n[ 15.462283] [e4105e90] [8005d614] worker_thread+0x284/0x6e8\n[ 15.468227] [e4105f00] [8006aaec] kthread+0x1f0/0x210\n[ 15.473489] [e4105f40] [80017148] ret_from_kernel_thread+0x14/0x1c\n\nRemove the read / modify / write sequence to make the operation atomic\nand remove the spin_lock() in change_page_attr().\n\nTo do the operation atomically, we can't use pte modification helpers\nanymore. Because all platforms have different combination of bits, it\nis not easy to use those bits directly. But all have the\n_PAGE_KERNEL_{RO/ROX/RW/RWX} set of flags. All we need it to compare\ntwo sets to know which bits are set or cleared.\n\nFor instance, by comparing _PAGE_KERNEL_ROX and _PAGE_KERNEL_RO you\nknow which bit gets cleared and which bit get set when changing exec\npermission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "6def4eaf0391f24be541633a954c0e4876858b1e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.34",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.20",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.3",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6def4eaf0391f24be541633a954c0e4876858b1e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6def4eaf0391f24be541633a954c0e4876858b1e"
},
{
"url": "https://git.kernel.org/stable/c/96917107e67846f1d959ed03be281048efad14c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/96917107e67846f1d959ed03be281048efad14c5"
},
{
"url": "https://git.kernel.org/stable/c/6ebe5ca2cbe438a688f2ae238ef5a0b0b5f3468a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6ebe5ca2cbe438a688f2ae238ef5a0b0b5f3468a"
},
{
"url": "https://git.kernel.org/stable/c/a4c182ecf33584b9b2d1aa9dad073014a504c01f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a4c182ecf33584b9b2d1aa9dad073014a504c01f"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

159
2021/47xxx/CVE-2021-47633.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47633",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111\n\nThe bug was found during fuzzing. Stacktrace locates it in\nath5k_eeprom_convert_pcal_info_5111.\nWhen none of the curve is selected in the loop, idx can go\nup to AR5K_EEPROM_N_PD_CURVES. The line makes pd out of bound.\npd = &chinfo[pier].pd_curves[idx];\n\nThere are many OOB writes using pd later in the code. So I\nadded a sanity check for idx. Checks for other loops involving\nAR5K_EEPROM_N_PD_CURVES are not needed as the loop index is not\nused outside the loops.\n\nThe patch is NOT tested with real device.\n\nThe following is the fuzzing report\n\nBUG: KASAN: slab-out-of-bounds in ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k]\nWrite of size 1 at addr ffff8880174a4d60 by task modprobe/214\n\nCPU: 0 PID: 214 Comm: modprobe Not tainted 5.6.0 #1\nCall Trace:\n dump_stack+0x76/0xa0\n print_address_description.constprop.0+0x16/0x200\n ? ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k]\n ? ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k]\n __kasan_report.cold+0x37/0x7c\n ? ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k]\n kasan_report+0xe/0x20\n ath5k_eeprom_read_pcal_info_5111+0x126a/0x1390 [ath5k]\n ? apic_timer_interrupt+0xa/0x20\n ? ath5k_eeprom_init_11a_pcal_freq+0xbc0/0xbc0 [ath5k]\n ? ath5k_pci_eeprom_read+0x228/0x3c0 [ath5k]\n ath5k_eeprom_init+0x2513/0x6290 [ath5k]\n ? ath5k_eeprom_init_11a_pcal_freq+0xbc0/0xbc0 [ath5k]\n ? usleep_range+0xb8/0x100\n ? apic_timer_interrupt+0xa/0x20\n ? ath5k_eeprom_read_pcal_info_2413+0x2f20/0x2f20 [ath5k]\n ath5k_hw_init+0xb60/0x1970 [ath5k]\n ath5k_init_ah+0x6fe/0x2530 [ath5k]\n ? kasprintf+0xa6/0xe0\n ? ath5k_stop+0x140/0x140 [ath5k]\n ? _dev_notice+0xf6/0xf6\n ? apic_timer_interrupt+0xa/0x20\n ath5k_pci_probe.cold+0x29a/0x3d6 [ath5k]\n ? ath5k_pci_eeprom_read+0x3c0/0x3c0 [ath5k]\n ? mutex_lock+0x89/0xd0\n ? ath5k_pci_eeprom_read+0x3c0/0x3c0 [ath5k]\n local_pci_probe+0xd3/0x160\n pci_device_probe+0x23f/0x3e0\n ? pci_device_remove+0x280/0x280\n ? pci_device_remove+0x280/0x280\n really_probe+0x209/0x5d0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "f4de974019a0adf34d0e7de6b86252f1bd266b06"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.111",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.34",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.20",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.3",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f4de974019a0adf34d0e7de6b86252f1bd266b06",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f4de974019a0adf34d0e7de6b86252f1bd266b06"
},
{
"url": "https://git.kernel.org/stable/c/ed3dfdaa8b5f0579eabfc1c5818eed30cfe1fe84",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ed3dfdaa8b5f0579eabfc1c5818eed30cfe1fe84"
},
{
"url": "https://git.kernel.org/stable/c/25efc5d03455c3839249bc77fce5e29ecb54677e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/25efc5d03455c3839249bc77fce5e29ecb54677e"
},
{
"url": "https://git.kernel.org/stable/c/c4e2f577271e158d87a916afb4e87415a88ce856",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c4e2f577271e158d87a916afb4e87415a88ce856"
},
{
"url": "https://git.kernel.org/stable/c/9d7d83d0399e23d66fd431b553842a84ac10398f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9d7d83d0399e23d66fd431b553842a84ac10398f"
},
{
"url": "https://git.kernel.org/stable/c/be2f81024e7981565d90a4c9ca3067d11b6bca7f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/be2f81024e7981565d90a4c9ca3067d11b6bca7f"
},
{
"url": "https://git.kernel.org/stable/c/fc8f7752a82f4accb99c0f1a868906ba1eb7b86f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fc8f7752a82f4accb99c0f1a868906ba1eb7b86f"
},
{
"url": "https://git.kernel.org/stable/c/cbd96d6cad6625feba9c8d101ed4977d53e82f8e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cbd96d6cad6625feba9c8d101ed4977d53e82f8e"
},
{
"url": "https://git.kernel.org/stable/c/564d4eceb97eaf381dd6ef6470b06377bb50c95a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/564d4eceb97eaf381dd6ef6470b06377bb50c95a"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

