admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-17 09:00:34 +00:00
parent 428f8bb6a5
commit faa75260c1
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
20 changed files with 1943 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2023/3xxx/CVE-2023-3408.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3408",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'save_settings' function. This makes it possible for unauthenticated attackers to modify the theme's settings, including enabling a setting which allows lower-privileged users such as contributors to perform code execution, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Bricks Builder",
"product": {
"product_data": [
{
"product_name": "Bricks",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d58fd503-84d0-4d62-9290-870b1dd32be7?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d58fd503-84d0-4d62-9290-870b1dd32be7?source=cve"
},
{
"url": "https://bricksbuilder.io/",
"refsource": "MISC",
"name": "https://bricksbuilder.io/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ramuel Gall"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

76
2023/3xxx/CVE-2023-3409.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3409",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'reset_settings' function. This makes it possible for unauthenticated attackers to reset the theme's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Bricks Builder",
"product": {
"product_data": [
{
"product_name": "Bricks",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/16800ece-da9c-431b-a015-42bd30b646e2?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/16800ece-da9c-431b-a015-42bd30b646e2?source=cve"
},
{
"url": "https://bricksbuilder.io/",
"refsource": "MISC",
"name": "https://bricksbuilder.io/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ramuel Gall"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
}
]
}

91
2023/5xxx/CVE-2023-5505.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5505",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default settings will place an index.php and a .htaccess file into the chosen directory (unless already present) when the first backup job is run that are intended to prevent directory listing and file access. This means that an attacker could set the backup directory to the root of another site in a shared environment and thus disable that site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "wp_media",
"product": {
"product_data": [
{
"product_name": "BackWPup \u2013 WordPress Backup & Restore Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "4.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98085a23-0cb6-442a-a28a-cb5c2890b60d?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98085a23-0cb6-442a-a28a-cb5c2890b60d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/backwpup/trunk/inc/class-page-editjob.php?rev=2818974#L29",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/backwpup/trunk/inc/class-page-editjob.php?rev=2818974#L29"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2980789%40backwpup%2Ftrunk&old=2954541%40backwpup%2Ftrunk&sfp_email=&sfph_mail=",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2980789%40backwpup%2Ftrunk&old=2954541%40backwpup%2Ftrunk&sfp_email=&sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3000176/backwpup/trunk/inc/class-destination-folder.php",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3000176/backwpup/trunk/inc/class-destination-folder.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3000176%40backwpup&new=3000176%40backwpup&sfp_email=&sfph_mail=",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3000176%40backwpup&new=3000176%40backwpup&sfp_email=&sfph_mail="
}
]
},
"credits": [
{
"lang": "en",
"value": "Marco Wotschka"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
}
]
}

92
2024/42xxx/CVE-2024-42260.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42260",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Validate passed in drm syncobj handles in the performance extension\n\nIf userspace provides an unknown or invalid handle anywhere in the handle\narray the rest of the driver will not handle that well.\n\nFix it by checking handle was looked up successfully or otherwise fail the\nextension by jumping into the existing unwind.\n\n(cherry picked from commit a546b7e4d73c23838d7e4d2c92882b3ca902d213)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bae7cb5d6800",
