admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-21 11:00:33 +00:00
parent d75bb150d2
commit f0e5b593a9
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
40 changed files with 4781 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
2023/52xxx/CVE-2023-52884.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52884",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: cyapa - add missing input core locking to suspend/resume functions\n\nGrab input->mutex during suspend/resume functions like it is done in\nother input drivers. This fixes the following warning during system\nsuspend/resume cycle on Samsung Exynos5250-based Snow Chromebook:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---\n...\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d69f0a43c677",
"version_value": "f99809fdeb50"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f99809fdeb50d65bcbc1661ef391af94eebb8a75",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f99809fdeb50d65bcbc1661ef391af94eebb8a75"
},
{
"url": "https://git.kernel.org/stable/c/9400caf566f65c703e99d95f87b00c4b445627a7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9400caf566f65c703e99d95f87b00c4b445627a7"
},
{
"url": "https://git.kernel.org/stable/c/a4c638ab25786bd5aab5978fe51b2b9be16a4ebd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a4c638ab25786bd5aab5978fe51b2b9be16a4ebd"
},
{
"url": "https://git.kernel.org/stable/c/a5fc298fa8f67cf1f0e1fc126eab70578cd40adc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a5fc298fa8f67cf1f0e1fc126eab70578cd40adc"
},
{
"url": "https://git.kernel.org/stable/c/7b4e0b39182cf5e677c1fc092a3ec40e621c25b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7b4e0b39182cf5e677c1fc092a3ec40e621c25b6"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

10
2024/0xxx/CVE-2024-0762.json
View File

@ -154,6 +154,16 @@
"url": "https://www.phoenix.com/security-notifications/cve-2024-0762/",
"refsource": "MISC",
"name": "https://www.phoenix.com/security-notifications/cve-2024-0762/"
},
{
"url": "https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/",
"refsource": "MISC",
"name": "https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/"
},
{
"url": "https://news.ycombinator.com/item?id=40747852",
"refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=40747852"
}
]
},

168
2024/31xxx/CVE-2024-31076.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-31076",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd->move_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU's vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd->prev_vector because the interrupt isn't currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn't reclaim apicd->prev_vector; instead, it simply resets both\napicd->move_in_progress and apicd->prev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd->prev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd->move_in_progress with apicd->prev_cpu pointing to an offline CPU."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f0383c24b485",
"version_value": "a40209d355af"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.13",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.13",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a40209d355afe4ed6d533507838c9e5cd70a76d8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a40209d355afe4ed6d533507838c9e5cd70a76d8"
},
{
"url": "https://git.kernel.org/stable/c/f5f4675960609d8c5ee95f027fbf6ce380f98372",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f5f4675960609d8c5ee95f027fbf6ce380f98372"
},
{
"url": "https://git.kernel.org/stable/c/6752dfcfff3ac3e16625ebd3f0ad9630900e7e76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6752dfcfff3ac3e16625ebd3f0ad9630900e7e76"
},
{
"url": "https://git.kernel.org/stable/c/9eeda3e0071a329af1eba15f4e57dc39576bb420",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9eeda3e0071a329af1eba15f4e57dc39576bb420"
},
{
"url": "https://git.kernel.org/stable/c/e9c96d01d520498b169ce734a8ad1142bef86a30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e9c96d01d520498b169ce734a8ad1142bef86a30"
},
{
"url": "https://git.kernel.org/stable/c/59f86a2908380d09cdc726461c0fbb8d8579c99f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/59f86a2908380d09cdc726461c0fbb8d8579c99f"
},
{
"url": "https://git.kernel.org/stable/c/ebfb16fc057a016abb46a9720a54abf0d4f6abe1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ebfb16fc057a016abb46a9720a54abf0d4f6abe1"
},
{
"url": "https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

124
2024/33xxx/CVE-2024-33619.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-33619",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: libstub: only free priv.runtime_map when allocated\n\npriv.runtime_map is only allocated when efi_novamap is not set.\nOtherwise, it is an uninitialized value. In the error path, it is freed\nunconditionally. Avoid passing an uninitialized value to free_pool.\nFree priv.runtime_map only when it was allocated.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f80d26043af9",
"version_value": "b8938d6f570f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b8938d6f570f010a1dcdbfed3e5b5d3258c2a908",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b8938d6f570f010a1dcdbfed3e5b5d3258c2a908"
},
{
"url": "https://git.kernel.org/stable/c/9dce01f386c9ce6990c0a83fa14b1c95330b037e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9dce01f386c9ce6990c0a83fa14b1c95330b037e"
},
{
"url": "https://git.kernel.org/stable/c/6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554"
},
{
"url": "https://git.kernel.org/stable/c/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

168
2024/33xxx/CVE-2024-33621.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-33621",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound\n\nRaw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will\nhit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path.\n\nWARNING: CPU: 2 PID: 0 at net/core/sock.c:775 sk_mc_loop+0x2d/0x70\nModules linked in: sch_netem ipvlan rfkill cirrus drm_shmem_helper sg drm_kms_helper\nCPU: 2 PID: 0 Comm: swapper/2 Kdump: loaded Not tainted 6.9.0+ #279\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:sk_mc_loop+0x2d/0x70\nCode: fa 0f 1f 44 00 00 65 0f b7 15 f7 96 a3 4f 31 c0 66 85 d2 75 26 48 85 ff 74 1c\nRSP: 0018:ffffa9584015cd78 EFLAGS: 00010212\nRAX: 0000000000000011 RBX: ffff91e585793e00 RCX: 0000000002c6a001\nRDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff91e589c0f000\nRBP: ffff91e5855bd100 R08: 0000000000000000 R09: 3d00545216f43d00\nR10: ffff91e584fdcc50 R11: 00000060dd8616f4 R12: ffff91e58132d000\nR13: ffff91e584fdcc68 R14: ffff91e5869ce800 R15: ffff91e589c0f000\nFS: 0000000000000000(0000) GS:ffff91e898100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f788f7c44c0 CR3: 0000000008e1a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<IRQ>\n ? __warn (kernel/panic.c:693)\n ? sk_mc_loop (net/core/sock.c:760)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:239)\n ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? sk_mc_loop (net/core/sock.c:760)\n ip6_finish_output2 (net/ipv6/ip6_output.c:83 (discriminator 1))\n ? nf_hook_slow (net/netfilter/core.c:626)\n ip6_finish_output (net/ipv6/ip6_output.c:222)\n ? __pfx_ip6_finish_output (net/ipv6/ip6_output.c:215)\n ipvlan_xmit_mode_l3 (drivers/net/ipvlan/ipvlan_core.c:602) ipvlan\n ipvlan_start_xmit (drivers/net/ipvlan/ipvlan_main.c:226) ipvlan\n dev_hard_start_xmit (net/core/dev.c:3594)\n sch_direct_xmit (net/sched/sch_generic.c:343)\n __qdisc_run (net/sched/sch_generic.c:416)\n net_tx_action (net/core/dev.c:5286)\n handle_softirqs (kernel/softirq.c:555)\n __irq_exit_rcu (kernel/softirq.c:589)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043)\n\nThe warning triggers as this:\npacket_sendmsg\n packet_snd //skb->sk is packet sk\n __dev_queue_xmit\n __dev_xmit_skb //q->enqueue is not NULL\n __qdisc_run\n sch_direct_xmit\n dev_hard_start_xmit\n ipvlan_start_xmit\n ipvlan_xmit_mode_l3 //l3 mode\n ipvlan_process_outbound //vepa flag\n ipvlan_process_v6_outbound\n ip6_local_out\n __ip6_finish_output\n ip6_finish_output2 //multicast packet\n sk_mc_loop //sk->sk_family is AF_PACKET\n\nCall ip{6}_local_out() with NULL sk in ipvlan as other tunnels to fix this."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2ad7bf363841",
"version_value": "0049a623dfbb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0049a623dfbbb49888de7f0c2f33a582b5ead989",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0049a623dfbbb49888de7f0c2f33a582b5ead989"
},
{
"url": "https://git.kernel.org/stable/c/54768bacfde60e8e4757968d79f8726711dd2cf5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/54768bacfde60e8e4757968d79f8726711dd2cf5"
},
{
"url": "https://git.kernel.org/stable/c/1abbf079da59ef559d0ab4219d2a0302f7970761",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1abbf079da59ef559d0ab4219d2a0302f7970761"
},
{
"url": "https://git.kernel.org/stable/c/183c4b416454b9983dc1b8aa0022b748911adc48",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/183c4b416454b9983dc1b8aa0022b748911adc48"
},
{
"url": "https://git.kernel.org/stable/c/cb53706a3403ba67f4040b2a82d9cf79e11b1a48",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb53706a3403ba67f4040b2a82d9cf79e11b1a48"
},
{
"url": "https://git.kernel.org/stable/c/54213c09801e0bd2549ac42961093be36f65a7d0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/54213c09801e0bd2549ac42961093be36f65a7d0"
},
{
"url": "https://git.kernel.org/stable/c/13c4543db34e0da5a7d2f550b6262d860f248381",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/13c4543db34e0da5a7d2f550b6262d860f248381"
},
{
"url": "https://git.kernel.org/stable/c/b3dc6e8003b500861fa307e9a3400c52e78e4d3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b3dc6e8003b500861fa307e9a3400c52e78e4d3a"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