158
2021/47xxx/CVE-2021-47634.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47634",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl\n\nHulk Robot reported a KASAN report about use-after-free:\n ==================================================================\n BUG: KASAN: use-after-free in __list_del_entry_valid+0x13d/0x160\n Read of size 8 at addr ffff888035e37d98 by task ubiattach/1385\n [...]\n Call Trace:\n klist_dec_and_del+0xa7/0x4a0\n klist_put+0xc7/0x1a0\n device_del+0x4d4/0xed0\n cdev_device_del+0x1a/0x80\n ubi_attach_mtd_dev+0x2951/0x34b0 [ubi]\n ctrl_cdev_ioctl+0x286/0x2f0 [ubi]\n\n Allocated by task 1414:\n device_add+0x60a/0x18b0\n cdev_device_add+0x103/0x170\n ubi_create_volume+0x1118/0x1a10 [ubi]\n ubi_cdev_ioctl+0xb7f/0x1ba0 [ubi]\n\n Freed by task 1385:\n cdev_device_del+0x1a/0x80\n ubi_remove_volume+0x438/0x6c0 [ubi]\n ubi_cdev_ioctl+0xbf4/0x1ba0 [ubi]\n [...]\n ==================================================================\n\nThe lock held by ctrl_cdev_ioctl is ubi_devices_mutex, but the lock held\nby ubi_cdev_ioctl is ubi->device_mutex. Therefore, the two locks can be\nconcurrent.\n\nctrl_cdev_ioctl contains two operations: ubi_attach and ubi_detach.\nubi_detach is bug-free because it uses reference counting to prevent\nconcurrency. However, uif_init and uif_close in ubi_attach may race with\nubi_cdev_ioctl.\n\nuif_init will race with ubi_cdev_ioctl as in the following stack.\n cpu1 cpu2 cpu3\n_______________________|________________________|______________________\nctrl_cdev_ioctl\n ubi_attach_mtd_dev\n uif_init\n ubi_cdev_ioctl\n ubi_create_volume\n cdev_device_add\n ubi_add_volume\n // sysfs exist\n kill_volumes\n ubi_cdev_ioctl\n ubi_remove_volume\n cdev_device_del\n // first free\n ubi_free_volume\n cdev_del\n // double free\n cdev_device_del\n\nAnd uif_close will race with ubi_cdev_ioctl as in the following stack.\n cpu1 cpu2 cpu3\n_______________________|________________________|______________________\nctrl_cdev_ioctl\n ubi_attach_mtd_dev\n uif_init\n ubi_cdev_ioctl\n ubi_create_volume\n cdev_device_add\n ubi_debugfs_init_dev\n //error goto out_uif;\n uif_close\n kill_volumes\n ubi_cdev_ioctl\n ubi_remove_volume\n cdev_device_del\n // first free\n ubi_free_volume\n // double free\n\nThe cause of this problem is that commit 714fb87e8bc0 make device\n\"available\" before it becomes accessible via sysfs. Therefore, we\nroll back the modification. We will fix the race condition between\nubi device creation and udev by removing ubi_get_device in\nvol_attribute_show and dev_attribute_show.This avoids accessing\nuninitialized ubi_devices[ubi_num].\n\nubi_get_device is used to prevent devices from being deleted during\nsysfs execution. However, now kernfs ensures that devices will not\nbe deleted before all reference counting are released.\nThe key process is shown in the following stack.\n\ndevice_del\n device_remove_attrs\n device_remove_groups\n sysfs_remove_groups\n sysfs_remove_group\n remove_files\n kernfs_remove_by_name\n kernfs_remove_by_name_ns\n __kernfs_remove\n kernfs_drain"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "714fb87e8bc05ff78255afc0dca981e8c5242785",
"version_value": "f149b1bd213820363731aa119e5011ca892a2aac"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f149b1bd213820363731aa119e5011ca892a2aac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f149b1bd213820363731aa119e5011ca892a2aac"
},
{
"url": "https://git.kernel.org/stable/c/a8ecee49259f8f78d91ddb329ab2be7e6fd01974",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a8ecee49259f8f78d91ddb329ab2be7e6fd01974"
},
{
"url": "https://git.kernel.org/stable/c/d727fd32cbd1abf3465f607021bc9c746f17b5a8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d727fd32cbd1abf3465f607021bc9c746f17b5a8"
},
{
"url": "https://git.kernel.org/stable/c/432b057f8e847ae5a2306515606f8d2defaca178",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/432b057f8e847ae5a2306515606f8d2defaca178"
},
{
"url": "https://git.kernel.org/stable/c/1a3f1cf87054833242fcd0218de0481cf855f888",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a3f1cf87054833242fcd0218de0481cf855f888"
},
{
"url": "https://git.kernel.org/stable/c/c32fe764191b8ae8b128588beb96e3718d9179d8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c32fe764191b8ae8b128588beb96e3718d9179d8"
},
{
"url": "https://git.kernel.org/stable/c/5f9e9c223e48c264241d2f34d0bfc29e5fcb5c1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f9e9c223e48c264241d2f34d0bfc29e5fcb5c1b"
},
{
"url": "https://git.kernel.org/stable/c/3cbf0e392f173ba0ce425968c8374a6aa3e90f2e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3cbf0e392f173ba0ce425968c8374a6aa3e90f2e"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2021/47xxx/CVE-2021-47635.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47635",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix to add refcount once page is set private\n\nMM defined the rule [1] very clearly that once page was set with PG_private\nflag, we should increment the refcount in that page, also main flows like\npageout(), migrate_page() will assume there is one additional page\nreference count if page_has_private() returns true. Otherwise, we may\nget a BUG in page migration:\n\n page:0000000080d05b9d refcount:-1 mapcount:0 mapping:000000005f4d82a8\n index:0xe2 pfn:0x14c12\n aops:ubifs_file_address_operations [ubifs] ino:8f1 dentry name:\"f30e\"\n flags: 0x1fffff80002405(locked|uptodate|owner_priv_1|private|node=0|\n zone=1|lastcpupid=0x1fffff)\n page dumped because: VM_BUG_ON_PAGE(page_count(page) != 0)\n ------------[ cut here ]------------\n kernel BUG at include/linux/page_ref.h:184!\n invalid opcode: 0000 [#1] SMP\n CPU: 3 PID: 38 Comm: kcompactd0 Not tainted 5.15.0-rc5\n RIP: 0010:migrate_page_move_mapping+0xac3/0xe70\n Call Trace:\n ubifs_migrate_page+0x22/0xc0 [ubifs]\n move_to_new_page+0xb4/0x600\n migrate_pages+0x1523/0x1cc0\n compact_zone+0x8c5/0x14b0\n kcompactd+0x2bc/0x560\n kthread+0x18c/0x1e0\n ret_from_fork+0x1f/0x30\n\nBefore the time, we should make clean a concept, what does refcount means\nin page gotten from grab_cache_page_write_begin(). There are 2 situations:\nSituation 1: refcount is 3, page is created by __page_cache_alloc.\n TYPE_A - the write process is using this page\n TYPE_B - page is assigned to one certain mapping by calling\n\t __add_to_page_cache_locked()\n TYPE_C - page is added into pagevec list corresponding current cpu by\n\t calling lru_cache_add()\nSituation 2: refcount is 2, page is gotten from the mapping's tree\n TYPE_B - page has been assigned to one certain mapping\n TYPE_A - the write process is using this page (by calling\n\t page_cache_get_speculative())\nFilesystem releases one refcount by calling put_page() in xxx_write_end(),\nthe released refcount corresponds to TYPE_A (write task is using it). If\nthere are any processes using a page, page migration process will skip the\npage by judging whether expected_page_refs() equals to page refcount.\n\nThe BUG is caused by following process:\n PA(cpu 0) kcompactd(cpu 1)\n\t\t\t\tcompact_zone\nubifs_write_begin\n page_a = grab_cache_page_write_begin\n add_to_page_cache_lru\n lru_cache_add\n pagevec_add // put page into cpu 0's pagevec\n (refcnf = 3, for page creation process)\nubifs_write_end\n SetPagePrivate(page_a) // doesn't increase page count !\n unlock_page(page_a)\n put_page(page_a) // refcnt = 2\n\t\t\t\t[...]\n\n PB(cpu 0)\nfilemap_read\n filemap_get_pages\n add_to_page_cache_lru\n lru_cache_add\n __pagevec_lru_add // traverse all pages in cpu 0's pagevec\n\t __pagevec_lru_add_fn\n\t SetPageLRU(page_a)\n\t\t\t\tisolate_migratepages\n isolate_migratepages_block\n\t\t\t\t get_page_unless_zero(page_a)\n\t\t\t\t // refcnt = 3\n list_add(page_a, from_list)\n\t\t\t\tmigrate_pages(from_list)\n\t\t\t\t __unmap_and_move\n\t\t\t\t move_to_new_page\n\t\t\t\t ubifs_migrate_page(page_a)\n\t\t\t\t migrate_page_move_mapping\n\t\t\t\t\t expected_page_refs get 3\n (migration[1] + mapping[1] + private[1])\n\t release_pages\n\t put_page_testzero(page_a) // refcnt = 3\n page_ref_freeze // refcnt = 0\n\t page_ref_dec_and_test(0 - 1 = -1)\n page_ref_unfreeze\n VM_BUG_ON_PAGE(-1 != 0, page)\n\nUBIFS doesn't increase the page refcount after setting private flag, which\nleads to page migration task believes the page is not used by any other\nprocesses, so the page is migrated. This causes concurrent accessing on\npage refcount between put_page() called by other process(eg. read process\ncalls lru_cache_add) and page_ref_unfreeze() called by mi\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d",
"version_value": "c34ae24a2590fee96a3a7735ba2fa6cc52306221"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.27",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.27",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c34ae24a2590fee96a3a7735ba2fa6cc52306221",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c34ae24a2590fee96a3a7735ba2fa6cc52306221"
},
{
"url": "https://git.kernel.org/stable/c/4f75bab98565afd4f905059c56ec4caba88a7eec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4f75bab98565afd4f905059c56ec4caba88a7eec"
},
{
"url": "https://git.kernel.org/stable/c/5aaa2c0f0052b02c4a982993d4c5bb68fb7cbe22",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5aaa2c0f0052b02c4a982993d4c5bb68fb7cbe22"
},
{
"url": "https://git.kernel.org/stable/c/fbeb2139eed65e929ce806c6468e6601ade01b1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fbeb2139eed65e929ce806c6468e6601ade01b1b"
},
{
"url": "https://git.kernel.org/stable/c/3b67db8a6ca83e6ff90b756d3da0c966f61cd37b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b67db8a6ca83e6ff90b756d3da0c966f61cd37b"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2021/47xxx/CVE-2021-47636.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47636",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()\n\nFunction ubifs_wbuf_write_nolock() may access buf out of bounds in\nfollowing process:\n\nubifs_wbuf_write_nolock():\n aligned_len = ALIGN(len, 8); // Assume len = 4089, aligned_len = 4096\n if (aligned_len <= wbuf->avail) ... // Not satisfy\n if (wbuf->used) {\n ubifs_leb_write() // Fill some data in avail wbuf\n len -= wbuf->avail; // len is still not 8-bytes aligned\n aligned_len -= wbuf->avail;\n }\n n = aligned_len >> c->max_write_shift;\n if (n) {\n n <<= c->max_write_shift;\n err = ubifs_leb_write(c, wbuf->lnum, buf + written,\n wbuf->offs, n);\n // n > len, read out of bounds less than 8(n-len) bytes\n }\n\n, which can be catched by KASAN:\n =========================================================\n BUG: KASAN: slab-out-of-bounds in ecc_sw_hamming_calculate+0x1dc/0x7d0\n Read of size 4 at addr ffff888105594ff8 by task kworker/u8:4/128\n Workqueue: writeback wb_workfn (flush-ubifs_0_0)\n Call Trace:\n kasan_report.cold+0x81/0x165\n nand_write_page_swecc+0xa9/0x160\n ubifs_leb_write+0xf2/0x1b0 [ubifs]\n ubifs_wbuf_write_nolock+0x421/0x12c0 [ubifs]\n write_head+0xdc/0x1c0 [ubifs]\n ubifs_jnl_write_inode+0x627/0x960 [ubifs]\n wb_workfn+0x8af/0xb80\n\nFunction ubifs_wbuf_write_nolock() accepts that parameter 'len' is not 8\nbytes aligned, the 'len' represents the true length of buf (which is\nallocated in 'ubifs_jnl_xxx', eg. ubifs_jnl_write_inode), so\nubifs_wbuf_write_nolock() must handle the length read from 'buf' carefully\nto write leb safely.\n\nFetch a reproducer in [Link]."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d",
"version_value": "5343575aa11c5d7044107d59d43f84aec01312b0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.27",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.27",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5343575aa11c5d7044107d59d43f84aec01312b0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5343575aa11c5d7044107d59d43f84aec01312b0"
},
{
"url": "https://git.kernel.org/stable/c/b80ccbec0e4804436c382d7dd60e943c386ed83a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b80ccbec0e4804436c382d7dd60e943c386ed83a"
},
{
"url": "https://git.kernel.org/stable/c/07a209fadee7b53b46858538e1177597273862e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07a209fadee7b53b46858538e1177597273862e4"
},
{
"url": "https://git.kernel.org/stable/c/a7054aaf1909cf40489c0ec1b728fdcf79c751a6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7054aaf1909cf40489c0ec1b728fdcf79c751a6"
},
{
"url": "https://git.kernel.org/stable/c/e09fa5318d51f522e1af4fbaf8f74999355980c8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e09fa5318d51f522e1af4fbaf8f74999355980c8"
},
{
"url": "https://git.kernel.org/stable/c/3b7fb89135a20587d57f8877c02e25003e9edbdf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b7fb89135a20587d57f8877c02e25003e9edbdf"
},
{
"url": "https://git.kernel.org/stable/c/4f2262a334641e05f645364d5ade1f565c85f20b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4f2262a334641e05f645364d5ade1f565c85f20b"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2021/47xxx/CVE-2021-47637.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47637",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix deadlock in concurrent rename whiteout and inode writeback\n\nFollowing hung tasks:\n[ 77.028764] task:kworker/u8:4 state:D stack: 0 pid: 132\n[ 77.028820] Call Trace:\n[ 77.029027] schedule+0x8c/0x1b0\n[ 77.029067] mutex_lock+0x50/0x60\n[ 77.029074] ubifs_write_inode+0x68/0x1f0 [ubifs]\n[ 77.029117] __writeback_single_inode+0x43c/0x570\n[ 77.029128] writeback_sb_inodes+0x259/0x740\n[ 77.029148] wb_writeback+0x107/0x4d0\n[ 77.029163] wb_workfn+0x162/0x7b0\n\n[ 92.390442] task:aa state:D stack: 0 pid: 1506\n[ 92.390448] Call Trace:\n[ 92.390458] schedule+0x8c/0x1b0\n[ 92.390461] wb_wait_for_completion+0x82/0xd0\n[ 92.390469] __writeback_inodes_sb_nr+0xb2/0x110\n[ 92.390472] writeback_inodes_sb_nr+0x14/0x20\n[ 92.390476] ubifs_budget_space+0x705/0xdd0 [ubifs]\n[ 92.390503] do_rename.cold+0x7f/0x187 [ubifs]\n[ 92.390549] ubifs_rename+0x8b/0x180 [ubifs]\n[ 92.390571] vfs_rename+0xdb2/0x1170\n[ 92.390580] do_renameat2+0x554/0x770\n\n, are caused by concurrent rename whiteout and inode writeback processes:\n\trename_whiteout(Thread 1)\t wb_workfn(Thread2)\nubifs_rename\n do_rename\n lock_4_inodes (Hold ui_mutex)\n ubifs_budget_space\n make_free_space\n shrink_liability\n\t __writeback_inodes_sb_nr\n\t bdi_split_work_to_wbs (Queue new wb work)\n\t\t\t\t\t wb_do_writeback(wb work)\n\t\t\t\t\t\t__writeback_single_inode\n\t\t\t\t\t ubifs_write_inode\n\t\t\t\t\t LOCK(ui_mutex)\n\t\t\t\t\t\t\t \u2191\n\t wb_wait_for_completion (Wait wb work) <-- deadlock!\n\nReproducer (Detail program in [Link]):\n 1. SYS_renameat2(\"/mp/dir/file\", \"/mp/dir/whiteout\", RENAME_WHITEOUT)\n 2. Consume out of space before kernel(mdelay) doing budget for whiteout\n\nFix it by doing whiteout space budget before locking ubifs inodes.\nBTW, it also fixes wrong goto tag 'out_release' in whiteout budget\nerror handling path(It should at least recover dir i_size and unlock\n4 ubifs inodes)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9e0a1fff8db56eaaebb74b4a3ef65f86811c4798",
"version_value": "9dddc8211430fb851ddf0b168e3a00c6f66cc185"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9dddc8211430fb851ddf0b168e3a00c6f66cc185",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9dddc8211430fb851ddf0b168e3a00c6f66cc185"
},
{
"url": "https://git.kernel.org/stable/c/37bdf1ad592555ecda1d55b89f6e393e4c0589d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/37bdf1ad592555ecda1d55b89f6e393e4c0589d1"
},
{
"url": "https://git.kernel.org/stable/c/83e42a78428fc354f5e2049935b84c8d8d29b787",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/83e42a78428fc354f5e2049935b84c8d8d29b787"
},
{
"url": "https://git.kernel.org/stable/c/c58af8564a7b08757173009030b74baf4b2b762b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c58af8564a7b08757173009030b74baf4b2b762b"
},
{
"url": "https://git.kernel.org/stable/c/70e9090acc32348cedc5def0cd6d5c126efc97b9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70e9090acc32348cedc5def0cd6d5c126efc97b9"
},
{
"url": "https://git.kernel.org/stable/c/8b278c8dcfb565cb65eceb62a38cbf7a7c326db5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b278c8dcfb565cb65eceb62a38cbf7a7c326db5"
},
{
"url": "https://git.kernel.org/stable/c/afd427048047e8efdedab30e8888044e2be5aa9c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afd427048047e8efdedab30e8888044e2be5aa9c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