"version_value": "5d4aa25f47cd"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5d4aa25f47cd05e9eeac272906588728588605dd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d4aa25f47cd05e9eeac272906588728588605dd"
},
{
"url": "https://git.kernel.org/stable/c/4ecc24a84d7e0254efd150ec23e0b89638386516",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4ecc24a84d7e0254efd150ec23e0b89638386516"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42261.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42261",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Validate passed in drm syncobj handles in the timestamp extension\n\nIf userspace provides an unknown or invalid handle anywhere in the handle\narray the rest of the driver will not handle that well.\n\nFix it by checking handle was looked up successfully or otherwise fail the\nextension by jumping into the existing unwind.\n\n(cherry picked from commit 8d1276d1b8f738c3afe1457d4dff5cc66fc848a3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9ba0ff3e083f",
"version_value": "5c56f104edd0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5c56f104edd02a537e9327dc543574e55713e1d7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5c56f104edd02a537e9327dc543574e55713e1d7"
},
{
"url": "https://git.kernel.org/stable/c/023d22e8bb0cdd6900382ad1ed06df3b6c2ea791",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/023d22e8bb0cdd6900382ad1ed06df3b6c2ea791"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42262.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42262",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Fix potential memory leak in the performance extension\n\nIf fetching of userspace memory fails during the main loop, all drm sync\nobjs looked up until that point will be leaked because of the missing\ndrm_syncobj_put.\n\nFix it by exporting and using a common cleanup helper.\n\n(cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bae7cb5d6800",
"version_value": "ad5fdc48f7a6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ad5fdc48f7a63b8a98493c667505fe4d3864ae21",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad5fdc48f7a63b8a98493c667505fe4d3864ae21"
},
{
"url": "https://git.kernel.org/stable/c/32df4abc44f24dbec239d43e2b26d5768c5d1a78",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/32df4abc44f24dbec239d43e2b26d5768c5d1a78"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42263.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42263",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Fix potential memory leak in the timestamp extension\n\nIf fetching of userspace memory fails during the main loop, all drm sync\nobjs looked up until that point will be leaked because of the missing\ndrm_syncobj_put.\n\nFix it by exporting and using a common cleanup helper.\n\n(cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9ba0ff3e083f",
"version_value": "9b5033ee2c5a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9b5033ee2c5af6d1135a403df32d219ab57e55f9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b5033ee2c5af6d1135a403df32d219ab57e55f9"
},
{
"url": "https://git.kernel.org/stable/c/0e50fcc20bd87584840266e8004f9064a8985b4f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0e50fcc20bd87584840266e8004f9064a8985b4f"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42264.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42264",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Prevent out of bounds access in performance query extensions\n\nCheck that the number of perfmons userspace is passing in the copy and\nreset extensions is not greater than the internal kernel storage where\nthe ids will be copied into.\n\n(cherry picked from commit f32b5128d2c440368b5bf3a7a356823e235caabb)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "bae7cb5d6800",
"version_value": "73ad583bd493"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/73ad583bd4938bf37d2709fc36901eb6f22f2722",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/73ad583bd4938bf37d2709fc36901eb6f22f2722"
},
{
"url": "https://git.kernel.org/stable/c/6ce9efd12ae81cf46bf44eb0348594558dfbb9d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6ce9efd12ae81cf46bf44eb0348594558dfbb9d2"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

104