113
2024/36xxx/CVE-2024-36244.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36244",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: extend minimum interval restriction to entire cycle too\n\nIt is possible for syzbot to side-step the restriction imposed by the\nblamed commit in the Fixes: tag, because the taprio UAPI permits a\ncycle-time different from (and potentially shorter than) the sum of\nentry intervals.\n\nWe need one more restriction, which is that the cycle time itself must\nbe larger than N * ETH_ZLEN bit times, where N is the number of schedule\nentries. This restriction needs to apply regardless of whether the cycle\ntime came from the user or was the implicit, auto-calculated value, so\nwe move the existing \"cycle == 0\" check outside the \"if \"(!new->cycle_time)\"\nbranch. This way covers both conditions and scenarios.\n\nAdd a selftest which illustrates the issue triggered by syzbot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b5b73b26b3ca",
"version_value": "b939d1e04a90"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2"
},
{
"url": "https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724"
},
{
"url": "https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

157
2024/36xxx/CVE-2024-36270.json Normal file
View File

@ -0,0 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36270",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: tproxy: bail out if IP has been disabled on the device\n\nsyzbot reports:\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n[..]\nRIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62\nCall Trace:\n nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline]\n nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168\n\n__in_dev_get_rcu() can return NULL, so check for this."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cc6eb4338569",
"version_value": "10f0af5234da"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.37",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.37",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d"
},
{
"url": "https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c"
},
{
"url": "https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03"
},
{
"url": "https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80"
},
{
"url": "https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0"
},
{
"url": "https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c"
},
{
"url": "https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

118
2024/36xxx/CVE-2024-36281.json Normal file
View File

@ -0,0 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36281",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules\n\nrx_create no longer allocates a modify_hdr instance that needs to be\ncleaned up. The mlx5_modify_header_dealloc call will lead to a NULL pointer\ndereference. A leak in the rules also previously occurred since there are\nnow two rules populated related to status.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 109907067 P4D 109907067 PUD 116890067 PMD 0\n Oops: 0000 [#1] SMP\n CPU: 1 PID: 484 Comm: ip Not tainted 6.9.0-rc2-rrameshbabu+ #254\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:mlx5_modify_header_dealloc+0xd/0x70\n <snip>\n Call Trace:\n <TASK>\n ? show_regs+0x60/0x70\n ? __die+0x24/0x70\n ? page_fault_oops+0x15f/0x430\n ? free_to_partial_list.constprop.0+0x79/0x150\n ? do_user_addr_fault+0x2c9/0x5c0\n ? exc_page_fault+0x63/0x110\n ? asm_exc_page_fault+0x27/0x30\n ? mlx5_modify_header_dealloc+0xd/0x70\n rx_create+0x374/0x590\n rx_add_rule+0x3ad/0x500\n ? rx_add_rule+0x3ad/0x500\n ? mlx5_cmd_exec+0x2c/0x40\n ? mlx5_create_ipsec_obj+0xd6/0x200\n mlx5e_accel_ipsec_fs_add_rule+0x31/0xf0\n mlx5e_xfrm_add_state+0x426/0xc00\n <snip>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "20af7afcd8b8",
"version_value": "b0a15cde37a8"
},
{
"version_affected": "<",
"version_name": "94af50c0a9bb",
"version_value": "cc9ac559f2e2"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b0a15cde37a8388e57573686f650a17208ae1212",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0a15cde37a8388e57573686f650a17208ae1212"
},
{
"url": "https://git.kernel.org/stable/c/cc9ac559f2e21894c21ac5b0c85fb24a5cab266c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc9ac559f2e21894c21ac5b0c85fb24a5cab266c"
},
{
"url": "https://git.kernel.org/stable/c/16d66a4fa81da07bc4ed19f4e53b87263c2f8d38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16d66a4fa81da07bc4ed19f4e53b87263c2f8d38"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

168
2024/36xxx/CVE-2024-36286.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36286",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()\n\nsyzbot reported that nf_reinject() could be called without rcu_read_lock() :\n\nWARNING: suspicious RCU usage\n6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0 Not tainted\n\nnet/netfilter/nfnetlink_queue.c:263 suspicious rcu_dereference_check() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n2 locks held by syz-executor.4/13427:\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2190 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_core+0xa86/0x1830 kernel/rcu/tree.c:2471\n #1: ffff88801ca92958 (&inst->lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n #1: ffff88801ca92958 (&inst->lock){+.-.}-{2:2}, at: nfqnl_flush net/netfilter/nfnetlink_queue.c:405 [inline]\n #1: ffff88801ca92958 (&inst->lock){+.-.}-{2:2}, at: instance_destroy_rcu+0x30/0x220 net/netfilter/nfnetlink_queue.c:172\n\nstack backtrace:\nCPU: 0 PID: 13427 Comm: syz-executor.4 Not tainted 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\nCall Trace:\n <IRQ>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nf_reinject net/netfilter/nfnetlink_queue.c:323 [inline]\n nfqnl_reinject+0x6ec/0x1120 net/netfilter/nfnetlink_queue.c:397\n nfqnl_flush net/netfilter/nfnetlink_queue.c:410 [inline]\n instance_destroy_rcu+0x1ae/0x220 net/netfilter/nfnetlink_queue.c:172\n rcu_do_batch kernel/rcu/tree.c:2196 [inline]\n rcu_core+0xafd/0x1830 kernel/rcu/tree.c:2471\n handle_softirqs+0x2d6/0x990 kernel/softirq.c:554\n __do_softirq kernel/softirq.c:588 [inline]\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:649\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n </IRQ>\n <TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9872bec773c2",
"version_value": "8658bd777cbf"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.25",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.25",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8658bd777cbfcb0c13df23d0ea120e70517761b9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8658bd777cbfcb0c13df23d0ea120e70517761b9"
},
{
"url": "https://git.kernel.org/stable/c/3989b817857f4890fab9379221a9d3f52bf5c256",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3989b817857f4890fab9379221a9d3f52bf5c256"
},
{
"url": "https://git.kernel.org/stable/c/e01065b339e323b3dfa1be217fd89e9b3208b0ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e01065b339e323b3dfa1be217fd89e9b3208b0ab"
},
{
"url": "https://git.kernel.org/stable/c/25ea5377e3d2921a0f96ae2551f5ab1b36825dd4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/25ea5377e3d2921a0f96ae2551f5ab1b36825dd4"
},
{
"url": "https://git.kernel.org/stable/c/68f40354a3851df46c27be96b84f11ae193e36c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/68f40354a3851df46c27be96b84f11ae193e36c5"
},
{
"url": "https://git.kernel.org/stable/c/8f365564af898819a523f1a8cf5c6ce053e9f718",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8f365564af898819a523f1a8cf5c6ce053e9f718"
},
{
"url": "https://git.kernel.org/stable/c/215df6490e208bfdd5b3012f5075e7f8736f3e7a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/215df6490e208bfdd5b3012f5075e7f8736f3e7a"
},
{
"url": "https://git.kernel.org/stable/c/dc21c6cc3d6986d938efbf95de62473982c98dec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dc21c6cc3d6986d938efbf95de62473982c98dec"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

