From f5459e27d05b4014c5e549b60d2f2ba2211704cc Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 22 Feb 2024 13:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/3xxx/CVE-2023-3966.json | 280 ++++++++++++++++++++++++++++++++- 2023/52xxx/CVE-2023-52437.json | 149 +----------------- 2024/1xxx/CVE-2024-1742.json | 18 +++ 3 files changed, 296 insertions(+), 151 deletions(-) create mode 100644 2024/1xxx/CVE-2024-1742.json diff --git a/2023/3xxx/CVE-2023-3966.json b/2023/3xxx/CVE-2023-3966.json index 09688b9d5e9..c6b5a7b1ca6 100644 --- a/2023/3xxx/CVE-2023-3966.json +++ b/2023/3xxx/CVE-2023-3966.json @@ -1,17 +1,289 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-3966", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Uncaught Exception", + "cweId": "CWE-248" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "openvswitch", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "3.1.0", + "status": "unaffected" + } + ] + } + } + ] + } + } + ] + } + }, + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Fast Datapath for RHEL 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Fast Datapath for RHEL 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Fast Datapath for RHEL 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 3.11", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + }, + { + "vendor_name": "RDO", + "product": { + "product_data": [ + { + "product_name": "OpenStack RDO", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + }, + { + "vendor_name": "Fedora", + "product": { + "product_data": [ + { + "product_name": "Fedora", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-3966", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2023-3966" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "This issue was discovered by Haresh Khandelwal (Red Hat) and Timothy Redaelli (Red Hat)." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/52xxx/CVE-2023-52437.json b/2023/52xxx/CVE-2023-52437.json index 2a26ec31af1..5faa4bbf7c3 100644 --- a/2023/52xxx/CVE-2023-52437.json +++ b/2023/52xxx/CVE-2023-52437.json @@ -5,159 +5,14 @@ "CVE_data_meta": { "ID": "CVE-2023-52437", "ASSIGNER": "cve@kernel.org", - "STATE": "PUBLIC" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\"\n\nThis reverts commit 5e2cf333b7bd5d3e62595a44d598a254c697cd74.\n\nThat commit introduced the following race and can cause system hung.\n\n md_write_start: raid5d:\n // mddev->in_sync == 1\n set \"MD_SB_CHANGE_PENDING\"\n // running before md_write_start wakeup it\n waiting \"MD_SB_CHANGE_PENDING\" cleared\n >>>>>>>>> hung\n wakeup mddev->thread\n ...\n waiting \"MD_SB_CHANGE_PENDING\" cleared\n >>>> hung, raid5d should clear this flag\n but get hung by same flag.\n\nThe issue reverted commit fixing is fixed by last patch in a new way." + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Linux", - "product": { - "product_data": [ - { - "product_name": "Linux", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "9e86dffd0b02", - "version_value": "84c39986fe6d" - }, - { - "version_affected": "<", - "version_name": "5e2cf333b7bd", - "version_value": "bed0acf330b2" - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "5.15.148", - "lessThanOrEqual": "5.15.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.1.74", - "lessThanOrEqual": "6.1.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.1.75", - "lessThanOrEqual": "6.1.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.6.13", - "lessThanOrEqual": "6.6.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.6.14", - "lessThanOrEqual": "6.6.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.7.1", - "lessThanOrEqual": "6.7.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.7.2", - "lessThanOrEqual": "6.7.*", - "status": "unaffected", - "versionType": "custom" - }, - { - "version": "6.8-rc1", - "lessThanOrEqual": "*", - "status": "unaffected", - "versionType": "original_commit_for_fix" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://git.kernel.org/stable/c/84c39986fe6dd77aa15f08712339f5d4eb7dbe27", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/84c39986fe6dd77aa15f08712339f5d4eb7dbe27" - }, - { - "url": "https://git.kernel.org/stable/c/bed0acf330b2c50c688f6d9cfbcac2aa57a8e613", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/bed0acf330b2c50c688f6d9cfbcac2aa57a8e613" - }, - { - "url": "https://git.kernel.org/stable/c/cfa46838285814c3a27faacf7357f0a65bb5d152", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/cfa46838285814c3a27faacf7357f0a65bb5d152" - }, - { - "url": "https://git.kernel.org/stable/c/e16a0bbdb7e590a6607b0d82915add738c03c069", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/e16a0bbdb7e590a6607b0d82915add738c03c069" - }, - { - "url": "https://git.kernel.org/stable/c/aab69ef769707ad987ff905d79e0bd6591812580", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/aab69ef769707ad987ff905d79e0bd6591812580" - }, - { - "url": "https://git.kernel.org/stable/c/0de40f76d567133b871cd6ad46bb87afbce46983", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/0de40f76d567133b871cd6ad46bb87afbce46983" - }, - { - "url": "https://git.kernel.org/stable/c/87165c64fe1a98bbab7280c58df3c83be2c98478", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/87165c64fe1a98bbab7280c58df3c83be2c98478" - }, - { - "url": "https://git.kernel.org/stable/c/bed9e27baf52a09b7ba2a3714f1e24e17ced386d", - "refsource": "MISC", - "name": "https://git.kernel.org/stable/c/bed9e27baf52a09b7ba2a3714f1e24e17ced386d" - } - ] - }, - "generator": { - "engine": "bippy-03f60121d1f8" } } \ No newline at end of file diff --git a/2024/1xxx/CVE-2024-1742.json b/2024/1xxx/CVE-2024-1742.json new file mode 100644 index 00000000000..a8e2f19cdda --- /dev/null +++ b/2024/1xxx/CVE-2024-1742.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-1742", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file