2024/42xxx/CVE-2024-42265.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42265",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nprotect the fetch of ->fd[fd] in do_dup2() from mispredictions\n\nboth callers have verified that fd is not greater than ->max_fds;\nhowever, misprediction might end up with\n tofree = fdt->fd[fd];\nbeing speculatively executed. That's wrong for the same reasons\nwhy it's wrong in close_fd()/file_close_fd_locked(); the same\nsolution applies - array_index_nospec(fd, fdt->max_fds) could differ\nfrom fd only in case of speculative execution on mispredicted path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "5db999fff545"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5db999fff545b924b24c9afd368ef5c17279b176",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5db999fff545b924b24c9afd368ef5c17279b176"
},
{
"url": "https://git.kernel.org/stable/c/da72e783afd27d9f487836b2e6738146c0edd149",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da72e783afd27d9f487836b2e6738146c0edd149"
},
{
"url": "https://git.kernel.org/stable/c/1171ceccabfd596ca370c5d2cbb47d110c3f2fe1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1171ceccabfd596ca370c5d2cbb47d110c3f2fe1"
},
{
"url": "https://git.kernel.org/stable/c/8aa37bde1a7b645816cda8b80df4753ecf172bf1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8aa37bde1a7b645816cda8b80df4753ecf172bf1"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42266.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42266",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make cow_file_range_inline() honor locked_page on error\n\nThe btrfs buffered write path runs through __extent_writepage() which\nhas some tricky return value handling for writepage_delalloc().\nSpecifically, when that returns 1, we exit, but for other return values\nwe continue and end up calling btrfs_folio_end_all_writers(). If the\nfolio has been unlocked (note that we check the PageLocked bit at the\nstart of __extent_writepage()), this results in an assert panic like\nthis one from syzbot:\n\n BTRFS: error (device loop0 state EAL) in free_log_tree:3267: errno=-5 IO failure\n BTRFS warning (device loop0 state EAL): Skipping commit of aborted transaction.\n BTRFS: error (device loop0 state EAL) in cleanup_transaction:2018: errno=-5 IO failure\n assertion failed: folio_test_locked(folio), in fs/btrfs/subpage.c:871\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/subpage.c:871!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\n CPU: 1 PID: 5090 Comm: syz-executor225 Not tainted\n 6.10.0-syzkaller-05505-gb1bc554e009e #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS\n Google 06/27/2024\n RIP: 0010:btrfs_folio_end_all_writers+0x55b/0x610 fs/btrfs/subpage.c:871\n Code: e9 d3 fb ff ff e8 25 22 c2 fd 48 c7 c7 c0 3c 0e 8c 48 c7 c6 80 3d\n 0e 8c 48 c7 c2 60 3c 0e 8c b9 67 03 00 00 e8 66 47 ad 07 90 <0f> 0b e8\n 6e 45 b0 07 4c 89 ff be 08 00 00 00 e8 21 12 25 fe 4c 89\n RSP: 0018:ffffc900033d72e0 EFLAGS: 00010246\n RAX: 0000000000000045 RBX: 00fff0000000402c RCX: 663b7a08c50a0a00\n RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\n RBP: ffffc900033d73b0 R08: ffffffff8176b98c R09: 1ffff9200067adfc\n R10: dffffc0000000000 R11: fffff5200067adfd R12: 0000000000000001\n R13: dffffc0000000000 R14: 0000000000000000 R15: ffffea0001cbee80\n FS: 0000000000000000(0000) GS:ffff8880b9500000(0000)\n knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5f076012f8 CR3: 000000000e134000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n __extent_writepage fs/btrfs/extent_io.c:1597 [inline]\n extent_write_cache_pages fs/btrfs/extent_io.c:2251 [inline]\n btrfs_writepages+0x14d7/0x2760 fs/btrfs/extent_io.c:2373\n do_writepages+0x359/0x870 mm/page-writeback.c:2656\n filemap_fdatawrite_wbc+0x125/0x180 mm/filemap.c:397\n __filemap_fdatawrite_range mm/filemap.c:430 [inline]\n __filemap_fdatawrite mm/filemap.c:436 [inline]\n filemap_flush+0xdf/0x130 mm/filemap.c:463\n btrfs_release_file+0x117/0x130 fs/btrfs/file.c:1547\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:222\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:877\n do_group_exit+0x207/0x2c0 kernel/exit.c:1026\n __do_sys_exit_group kernel/exit.c:1037 [inline]\n __se_sys_exit_group kernel/exit.c:1035 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1035\n x64_sys_call+0x2634/0x2640\n arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5f075b70c9\n Code: Unable to access opcode bytes at\n 0x7f5f075b709f.\n\nI was hitting the same issue by doing hundreds of accelerated runs of\ngeneric/475, which also hits IO errors by design.\n\nI instrumented that reproducer with bpftrace and found that the\nundesirable folio_unlock was coming from the following callstack:\n\n folio_unlock+5\n __process_pages_contig+475\n cow_file_range_inline.constprop.0+230\n cow_file_range+803\n btrfs_run_delalloc_range+566\n writepage_delalloc+332\n __extent_writepage # inlined in my stacktrace, but I added it here\n extent_write_cache_pages+622\n\nLooking at the bisected-to pa\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0586d0a89e77",