102
2024/36xxx/CVE-2024-36478.json Normal file
View File

@ -0,0 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36478",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'\n\nWriting 'power' and 'submit_queues' concurrently will trigger kernel\npanic:\n\nTest script:\n\nmodprobe null_blk nr_devices=0\nmkdir -p /sys/kernel/config/nullb/nullb0\nwhile true; do echo 1 > submit_queues; echo 4 > submit_queues; done &\nwhile true; do echo 1 > power; echo 0 > power; done\n\nTest result:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000148\nOops: 0000 [#1] PREEMPT SMP\nRIP: 0010:__lock_acquire+0x41d/0x28f0\nCall Trace:\n <TASK>\n lock_acquire+0x121/0x450\n down_write+0x5f/0x1d0\n simple_recursive_removal+0x12f/0x5c0\n blk_mq_debugfs_unregister_hctxs+0x7c/0x100\n blk_mq_update_nr_hw_queues+0x4a3/0x720\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_submit_queues_store+0x79/0xf0 [null_blk]\n configfs_write_iter+0x119/0x1e0\n vfs_write+0x326/0x730\n ksys_write+0x74/0x150\n\nThis is because del_gendisk() can concurrent with\nblk_mq_update_nr_hw_queues():\n\nnullb_device_power_store\tnullb_apply_submit_queues\n null_del_dev\n del_gendisk\n\t\t\t\t nullb_update_nr_hw_queues\n\t\t\t\t if (!dev->nullb)\n\t\t\t\t // still set while gendisk is deleted\n\t\t\t\t return 0\n\t\t\t\t blk_mq_update_nr_hw_queues\n dev->nullb = NULL\n\nFix this problem by resuing the global mutex to protect\nnullb_device_power_store() and nullb_update_nr_hw_queues() from configfs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "45919fbfe1c4",
"version_value": "5d0495473ee4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5d0495473ee4c1d041b5a917f10446a22c047f47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d0495473ee4c1d041b5a917f10446a22c047f47"
},
{
"url": "https://git.kernel.org/stable/c/a2db328b0839312c169eb42746ec46fc1ab53ed2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a2db328b0839312c169eb42746ec46fc1ab53ed2"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

134
2024/36xxx/CVE-2024-36484.json Normal file
View File

@ -0,0 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36484",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: relax socket state check at accept time.\n\nChristoph reported the following splat:\n\nWARNING: CPU: 1 PID: 772 at net/ipv4/af_inet.c:761 __inet_accept+0x1f4/0x4a0\nModules linked in:\nCPU: 1 PID: 772 Comm: syz-executor510 Not tainted 6.9.0-rc7-g7da7119fe22b #56\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\nRIP: 0010:__inet_accept+0x1f4/0x4a0 net/ipv4/af_inet.c:759\nCode: 04 38 84 c0 0f 85 87 00 00 00 41 c7 04 24 03 00 00 00 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ec b7 da fd <0f> 0b e9 7f fe ff ff e8 e0 b7 da fd 0f 0b e9 fe fe ff ff 89 d9 80\nRSP: 0018:ffffc90000c2fc58 EFLAGS: 00010293\nRAX: ffffffff836bdd14 RBX: 0000000000000000 RCX: ffff888104668000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff836bdb89 R09: fffff52000185f64\nR10: dffffc0000000000 R11: fffff52000185f64 R12: dffffc0000000000\nR13: 1ffff92000185f98 R14: ffff88810754d880 R15: ffff8881007b7800\nFS: 000000001c772880(0000) GS:ffff88811b280000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb9fcf2e178 CR3: 00000001045d2002 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n <TASK>\n inet_accept+0x138/0x1d0 net/ipv4/af_inet.c:786\n do_accept+0x435/0x620 net/socket.c:1929\n __sys_accept4_file net/socket.c:1969 [inline]\n __sys_accept4+0x9b/0x110 net/socket.c:1999\n __do_sys_accept net/socket.c:2016 [inline]\n __se_sys_accept net/socket.c:2013 [inline]\n __x64_sys_accept+0x7d/0x90 net/socket.c:2013\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x58/0x100 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x4315f9\nCode: fd ff 48 81 c4 80 00 00 00 e9 f1 fe ff ff 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab b4 fd ff c3 66 2e 0f 1f 84 00 00 00 00\nRSP: 002b:00007ffdb26d9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002b\nRAX: ffffffffffffffda RBX: 0000000000400300 RCX: 00000000004315f9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004\nRBP: 00000000006e1018 R08: 0000000000400300 R09: 0000000000400300\nR10: 0000000000400300 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000040cdf0 R14: 000000000040ce80 R15: 0000000000000055\n </TASK>\n\nThe reproducer invokes shutdown() before entering the listener status.\nAfter commit 94062790aedb (\"tcp: defer shutdown(SEND_SHUTDOWN) for\nTCP_SYN_RECV sockets\"), the above causes the child to reach the accept\nsyscall in FIN_WAIT1 status.\n\nEric noted we can relax the existing assertion in __inet_accept()"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3fe4ef0568a4",
"version_value": "c09ddc605893"
},
{
"version_affected": "<",
"version_name": "f47d0d32fa94",
"version_value": "87bdc9f6f58b"
},
{
"version_affected": "<",
"version_name": "94062790aedb",
"version_value": "5f9a04a94fd1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c09ddc605893df542c6cf8dde6a57a93f7cf0adb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c09ddc605893df542c6cf8dde6a57a93f7cf0adb"
},
{
"url": "https://git.kernel.org/stable/c/87bdc9f6f58b4417362d6932b49b828e319f97dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87bdc9f6f58b4417362d6932b49b828e319f97dc"
},
{
"url": "https://git.kernel.org/stable/c/5f9a04a94fd1894d7009055ab8e5832a0242dba3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f9a04a94fd1894d7009055ab8e5832a0242dba3"
},
{
"url": "https://git.kernel.org/stable/c/26afda78cda3da974fd4c287962c169e9462c495",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/26afda78cda3da974fd4c287962c169e9462c495"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

146
2024/36xxx/CVE-2024-36489.json Normal file
View File

@ -0,0 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-36489",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix missing memory barrier in tls_init\n\nIn tls_init(), a write memory barrier is missing, and store-store\nreordering may cause NULL dereference in tls_{setsockopt,getsockopt}.\n\nCPU0 CPU1\n----- -----\n// In tls_init()\n// In tls_ctx_create()\nctx = kzalloc()\nctx->sk_proto = READ_ONCE(sk->sk_prot) -(1)\n\n// In update_sk_prot()\nWRITE_ONCE(sk->sk_prot, tls_prots) -(2)\n\n // In sock_common_setsockopt()\n READ_ONCE(sk->sk_prot)->setsockopt()\n\n // In tls_{setsockopt,getsockopt}()\n ctx->sk_proto->setsockopt() -(3)\n\nIn the above scenario, when (1) and (2) are reordered, (3) can observe\nthe NULL value of ctx->sk_proto, causing NULL dereference.\n\nTo fix it, we rely on rcu_assign_pointer() which implies the release\nbarrier semantic. By moving rcu_assign_pointer() after ctx->sk_proto is\ninitialized, we can ensure that ctx->sk_proto are visible when\nchanging sk->sk_prot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "d5bee7374b68",
"version_value": "d72e126e9a36"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071"
},
{
"url": "https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b"
},
{
"url": "https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b"
},
{
"url": "https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c"
},
{
"url": "https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b"
},
{
"url": "https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