158
2021/47xxx/CVE-2021-47638.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47638",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: rename_whiteout: Fix double free for whiteout_ui->data\n\n'whiteout_ui->data' will be freed twice if space budget fail for\nrename whiteout operation as following process:\n\nrename_whiteout\n dev = kmalloc\n whiteout_ui->data = dev\n kfree(whiteout_ui->data) // Free first time\n iput(whiteout)\n ubifs_free_inode\n kfree(ui->data)\t // Double free!\n\nKASAN reports:\n==================================================================\nBUG: KASAN: double-free or invalid-free in ubifs_free_inode+0x4f/0x70\nCall Trace:\n kfree+0x117/0x490\n ubifs_free_inode+0x4f/0x70 [ubifs]\n i_callback+0x30/0x60\n rcu_do_batch+0x366/0xac0\n __do_softirq+0x133/0x57f\n\nAllocated by task 1506:\n kmem_cache_alloc_trace+0x3c2/0x7a0\n do_rename+0x9b7/0x1150 [ubifs]\n ubifs_rename+0x106/0x1f0 [ubifs]\n do_syscall_64+0x35/0x80\n\nFreed by task 1506:\n kfree+0x117/0x490\n do_rename.cold+0x53/0x8a [ubifs]\n ubifs_rename+0x106/0x1f0 [ubifs]\n do_syscall_64+0x35/0x80\n\nThe buggy address belongs to the object at ffff88810238bed8 which\nbelongs to the cache kmalloc-8 of size 8\n==================================================================\n\nLet ubifs_free_inode() free 'whiteout_ui->data'. BTW, delete unused\nassignment 'whiteout_ui->data_len = 0', process 'ubifs_evict_inode()\n-> ubifs_jnl_delete_inode() -> ubifs_jnl_write_inode()' doesn't need it\n(because 'inc_nlink(whiteout)' won't be excuted by 'goto out_release',\n and the nlink of whiteout inode is 0)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9e0a1fff8db56eaaebb74b4a3ef65f86811c4798",
"version_value": "8b3c7be16f3f4dfd6e15ac651484e59d3fa36274"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8b3c7be16f3f4dfd6e15ac651484e59d3fa36274",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b3c7be16f3f4dfd6e15ac651484e59d3fa36274"
},
{
"url": "https://git.kernel.org/stable/c/2b3236ecf96db7af5836e1366ce39ace8ce832fa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b3236ecf96db7af5836e1366ce39ace8ce832fa"
},
{
"url": "https://git.kernel.org/stable/c/14276d38c89a170363e90b6ac0a53c3cf61b87fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/14276d38c89a170363e90b6ac0a53c3cf61b87fc"
},
{
"url": "https://git.kernel.org/stable/c/a90e2dbe66d2647ff95a0442ad2e86482d977fd8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a90e2dbe66d2647ff95a0442ad2e86482d977fd8"
},
{
"url": "https://git.kernel.org/stable/c/2ad07009c459e56ebdcc089d850d664660fdb742",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ad07009c459e56ebdcc089d850d664660fdb742"
},
{
"url": "https://git.kernel.org/stable/c/b9a937f096e608b3368c1abc920d4d640ba2c94f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b9a937f096e608b3368c1abc920d4d640ba2c94f"
},
{
"url": "https://git.kernel.org/stable/c/6d7a158a7363c1f6604aa47ae1a280a5c65123dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6d7a158a7363c1f6604aa47ae1a280a5c65123dd"
},
{
"url": "https://git.kernel.org/stable/c/40a8f0d5e7b3999f096570edab71c345da812e3e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40a8f0d5e7b3999f096570edab71c345da812e3e"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

114
2021/47xxx/CVE-2021-47639.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47639",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU\n\nZap both valid and invalid roots when zapping/unmapping a gfn range, as\nKVM must ensure it holds no references to the freed page after returning\nfrom the unmap operation. Most notably, the TDP MMU doesn't zap invalid\nroots in mmu_notifier callbacks. This leads to use-after-free and other\nissues if the mmu_notifier runs to completion while an invalid root\nzapper yields as KVM fails to honor the requirement that there must be\n_no_ references to the page after the mmu_notifier returns.\n\nThe bug is most easily reproduced by hacking KVM to cause a collision\nbetween set_nx_huge_pages() and kvm_mmu_notifier_release(), but the bug\nexists between kvm_mmu_notifier_invalidate_range_start() and memslot\nupdates as well. Invalidating a root ensures pages aren't accessible by\nthe guest, and KVM won't read or write page data itself, but KVM will\ntrigger e.g. kvm_set_pfn_dirty() when zapping SPTEs, and thus completing\na zap of an invalid root _after_ the mmu_notifier returns is fatal.\n\n WARNING: CPU: 24 PID: 1496 at arch/x86/kvm/../../../virt/kvm/kvm_main.c:173 [kvm]\n RIP: 0010:kvm_is_zone_device_pfn+0x96/0xa0 [kvm]\n Call Trace:\n <TASK>\n kvm_set_pfn_dirty+0xa8/0xe0 [kvm]\n __handle_changed_spte+0x2ab/0x5e0 [kvm]\n __handle_changed_spte+0x2ab/0x5e0 [kvm]\n __handle_changed_spte+0x2ab/0x5e0 [kvm]\n zap_gfn_range+0x1f3/0x310 [kvm]\n kvm_tdp_mmu_zap_invalidated_roots+0x50/0x90 [kvm]\n kvm_mmu_zap_all_fast+0x177/0x1a0 [kvm]\n set_nx_huge_pages+0xb4/0x190 [kvm]\n param_attr_store+0x70/0x100\n module_attr_store+0x19/0x30\n kernfs_fop_write_iter+0x119/0x1b0\n new_sync_write+0x11c/0x1b0\n vfs_write+0x1cc/0x270\n ksys_write+0x5f/0xe0\n do_syscall_64+0x38/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b7cccd397f310739fb85383033e95580f99927e0",
"version_value": "af47248407c0c5ae52a752af1ab5ce5b0db91502"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/af47248407c0c5ae52a752af1ab5ce5b0db91502",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/af47248407c0c5ae52a752af1ab5ce5b0db91502"
},
{
"url": "https://git.kernel.org/stable/c/0c8a8da182d4333d9bbb9131d765145568c847b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c8a8da182d4333d9bbb9131d765145568c847b2"
},
{
"url": "https://git.kernel.org/stable/c/8cf6f98ab1d16d5e607635a0c21c4231eb15367e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8cf6f98ab1d16d5e607635a0c21c4231eb15367e"
},
{
"url": "https://git.kernel.org/stable/c/d62007edf01f5c11f75d0f4b1e538fc52a5b1982",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d62007edf01f5c11f75d0f4b1e538fc52a5b1982"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

136
2021/47xxx/CVE-2021-47640.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47640",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kasan: Fix early region not updated correctly\n\nThe shadow's page table is not updated when PTE_RPN_SHIFT is 24\nand PAGE_SHIFT is 12. It not only causes false positives but\nalso false negative as shown the following text.\n\nFix it by bringing the logic of kasan_early_shadow_page_entry here.\n\n1. False Positive:\n==================================================================\nBUG: KASAN: vmalloc-out-of-bounds in pcpu_alloc+0x508/0xa50\nWrite of size 16 at addr f57f3be0 by task swapper/0/1\n\nCPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.0-12267-gdebe436e77c7 #1\nCall Trace:\n[c80d1c20] [c07fe7b8] dump_stack_lvl+0x4c/0x6c (unreliable)\n[c80d1c40] [c02ff668] print_address_description.constprop.0+0x88/0x300\n[c80d1c70] [c02ff45c] kasan_report+0x1ec/0x200\n[c80d1cb0] [c0300b20] kasan_check_range+0x160/0x2f0\n[c80d1cc0] [c03018a4] memset+0x34/0x90\n[c80d1ce0] [c0280108] pcpu_alloc+0x508/0xa50\n[c80d1d40] [c02fd7bc] __kmem_cache_create+0xfc/0x570\n[c80d1d70] [c0283d64] kmem_cache_create_usercopy+0x274/0x3e0\n[c80d1db0] [c2036580] init_sd+0xc4/0x1d0\n[c80d1de0] [c00044a0] do_one_initcall+0xc0/0x33c\n[c80d1eb0] [c2001624] kernel_init_freeable+0x2c8/0x384\n[c80d1ef0] [c0004b14] kernel_init+0x24/0x170\n[c80d1f10] [c001b26c] ret_from_kernel_thread+0x5c/0x64\n\nMemory state around the buggy address:\n f57f3a80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f57f3b00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n>f57f3b80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f57f3c00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f57f3c80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n==================================================================\n\n2. False Negative (with KASAN tests):\n==================================================================\nBefore fix:\n ok 45 - kmalloc_double_kzfree\n # vmalloc_oob: EXPECTATION FAILED at lib/test_kasan.c:1039\n KASAN failure expected in \"((volatile char *)area)[3100]\", but none occurred\n not ok 46 - vmalloc_oob\n not ok 1 - kasan\n\n==================================================================\nAfter fix:\n ok 1 - kasan"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cbd18991e24fea2c31da3bb117c83e4a3538cd11",
"version_value": "7f19245c3647afea8c7c41f795506ef70f64b9f2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7f19245c3647afea8c7c41f795506ef70f64b9f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7f19245c3647afea8c7c41f795506ef70f64b9f2"
},
{
"url": "https://git.kernel.org/stable/c/f39a3309393a4a484532f6ba745c6acbcfe06115",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f39a3309393a4a484532f6ba745c6acbcfe06115"
},
{
"url": "https://git.kernel.org/stable/c/5a3d8f3192a409893c57808cc935e16484df1068",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5a3d8f3192a409893c57808cc935e16484df1068"
},
{
"url": "https://git.kernel.org/stable/c/de56beace6648065d404cd9835aa7d30e3df519d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/de56beace6648065d404cd9835aa7d30e3df519d"
},
{
"url": "https://git.kernel.org/stable/c/e3d157a4b4f4e0268c98be5b7013bf4b31234bb6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3d157a4b4f4e0268c98be5b7013bf4b31234bb6"
},
{
"url": "https://git.kernel.org/stable/c/dd75080aa8409ce10d50fb58981c6b59bf8707d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd75080aa8409ce10d50fb58981c6b59bf8707d3"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