"version_value": "061e41581606"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/061e41581606000a83ce0f0f01d6ad338f3704e9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/061e41581606000a83ce0f0f01d6ad338f3704e9"
},
{
"url": "https://git.kernel.org/stable/c/478574370bef7951fbd9ef5155537d6cbed49472",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/478574370bef7951fbd9ef5155537d6cbed49472"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42267.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error()\n\nHandle VM_FAULT_SIGSEGV in the page fault path so that we correctly\nkill the process and we don't BUG() the kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "07037db5d479",
"version_value": "d7ccf2ca772b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d7ccf2ca772bfe33e2c53ef80fa20d2d87eb6144",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d7ccf2ca772bfe33e2c53ef80fa20d2d87eb6144"
},
{
"url": "https://git.kernel.org/stable/c/917f598209f3f5e4ab175d5079d8aeb523e58b1f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/917f598209f3f5e4ab175d5079d8aeb523e58b1f"
},
{
"url": "https://git.kernel.org/stable/c/d4e7db757e2d7f4c407a007e92c98477eab215d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d4e7db757e2d7f4c407a007e92c98477eab215d2"
},
{
"url": "https://git.kernel.org/stable/c/0c710050c47d45eb77b28c271cddefc5c785cb40",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c710050c47d45eb77b28c271cddefc5c785cb40"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42268.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42268",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix missing lock on sync reset reload\n\nOn sync reset reload work, when remote host updates devlink on reload\nactions performed on that host, it misses taking devlink lock before\ncalling devlink_remote_reload_actions_performed() which results in\ntriggering lock assert like the following:\n\nWARNING: CPU: 4 PID: 1164 at net/devlink/core.c:261 devl_assert_locked+0x3e/0x50\n\u2026\n CPU: 4 PID: 1164 Comm: kworker/u96:6 Tainted: G S W 6.10.0-rc2+ #116\n Hardware name: Supermicro SYS-2028TP-DECTR/X10DRT-PT, BIOS 2.0 12/18/2015\n Workqueue: mlx5_fw_reset_events mlx5_sync_reset_reload_work [mlx5_core]\n RIP: 0010:devl_assert_locked+0x3e/0x50\n\u2026\n Call Trace:\n <TASK>\n ? __warn+0xa4/0x210\n ? devl_assert_locked+0x3e/0x50\n ? report_bug+0x160/0x280\n ? handle_bug+0x3f/0x80\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? devl_assert_locked+0x3e/0x50\n devlink_notify+0x88/0x2b0\n ? mlx5_attach_device+0x20c/0x230 [mlx5_core]\n ? __pfx_devlink_notify+0x10/0x10\n ? process_one_work+0x4b6/0xbb0\n process_one_work+0x4b6/0xbb0\n[\u2026]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "84a433a40d0e",
"version_value": "5d07d1d40aab"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.0",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5d07d1d40aabfd61bab21115639bd4f641db6002",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5d07d1d40aabfd61bab21115639bd4f641db6002"
},
{
"url": "https://git.kernel.org/stable/c/98884e89c90d077f6fe6ba18e6cf6f914642f04e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/98884e89c90d077f6fe6ba18e6cf6f914642f04e"
},
{
"url": "https://git.kernel.org/stable/c/091268f3c27a5b6d7858a3bb2a0dbcc9cd26ddb5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/091268f3c27a5b6d7858a3bb2a0dbcc9cd26ddb5"
},
{
"url": "https://git.kernel.org/stable/c/572f9caa9e7295f8c8822e4122c7ae8f1c412ff9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/572f9caa9e7295f8c8822e4122c7ae8f1c412ff9"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42269.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().\n\nip6table_nat_table_init() accesses net->gen->ptr[ip6table_nat_net_ops.id],\nbut the function is exposed to user space before the entry is allocated\nvia register_pernet_subsys().\n\nLet's call register_pernet_subsys() before xt_register_template()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fdacd57c79b7",
"version_value": "91b6df6611b7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/91b6df6611b7edb28676c4f63f90c56c30d3e601",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91b6df6611b7edb28676c4f63f90c56c30d3e601"
},
{