168
2024/37xxx/CVE-2024-37353.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-37353",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio: delete vq in vp_find_vqs_msix() when request_irq() fails\n\nWhen request_irq() fails, error path calls vp_del_vqs(). There, as vq is\npresent in the list, free_irq() is called for the same vector. That\ncauses following splat:\n\n[ 0.414355] Trying to free already-free IRQ 27\n[ 0.414403] WARNING: CPU: 1 PID: 1 at kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0\n[ 0.414510] Modules linked in:\n[ 0.414540] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc4+ #27\n[ 0.414540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014\n[ 0.414540] RIP: 0010:free_irq+0x1a1/0x2d0\n[ 0.414540] Code: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40\n[ 0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086\n[ 0.414540] RAX: 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000\n[ 0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000001\n[ 0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001\n[ 0.414540] R10: 00000000ffffdfff R11: ffffffffb18729c0 R12: ffffa099c1c91760\n[ 0.414540] R13: ffffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600\n[ 0.414540] FS: 0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000\n[ 0.414540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0\n[ 0.414540] Call Trace:\n[ 0.414540] <TASK>\n[ 0.414540] ? __warn+0x80/0x120\n[ 0.414540] ? free_irq+0x1a1/0x2d0\n[ 0.414540] ? report_bug+0x164/0x190\n[ 0.414540] ? handle_bug+0x3b/0x70\n[ 0.414540] ? exc_invalid_op+0x17/0x70\n[ 0.414540] ? asm_exc_invalid_op+0x1a/0x20\n[ 0.414540] ? free_irq+0x1a1/0x2d0\n[ 0.414540] vp_del_vqs+0xc1/0x220\n[ 0.414540] vp_find_vqs_msix+0x305/0x470\n[ 0.414540] vp_find_vqs+0x3e/0x1a0\n[ 0.414540] vp_modern_find_vqs+0x1b/0x70\n[ 0.414540] init_vqs+0x387/0x600\n[ 0.414540] virtnet_probe+0x50a/0xc80\n[ 0.414540] virtio_dev_probe+0x1e0/0x2b0\n[ 0.414540] really_probe+0xc0/0x2c0\n[ 0.414540] ? __pfx___driver_attach+0x10/0x10\n[ 0.414540] __driver_probe_device+0x73/0x120\n[ 0.414540] driver_probe_device+0x1f/0xe0\n[ 0.414540] __driver_attach+0x88/0x180\n[ 0.414540] bus_for_each_dev+0x85/0xd0\n[ 0.414540] bus_add_driver+0xec/0x1f0\n[ 0.414540] driver_register+0x59/0x100\n[ 0.414540] ? __pfx_virtio_net_driver_init+0x10/0x10\n[ 0.414540] virtio_net_driver_init+0x90/0xb0\n[ 0.414540] do_one_initcall+0x58/0x230\n[ 0.414540] kernel_init_freeable+0x1a3/0x2d0\n[ 0.414540] ? __pfx_kernel_init+0x10/0x10\n[ 0.414540] kernel_init+0x1a/0x1c0\n[ 0.414540] ret_from_fork+0x31/0x50\n[ 0.414540] ? __pfx_kernel_init+0x10/0x10\n[ 0.414540] ret_from_fork_asm+0x1a/0x30\n[ 0.414540] </TASK>\n\nFix this by calling deleting the current vq when request_irq() fails."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0b0f9dc52ed0",
"version_value": "cb7a7c8144b4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cb7a7c8144b434e06aba99b13b045a7efe859587",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb7a7c8144b434e06aba99b13b045a7efe859587"
},
{
"url": "https://git.kernel.org/stable/c/43a9aaf63254ab821f0f25fea25698ebe69ea16a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/43a9aaf63254ab821f0f25fea25698ebe69ea16a"
},
{
"url": "https://git.kernel.org/stable/c/7fbe54f02a5c77ff5dd65e8ed0b58e3bd8c43e9c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7fbe54f02a5c77ff5dd65e8ed0b58e3bd8c43e9c"
},
{
"url": "https://git.kernel.org/stable/c/42d30da50d5c1ec433fd9551bfddd6887407c352",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/42d30da50d5c1ec433fd9551bfddd6887407c352"
},
{
"url": "https://git.kernel.org/stable/c/abf001651acd1858252764fa39d79e3d0b5c86b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/abf001651acd1858252764fa39d79e3d0b5c86b2"
},
{
"url": "https://git.kernel.org/stable/c/04207a9c64e0b16dac842e5b2ecfa53af25bdea7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/04207a9c64e0b16dac842e5b2ecfa53af25bdea7"
},
{
"url": "https://git.kernel.org/stable/c/bb61a84793858330ba2ca1d202d3779096f6fb54",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bb61a84793858330ba2ca1d202d3779096f6fb54"
},
{
"url": "https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

168
2024/37xxx/CVE-2024-37356.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-37356",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix shift-out-of-bounds in dctcp_update_alpha().\n\nIn dctcp_update_alpha(), we use a module parameter dctcp_shift_g\nas follows:\n\n alpha -= min_not_zero(alpha, alpha >> dctcp_shift_g);\n ...\n delivered_ce <<= (10 - dctcp_shift_g);\n\nIt seems syzkaller started fuzzing module parameters and triggered\nshift-out-of-bounds [0] by setting 100 to dctcp_shift_g:\n\n memcpy((void*)0x20000080,\n \"/sys/module/tcp_dctcp/parameters/dctcp_shift_g\\000\", 47);\n res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x20000080ul,\n /*flags=*/2ul, /*mode=*/0ul);\n memcpy((void*)0x20000000, \"100\\000\", 4);\n syscall(__NR_write, /*fd=*/r[0], /*val=*/0x20000000ul, /*len=*/4ul);\n\nLet's limit the max value of dctcp_shift_g by param_set_uint_minmax().\n\nWith this patch:\n\n # echo 10 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n # cat /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n 10\n # echo 11 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n -bash: echo: write error: Invalid argument\n\n[0]:\nUBSAN: shift-out-of-bounds in net/ipv4/tcp_dctcp.c:143:12\nshift exponent 100 is too large for 32-bit type 'u32' (aka 'unsigned int')\nCPU: 0 PID: 8083 Comm: syz-executor345 Not tainted 6.9.0-05151-g1b294a1f3561 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:114\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_shift_out_of_bounds+0x346/0x3a0 lib/ubsan.c:468\n dctcp_update_alpha+0x540/0x570 net/ipv4/tcp_dctcp.c:143\n tcp_in_ack_event net/ipv4/tcp_input.c:3802 [inline]\n tcp_ack+0x17b1/0x3bc0 net/ipv4/tcp_input.c:3948\n tcp_rcv_state_process+0x57a/0x2290 net/ipv4/tcp_input.c:6711\n tcp_v4_do_rcv+0x764/0xc40 net/ipv4/tcp_ipv4.c:1937\n sk_backlog_rcv include/net/sock.h:1106 [inline]\n __release_sock+0x20f/0x350 net/core/sock.c:2983\n release_sock+0x61/0x1f0 net/core/sock.c:3549\n mptcp_subflow_shutdown+0x3d0/0x620 net/mptcp/protocol.c:2907\n mptcp_check_send_data_fin+0x225/0x410 net/mptcp/protocol.c:2976\n __mptcp_close+0x238/0xad0 net/mptcp/protocol.c:3072\n mptcp_close+0x2a/0x1a0 net/mptcp/protocol.c:3127\n inet_release+0x190/0x1f0 net/ipv4/af_inet.c:437\n __sock_release net/socket.c:659 [inline]\n sock_close+0xc0/0x240 net/socket.c:1421\n __fput+0x41b/0x890 fs/file_table.c:422\n task_work_run+0x23b/0x300 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x9c8/0x2540 kernel/exit.c:878\n do_group_exit+0x201/0x2b0 kernel/exit.c:1027\n __do_sys_exit_group kernel/exit.c:1038 [inline]\n __se_sys_exit_group kernel/exit.c:1036 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1036\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xe4/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x7f6c2b5005b6\nCode: Unable to access opcode bytes at 0x7f6c2b50058c.\nRSP: 002b:00007ffe883eb948 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 00007f6c2b5862f0 RCX: 00007f6c2b5005b6\nRDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001\nRBP: 0000000000000001 R08: 00000000000000e7 R09: ffffffffffffffc0\nR10: 0000000000000006 R11: 0000000000000246 R12: 00007f6c2b5862f0\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n </TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e3118e8359bb",
"version_value": "06d0fe049b51"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.18",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/06d0fe049b51b0a92a70df8333fd85c4ba3eb2c6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/06d0fe049b51b0a92a70df8333fd85c4ba3eb2c6"
},
{
"url": "https://git.kernel.org/stable/c/6aacaa80d962f4916ccf90e2080306cec6c90fcf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6aacaa80d962f4916ccf90e2080306cec6c90fcf"
},
{
"url": "https://git.kernel.org/stable/c/e9b2f60636d18dfd0dd4965b3316f88dfd6a2b31",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e9b2f60636d18dfd0dd4965b3316f88dfd6a2b31"
},
{
"url": "https://git.kernel.org/stable/c/8602150286a2a860a1dc55cbd04f99316f19b40a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8602150286a2a860a1dc55cbd04f99316f19b40a"
},
{
"url": "https://git.kernel.org/stable/c/e65d13ec00a738fa7661925fd5929ab3c765d4be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e65d13ec00a738fa7661925fd5929ab3c765d4be"
},
{
"url": "https://git.kernel.org/stable/c/02261d3f9dc7d1d7be7d778f839e3404ab99034c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/02261d3f9dc7d1d7be7d778f839e3404ab99034c"
},
{
"url": "https://git.kernel.org/stable/c/237340dee373b97833a491d2e99fcf1d4a9adafd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/237340dee373b97833a491d2e99fcf1d4a9adafd"
},
{
"url": "https://git.kernel.org/stable/c/3ebc46ca8675de6378e3f8f40768e180bb8afa66",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3ebc46ca8675de6378e3f8f40768e180bb8afa66"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