159
2021/47xxx/CVE-2021-47641.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47641",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: cirrusfb: check pixclock to avoid divide by zero\n\nDo a sanity check on pixclock value to avoid divide by zero.\n\nIf the pixclock value is zero, the cirrusfb driver will round up\npixclock to get the derived frequency as close to maxclock as\npossible.\n\nSyzkaller reported a divide error in cirrusfb_check_pixclock.\n\ndivide error: 0000 [#1] SMP KASAN PTI\nCPU: 0 PID: 14938 Comm: cirrusfb_test Not tainted 5.15.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2\nRIP: 0010:cirrusfb_check_var+0x6f1/0x1260\n\nCall Trace:\n fb_set_var+0x398/0xf90\n do_fb_ioctl+0x4b8/0x6f0\n fb_ioctl+0xeb/0x130\n __x64_sys_ioctl+0x19d/0x220\n do_syscall_64+0x3a/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "c656d04247a2654ede5cead2ecbf83431dad5261"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c656d04247a2654ede5cead2ecbf83431dad5261",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c656d04247a2654ede5cead2ecbf83431dad5261"
},
{
"url": "https://git.kernel.org/stable/c/1d3fb46439ad4e8f0c5739eb33d1875ac9e0f135",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d3fb46439ad4e8f0c5739eb33d1875ac9e0f135"
},
{
"url": "https://git.kernel.org/stable/c/40b13e3d85744210db13457785646634e2d056bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40b13e3d85744210db13457785646634e2d056bd"
},
{
"url": "https://git.kernel.org/stable/c/53a2088a396cfa1da92690a1da289634cd73bf0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/53a2088a396cfa1da92690a1da289634cd73bf0d"
},
{
"url": "https://git.kernel.org/stable/c/8c7e2141fb89c620ab4e41512e262fbf25b8260d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8c7e2141fb89c620ab4e41512e262fbf25b8260d"
},
{
"url": "https://git.kernel.org/stable/c/6fe23ff94e7840097202e85c148688940b37c9b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6fe23ff94e7840097202e85c148688940b37c9b1"
},
{
"url": "https://git.kernel.org/stable/c/45800c42ef000f417270bcfc08630e42486fca99",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45800c42ef000f417270bcfc08630e42486fca99"
},
{
"url": "https://git.kernel.org/stable/c/e498b504f8c81b07efab9febf8503448de4dc9cf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e498b504f8c81b07efab9febf8503448de4dc9cf"
},
{
"url": "https://git.kernel.org/stable/c/5c6f402bdcf9e7239c6bc7087eda71ac99b31379",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5c6f402bdcf9e7239c6bc7087eda71ac99b31379"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

159
2021/47xxx/CVE-2021-47642.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47642",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow\n\nCoverity complains of a possible buffer overflow. However,\ngiven the 'static' scope of nvidia_setup_i2c_bus() it looks\nlike that can't happen after examiniing the call sites.\n\nCID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)\n1. fixed_size_dest: You might overrun the 48-character fixed-size string\n chan->adapter.name by copying name without checking the length.\n2. parameter_as_source: Note: This defect has an elevated risk because the\n source argument is a parameter of the current function.\n 89 strcpy(chan->adapter.name, name);\n\nFix this warning by using strscpy() which will silence the warning and\nprevent any future buffer overflows should the names used to identify the\nchannel become much longer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "47e5533adf118afaf06d25a3e2aaaab89371b1c5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/47e5533adf118afaf06d25a3e2aaaab89371b1c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/47e5533adf118afaf06d25a3e2aaaab89371b1c5"
},
{
"url": "https://git.kernel.org/stable/c/580e5d3815474b8349250c25c16416585a72c7fe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/580e5d3815474b8349250c25c16416585a72c7fe"
},
{
"url": "https://git.kernel.org/stable/c/72dd5c46a152136712a55bf026a9aa8c1b12b60d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/72dd5c46a152136712a55bf026a9aa8c1b12b60d"
},
{
"url": "https://git.kernel.org/stable/c/055cdd2e7b992921424d4daaa285ced787fb205f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/055cdd2e7b992921424d4daaa285ced787fb205f"
},
{
"url": "https://git.kernel.org/stable/c/08dff482012758935c185532b1ad7d584785a86e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/08dff482012758935c185532b1ad7d584785a86e"
},
{
"url": "https://git.kernel.org/stable/c/9ff2f7294ab0f011cd4d1b7dcd9a07d8fdf72834",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ff2f7294ab0f011cd4d1b7dcd9a07d8fdf72834"
},
{
"url": "https://git.kernel.org/stable/c/6a5226e544ac043bb2d8dc1bfe8920d02282f7cd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6a5226e544ac043bb2d8dc1bfe8920d02282f7cd"
},
{
"url": "https://git.kernel.org/stable/c/41baa86b6c802cdc6ab8ff2d46c083c9be93de81",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41baa86b6c802cdc6ab8ff2d46c083c9be93de81"
},
{
"url": "https://git.kernel.org/stable/c/37a1a2e6eeeb101285cd34e12e48a881524701aa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/37a1a2e6eeeb101285cd34e12e48a881524701aa"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

115
2021/47xxx/CVE-2021-47643.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ir_toy: free before error exiting\n\nFix leak in error path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "99e3f83539cac6884a4df02cb204a57a184ea12b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/99e3f83539cac6884a4df02cb204a57a184ea12b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/99e3f83539cac6884a4df02cb204a57a184ea12b"
},
{
"url": "https://git.kernel.org/stable/c/2011363c196846c083649c91ed30aeef64358d52",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2011363c196846c083649c91ed30aeef64358d52"
},
{
"url": "https://git.kernel.org/stable/c/382e0f6958ef34eb093127b6d74c12f3b8fd0904",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/382e0f6958ef34eb093127b6d74c12f3b8fd0904"
},
{
"url": "https://git.kernel.org/stable/c/93ef3fdf3b6633c58f049e5a6be755777dde4340",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93ef3fdf3b6633c58f049e5a6be755777dde4340"
},
{
"url": "https://git.kernel.org/stable/c/52cdb013036391d9d87aba5b4fc49cdfc6ea4b23",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/52cdb013036391d9d87aba5b4fc49cdfc6ea4b23"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2021/47xxx/CVE-2021-47644.json Normal file
View File

@ -0,0 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47644",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: staging: media: zoran: move videodev alloc\n\nMove some code out of zr36057_init() and create new functions for handling\nzr->video_dev. This permit to ease code reading and fix a zr->video_dev\nmemory leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "bd01629315ffd5b63da91d0bd529a77d30e55028"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bd01629315ffd5b63da91d0bd529a77d30e55028",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bd01629315ffd5b63da91d0bd529a77d30e55028"
},
{
"url": "https://git.kernel.org/stable/c/ff3357bffd9fb78f59762d8955afc7382a279079",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ff3357bffd9fb78f59762d8955afc7382a279079"
},
{
"url": "https://git.kernel.org/stable/c/c1ba65100a359fe28cfe37e09e10c99f247cbf1e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c1ba65100a359fe28cfe37e09e10c99f247cbf1e"
},
{
"url": "https://git.kernel.org/stable/c/1e501ec38796f43e995731d1bcd4173cb1ccfce0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1e501ec38796f43e995731d1bcd4173cb1ccfce0"
},
{
"url": "https://git.kernel.org/stable/c/82e3a496eb56da0b9f29fdc5b63cedb3289e91de",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/82e3a496eb56da0b9f29fdc5b63cedb3289e91de"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2021/47xxx/CVE-2021-47645.json Normal file
View File

@ -0,0 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47645",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com\n\nOn the case tmp_dcim=1, the index of buffer is miscalculated.\nThis generate a NULL pointer dereference later.\n\nSo let's fix the calcul and add a check to prevent this to reappear."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "bafec1a6ba4b187a7fcdcfce0faebdc623d4ef8e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bafec1a6ba4b187a7fcdcfce0faebdc623d4ef8e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bafec1a6ba4b187a7fcdcfce0faebdc623d4ef8e"
},
{
"url": "https://git.kernel.org/stable/c/7e76f3ed7ab2ae026c6ef9cc23096a7554af8c52",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7e76f3ed7ab2ae026c6ef9cc23096a7554af8c52"
},
{
"url": "https://git.kernel.org/stable/c/20db2ed1e2f9fcd417fa67853e5154f0c2537d6c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20db2ed1e2f9fcd417fa67853e5154f0c2537d6c"
},
{
"url": "https://git.kernel.org/stable/c/20811bbe685ca3eddd34b0c750860427d7030910",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20811bbe685ca3eddd34b0c750860427d7030910"
},
{
"url": "https://git.kernel.org/stable/c/e3b86f4e558cea9eed71d894df2f19b10d60a207",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3b86f4e558cea9eed71d894df2f19b10d60a207"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