"url": "https://git.kernel.org/stable/c/e85b9b6a87be4cb3710082038b677e97f2389003",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e85b9b6a87be4cb3710082038b677e97f2389003"
},
{
"url": "https://git.kernel.org/stable/c/87dba44e9471b79b255d0736858a897332db9226",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87dba44e9471b79b255d0736858a897332db9226"
},
{
"url": "https://git.kernel.org/stable/c/c22921df777de5606f1047b1345b8d22ef1c0b34",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c22921df777de5606f1047b1345b8d22ef1c0b34"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42270.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42270",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().\n\nWe had a report that iptables-restore sometimes triggered null-ptr-deref\nat boot time. [0]\n\nThe problem is that iptable_nat_table_init() is exposed to user space\nbefore the kernel fully initialises netns.\n\nIn the small race window, a user could call iptable_nat_table_init()\nthat accesses net_generic(net, iptable_nat_net_id), which is available\nonly after registering iptable_nat_net_ops.\n\nLet's call register_pernet_subsys() before xt_register_template().\n\n[0]:\nbpfilter: Loaded bpfilter_umh pid 11702\nStarted bpfilter\nBUG: kernel NULL pointer dereference, address: 0000000000000013\n PF: supervisor write access in kernel mode\n PF: error_code(0x0002) - not-present page\nPGD 0 P4D 0\nPREEMPT SMP NOPTI\nCPU: 2 PID: 11879 Comm: iptables-restor Not tainted 6.1.92-99.174.amzn2023.x86_64 #1\nHardware name: Amazon EC2 c6i.4xlarge/, BIOS 1.0 10/16/2017\nRIP: 0010:iptable_nat_table_init (net/ipv4/netfilter/iptable_nat.c:87 net/ipv4/netfilter/iptable_nat.c:121) iptable_nat\nCode: 10 4c 89 f6 48 89 ef e8 0b 19 bb ff 41 89 c4 85 c0 75 38 41 83 c7 01 49 83 c6 28 41 83 ff 04 75 dc 48 8b 44 24 08 48 8b 0c 24 <48> 89 08 4c 89 ef e8 a2 3b a2 cf 48 83 c4 10 44 89 e0 5b 5d 41 5c\nRSP: 0018:ffffbef902843cd0 EFLAGS: 00010246\nRAX: 0000000000000013 RBX: ffff9f4b052caa20 RCX: ffff9f4b20988d80\nRDX: 0000000000000000 RSI: 0000000000000064 RDI: ffffffffc04201c0\nRBP: ffff9f4b29394000 R08: ffff9f4b07f77258 R09: ffff9f4b07f77240\nR10: 0000000000000000 R11: ffff9f4b09635388 R12: 0000000000000000\nR13: ffff9f4b1a3c6c00 R14: ffff9f4b20988e20 R15: 0000000000000004\nFS: 00007f6284340000(0000) GS:ffff9f51fe280000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000013 CR3: 00000001d10a6005 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n <TASK>\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? xt_find_table_lock (net/netfilter/x_tables.c:1259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? page_fault_oops (arch/x86/mm/fault.c:727)\n ? exc_page_fault (./arch/x86/include/asm/irqflags.h:40 ./arch/x86/include/asm/irqflags.h:75 arch/x86/mm/fault.c:1470 arch/x86/mm/fault.c:1518)\n ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:570)\n ? iptable_nat_table_init (net/ipv4/netfilter/iptable_nat.c:87 net/ipv4/netfilter/iptable_nat.c:121) iptable_nat\n xt_find_table_lock (net/netfilter/x_tables.c:1259)\n xt_request_find_table_lock (net/netfilter/x_tables.c:1287)\n get_info (net/ipv4/netfilter/ip_tables.c:965)\n ? security_capable (security/security.c:809 (discriminator 13))\n ? ns_capable (kernel/capability.c:376 kernel/capability.c:397)\n ? do_ipt_get_ctl (net/ipv4/netfilter/ip_tables.c:1656)\n ? bpfilter_send_req (net/bpfilter/bpfilter_kern.c:52) bpfilter\n nf_getsockopt (net/netfilter/nf_sockopt.c:116)\n ip_getsockopt (net/ipv4/ip_sockglue.c:1827)\n __sys_getsockopt (net/socket.c:2327)\n __x64_sys_getsockopt (net/socket.c:2342 net/socket.c:2339 net/socket.c:2339)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:81)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121)\nRIP: 0033:0x7f62844685ee\nCode: 48 8b 0d 45 28 0f 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 0a c3 66 0f 1f 84 00 00 00 00 00 48 8b 15 09\nRSP: 002b:00007ffd1f83d638 EFLAGS: 00000246 ORIG_RAX: 0000000000000037\nRAX: ffffffffffffffda RBX: 00007ffd1f83d680 RCX: 00007f62844685ee\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004\nRBP: 0000000000000004 R08: 00007ffd1f83d670 R09: 0000558798ffa2a0\nR10: 00007ffd1f83d680 R11: 0000000000000246 R12: 00007ffd1f83e3b2\nR13: 00007f6284\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "fdacd57c79b7",
"version_value": "95590a492902"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/95590a4929027769af35b153645c0ab6fd22b29b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/95590a4929027769af35b153645c0ab6fd22b29b"
},
{