198
2024/38xxx/CVE-2024-38381.json Normal file
View File

@ -0,0 +1,198 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-38381",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_rx_work\n\nsyzbot reported the following uninit-value access issue [1]\n\nnci_rx_work() parses received packet from ndev->rx_q. It should be\nvalidated header size, payload size and total packet size before\nprocessing the packet. If an invalid packet is detected, it should be\nsilently discarded."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "11387b2effbb",
"version_value": "406cfac9debd"
},
{
"version_affected": "<",
"version_name": "03fe259649a5",
"version_value": "485ded868ed6"
},
{
"version_affected": "<",
"version_name": "755e53bbc61b",
"version_value": "f80b786ab055"
},
{
"version_affected": "<",
"version_name": "ac68d9fa09e4",
"version_value": "ad4d196d2008"
},
{
"version_affected": "<",
"version_name": "b51ec7fc9f87",
"version_value": "e8c8e0d0d214"
},
{
"version_affected": "<",
"version_name": "a946ebee45b0",
"version_value": "e53a7f8afcbd"
},
{
"version_affected": "<",
"version_name": "d24b03535e5e",
"version_value": "017ff3976249"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6"
},
{
"url": "https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619"
},
{
"url": "https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1"
},
{
"url": "https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe"
},
{
"url": "https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3"
},
{
"url": "https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea"
},
{
"url": "https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c"
},
{
"url": "https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

124
2024/38xxx/CVE-2024-38388.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-38388",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/cs_dsp_ctl: Use private_free for control cleanup\n\nUse the control private_free callback to free the associated data\nblock. This ensures that the memory won't leak, whatever way the\ncontrol gets destroyed.\n\nThe original implementation didn't actually remove the ALSA\ncontrols in hda_cs_dsp_control_remove(). It only freed the internal\ntracking structure. This meant it was possible to remove/unload the\namp driver while leaving its ALSA controls still present in the\nsoundcard. Obviously attempting to access them could cause segfaults\nor at least dereferencing stale pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3233b978af23",
"version_value": "191dc1b2ff0f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/191dc1b2ff0fb35e7aff15a53224837637df8bff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/191dc1b2ff0fb35e7aff15a53224837637df8bff"
},
{
"url": "https://git.kernel.org/stable/c/6e359be4975006ff72818e79dad8fe48293f2eb2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6e359be4975006ff72818e79dad8fe48293f2eb2"
},
{
"url": "https://git.kernel.org/stable/c/3291486af5636540980ea55bae985f3eaa5b0740",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3291486af5636540980ea55bae985f3eaa5b0740"
},
{
"url": "https://git.kernel.org/stable/c/172811e3a557d8681a5e2d0f871dc04a2d17eb13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/172811e3a557d8681a5e2d0f871dc04a2d17eb13"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

124
2024/38xxx/CVE-2024-38390.json Normal file
View File

@ -0,0 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-38390",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails\n\nCalling a6xx_destroy() before adreno_gpu_init() leads to a null pointer\ndereference on:\n\nmsm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL);\n\nas gpu->pdev is only assigned in:\n\na6xx_gpu_init()\n|_ adreno_gpu_init\n |_ msm_gpu_init()\n\nInstead of relying on handwavy null checks down the cleanup chain,\nexplicitly de-allocate the LLC data and free a6xx_gpu instead.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588919/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "76efc2453d0e",
"version_value": "247849eeb3fd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec"
},
{
"url": "https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d"
},
{
"url": "https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f"
},
{
"url": "https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

113
2024/38xxx/CVE-2024-38391.json Normal file
View File

@ -0,0 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-38391",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Fix cxlr_pmem leaks\n\nBefore this error path, cxlr_pmem pointed to a kzalloc() memory, free\nit to avoid this memory leaking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f17b558d6663",
"version_value": "24b9362c9fa5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.2",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/24b9362c9fa57f9291b380a3cc77b8b5c9fa27da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/24b9362c9fa57f9291b380a3cc77b8b5c9fa27da"
},
{
"url": "https://git.kernel.org/stable/c/eef8d414b07a1e85c1367324fb6c6a46b79269bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eef8d414b07a1e85c1367324fb6c6a46b79269bd"
},
{
"url": "https://git.kernel.org/stable/c/1c987cf22d6b65ade46145c03eef13f0e3e81d83",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1c987cf22d6b65ade46145c03eef13f0e3e81d83"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

158
2024/38xxx/CVE-2024-38621.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: fix bounds checking in stk1160_copy_video()\n\nThe subtract in this condition is reversed. The ->length is the length\nof the buffer. The ->bytesused is how many bytes we have copied thus\nfar. When the condition is reversed that means the result of the\nsubtraction is always negative but since it's unsigned then the result\nis a very high positive value. That means the overflow check is never\ntrue.\n\nAdditionally, the ->bytesused doesn't actually work for this purpose\nbecause we're not writing to \"buf->mem + buf->bytesused\". Instead, the\nmath to calculate the destination where we are writing is a bit\ninvolved. You calculate the number of full lines already written,\nmultiply by two, skip a line if necessary so that we start on an odd\nnumbered line, and add the offset into the line.\n\nTo fix this buffer overflow, just take the actual destination where we\nare writing, if the offset is already out of bounds print an error and\nreturn. Otherwise, write up to buf->length bytes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9cb2173e6ea8",
"version_value": "f6a392266276"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f6a392266276730bea893b55d12940e32a25f56a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f6a392266276730bea893b55d12940e32a25f56a"
},
{
"url": "https://git.kernel.org/stable/c/ecf4ddc3aee8ade504c4d36b7b4053ce6093e200",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ecf4ddc3aee8ade504c4d36b7b4053ce6093e200"
},
{
"url": "https://git.kernel.org/stable/c/a16775828aaed1c54ff4e6fe83e8e4d5c6a50cb7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a16775828aaed1c54ff4e6fe83e8e4d5c6a50cb7"
},
{
"url": "https://git.kernel.org/stable/c/7532bcec0797adfa08791301c3bcae14141db3bd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7532bcec0797adfa08791301c3bcae14141db3bd"
},
{
"url": "https://git.kernel.org/stable/c/b504518a397059e1d55c521ba0ea2b545a6c4b52",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b504518a397059e1d55c521ba0ea2b545a6c4b52"
},
{
"url": "https://git.kernel.org/stable/c/d410017a7181cb55e4a5c810b32b75e4416c6808",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d410017a7181cb55e4a5c810b32b75e4416c6808"
},
{
"url": "https://git.kernel.org/stable/c/a08492832cc4cacc24e0612f483c86ca899b9261",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a08492832cc4cacc24e0612f483c86ca899b9261"
},
{
"url": "https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

103
2024/38xxx/CVE-2024-38622.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add callback function pointer check before its call\n\nIn dpu_core_irq_callback_handler() callback function pointer is compared to NULL,\nbut then callback function is unconditionally called by this pointer.\nFix this bug by adding conditional return.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588237/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c929ac60b3ed",
"version_value": "873f67699114"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/873f67699114452c2a996c4e10faac8ff860c241",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/873f67699114452c2a996c4e10faac8ff860c241"
},
{
"url": "https://git.kernel.org/stable/c/9078630ed7f8f25d65d11823e7f2b11a8e2f4f0f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9078630ed7f8f25d65d11823e7f2b11a8e2f4f0f"
},
{
"url": "https://git.kernel.org/stable/c/530f272053a5e72243a9cb07bb1296af6c346002",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/530f272053a5e72243a9cb07bb1296af6c346002"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

125
2024/38xxx/CVE-2024-38623.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Use variable length array instead of fixed size\n\nShould fix smatch warning:\n\tntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs 256)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4534a70b7056",
"version_value": "a2de301d90b7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a2de301d90b782ac5d7a5fe32995caaee9ab3a0f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a2de301d90b782ac5d7a5fe32995caaee9ab3a0f"
},
{
"url": "https://git.kernel.org/stable/c/3839a9b19a4b70eff6b6ad70446f639f7fd5a3d7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3839a9b19a4b70eff6b6ad70446f639f7fd5a3d7"
},
{
"url": "https://git.kernel.org/stable/c/1fe1c9dc21ee52920629d2d9b9bd84358931a8d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1fe1c9dc21ee52920629d2d9b9bd84358931a8d1"
},
{
"url": "https://git.kernel.org/stable/c/cceef44b34819c24bb6ed70dce5b524bd3e368d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cceef44b34819c24bb6ed70dce5b524bd3e368d1"
},
{
"url": "https://git.kernel.org/stable/c/1997cdc3e727526aa5d84b32f7cbb3f56459b7ef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1997cdc3e727526aa5d84b32f7cbb3f56459b7ef"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