147
2021/47xxx/CVE-2021-47646.json Normal file
View File

@ -0,0 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47646",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"Revert \"block, bfq: honor already-setup queue merges\"\"\n\nA crash [1] happened to be triggered in conjunction with commit\n2d52c58b9c9b (\"block, bfq: honor already-setup queue merges\"). The\nlatter was then reverted by commit ebc69e897e17 (\"Revert \"block, bfq:\nhonor already-setup queue merges\"\"). Yet, the reverted commit was not\nthe one introducing the bug. In fact, it actually triggered a UAF\nintroduced by a different commit, and now fixed by commit d29bd41428cf\n(\"block, bfq: reset last_bfqq_created on group change\").\n\nSo, there is no point in keeping commit 2d52c58b9c9b (\"block, bfq:\nhonor already-setup queue merges\") out. This commit restores it.\n\n[1] https://bugzilla.kernel.org/show_bug.cgi?id=214503"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "f990f0985eda59d4f29fc83fcf300c92b1225d39"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f990f0985eda59d4f29fc83fcf300c92b1225d39",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f990f0985eda59d4f29fc83fcf300c92b1225d39"
},
{
"url": "https://git.kernel.org/stable/c/931aff627469a75c77b9fd3823146d0575afffd6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/931aff627469a75c77b9fd3823146d0575afffd6"
},
{
"url": "https://git.kernel.org/stable/c/cc051f497eac9d8a0d816cd4bffa3415f2724871",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc051f497eac9d8a0d816cd4bffa3415f2724871"
},
{
"url": "https://git.kernel.org/stable/c/65d8a737452e88f251fe5d925371de6d606df613",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65d8a737452e88f251fe5d925371de6d606df613"
},
{
"url": "https://git.kernel.org/stable/c/abc2129e646af7b43025d90a071f83043f1ae76c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abc2129e646af7b43025d90a071f83043f1ae76c"
},
{
"url": "https://git.kernel.org/stable/c/4083925bd6dc89216d156474a8076feec904e607",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4083925bd6dc89216d156474a8076feec904e607"
},
{
"url": "https://git.kernel.org/stable/c/15729ff8143f8135b03988a100a19e66d7cb7ecd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/15729ff8143f8135b03988a100a19e66d7cb7ecd"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

135
2021/47xxx/CVE-2021-47647.json Normal file
View File

@ -0,0 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47647",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: ipq8074: fix PCI-E clock oops\n\nFix PCI-E clock related kernel oops that are caused by a missing clock\nparent.\n\npcie0_rchng_clk_src has num_parents set to 2 but only one parent is\nactually set via parent_hws, it should also have \"XO\" defined.\nThis will cause the kernel to panic on a NULL pointer in\nclk_core_get_parent_by_index().\n\nSo, to fix this utilize clk_parent_data to provide gcc_xo_gpll0 parent\ndata.\nSince there is already an existing static const char * const gcc_xo_gpll0[]\nused to provide the same parents via parent_names convert those users to\nclk_parent_data as well.\n\nWithout this earlycon is needed to even catch the OOPS as it will reset\nthe board before serial is initialized with the following:\n\n[ 0.232279] Unable to handle kernel paging request at virtual address 0000a00000000000\n[ 0.232322] Mem abort info:\n[ 0.239094] ESR = 0x96000004\n[ 0.241778] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 0.244908] SET = 0, FnV = 0\n[ 0.250377] EA = 0, S1PTW = 0\n[ 0.253236] FSC = 0x04: level 0 translation fault\n[ 0.256277] Data abort info:\n[ 0.261141] ISV = 0, ISS = 0x00000004\n[ 0.264262] CM = 0, WnR = 0\n[ 0.267820] [0000a00000000000] address between user and kernel address ranges\n[ 0.270954] Internal error: Oops: 96000004 [#1] SMP\n[ 0.278067] Modules linked in:\n[ 0.282751] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.10 #0\n[ 0.285882] Hardware name: Xiaomi AX3600 (DT)\n[ 0.292043] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 0.296299] pc : clk_core_get_parent_by_index+0x68/0xec\n[ 0.303067] lr : __clk_register+0x1d8/0x820\n[ 0.308273] sp : ffffffc01111b7d0\n[ 0.312438] x29: ffffffc01111b7d0 x28: 0000000000000000 x27: 0000000000000040\n[ 0.315919] x26: 0000000000000002 x25: 0000000000000000 x24: ffffff8000308800\n[ 0.323037] x23: ffffff8000308850 x22: ffffff8000308880 x21: ffffff8000308828\n[ 0.330155] x20: 0000000000000028 x19: ffffff8000309700 x18: 0000000000000020\n[ 0.337272] x17: 000000005cc86990 x16: 0000000000000004 x15: ffffff80001d9d0a\n[ 0.344391] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000006\n[ 0.351508] x11: 0000000000000003 x10: 0101010101010101 x9 : 0000000000000000\n[ 0.358626] x8 : 7f7f7f7f7f7f7f7f x7 : 6468626f5e626266 x6 : 17000a3a403c1b06\n[ 0.365744] x5 : 061b3c403a0a0017 x4 : 0000000000000000 x3 : 0000000000000001\n[ 0.372863] x2 : 0000a00000000000 x1 : 0000000000000001 x0 : ffffff8000309700\n[ 0.379982] Call trace:\n[ 0.387091] clk_core_get_parent_by_index+0x68/0xec\n[ 0.389351] __clk_register+0x1d8/0x820\n[ 0.394210] devm_clk_hw_register+0x5c/0xe0\n[ 0.398030] devm_clk_register_regmap+0x44/0x8c\n[ 0.402198] qcom_cc_really_probe+0x17c/0x1d0\n[ 0.406711] qcom_cc_probe+0x34/0x44\n[ 0.411224] gcc_ipq8074_probe+0x18/0x30\n[ 0.414869] platform_probe+0x68/0xe0\n[ 0.418776] really_probe.part.0+0x9c/0x30c\n[ 0.422336] __driver_probe_device+0x98/0x144\n[ 0.426329] driver_probe_device+0x44/0x11c\n[ 0.430842] __device_attach_driver+0xb4/0x120\n[ 0.434836] bus_for_each_drv+0x68/0xb0\n[ 0.439349] __device_attach+0xb0/0x170\n[ 0.443081] device_initial_probe+0x14/0x20\n[ 0.446901] bus_probe_device+0x9c/0xa4\n[ 0.451067] device_add+0x35c/0x834\n[ 0.454886] of_device_add+0x54/0x64\n[ 0.458360] of_platform_device_create_pdata+0xc0/0x100\n[ 0.462181] of_platform_bus_create+0x114/0x370\n[ 0.467128] of_platform_bus_create+0x15c/0x370\n[ 0.471641] of_platform_populate+0x50/0xcc\n[ 0.476155] of_platform_default_populate_init+0xa8/0xc8\n[ 0.480324] do_one_initcall+0x50/0x1b0\n[ 0.485877] kernel_init_freeable+0x234/0x29c\n[ 0.489436] kernel_init+0x24/0x120\n[ 0.493948] ret_from_fork+0x10/0x20\n[ 0.497253] Code: d50323bf d65f03c0 f94002a2 b4000302 (f9400042)\n[ 0.501079] ---[ end trace 4ca7e1129da2abce ]---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f0cfcf1ade201dcfd3365f231efc90e846fa46df",
"version_value": "8b89c9e68a01a19a1dd689a42aa65d545e931899"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8b89c9e68a01a19a1dd689a42aa65d545e931899",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b89c9e68a01a19a1dd689a42aa65d545e931899"
},
{
"url": "https://git.kernel.org/stable/c/41e360fa73a4c2f5b78f5ded78a5375b08c206a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41e360fa73a4c2f5b78f5ded78a5375b08c206a5"
},
{
"url": "https://git.kernel.org/stable/c/d02b3d4a8c525068bc5cfb4341e0023d8eb82ace",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d02b3d4a8c525068bc5cfb4341e0023d8eb82ace"
},
{
"url": "https://git.kernel.org/stable/c/5a5576ad405c3c89fc9afb245c4dcc3e412b0aa9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5a5576ad405c3c89fc9afb245c4dcc3e412b0aa9"
},
{
"url": "https://git.kernel.org/stable/c/bf8f5182b8f59309809b41c1d1730ed9ca6134b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bf8f5182b8f59309809b41c1d1730ed9ca6134b1"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

135
2021/47xxx/CVE-2021-47648.json Normal file
View File

@ -0,0 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47648",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpu: host1x: Fix a memory leak in 'host1x_remove()'\n\nAdd a missing 'host1x_channel_list_free()' call in the remove function,\nas already done in the error handling path of the probe function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8474b02531c4881a762c52ef869c52429e38633f",
"version_value": "6bb107332db28a0e9256c2d36a0902b85307612c"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.13",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6bb107332db28a0e9256c2d36a0902b85307612c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6bb107332db28a0e9256c2d36a0902b85307612c"
},
{
"url": "https://git.kernel.org/stable/c/c06577a80485511b894cb688e881ef0bc2d1d296",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c06577a80485511b894cb688e881ef0bc2d1d296"
},
{
"url": "https://git.kernel.org/stable/c/5124a344983e1b9670dae7add0e4d00d589aabcd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5124a344983e1b9670dae7add0e4d00d589aabcd"
},
{
"url": "https://git.kernel.org/stable/c/fe1ce680560d4f0049ffa0c687de17567421c1ec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fe1ce680560d4f0049ffa0c687de17567421c1ec"
},
{
"url": "https://git.kernel.org/stable/c/025c6643a81564f066d8381b9e2f4603e0f8438f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/025c6643a81564f066d8381b9e2f4603e0f8438f"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

146
2021/47xxx/CVE-2021-47649.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47649",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: validate ubuf->pagecount\n\nSyzbot has reported GPF in sg_alloc_append_table_from_pages(). The\nproblem was in ubuf->pages == ZERO_PTR.\n\nubuf->pagecount is calculated from arguments passed from user-space. If\nuser creates udmabuf with list.size == 0 then ubuf->pagecount will be\nalso equal to zero; it causes kmalloc_array() to return ZERO_PTR.\n\nFix it by validating ubuf->pagecount before passing it to\nkmalloc_array()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fbb0de795078190a9834b3409e4b009cfb18a6d4",
"version_value": "5d50f851dd307c07ca5591297093f19967c834a9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5d50f851dd307c07ca5591297093f19967c834a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d50f851dd307c07ca5591297093f19967c834a9"
},
{
"url": "https://git.kernel.org/stable/c/b267a8118c2b171bf7d67b90ed64154eeab9fae0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b267a8118c2b171bf7d67b90ed64154eeab9fae0"
},
{
"url": "https://git.kernel.org/stable/c/811b667cefbea9cb7511a874b169d6a92907137e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/811b667cefbea9cb7511a874b169d6a92907137e"
},
{
"url": "https://git.kernel.org/stable/c/a3728d32fc61eb0fe283cb8ff60b2c8f751e2202",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a3728d32fc61eb0fe283cb8ff60b2c8f751e2202"
},
{
"url": "https://git.kernel.org/stable/c/9e9b4a269f84d3230f2af84ff42322db676440d9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9e9b4a269f84d3230f2af84ff42322db676440d9"
},
{
"url": "https://git.kernel.org/stable/c/2b6dd600dd72573c23ea180b5b0b2f1813405882",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b6dd600dd72573c23ea180b5b0b2f1813405882"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

