mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
209 lines
12 KiB
JSON
209 lines
12 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-49982",
|
|
"ASSIGNER": "cve@kernel.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in more places\n\nFor fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential\nuse-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put()\ninstead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs\ninto use-after-free.\n\nThen Nicolai Stange found more places in aoe have potential use-after-free\nproblem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe()\nand aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push\npacket to tx queue. So they should also use dev_hold() to increase the\nrefcnt of skb->dev.\n\nOn the other hand, moving dev_put() to tx() causes that the refcnt of\nskb->dev be reduced to a negative value, because corresponding\ndev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(),\nprobe(), and aoecmd_cfg_rsp(). This patch fixed this issue."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Linux",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Linux",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "ad80c34944d7",
|
|
"version_value": "12f7b89dd72b"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "1a54aa506b3b",
|
|
"version_value": "a786265aecf3"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "faf0b4c5e00b",
|
|
"version_value": "f63461af2c1a"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "7dd09fa80b07",
|
|
"version_value": "07b418d50ccb"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "74ca3ef68d2f",
|
|
"version_value": "bc2cbf7525ac"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "eb48680b0255",
|
|
"version_value": "acc5103a0a8c"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "f98364e92662",
|
|
"version_value": "89d9a69ae0c6"
|
|
},
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"version": "6.9",
|
|
"status": "affected"
|
|
},
|
|
{
|
|
"version": "0",
|
|
"lessThan": "6.9",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "4.19.323",
|
|
"lessThanOrEqual": "4.19.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "5.4.285",
|
|
"lessThanOrEqual": "5.4.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "5.10.227",
|
|
"lessThanOrEqual": "5.10.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "5.15.168",
|
|
"lessThanOrEqual": "5.15.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.1.113",
|
|
"lessThanOrEqual": "6.1.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.6.55",
|
|
"lessThanOrEqual": "6.6.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.10.14",
|
|
"lessThanOrEqual": "6.10.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.11.3",
|
|
"lessThanOrEqual": "6.11.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.12",
|
|
"lessThanOrEqual": "*",
|
|
"status": "unaffected",
|
|
"versionType": "original_commit_for_fix"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/12f7b89dd72b25da4eeaa22097877963cad6418e",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/12f7b89dd72b25da4eeaa22097877963cad6418e"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/a786265aecf39015418e4f930cc1c14603a01490",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/a786265aecf39015418e4f930cc1c14603a01490"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/f63461af2c1a86af4217910e47a5c46e3372e645",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/f63461af2c1a86af4217910e47a5c46e3372e645"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/07b418d50ccbbca7e5d87a3a0d41d436cefebf79",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/07b418d50ccbbca7e5d87a3a0d41d436cefebf79"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/bc2cbf7525ac288e07d465f5a1d8cb8fb9599254",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/bc2cbf7525ac288e07d465f5a1d8cb8fb9599254"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/acc5103a0a8c200a52af7d732c36a8477436a3d3",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/acc5103a0a8c200a52af7d732c36a8477436a3d3"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/89d9a69ae0c667e4d9d028028e2dcc837bae626f",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/89d9a69ae0c667e4d9d028028e2dcc837bae626f"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/8253a60c89ec35c8f36fb2cc08cdf854c7a3eb58",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/8253a60c89ec35c8f36fb2cc08cdf854c7a3eb58"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/6d6e54fc71ad1ab0a87047fd9c211e75d86084a3",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/6d6e54fc71ad1ab0a87047fd9c211e75d86084a3"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "bippy-8e903de6a542"
|
|
}
|
|
} |