"url": "https://git.kernel.org/stable/c/70014b73d7539fcbb6b4ff5f37368d7241d8e626",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/70014b73d7539fcbb6b4ff5f37368d7241d8e626"
},
{
"url": "https://git.kernel.org/stable/c/08ed888b69a22647153fe2bec55b7cd0a46102cc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/08ed888b69a22647153fe2bec55b7cd0a46102cc"
},
{
"url": "https://git.kernel.org/stable/c/5830aa863981d43560748aa93589c0695191d95d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5830aa863981d43560748aa93589c0695191d95d"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42271.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/iucv: fix use after free in iucv_sock_close()\n\niucv_sever_path() is called from process context and from bh context.\niucv->path is used as indicator whether somebody else is taking care of\nsevering the path (or it is already removed / never existed).\nThis needs to be done with atomic compare and swap, otherwise there is a\nsmall window where iucv_sock_close() will try to work with a path that has\nalready been severed and freed by iucv_callback_connrej() called by\niucv_tasklet_fn().\n\nExample:\n[452744.123844] Call Trace:\n[452744.123845] ([<0000001e87f03880>] 0x1e87f03880)\n[452744.123966] [<00000000d593001e>] iucv_path_sever+0x96/0x138\n[452744.124330] [<000003ff801ddbca>] iucv_sever_path+0xc2/0xd0 [af_iucv]\n[452744.124336] [<000003ff801e01b6>] iucv_sock_close+0xa6/0x310 [af_iucv]\n[452744.124341] [<000003ff801e08cc>] iucv_sock_release+0x3c/0xd0 [af_iucv]\n[452744.124345] [<00000000d574794e>] __sock_release+0x5e/0xe8\n[452744.124815] [<00000000d5747a0c>] sock_close+0x34/0x48\n[452744.124820] [<00000000d5421642>] __fput+0xba/0x268\n[452744.124826] [<00000000d51b382c>] task_work_run+0xbc/0xf0\n[452744.124832] [<00000000d5145710>] do_notify_resume+0x88/0x90\n[452744.124841] [<00000000d5978096>] system_call+0xe2/0x2c8\n[452744.125319] Last Breaking-Event-Address:\n[452744.125321] [<00000000d5930018>] iucv_path_sever+0x90/0x138\n[452744.125324]\n[452744.125325] Kernel panic - not syncing: Fatal exception in interrupt\n\nNote that bh_lock_sock() is not serializing the tasklet context against\nprocess context, because the check for sock_owned_by_user() and\ncorresponding handling is missing.\n\nIdeas for a future clean-up patch:\nA) Correct usage of bh_lock_sock() in tasklet context, as described in\nRe-enqueue, if needed. This may require adding return values to the\ntasklet functions and thus changes to all users of iucv.\n\nB) Change iucv tasklet into worker and use only lock_sock() in af_iucv."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7d316b945352",
"version_value": "8b424c9e4411"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8b424c9e44111c5a76f41c6b741f8d4c4179d876",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b424c9e44111c5a76f41c6b741f8d4c4179d876"
},
{
"url": "https://git.kernel.org/stable/c/01437282fd3904810603f3dc98d2cac6b8b6fc84",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/01437282fd3904810603f3dc98d2cac6b8b6fc84"
},
{
"url": "https://git.kernel.org/stable/c/69620522c48ce8215e5eb55ffbab8cafee8f407d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/69620522c48ce8215e5eb55ffbab8cafee8f407d"
},
{
"url": "https://git.kernel.org/stable/c/f558120cd709682b739207b48cf7479fd9568431",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f558120cd709682b739207b48cf7479fd9568431"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/42xxx/CVE-2024-42272.json
View File

@ -1,18 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42272",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: act_ct: take care of padding in struct zones_ht_key\n\nBlamed commit increased lookup key size from 2 bytes to 16 bytes,\nbecause zones_ht_key got a struct net pointer.\n\nMake sure rhashtable_lookup() is not using the padding bytes\nwhich are not initialized.\n\n BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:376 [inline]\n BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:607 [inline]\n BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329\n rht_ptr_rcu include/linux/rhashtable.h:376 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:607 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329\n tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408\n tcf_action_init_1+0x6cc/0xb30 net/sched/act_api.c:1425\n tcf_action_init+0x458/0xf00 net/sched/act_api.c:1488\n tcf_action_add net/sched/act_api.c:2061 [inline]\n tc_ctl_action+0x4be/0x19d0 net/sched/act_api.c:2118\n rtnetlink_rcv_msg+0x12fc/0x1410 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2550\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6665\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2597\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2651\n __sys_sendmsg net/socket.c:2680 [inline]\n __do_sys_sendmsg net/socket.c:2689 [inline]\n __se_sys_sendmsg net/socket.c:2687 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2687\n x64_sys_call+0x2dd6/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nLocal variable key created at:\n tcf_ct_flow_table_get+0x4a/0x2260 net/sched/act_ct.c:324\n tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2f82f75f8434",