146
2021/47xxx/CVE-2021-47650.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47650",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-compress: prevent the potentially use of null pointer\n\nThere is one call trace that snd_soc_register_card()\n->snd_soc_bind_card()->soc_init_pcm_runtime()\n->snd_soc_dai_compress_new()->snd_soc_new_compress().\nIn the trace the 'codec_dai' transfers from card->dai_link,\nand we can see from the snd_soc_add_pcm_runtime() in\nsnd_soc_bind_card() that, if value of card->dai_link->num_codecs\nis 0, then 'codec_dai' could be null pointer caused\nby index out of bound in 'asoc_rtd_to_codec(rtd, 0)'.\nAnd snd_soc_register_card() is called by various platforms.\nTherefore, it is better to add the check in the case of misusing.\nAnd because 'cpu_dai' has already checked in soc_init_pcm_runtime(),\nthere is no need to check again.\nAdding the check as follow, then if 'codec_dai' is null,\nsnd_soc_new_compress() will not pass through the check\n'if (playback + capture != 1)', avoiding the leftover use of\n'codec_dai'."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "467fece8fbc6774a3a3bd0981e1a342fb5022706",
"version_value": "68a69ad8df959e5211ed4a8e120783b2d352ea74"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/68a69ad8df959e5211ed4a8e120783b2d352ea74",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/68a69ad8df959e5211ed4a8e120783b2d352ea74"
},
{
"url": "https://git.kernel.org/stable/c/4639c1d97f385f4784f44d66a3da0672f4951ada",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4639c1d97f385f4784f44d66a3da0672f4951ada"
},
{
"url": "https://git.kernel.org/stable/c/fc237b8d624f4bcb0f21a532627ce4e3b3a85569",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fc237b8d624f4bcb0f21a532627ce4e3b3a85569"
},
{
"url": "https://git.kernel.org/stable/c/08af6da684b44097ea09f1d74d5858b837ed203b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/08af6da684b44097ea09f1d74d5858b837ed203b"
},
{
"url": "https://git.kernel.org/stable/c/f69a75cb8a98c6c487d620442c68595726a69f60",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f69a75cb8a98c6c487d620442c68595726a69f60"
},
{
"url": "https://git.kernel.org/stable/c/de2c6f98817fa5decb9b7d3b3a8a3ab864c10588",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/de2c6f98817fa5decb9b7d3b3a8a3ab864c10588"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

146
2021/47xxx/CVE-2021-47651.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47651",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: rpmpd: Check for null return of devm_kcalloc\n\nBecause of the possible failure of the allocation, data->domains might\nbe NULL pointer and will cause the dereference of the NULL pointer\nlater.\nTherefore, it might be better to check it and directly return -ENOMEM\nwithout releasing data manually if fails, because the comment of the\ndevm_kmalloc() says \"Memory allocated with this function is\nautomatically freed on driver detach.\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bbe3a66c3f5a65fb3d702351bac2a6033944d389",
"version_value": "755dbc3d73789ac9f0017c729abf5e4b153bf799"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/755dbc3d73789ac9f0017c729abf5e4b153bf799",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/755dbc3d73789ac9f0017c729abf5e4b153bf799"
},
{
"url": "https://git.kernel.org/stable/c/b5d6eba71997b6d661935d2b15094ac7f9f6132d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5d6eba71997b6d661935d2b15094ac7f9f6132d"
},
{
"url": "https://git.kernel.org/stable/c/724376c30af5a57686b223dbcd6188e07d2a1de2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/724376c30af5a57686b223dbcd6188e07d2a1de2"
},
{
"url": "https://git.kernel.org/stable/c/84b89fa877ad576e9ee8130f412cfd592f274508",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/84b89fa877ad576e9ee8130f412cfd592f274508"
},
{
"url": "https://git.kernel.org/stable/c/31b5124d742969ea8bf7a1360596f548ca23e770",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31b5124d742969ea8bf7a1360596f548ca23e770"
},
{
"url": "https://git.kernel.org/stable/c/5a811126d38f9767a20cc271b34db7c8efc5a46c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5a811126d38f9767a20cc271b34db7c8efc5a46c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

179
2021/47xxx/CVE-2021-47652.json Normal file
View File

@ -0,0 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47652",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()\n\nI got a null-ptr-deref report:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:fb_destroy_modelist+0x38/0x100\n...\nCall Trace:\n ufx_usb_probe.cold+0x2b5/0xac1 [smscufx]\n usb_probe_interface+0x1aa/0x3c0 [usbcore]\n really_probe+0x167/0x460\n...\n ret_from_fork+0x1f/0x30\n\nIf fb_alloc_cmap() fails in ufx_usb_probe(), fb_destroy_modelist() will\nbe called to destroy modelist in the error handling path. But modelist\nhas not been initialized yet, so it will result in null-ptr-deref.\n\nInitialize modelist before calling fb_alloc_cmap() to fix this bug."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3c8a63e22a0802fd56380f6ab305b419f18eb6f5",
"version_value": "d1b6a1f0c23b7164250479bf92e2893291dca539"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d1b6a1f0c23b7164250479bf92e2893291dca539",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d1b6a1f0c23b7164250479bf92e2893291dca539"
},
{
"url": "https://git.kernel.org/stable/c/0fd28daec73525382e5c992db8743bf76e42cd5c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0fd28daec73525382e5c992db8743bf76e42cd5c"
},
{
"url": "https://git.kernel.org/stable/c/dd3a6cc7385b89ec2303f39dfc3bafa4e24cec4b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd3a6cc7385b89ec2303f39dfc3bafa4e24cec4b"
},
{
"url": "https://git.kernel.org/stable/c/da8b269cc0a2526ebeaccbe2484c999eb0f822cf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da8b269cc0a2526ebeaccbe2484c999eb0f822cf"
},
{
"url": "https://git.kernel.org/stable/c/64ec3e678d76419f207b9cdd338dda438ca10b1c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/64ec3e678d76419f207b9cdd338dda438ca10b1c"
},
{
"url": "https://git.kernel.org/stable/c/c420b540db4b5d69de0a36d8b9d9a6a79a04f05a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c420b540db4b5d69de0a36d8b9d9a6a79a04f05a"
},
{
"url": "https://git.kernel.org/stable/c/d396c651e2b508b6179bb678cc029f3becbf5170",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d396c651e2b508b6179bb678cc029f3becbf5170"
},
{
"url": "https://git.kernel.org/stable/c/9280ef235b05e8f19f8bc6d547b992f0a0ef398d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9280ef235b05e8f19f8bc6d547b992f0a0ef398d"
},
{
"url": "https://git.kernel.org/stable/c/1791f487f877a9e83d81c8677bd3e7b259e7cb27",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1791f487f877a9e83d81c8677bd3e7b259e7cb27"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

124
2021/47xxx/CVE-2021-47653.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47653",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: davinci: vpif: fix use-after-free on driver unbind\n\nThe driver allocates and registers two platform device structures during\nprobe, but the devices were never deregistered on driver unbind.\n\nThis results in a use-after-free on driver unbind as the device\nstructures were allocated using devres and would be freed by driver\ncore when remove() returns.\n\nFix this by adding the missing deregistration calls to the remove()\ncallback and failing probe on registration errors.\n\nNote that the platform device structures must be freed using a proper\nrelease callback to avoid leaking associated resources like device\nnames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "479f7a1181058689435baddc16a6a42e1a8ff0e8",
"version_value": "6512c3c39cb6b573b791ce45365818a38b76afbe"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.13",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.54",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6512c3c39cb6b573b791ce45365818a38b76afbe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6512c3c39cb6b573b791ce45365818a38b76afbe"
},
{
"url": "https://git.kernel.org/stable/c/b5a3bb7f6f164eb6ee74ef4898dcd019b2063448",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5a3bb7f6f164eb6ee74ef4898dcd019b2063448"
},
{
"url": "https://git.kernel.org/stable/c/9ffc602e14d7b9f7e7cb2f67e18dfef9ef8af676",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ffc602e14d7b9f7e7cb2f67e18dfef9ef8af676"
},
{
"url": "https://git.kernel.org/stable/c/43acb728bbc40169d2e2425e84a80068270974be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/43acb728bbc40169d2e2425e84a80068270974be"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

114
2021/47xxx/CVE-2021-47654.json Normal file
View File

@ -0,0 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47654",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsamples/landlock: Fix path_list memory leak\n\nClang static analysis reports this error\n\nsandboxer.c:134:8: warning: Potential leak of memory\n pointed to by 'path_list'\n ret = 0;\n ^\npath_list is allocated in parse_path() but never freed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "20fbf100f84b9aeb9c91421abe1927bc152bc32b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/20fbf100f84b9aeb9c91421abe1927bc152bc32b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20fbf100f84b9aeb9c91421abe1927bc152bc32b"
},
{
"url": "https://git.kernel.org/stable/c/49b0d8bf05809df5f87e5c03e26d74bdfdab4571",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/49b0d8bf05809df5f87e5c03e26d74bdfdab4571"
},
{
"url": "https://git.kernel.org/stable/c/017196730299ccd6eed24bbfabed8af4ffd81530",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/017196730299ccd6eed24bbfabed8af4ffd81530"
},
{
"url": "https://git.kernel.org/stable/c/66b513b7c64a7290c1fbb88e657f7cece992e131",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66b513b7c64a7290c1fbb88e657f7cece992e131"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

123
2021/47xxx/CVE-2021-47655.json Normal file
View File

@ -0,0 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47655",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: vdec: fixed possible memory leak issue\n\nThe venus_helper_alloc_dpb_bufs() implementation allows an early return\non an error path when checking the id from ida_alloc_min() which would\nnot release the earlier buffer allocation.\n\nMove the direct kfree() from the error checking of dma_alloc_attrs() to\nthe common fail path to ensure that allocations are released on all\nerror paths in this function.\n\nAddresses-Coverity: 1494120 (\"Resource leak\")"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "745e6d8bbe6a6e2e40b1609cea114c129f17031a",
"version_value": "5cedfe8aaf1875a5305897107b7f298db4260019"
},
{
"version_affected": "<",
"version_name": "40d87aafee29fb01ce1e1868502fb2059a6a7f34",
"version_value": "55bccafc246b2e64763a155ec454470c07a54a6e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5cedfe8aaf1875a5305897107b7f298db4260019",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5cedfe8aaf1875a5305897107b7f298db4260019"
},
{
"url": "https://git.kernel.org/stable/c/55bccafc246b2e64763a155ec454470c07a54a6e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55bccafc246b2e64763a155ec454470c07a54a6e"
},
{
"url": "https://git.kernel.org/stable/c/5f89d05ba93df9c2cdfe493843f93288e55e99eb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f89d05ba93df9c2cdfe493843f93288e55e99eb"
},
{
"url": "https://git.kernel.org/stable/c/8403fdd775858a7bf04868d43daea0acbe49ddfc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8403fdd775858a7bf04868d43daea0acbe49ddfc"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