125
2024/38xxx/CVE-2024-38624.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38624",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Use 64 bit variable to avoid 32 bit overflow\n\nFor example, in the expression:\n\tvbo = 2 * vbo + skip"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b46acd6a6a62",
"version_value": "2d1ad595d15f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2d1ad595d15f36a925480199bf1d9ad72614210b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2d1ad595d15f36a925480199bf1d9ad72614210b"
},
{
"url": "https://git.kernel.org/stable/c/98db3155b54d3684ef0ab5bfa0b856d13f65843d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98db3155b54d3684ef0ab5bfa0b856d13f65843d"
},
{
"url": "https://git.kernel.org/stable/c/109d85a98345ee52d47c650405dc51bdd2bc7d40",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/109d85a98345ee52d47c650405dc51bdd2bc7d40"
},
{
"url": "https://git.kernel.org/stable/c/847db4049f6189427ddaefcfc967d4d235b73c57",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/847db4049f6189427ddaefcfc967d4d235b73c57"
},
{
"url": "https://git.kernel.org/stable/c/e931f6b630ffb22d66caab202a52aa8cbb10c649",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e931f6b630ffb22d66caab202a52aa8cbb10c649"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

103
2024/38xxx/CVE-2024-38625.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Check 'folio' pointer for NULL\n\nIt can be NULL if bmap is called."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "82cae269cfa9",
"version_value": "6c8054d59066"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8"
},
{
"url": "https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641"
},
{
"url": "https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

92
2024/38xxx/CVE-2024-38626.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: clear FR_SENT when re-adding requests into pending list\n\nThe following warning was reported by lee bruce:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300\n fuse_request_end+0x685/0x7e0 fs/fuse/dev.c:300\n Modules linked in:\n CPU: 0 PID: 8264 Comm: ab2 Not tainted 6.9.0-rc7\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n RIP: 0010:fuse_request_end+0x685/0x7e0 fs/fuse/dev.c:300\n ......\n Call Trace:\n <TASK>\n fuse_dev_do_read.constprop.0+0xd36/0x1dd0 fs/fuse/dev.c:1334\n fuse_dev_read+0x166/0x200 fs/fuse/dev.c:1367\n call_read_iter include/linux/fs.h:2104 [inline]\n new_sync_read fs/read_write.c:395 [inline]\n vfs_read+0x85b/0xba0 fs/read_write.c:476\n ksys_read+0x12f/0x260 fs/read_write.c:619\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xce/0x260 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ......\n </TASK>\n\nThe warning is due to the FUSE_NOTIFY_RESEND notify sent by the write()\nsyscall in the reproducer program and it happens as follows:\n\n(1) calls fuse_dev_read() to read the INIT request\nThe read succeeds. During the read, bit FR_SENT will be set on the\nrequest.\n(2) calls fuse_dev_write() to send an USE_NOTIFY_RESEND notify\nThe resend notify will resend all processing requests, so the INIT\nrequest is moved from processing list to pending list again.\n(3) calls fuse_dev_read() with an invalid output address\nfuse_dev_read() will try to copy the same INIT request to the output\naddress, but it will fail due to the invalid address, so the INIT\nrequest is ended and triggers the warning in fuse_request_end().\n\nFix it by clearing FR_SENT when re-adding requests into pending list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "760eac73f9f6",
"version_value": "533070db659a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/533070db659a9589310a743e9de14cf9d651ffaf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/533070db659a9589310a743e9de14cf9d651ffaf"
},
{
"url": "https://git.kernel.org/stable/c/246014876d782bbf2e652267482cd2e799fb5fcd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/246014876d782bbf2e652267482cd2e799fb5fcd"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

158
2024/38xxx/CVE-2024-38627.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(&stm->dev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "389b6699a2aa",
"version_value": "6cc30ef8eb6d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6cc30ef8eb6d8f8d6df43152264bbf8835d99931",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6cc30ef8eb6d8f8d6df43152264bbf8835d99931"
},
{
"url": "https://git.kernel.org/stable/c/a0450d3f38e7c6c0a7c0afd4182976ee15573695",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a0450d3f38e7c6c0a7c0afd4182976ee15573695"
},
{
"url": "https://git.kernel.org/stable/c/713fc00c571dde4af3db2dbd5d1b0eadc327817b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/713fc00c571dde4af3db2dbd5d1b0eadc327817b"
},
{
"url": "https://git.kernel.org/stable/c/7419df1acffbcc90037f6b5a2823e81389659b36",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7419df1acffbcc90037f6b5a2823e81389659b36"
},
{
"url": "https://git.kernel.org/stable/c/4bfd48bb6e62512b9c392c5002c11e1e3b18d247",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4bfd48bb6e62512b9c392c5002c11e1e3b18d247"
},
{
"url": "https://git.kernel.org/stable/c/370c480410f60b90ba3e96abe73ead21ec827b20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/370c480410f60b90ba3e96abe73ead21ec827b20"
},
{
"url": "https://git.kernel.org/stable/c/d782a2db8f7ac49c33b9ca3e835500a28667d1be",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d782a2db8f7ac49c33b9ca3e835500a28667d1be"
},
{
"url": "https://git.kernel.org/stable/c/3df463865ba42b8f88a590326f4c9ea17a1ce459",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3df463865ba42b8f88a590326f4c9ea17a1ce459"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

114
2024/38xxx/CVE-2024-38628.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38628",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.\n\nHang on to the control IDs instead of pointers since those are correctly\nhandled with locks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "02de698ca812",
"version_value": "89e668096844"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09"
},
{
"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0"
},
{
"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068"
},
{
"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

103
2024/38xxx/CVE-2024-38629.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38629",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Avoid unnecessary destruction of file_ida\n\nfile_ida is allocated during cdev open and is freed accordingly\nduring cdev release. This sequence is guaranteed by driver file\noperations. Therefore, there is no need to destroy an already empty\nfile_ida when the WQ cdev is removed.\n\nWorse, ida_free() in cdev release may happen after destruction of\nfile_ida per WQ cdev. This can lead to accessing an id in file_ida\nafter it has been destroyed, resulting in a kernel panic.\n\nRemove ida_destroy(&file_ida) to address these issues."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e6fd6d7e5f0f",
"version_value": "9eb15f24a0b9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9eb15f24a0b9b017b39cde8b8c07243676b63687",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9eb15f24a0b9b017b39cde8b8c07243676b63687"
},
{
"url": "https://git.kernel.org/stable/c/15edb906211bf53e7b5574f7326ab734d6bff4f9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/15edb906211bf53e7b5574f7326ab734d6bff4f9"
},
{
"url": "https://git.kernel.org/stable/c/76e43fa6a456787bad31b8d0daeabda27351a480",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/76e43fa6a456787bad31b8d0daeabda27351a480"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

103
2024/38xxx/CVE-2024-38630.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38630",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger\n\nWhen the cpu5wdt module is removing, the origin code uses del_timer() to\nde-activate the timer. If the timer handler is running, del_timer() could\nnot stop it and will return directly. If the port region is released by\nrelease_region() and then the timer handler cpu5wdt_trigger() calls outb()\nto write into the region that is released, the use-after-free bug will\nhappen.\n\nChange del_timer() to timer_shutdown_sync() in order that the timer handler\ncould be finished before the port region is released."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e09d9c3e9f85",
"version_value": "9b1c063ffc07"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314"
},
{
"url": "https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a"
},
{
"url": "https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

92
2024/38xxx/CVE-2024-38631.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38631",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: PAC1934: fix accessing out of bounds array index\n\nFix accessing out of bounds array index for average\ncurrent and voltage measurements. The device itself has\nonly 4 channels, but in sysfs there are \"fake\"\nchannels for the average voltages and currents too."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0fb528c8255b",
"version_value": "8dbcb3a8cfdf"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8dbcb3a8cfdf8ff5afce62dad50790278ff0d3b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8dbcb3a8cfdf8ff5afce62dad50790278ff0d3b7"
},
{
"url": "https://git.kernel.org/stable/c/51fafb3cd7fcf4f4682693b4d2883e2a5bfffe33",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/51fafb3cd7fcf4f4682693b4d2883e2a5bfffe33"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