"version_value": "d06daf0ad645"
},
{
"version_affected": "<",
"version_name": "9126fd82e9ed",
"version_value": "d7cc186d0973"
},
{
"version_affected": "<",
"version_name": "88c67aeb1407",
"version_value": "3a5b68869dbe"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/d06daf0ad645d9225a3ff6958dd82e1f3988fa64",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d06daf0ad645d9225a3ff6958dd82e1f3988fa64"
},
{
"url": "https://git.kernel.org/stable/c/d7cc186d0973afce0e1237c37f7512c01981fb79",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d7cc186d0973afce0e1237c37f7512c01981fb79"
},
{
"url": "https://git.kernel.org/stable/c/3a5b68869dbe14f1157c6a24ac71923db060eeab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3a5b68869dbe14f1157c6a24ac71923db060eeab"
},
{
"url": "https://git.kernel.org/stable/c/2191a54f63225b548fd8346be3611c3219a24738",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2191a54f63225b548fd8346be3611c3219a24738"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

124
2024/42xxx/CVE-2024-42273.json
View File

@ -1,18 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42273",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid\n\nmkdir /mnt/test/comp\nf2fs_io setflags compression /mnt/test/comp\ndd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1\ntruncate --size 13 /mnt/test/comp/testfile\n\nIn the above scenario, we can get a BUG_ON.\n kernel BUG at fs/f2fs/segment.c:3589!\n Call Trace:\n do_write_page+0x78/0x390 [f2fs]\n f2fs_outplace_write_data+0x62/0xb0 [f2fs]\n f2fs_do_write_data_page+0x275/0x740 [f2fs]\n f2fs_write_single_data_page+0x1dc/0x8f0 [f2fs]\n f2fs_write_multi_pages+0x1e5/0xae0 [f2fs]\n f2fs_write_cache_pages+0xab1/0xc60 [f2fs]\n f2fs_write_data_pages+0x2d8/0x330 [f2fs]\n do_writepages+0xcf/0x270\n __writeback_single_inode+0x44/0x350\n writeback_sb_inodes+0x242/0x530\n __writeback_inodes_wb+0x54/0xf0\n wb_writeback+0x192/0x310\n wb_workfn+0x30d/0x400\n\nThe reason is we gave CURSEG_ALL_DATA_ATGC to COMPR_ADDR where the\npage was set the gcing flag by set_cluster_dirty()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7c972c894575",
"version_value": "5fd057160ab2"
},
{
"version_affected": "<",
"version_name": "417b8a91f4e8",
"version_value": "4239571c5db4"
},
{
"version_affected": "<",
"version_name": "4961acdd65c9",
"version_value": "0cd106612396"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5fd057160ab240dd816ae09b625395d54c297de1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5fd057160ab240dd816ae09b625395d54c297de1"
},
{
"url": "https://git.kernel.org/stable/c/4239571c5db46a42f723b8fa8394039187c34439",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4239571c5db46a42f723b8fa8394039187c34439"
},
{
"url": "https://git.kernel.org/stable/c/0cd106612396656d6f1ca17ef192c6759bb60791",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0cd106612396656d6f1ca17ef192c6759bb60791"
},
{
"url": "https://git.kernel.org/stable/c/8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

114
2024/42xxx/CVE-2024-42274.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42274",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"ALSA: firewire-lib: operate for period elapse event in process context\"\n\nCommit 7ba5ca32fe6e (\"ALSA: firewire-lib: operate for period elapse event\nin process context\") removed the process context workqueue from\namdtp_domain_stream_pcm_pointer() and update_pcm_pointers() to remove\nits overhead.