179
2021/47xxx/CVE-2021-47656.json Normal file
View File

@ -0,0 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47656",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: fix use-after-free in jffs2_clear_xattr_subsystem\n\nWhen we mount a jffs2 image, assume that the first few blocks of\nthe image are normal and contain at least one xattr-related inode,\nbut the next block is abnormal. As a result, an error is returned\nin jffs2_scan_eraseblock(). jffs2_clear_xattr_subsystem() is then\ncalled in jffs2_build_filesystem() and then again in\njffs2_do_fill_super().\n\nFinally we can observe the following report:\n ==================================================================\n BUG: KASAN: use-after-free in jffs2_clear_xattr_subsystem+0x95/0x6ac\n Read of size 8 at addr ffff8881243384e0 by task mount/719\n\n Call Trace:\n dump_stack+0x115/0x16b\n jffs2_clear_xattr_subsystem+0x95/0x6ac\n jffs2_do_fill_super+0x84f/0xc30\n jffs2_fill_super+0x2ea/0x4c0\n mtd_get_sb+0x254/0x400\n mtd_get_sb_by_nr+0x4f/0xd0\n get_tree_mtd+0x498/0x840\n jffs2_get_tree+0x25/0x30\n vfs_get_tree+0x8d/0x2e0\n path_mount+0x50f/0x1e50\n do_mount+0x107/0x130\n __se_sys_mount+0x1c5/0x2f0\n __x64_sys_mount+0xc7/0x160\n do_syscall_64+0x45/0x70\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\n Allocated by task 719:\n kasan_save_stack+0x23/0x60\n __kasan_kmalloc.constprop.0+0x10b/0x120\n kasan_slab_alloc+0x12/0x20\n kmem_cache_alloc+0x1c0/0x870\n jffs2_alloc_xattr_ref+0x2f/0xa0\n jffs2_scan_medium.cold+0x3713/0x4794\n jffs2_do_mount_fs.cold+0xa7/0x2253\n jffs2_do_fill_super+0x383/0xc30\n jffs2_fill_super+0x2ea/0x4c0\n [...]\n\n Freed by task 719:\n kmem_cache_free+0xcc/0x7b0\n jffs2_free_xattr_ref+0x78/0x98\n jffs2_clear_xattr_subsystem+0xa1/0x6ac\n jffs2_do_mount_fs.cold+0x5e6/0x2253\n jffs2_do_fill_super+0x383/0xc30\n jffs2_fill_super+0x2ea/0x4c0\n [...]\n\n The buggy address belongs to the object at ffff8881243384b8\n which belongs to the cache jffs2_xattr_ref of size 48\n The buggy address is located 40 bytes inside of\n 48-byte region [ffff8881243384b8, ffff8881243384e8)\n [...]\n ==================================================================\n\nThe triggering of the BUG is shown in the following stack:\n-----------------------------------------------------------\njffs2_fill_super\n jffs2_do_fill_super\n jffs2_do_mount_fs\n jffs2_build_filesystem\n jffs2_scan_medium\n jffs2_scan_eraseblock <--- ERROR\n jffs2_clear_xattr_subsystem <--- free\n jffs2_clear_xattr_subsystem <--- free again\n-----------------------------------------------------------\n\nAn error is returned in jffs2_do_mount_fs(). If the error is returned\nby jffs2_sum_init(), the jffs2_clear_xattr_subsystem() does not need to\nbe executed. If the error is returned by jffs2_build_filesystem(), the\njffs2_clear_xattr_subsystem() also does not need to be executed again.\nSo move jffs2_clear_xattr_subsystem() from 'out_inohash' to 'out_root'\nto fix this UAF problem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "aa98d7cf59b5b0764d3502662053489585faf2fe",
"version_value": "9150cb625b46f68d524f4cfd491f1aafc23e10a9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.238",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.189",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.110",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.33",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.19",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.2",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9150cb625b46f68d524f4cfd491f1aafc23e10a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9150cb625b46f68d524f4cfd491f1aafc23e10a9"
},
{
"url": "https://git.kernel.org/stable/c/3bd2454162ec6bbb5503233c804fce6e4b6dcec5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3bd2454162ec6bbb5503233c804fce6e4b6dcec5"
},
{
"url": "https://git.kernel.org/stable/c/c3b07c875fa8f906f932976460fd14798596f101",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3b07c875fa8f906f932976460fd14798596f101"
},
{
"url": "https://git.kernel.org/stable/c/30bf7244acf32f19cb722c39f7bc1c2a9f300422",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/30bf7244acf32f19cb722c39f7bc1c2a9f300422"
},
{
"url": "https://git.kernel.org/stable/c/7bb7428dd73991bf4b3a7a61b493ca50046c2b13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7bb7428dd73991bf4b3a7a61b493ca50046c2b13"
},
{
"url": "https://git.kernel.org/stable/c/7a75740206af5f17e9f3efa384211cba70213da1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a75740206af5f17e9f3efa384211cba70213da1"
},
{
"url": "https://git.kernel.org/stable/c/22327bd7988f21de3a53c1373f3b81542bfe1f44",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/22327bd7988f21de3a53c1373f3b81542bfe1f44"
},
{
"url": "https://git.kernel.org/stable/c/8c0f024f29e055840a5a89fe23b96ae3f921afed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8c0f024f29e055840a5a89fe23b96ae3f921afed"
},
{
"url": "https://git.kernel.org/stable/c/4c7c44ee1650677fbe89d86edbad9497b7679b5c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4c7c44ee1650677fbe89d86edbad9497b7679b5c"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

124
2021/47xxx/CVE-2021-47657.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-47657",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free()\n\nIf virtio_gpu_object_shmem_init() fails (e.g. due to fault injection, as it\nhappened in the bug report by syzbot), virtio_gpu_array_put_free() could be\ncalled with objs equal to NULL.\n\nEnsure that objs is not NULL in virtio_gpu_array_put_free(), or otherwise\nreturn from the function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "377f8331d0565e6f71ba081c894029a92d0c7e77",
"version_value": "b094fece3810c71ceee6f0921676cb65d4e68c5a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.13",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.32",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16.18",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.1",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b094fece3810c71ceee6f0921676cb65d4e68c5a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b094fece3810c71ceee6f0921676cb65d4e68c5a"
},
{
"url": "https://git.kernel.org/stable/c/ac92b474eeeed75b8660374ba1d129a121c09da8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ac92b474eeeed75b8660374ba1d129a121c09da8"
},
{
"url": "https://git.kernel.org/stable/c/abc9ad36df16e27ac1c665085157f1a082d39bac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abc9ad36df16e27ac1c665085157f1a082d39bac"
},
{
"url": "https://git.kernel.org/stable/c/6b79f96f4a23846516e5e6e4dd37fc06f43a60dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6b79f96f4a23846516e5e6e4dd37fc06f43a60dd"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

18
2021/47xxx/CVE-2021-47658.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-47658",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

136
2022/49xxx/CVE-2022-49044.json Normal file
View File

@ -0,0 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49044",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm integrity: fix memory corruption when tag_size is less than digest size\n\nIt is possible to set up dm-integrity in such a way that the\n\"tag_size\" parameter is less than the actual digest size. In this\nsituation, a part of the digest beyond tag_size is ignored.\n\nIn this case, dm-integrity would write beyond the end of the\nic->recalc_tags array and corrupt memory. The corruption happened in\nintegrity_recalc->integrity_sector_checksum->crypto_shash_final.\n\nFix this corruption by increasing the tags array so that it has enough\npadding at the end to accomodate the loop in integrity_recalc() being\nable to write a full digest size for the last member of the tags\narray."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "6a95d91c0b315c965198f6ab7dec7c94129e17e0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.240",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.190",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.112",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6a95d91c0b315c965198f6ab7dec7c94129e17e0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6a95d91c0b315c965198f6ab7dec7c94129e17e0"
},
{
"url": "https://git.kernel.org/stable/c/7f84c937222944c03f4615ca4742df6bed0e5adf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7f84c937222944c03f4615ca4742df6bed0e5adf"
},
{
"url": "https://git.kernel.org/stable/c/cd02b2687d66f0a8e716384de4b9a0671331f1dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cd02b2687d66f0a8e716384de4b9a0671331f1dc"
},
{
"url": "https://git.kernel.org/stable/c/6b4bf97587ef6c1927a78934b700204920655123",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6b4bf97587ef6c1927a78934b700204920655123"
},
{
"url": "https://git.kernel.org/stable/c/4d485cf9b609709e45d5113e6e2b1b01254b2fe9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4d485cf9b609709e45d5113e6e2b1b01254b2fe9"
},
{
"url": "https://git.kernel.org/stable/c/08c1af8f1c13bbf210f1760132f4df24d0ed46d6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/08c1af8f1c13bbf210f1760132f4df24d0ed46d6"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

158
2022/49xxx/CVE-2022-49045.json Normal file
View File

@ -0,0 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49045",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Test for \"silence\" field in struct \"pcm_format_data\"\n\nSyzbot reports \"KASAN: null-ptr-deref Write in\nsnd_pcm_format_set_silence\".[1]\n\nIt is due to missing validation of the \"silence\" field of struct\n\"pcm_format_data\" in \"pcm_formats\" array.\n\nAdd a test for valid \"pat\" and, if it is not so, return -EINVAL.\n\n[1] https://lore.kernel.org/lkml/000000000000d188ef05dc2c7279@google.com/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "77af45df08768401602472f3e3879dce14f55497"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9.311",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.276",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.239",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.190",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.112",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/77af45df08768401602472f3e3879dce14f55497",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/77af45df08768401602472f3e3879dce14f55497"
},
{
"url": "https://git.kernel.org/stable/c/c3b2f23bfe5452b00eb1c842bc71098449e4ad9f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3b2f23bfe5452b00eb1c842bc71098449e4ad9f"
},
{
"url": "https://git.kernel.org/stable/c/eb04e3112a3516e483d60a9af9762961702a6c1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb04e3112a3516e483d60a9af9762961702a6c1b"
},
{
"url": "https://git.kernel.org/stable/c/377a80ca6590f40ec8a85227b889a5d399fe26c3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/377a80ca6590f40ec8a85227b889a5d399fe26c3"
},
{
"url": "https://git.kernel.org/stable/c/912797e54c99a98f0722f21313e13a3938bb6dba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/912797e54c99a98f0722f21313e13a3938bb6dba"
},
{
"url": "https://git.kernel.org/stable/c/63038f6e96a77a0abf8083649c53e6a72c1a0124",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/63038f6e96a77a0abf8083649c53e6a72c1a0124"
},
{
"url": "https://git.kernel.org/stable/c/97345c90235b1bb7661e7a428d9dcb96b1d7f5d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/97345c90235b1bb7661e7a428d9dcb96b1d7f5d4"
},
{
"url": "https://git.kernel.org/stable/c/2f7a26abb8241a0208c68d22815aa247c5ddacab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2f7a26abb8241a0208c68d22815aa247c5ddacab"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

113
2022/49xxx/CVE-2022-49046.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49046",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: dev: check return value when calling dev_set_name()\n\nIf dev_set_name() fails, the dev_name() is null, check the return\nvalue of dev_set_name() to avoid the null-ptr-deref."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1413ef638abae4ab5621901cf4d8ef08a4a48ba6",
"version_value": "2f345bb14ad4744950499ff222e2899209297afa"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2f345bb14ad4744950499ff222e2899209297afa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2f345bb14ad4744950499ff222e2899209297afa"
},
{
"url": "https://git.kernel.org/stable/c/c74d77a2d07744147d734138acd6ce9dba715e5d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c74d77a2d07744147d734138acd6ce9dba715e5d"
},
{
"url": "https://git.kernel.org/stable/c/993eb48fa199b5f476df8204e652eff63dd19361",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/993eb48fa199b5f476df8204e652eff63dd19361"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