108
2024/38xxx/CVE-2024-38632.json
View File

@ -1,18 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38632",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: fix potential memory leak in vfio_intx_enable()\n\nIf vfio_irq_ctx_alloc() failed will lead to 'name' memory leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "69276a555c74",
"version_value": "0bd22a4966d5"
},
{
"version_affected": "<",
"version_name": "18c198c96a81",
"version_value": "35fef97c33f3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0bd22a4966d55f1d2c127a53300d5c2b50152376",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0bd22a4966d55f1d2c127a53300d5c2b50152376"
},
{
"url": "https://git.kernel.org/stable/c/35fef97c33f3d3ca0455f9a8e2a3f2c1f8cc9140",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/35fef97c33f3d3ca0455f9a8e2a3f2c1f8cc9140"
},
{
"url": "https://git.kernel.org/stable/c/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

158
2024/38xxx/CVE-2024-38633.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38633",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn't update the respective global\nvariable and after insmod \u2014 rmmod \u2014 insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7831d56b0a35",
"version_value": "21a61a7fbcfd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.30",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.30",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/21a61a7fbcfdd3493cede43ebc7c4dfae2147a8b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21a61a7fbcfdd3493cede43ebc7c4dfae2147a8b"
},
{
"url": "https://git.kernel.org/stable/c/9db4222ed8cd3e50b81c8b910ae74c26427a4003",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9db4222ed8cd3e50b81c8b910ae74c26427a4003"
},
{
"url": "https://git.kernel.org/stable/c/e8e2a4339decad7e59425b594a98613402652d72",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e8e2a4339decad7e59425b594a98613402652d72"
},
{
"url": "https://git.kernel.org/stable/c/361a92c9038e8c8c3996f8eeaa14522a8ad90752",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/361a92c9038e8c8c3996f8eeaa14522a8ad90752"
},
{
"url": "https://git.kernel.org/stable/c/b6eb7aff23e05f362e8c9b560f6ac5e727b70e00",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b6eb7aff23e05f362e8c9b560f6ac5e727b70e00"
},
{
"url": "https://git.kernel.org/stable/c/e8a10089eddba40d4b2080c9d3fc2d2b2488f762",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e8a10089eddba40d4b2080c9d3fc2d2b2488f762"
},
{
"url": "https://git.kernel.org/stable/c/fa84ca78b048dfb00df0ef446f5c35e0a98ca6a0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fa84ca78b048dfb00df0ef446f5c35e0a98ca6a0"
},
{
"url": "https://git.kernel.org/stable/c/712a1fcb38dc7cac6da63ee79a88708fbf9c45ec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/712a1fcb38dc7cac6da63ee79a88708fbf9c45ec"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

158
2024/38xxx/CVE-2024-38634.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38634",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port->lock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it's taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7831d56b0a35",
"version_value": "44b38924135d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.30",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.30",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/44b38924135d2093e2ec1812969464845dd66dc9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/44b38924135d2093e2ec1812969464845dd66dc9"
},
{
"url": "https://git.kernel.org/stable/c/ea9b35372b58ac2931bfc1d5bc25e839d1221e30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ea9b35372b58ac2931bfc1d5bc25e839d1221e30"
},
{
"url": "https://git.kernel.org/stable/c/cc121e3722a0a2c8f716ef991e5425b180a5fb94",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cc121e3722a0a2c8f716ef991e5425b180a5fb94"
},
{
"url": "https://git.kernel.org/stable/c/78dbda51bb4241b88a52d71620f06231a341f9ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/78dbda51bb4241b88a52d71620f06231a341f9ba"
},
{
"url": "https://git.kernel.org/stable/c/8296bb9e5925b6634259c5d4daee88f0cc0884ec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8296bb9e5925b6634259c5d4daee88f0cc0884ec"
},
{
"url": "https://git.kernel.org/stable/c/93df2fba6c7dfa9a2f08546ea9a5ca4728758458",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93df2fba6c7dfa9a2f08546ea9a5ca4728758458"
},
{
"url": "https://git.kernel.org/stable/c/865b30c8661924ee9145f442bf32cea549faa869",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/865b30c8661924ee9145f442bf32cea549faa869"
},
{
"url": "https://git.kernel.org/stable/c/77ab53371a2066fdf9b895246505f5ef5a4b5d47",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/77ab53371a2066fdf9b895246505f5ef5a4b5d47"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

137
2024/38xxx/CVE-2024-38635.json
View File

@ -1,18 +1,147 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38635",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: cadence: fix invalid PDI offset\n\nFor some reason, we add an offset to the PDI, presumably to skip the\nPDI0 and PDI1 which are reserved for BPT.\n\nThis code is however completely wrong and leads to an out-of-bounds\naccess. We were just lucky so far since we used only a couple of PDIs\nand remained within the PDI array bounds.\n\nA Fixes: tag is not provided since there are no known platforms where\nthe out-of-bounds would be accessed, and the initial code had problems\nas well.\n\nA follow-up patch completely removes this useless offset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "002364b2d594"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/002364b2d594a9afc0385c09e00994c510b1d089",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/002364b2d594a9afc0385c09e00994c510b1d089"
},
{
"url": "https://git.kernel.org/stable/c/fd4bcb991ebaf0d1813d81d9983cfa99f9ef5328",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fd4bcb991ebaf0d1813d81d9983cfa99f9ef5328"
},
{
"url": "https://git.kernel.org/stable/c/902f6d656441a511ac25c6cffce74496db10a078",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/902f6d656441a511ac25c6cffce74496db10a078"
},
{
"url": "https://git.kernel.org/stable/c/2ebcaa0e5db9b6044bb487ae1cf41bc601761567",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ebcaa0e5db9b6044bb487ae1cf41bc601761567"
},
{
"url": "https://git.kernel.org/stable/c/7eeef1e935d23db5265233d92395bd5c648a4021",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7eeef1e935d23db5265233d92395bd5c648a4021"
},
{
"url": "https://git.kernel.org/stable/c/4e99103f757cdf636c6ee860994a19a346a11785",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4e99103f757cdf636c6ee860994a19a346a11785"
},
{
"url": "https://git.kernel.org/stable/c/8ee1b439b1540ae543149b15a2a61b9dff937d91",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ee1b439b1540ae543149b15a2a61b9dff937d91"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