\n\nWith RME Fireface 800, this lead to a regression since\nKernels 5.14.0, causing an AB/BA deadlock competition for the\nsubstream lock with eventual system freeze under ALSA operation:\n\nthread 0:\n * (lock A) acquire substream lock by\n\tsnd_pcm_stream_lock_irq() in\n\tsnd_pcm_status64()\n * (lock B) wait for tasklet to finish by calling\n \ttasklet_unlock_spin_wait() in\n\ttasklet_disable_in_atomic() in\n\tohci_flush_iso_completions() of ohci.c\n\nthread 1:\n * (lock B) enter tasklet\n * (lock A) attempt to acquire substream lock,\n \twaiting for it to be released:\n\tsnd_pcm_stream_lock_irqsave() in\n \tsnd_pcm_period_elapsed() in\n\tupdate_pcm_pointers() in\n\tprocess_ctx_payloads() in\n\tprocess_rx_packets() of amdtp-stream.c\n\n? tasklet_unlock_spin_wait\n </NMI>\n <TASK>\nohci_flush_iso_completions firewire_ohci\namdtp_domain_stream_pcm_pointer snd_firewire_lib\nsnd_pcm_update_hw_ptr0 snd_pcm\nsnd_pcm_status64 snd_pcm\n\n? native_queued_spin_lock_slowpath\n </NMI>\n <IRQ>\n_raw_spin_lock_irqsave\nsnd_pcm_period_elapsed snd_pcm\nprocess_rx_packets snd_firewire_lib\nirq_target_callback snd_firewire_lib\nhandle_it_packet firewire_ohci\ncontext_tasklet firewire_ohci\n\nRestore the process context work queue to prevent deadlock\nAB/BA deadlock competition for ALSA substream lock of\nsnd_pcm_stream_lock_irq() in snd_pcm_status64()\nand snd_pcm_stream_lock_irqsave() in snd_pcm_period_elapsed().\n\nrevert commit 7ba5ca32fe6e (\"ALSA: firewire-lib: operate for period\nelapse event in process context\")\n\nReplace inline description to prevent future deadlock."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7ba5ca32fe6e",
"version_value": "b239a37d68e8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.14",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.104",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.45",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b239a37d68e8bc59f9516444da222841e3b13ba9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b239a37d68e8bc59f9516444da222841e3b13ba9"
},
{
"url": "https://git.kernel.org/stable/c/f5043e69aeb2786f32e84132817a007a6430aa7d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f5043e69aeb2786f32e84132817a007a6430aa7d"
},
{
"url": "https://git.kernel.org/stable/c/36c255db5a25edd42d1aca48e38b8e95ee5fd9ef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36c255db5a25edd42d1aca48e38b8e95ee5fd9ef"
},
{
"url": "https://git.kernel.org/stable/c/3dab73ab925a51ab05543b491bf17463a48ca323",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3dab73ab925a51ab05543b491bf17463a48ca323"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

92
2024/42xxx/CVE-2024-42275.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42275",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fix error code in drm_client_buffer_vmap_local()\n\nThis function accidentally returns zero/success on the failure path.\nIt leads to locking issues and an uninitialized *map_copy in the\ncaller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b4b0193e83cb",
"version_value": "c0f412961653"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.4",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c0f412961653237f52e2f16ee8747fb330bcf074",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c0f412961653237f52e2f16ee8747fb330bcf074"
},
{
"url": "https://git.kernel.org/stable/c/b5fbf924f125ba3638cfdc21c0515eb7e76264ca",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5fbf924f125ba3638cfdc21c0515eb7e76264ca"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

100
2024/7xxx/CVE-2024-7887.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in LimeSurvey 6.3.0-231016 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php of the component File Upload. The manipulation of the argument size leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in LimeSurvey 6.3.0-231016 gefunden. Sie wurde als problematisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /index.php der Komponente File Upload. Mittels Manipulieren des Arguments size mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404 Denial of Service",
"cweId": "CWE-404"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "LimeSurvey",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "6.3.0-231016"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.274874",
"refsource": "MISC",
"name": "https://vuldb.com/?id.274874"
},
{
"url": "https://vuldb.com/?ctiid.274874",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.274874"
},
{
"url": "https://vuldb.com/?submit.387132",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.387132"
},
{
"url": "https://github.com/Hebing123/cve/issues/67",
"refsource": "MISC",
"name": "https://github.com/Hebing123/cve/issues/67"
}
]
},
"credits": [
{
"lang": "en",
"value": "jiashenghe (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2.7,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2.7,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:N/A:P"
}
]
}