102
2022/49xxx/CVE-2022-49047.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49047",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nep93xx: clock: Fix UAF in ep93xx_clk_register_gate()\n\narch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]\narch/arm/mach-ep93xx/clock.c:151:2: note: Taking true branch\nif (IS_ERR(clk))\n^\narch/arm/mach-ep93xx/clock.c:152:3: note: Memory is released\nkfree(psc);\n^~~~~~~~~~\narch/arm/mach-ep93xx/clock.c:154:2: note: Use of memory after it is freed\nreturn &psc->hw;\n^ ~~~~~~~~"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9645ccc7bd7a16cd73c3be9dee70cd702b03be37",
"version_value": "0f12166872da46c6b57ba2f1314bbf310b3bf017"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0f12166872da46c6b57ba2f1314bbf310b3bf017",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0f12166872da46c6b57ba2f1314bbf310b3bf017"
},
{
"url": "https://git.kernel.org/stable/c/3b68b08885217abd9c57ff9b3bb3eb173eee02a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b68b08885217abd9c57ff9b3bb3eb173eee02a9"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

161
2022/49xxx/CVE-2022-49048.json Normal file
View File

@ -0,0 +1,161 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49048",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix panic when forwarding a pkt with no in6 dev\n\nkongweibin reported a kernel panic in ip6_forward() when input interface\nhas no in6 dev associated.\n\nThe following tc commands were used to reproduce this panic:\ntc qdisc del dev vxlan100 root\ntc qdisc add dev vxlan100 root netem corrupt 5%"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bff0854e2f804f68d3e93d19e4580dbd69777e1d",
"version_value": "74b68f5249f16c5f7f675d0f604fa6ae20e3a151"
},
{
"version_affected": "<",
"version_name": "7f4848229e91d508102b30396b8a1b710ac23637",
"version_value": "ab2f5afb7af5c68389e8c7dd29e0a98fbeaaa435"
},
{
"version_affected": "<",
"version_name": "79ec7b5b2f4fe38e5c7459ed0bdff4ef3386ab63",
"version_value": "a263712ba8c9ded25dd9d2d5ced11bcea5b33a3e"
},
{
"version_affected": "<",
"version_name": "ccd27f05ae7b8ebc40af5b004e94517a919aa862",
"version_value": "adee01bbf6cb5b3e4ed08be8ff866aac90f13836"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.239",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.190",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.112",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/74b68f5249f16c5f7f675d0f604fa6ae20e3a151",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/74b68f5249f16c5f7f675d0f604fa6ae20e3a151"
},
{
"url": "https://git.kernel.org/stable/c/ab2f5afb7af5c68389e8c7dd29e0a98fbeaaa435",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ab2f5afb7af5c68389e8c7dd29e0a98fbeaaa435"
},
{
"url": "https://git.kernel.org/stable/c/a263712ba8c9ded25dd9d2d5ced11bcea5b33a3e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a263712ba8c9ded25dd9d2d5ced11bcea5b33a3e"
},
{
"url": "https://git.kernel.org/stable/c/adee01bbf6cb5b3e4ed08be8ff866aac90f13836",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/adee01bbf6cb5b3e4ed08be8ff866aac90f13836"
},
{
"url": "https://git.kernel.org/stable/c/e69fb3de87a8923e5931a272a38fa3cceb01da44",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e69fb3de87a8923e5931a272a38fa3cceb01da44"
},
{
"url": "https://git.kernel.org/stable/c/e3fa461d8b0e185b7da8a101fe94dfe6dd500ac0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3fa461d8b0e185b7da8a101fe94dfe6dd500ac0"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

103
2022/49xxx/CVE-2022-49049.json Normal file
View File

@ -0,0 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49049",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/secretmem: fix panic when growing a memfd_secret\n\nWhen one tries to grow an existing memfd_secret with ftruncate, one gets\na panic [1]. For example, doing the following reliably induces the\npanic:\n\n fd = memfd_secret();\n\n ftruncate(fd, 10);\n ptr = mmap(NULL, 10, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);\n strcpy(ptr, \"123456789\");\n\n munmap(ptr, 10);\n ftruncate(fd, 20);\n\nThe basic reason for this is, when we grow with ftruncate, we call down\ninto simple_setattr, and then truncate_inode_pages_range, and eventually\nwe try to zero part of the memory. The normal truncation code does this\nvia the direct map (i.e., it calls page_address() and hands that to\nmemset()).\n\nFor memfd_secret though, we specifically don't map our pages via the\ndirect map (i.e. we call set_direct_map_invalid_noflush() on every\nfault). So the address returned by page_address() isn't useful, and\nwhen we try to memset() with it we panic.\n\nThis patch avoids the panic by implementing a custom setattr for\nmemfd_secret, which detects resizes specifically (setting the size for\nthe first time works just fine, since there are no existing pages to try\nto zero), and rejects them with EINVAL.\n\nOne could argue growing should be supported, but I think that will\nrequire a significantly more lengthy change. So, I propose a minimal\nfix for the benefit of stable kernels, and then perhaps to extend\nmemfd_secret to support growing in a separate patch.\n\n[1]:\n\n BUG: unable to handle page fault for address: ffffa0a889277028\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD afa01067 P4D afa01067 PUD 83f909067 PMD 83f8bf067 PTE 800ffffef6d88060\n Oops: 0002 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI\n CPU: 0 PID: 281 Comm: repro Not tainted 5.17.0-dbg-DEV #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:memset_erms+0x9/0x10\n Code: c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 <f3> aa 4c 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01\n RSP: 0018:ffffb932c09afbf0 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffffda63c4249dc0 RCX: 0000000000000fd8\n RDX: 0000000000000fd8 RSI: 0000000000000000 RDI: ffffa0a889277028\n RBP: ffffb932c09afc00 R08: 0000000000001000 R09: ffffa0a889277028\n R10: 0000000000020023 R11: 0000000000000000 R12: ffffda63c4249dc0\n R13: ffffa0a890d70d98 R14: 0000000000000028 R15: 0000000000000fd8\n FS: 00007f7294899580(0000) GS:ffffa0af9bc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffa0a889277028 CR3: 0000000107ef6006 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? zero_user_segments+0x82/0x190\n truncate_inode_partial_folio+0xd4/0x2a0\n truncate_inode_pages_range+0x380/0x830\n truncate_setsize+0x63/0x80\n simple_setattr+0x37/0x60\n notify_change+0x3d8/0x4d0\n do_sys_ftruncate+0x162/0x1d0\n __x64_sys_ftruncate+0x1c/0x20\n do_syscall_64+0x44/0xa0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n Modules linked in: xhci_pci xhci_hcd virtio_net net_failover failover virtio_blk virtio_balloon uhci_hcd ohci_pci ohci_hcd evdev ehci_pci ehci_hcd 9pnet_virtio 9p netfs 9pnet\n CR2: ffffa0a889277028\n\n[lkp@intel.com: secretmem_iops can be static]\n Signed-off-by: kernel test robot <lkp@intel.com>\n[axelrasmussen@google.com: return EINVAL]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "b6d17c67885a5624e96eb30c4178c65eea8374bf"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b6d17c67885a5624e96eb30c4178c65eea8374bf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b6d17c67885a5624e96eb30c4178c65eea8374bf"
},
{
"url": "https://git.kernel.org/stable/c/9d3b877daf805fed29be8f61aa3d0ea37df82c7b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9d3b877daf805fed29be8f61aa3d0ea37df82c7b"
},
{
"url": "https://git.kernel.org/stable/c/f9b141f93659e09a52e28791ccbaf69c273b8e92",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f9b141f93659e09a52e28791ccbaf69c273b8e92"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

124
2022/49xxx/CVE-2022-49050.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49050",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: renesas-rpc-if: fix platform-device leak in error path\n\nMake sure to free the flash platform device in the event that\nregistration fails during probe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "ca7d8b980b67f133317525c4273e144116ee1ae5",
"version_value": "c089ffc846c85f200db34ad208338f4f81a6d82d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.112",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c089ffc846c85f200db34ad208338f4f81a6d82d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c089ffc846c85f200db34ad208338f4f81a6d82d"
},
{
"url": "https://git.kernel.org/stable/c/05d1824a7fb43ab9adb1eb82404954af81d8c984",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/05d1824a7fb43ab9adb1eb82404954af81d8c984"
},
{
"url": "https://git.kernel.org/stable/c/66b9b707ea4dcafca92b6261c6924652914e3b73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66b9b707ea4dcafca92b6261c6924652914e3b73"
},
{
"url": "https://git.kernel.org/stable/c/b452dbf24d7d9a990d70118462925f6ee287d135",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b452dbf24d7d9a990d70118462925f6ee287d135"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

125
2022/49xxx/CVE-2022-49051.json Normal file
View File

@ -0,0 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-49051",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: aqc111: Fix out-of-bounds accesses in RX fixup\n\naqc111_rx_fixup() contains several out-of-bounds accesses that can be\ntriggered by a malicious (or defective) USB device, in particular:\n\n - The metadata array (desc_offset..desc_offset+2*pkt_count) can be out of bounds,\n causing OOB reads and (on big-endian systems) OOB endianness flips.\n - A packet can overlap the metadata array, causing a later OOB\n endianness flip to corrupt data used by a cloned SKB that has already\n been handed off into the network stack.\n - A packet SKB can be constructed whose tail is far beyond its end,\n causing out-of-bounds heap data to be considered part of the SKB's\n data.\n\nFound doing variant analysis. Tested it with another driver (ax88179_178a), since\nI don't have a aqc111 device to test it, but the code looks very similar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "404998a137bcb8a926f7c949030afbe285472593"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.190",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.112",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.35",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.4",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/404998a137bcb8a926f7c949030afbe285472593",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/404998a137bcb8a926f7c949030afbe285472593"
},
{
"url": "https://git.kernel.org/stable/c/d90df6da50c56ad8b1a132e3cf86b6cdf8f507b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d90df6da50c56ad8b1a132e3cf86b6cdf8f507b7"
},
{
"url": "https://git.kernel.org/stable/c/b416898442f2b6aa9f1b2f2968ce07e3abaa05f7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b416898442f2b6aa9f1b2f2968ce07e3abaa05f7"
},
{
"url": "https://git.kernel.org/stable/c/36311fe98f55dea9200c69e2dd6d6ddb8fc94080",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36311fe98f55dea9200c69e2dd6d6ddb8fc94080"
},
{
"url": "https://git.kernel.org/stable/c/afb8e246527536848b9b4025b40e613edf776a9d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afb8e246527536848b9b4025b40e613edf776a9d"
}
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
}
}

18
2022/49xxx/CVE-2022-49052.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49052",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49053.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49053",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49054.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49054",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49055.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49055",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49056.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49056",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49057.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49057",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49058.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49058",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49059.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49059",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49060.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49061.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49061",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49062.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49062",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49063.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49063",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49064.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49065.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49065",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49066.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49066",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49067.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49067",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49068.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49068",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49069.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49069",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49070.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49070",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49071.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49071",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49072.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49072",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49073.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49073",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49074.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49074",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49075.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49075",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49076.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49076",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49077.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49077",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49078.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49078",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49284.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49284",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49285.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49285",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49286.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49286",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49287.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49287",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49288.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49289.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49289",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49290.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49290",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49291.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49291",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49292.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49292",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49293.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49293",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49294.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49294",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49295.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49295",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49296.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49296",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49297.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49297",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/49xxx/CVE-2022-49298.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-49298",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}