114
2024/38xxx/CVE-2024-38636.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38636",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: multidev: fix to recognize valid zero block address\n\nAs reported by Yi Zhang in mailing list [1], kernel warning was catched\nduring zbd/010 test as below:\n\n./check zbd/010\nzbd/010 (test gap zone support with F2FS) [failed]\n runtime ... 3.752s\n something found in dmesg:\n [ 4378.146781] run blktests zbd/010 at 2024-02-18 11:31:13\n [ 4378.192349] null_blk: module loaded\n [ 4378.209860] null_blk: disk nullb0 created\n [ 4378.413285] scsi_debug:sdebug_driver_probe: scsi_debug: trim\npoll_queues to 0. poll_q/nr_hw = (0/1)\n [ 4378.422334] scsi host15: scsi_debug: version 0191 [20210520]\n dev_size_mb=1024, opts=0x0, submit_queues=1, statistics=0\n [ 4378.434922] scsi 15:0:0:0: Direct-Access-ZBC Linux\nscsi_debug 0191 PQ: 0 ANSI: 7\n [ 4378.443343] scsi 15:0:0:0: Power-on or device reset occurred\n [ 4378.449371] sd 15:0:0:0: Attached scsi generic sg5 type 20\n [ 4378.449418] sd 15:0:0:0: [sdf] Host-managed zoned block device\n ...\n (See '/mnt/tests/gitlab.com/api/v4/projects/19168116/repository/archive.zip/storage/blktests/blk/blktests/results/nodev/zbd/010.dmesg'\n\nWARNING: CPU: 22 PID: 44011 at fs/iomap/iter.c:51\nCPU: 22 PID: 44011 Comm: fio Not tainted 6.8.0-rc3+ #1\nRIP: 0010:iomap_iter+0x32b/0x350\nCall Trace:\n <TASK>\n __iomap_dio_rw+0x1df/0x830\n f2fs_file_read_iter+0x156/0x3d0 [f2fs]\n aio_read+0x138/0x210\n io_submit_one+0x188/0x8c0\n __x64_sys_io_submit+0x8c/0x1a0\n do_syscall_64+0x86/0x170\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nShinichiro Kawasaki helps to analyse this issue and proposes a potential\nfixing patch in [2].\n\nQuoted from reply of Shinichiro Kawasaki:\n\n\"I confirmed that the trigger commit is dbf8e63f48af as Yi reported. I took a\nlook in the commit, but it looks fine to me. So I thought the cause is not\nin the commit diff.\n\nI found the WARN is printed when the f2fs is set up with multiple devices,\nand read requests are mapped to the very first block of the second device in the\ndirect read path. In this case, f2fs_map_blocks() and f2fs_map_blocks_cached()\nmodify map->m_pblk as the physical block address from each block device. It\nbecomes zero when it is mapped to the first block of the device. However,\nf2fs_iomap_begin() assumes that map->m_pblk is the physical block address of the\nwhole f2fs, across the all block devices. It compares map->m_pblk against\nNULL_ADDR == 0, then go into the unexpected branch and sets the invalid\niomap->length. The WARN catches the invalid iomap->length.\n\nThis WARN is printed even for non-zoned block devices, by following steps.\n\n - Create two (non-zoned) null_blk devices memory backed with 128MB size each:\n nullb0 and nullb1.\n # mkfs.f2fs /dev/nullb0 -c /dev/nullb1\n # mount -t f2fs /dev/nullb0 \"${mount_dir}\"\n # dd if=/dev/zero of=\"${mount_dir}/test.dat\" bs=1M count=192\n # dd if=\"${mount_dir}/test.dat\" of=/dev/null bs=1M count=192 iflag=direct\n\n...\"\n\nSo, the root cause of this issue is: when multi-devices feature is on,\nf2fs_map_blocks() may return zero blkaddr in non-primary device, which is\na verified valid block address, however, f2fs_iomap_begin() treats it as\nan invalid block address, and then it triggers the warning in iomap\nframework code.\n\nFinally, as discussed, we decide to use a more simple and direct way that\nchecking (map.m_flags & F2FS_MAP_MAPPED) condition instead of\n(map.m_pblk != NULL_ADDR) to fix this issue.\n\nThanks a lot for the effort of Yi Zhang and Shinichiro Kawasaki on this\nissue.\n\n[1] https://lore.kernel.org/linux-f2fs-devel/CAHj4cs-kfojYC9i0G73PRkYzcxCTex=-vugRFeP40g_URGvnfQ@mail.gmail.com/\n[2] https://lore.kernel.org/linux-f2fs-devel/gngdj77k4picagsfdtiaa7gpgnup6fsgwzsltx6milmhegmjff@iax2n4wvrqye/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1517c1a7a445",
"version_value": "1a9225fdd0ec"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1a9225fdd0ec95fcf32936bcea9ceef0cf1512dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a9225fdd0ec95fcf32936bcea9ceef0cf1512dc"
},
{
"url": "https://git.kernel.org/stable/c/2b2611a42462c6c685d40b5f3aedcd8d21c27065",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b2611a42462c6c685d40b5f3aedcd8d21c27065"
},
{
"url": "https://git.kernel.org/stable/c/e8b485e39b4d17afa9a2821fc778d5a67abfc03a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e8b485e39b4d17afa9a2821fc778d5a67abfc03a"
},
{
"url": "https://git.kernel.org/stable/c/33e62cd7b4c281cd737c62e5d8c4f0e602a8c5c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/33e62cd7b4c281cd737c62e5d8c4f0e602a8c5c5"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

158
2024/38xxx/CVE-2024-38637.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38637",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngreybus: lights: check return of get_channel_from_mode\n\nIf channel for the given node is not found we return null from\nget_channel_from_mode. Make sure we validate the return pointer\nbefore using it in two of the missing places.\n\nThis was originally reported in [0]:\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[0] https://lore.kernel.org/all/20240301190425.120605-1-m.lobanov@rosalinux.ru"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2870b52bae4c",
"version_value": "8f4a76d477f0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8f4a76d477f0cc3c54d512f07f6f88c8e1c1e07b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8f4a76d477f0cc3c54d512f07f6f88c8e1c1e07b"
},
{
"url": "https://git.kernel.org/stable/c/e2c64246e5dc8c0d35ec41770b85e2b4cafdff21",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e2c64246e5dc8c0d35ec41770b85e2b4cafdff21"
},
{
"url": "https://git.kernel.org/stable/c/eac10cf3a97ffd4b4deb0a29f57c118225a42850",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eac10cf3a97ffd4b4deb0a29f57c118225a42850"
},
{
"url": "https://git.kernel.org/stable/c/330f6bcdcef03f70f81db5f2ed6747af656a09f2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/330f6bcdcef03f70f81db5f2ed6747af656a09f2"
},
{
"url": "https://git.kernel.org/stable/c/9b41a9b9c8be8c552f10633453fdb509e83b66f8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b41a9b9c8be8c552f10633453fdb509e83b66f8"
},
{
"url": "https://git.kernel.org/stable/c/518e2c46b5dbce40b1aa0100001d03c3ceaa7d38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/518e2c46b5dbce40b1aa0100001d03c3ceaa7d38"
},
{
"url": "https://git.kernel.org/stable/c/895cdd9aa9546523df839f9cc1488a0ecc1e0731",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/895cdd9aa9546523df839f9cc1488a0ecc1e0731"
},
{
"url": "https://git.kernel.org/stable/c/a1ba19a1ae7cd1e324685ded4ab563e78fe68648",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1ba19a1ae7cd1e324685ded4ab563e78fe68648"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

168
2024/38xxx/CVE-2024-38659.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-38659",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f8bd909183ac",
"version_value": "2b649d7e0cb4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2.6.35",
"status": "affected"
},
{
"version": "0",
"lessThan": "2.6.35",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2b649d7e0cb42a660f0260ef25fd55fdc9c6c600",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2b649d7e0cb42a660f0260ef25fd55fdc9c6c600"
},
{
"url": "https://git.kernel.org/stable/c/ca63fb7af9d3e531aa25f7ae187bfc6c7166ec2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ca63fb7af9d3e531aa25f7ae187bfc6c7166ec2d"
},
{
"url": "https://git.kernel.org/stable/c/3c0d36972edbe56fcf98899622d9b90ac9965227",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3c0d36972edbe56fcf98899622d9b90ac9965227"
},
{
"url": "https://git.kernel.org/stable/c/25571a12fbc8a1283bd8380d461267956fd426f7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/25571a12fbc8a1283bd8380d461267956fd426f7"
},
{
"url": "https://git.kernel.org/stable/c/7077c22f84f41974a711604a42fd0e0684232ee5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7077c22f84f41974a711604a42fd0e0684232ee5"
},
{
"url": "https://git.kernel.org/stable/c/f6638e955ca00c489894789492776842e102af9c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f6638e955ca00c489894789492776842e102af9c"
},
{
"url": "https://git.kernel.org/stable/c/aee1955a1509a921c05c70dad5d6fc8563dfcb31",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aee1955a1509a921c05c70dad5d6fc8563dfcb31"
},
{
"url": "https://git.kernel.org/stable/c/e8021b94b0412c37bcc79027c2e382086b6ce449",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e8021b94b0412c37bcc79027c2e382086b6ce449"
}
]
},
"generator": {
"engine": "bippy-7d53e8ef8be4"
}
}

18
2024/38xxx/CVE-2024-38662.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38662",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/38xxx/CVE-2024-38780.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-38780",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/39xxx/CVE-2024-39277.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39277",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

98
2024/3xxx/CVE-2024-3036.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cybersecurity@ch.abb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Input Validation vulnerability in ABB 800xA Base.\nAn attacker who successfully exploited this \nvulnerability could cause services to crash by sending specifically crafted messages.\nThis issue affects 800xA Base: from 6.0.0 through 6.1.1-2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ABB",
"product": {
"product_data": [
{
"product_name": "800xA Base",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "6.0.0",
"version_value": "6.1.1-2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch",
"refsource": "MISC",
"name": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The system can be protected from network-based exploits of this vulnerability by enabling IPSec according to existing user documentation.<br><br>"
}
],
"value": "The system can be protected from network-based exploits of this vulnerability by enabling IPSec according to existing user documentation."
}
],
"credits": [
{
"lang": "en",
"value": "ABB acknowledges and extends gratitude to Uri Sade, Roman Dvorkin, Roni Gavrilov, and Eran Jacob of the OTORIO org for responsibly disclosing the vulnerability and providing valuable input on product improvements."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}