From 01310edb3790a03cd8b422bf313c34295e1eaeb8 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 25 Oct 2024 16:03:30 +0000 Subject: [PATCH] Auto-Update: 2024-10-25T16:00:31.271744+00:00 --- CVE-2022/CVE-2022-489xx/CVE-2022-48970.json | 146 +++- CVE-2022/CVE-2022-489xx/CVE-2022-48971.json | 158 ++++- CVE-2022/CVE-2022-489xx/CVE-2022-48972.json | 182 ++++- CVE-2022/CVE-2022-489xx/CVE-2022-48973.json | 182 ++++- CVE-2022/CVE-2022-489xx/CVE-2022-48974.json | 110 ++- CVE-2022/CVE-2022-489xx/CVE-2022-48983.json | 122 +++- CVE-2022/CVE-2022-489xx/CVE-2022-48984.json | 110 ++- CVE-2022/CVE-2022-489xx/CVE-2022-48992.json | 171 ++++- CVE-2022/CVE-2022-489xx/CVE-2022-48995.json | 129 +++- CVE-2022/CVE-2022-490xx/CVE-2022-49002.json | 177 ++++- CVE-2022/CVE-2022-490xx/CVE-2022-49003.json | 117 +++- CVE-2022/CVE-2022-490xx/CVE-2022-49004.json | 117 +++- CVE-2022/CVE-2022-490xx/CVE-2022-49005.json | 184 ++++- CVE-2022/CVE-2022-490xx/CVE-2022-49006.json | 141 +++- CVE-2022/CVE-2022-490xx/CVE-2022-49007.json | 176 ++++- CVE-2022/CVE-2022-490xx/CVE-2022-49008.json | 105 ++- CVE-2024/CVE-2024-431xx/CVE-2024-43173.json | 65 +- CVE-2024/CVE-2024-441xx/CVE-2024-44100.json | 4 +- CVE-2024/CVE-2024-453xx/CVE-2024-45334.json | 59 +- CVE-2024/CVE-2024-453xx/CVE-2024-45335.json | 59 +- CVE-2024/CVE-2024-469xx/CVE-2024-46902.json | 84 ++- CVE-2024/CVE-2024-469xx/CVE-2024-46903.json | 86 ++- CVE-2024/CVE-2024-470xx/CVE-2024-47014.json | 4 +- CVE-2024/CVE-2024-470xx/CVE-2024-47015.json | 39 +- CVE-2024/CVE-2024-470xx/CVE-2024-47016.json | 39 +- CVE-2024/CVE-2024-470xx/CVE-2024-47017.json | 39 +- CVE-2024/CVE-2024-470xx/CVE-2024-47018.json | 39 +- CVE-2024/CVE-2024-470xx/CVE-2024-47019.json | 39 +- CVE-2024/CVE-2024-470xx/CVE-2024-47020.json | 4 +- CVE-2024/CVE-2024-470xx/CVE-2024-47022.json | 4 +- CVE-2024/CVE-2024-470xx/CVE-2024-47030.json | 4 +- CVE-2024/CVE-2024-470xx/CVE-2024-47031.json | 4 +- CVE-2024/CVE-2024-478xx/CVE-2024-47819.json | 50 +- CVE-2024/CVE-2024-484xx/CVE-2024-48428.json | 33 + CVE-2024/CVE-2024-489xx/CVE-2024-48925.json | 48 +- CVE-2024/CVE-2024-493xx/CVE-2024-49378.json | 24 +- CVE-2024/CVE-2024-493xx/CVE-2024-49380.json | 96 +++ CVE-2024/CVE-2024-493xx/CVE-2024-49381.json | 86 +++ CVE-2024/CVE-2024-497xx/CVE-2024-49753.json | 84 +++ CVE-2024/CVE-2024-497xx/CVE-2024-49757.json | 84 +++ CVE-2024/CVE-2024-498xx/CVE-2024-49880.json | 87 ++- CVE-2024/CVE-2024-498xx/CVE-2024-49881.json | 130 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49883.json | 130 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49884.json | 130 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49889.json | 129 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49890.json | 129 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49891.json | 81 ++- CVE-2024/CVE-2024-498xx/CVE-2024-49892.json | 129 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49893.json | 69 +- CVE-2024/CVE-2024-498xx/CVE-2024-49894.json | 129 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49895.json | 129 +++- CVE-2024/CVE-2024-498xx/CVE-2024-49899.json | 69 +- CVE-2024/CVE-2024-499xx/CVE-2024-49900.json | 129 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49901.json | 93 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49904.json | 81 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49919.json | 81 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49920.json | 69 +- CVE-2024/CVE-2024-499xx/CVE-2024-49921.json | 69 +- CVE-2024/CVE-2024-499xx/CVE-2024-49922.json | 81 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49924.json | 129 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49928.json | 81 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49929.json | 93 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49930.json | 129 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49931.json | 93 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49936.json | 129 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49941.json | 75 +- CVE-2024/CVE-2024-499xx/CVE-2024-49942.json | 87 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49981.json | 134 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49982.json | 152 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49992.json | 107 ++- CVE-2024/CVE-2024-499xx/CVE-2024-49993.json | 129 +++- CVE-2024/CVE-2024-499xx/CVE-2024-49994.json | 81 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50019.json | 116 +++- CVE-2024/CVE-2024-500xx/CVE-2024-50020.json | 87 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50021.json | 80 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50022.json | 104 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50023.json | 92 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50024.json | 128 +++- CVE-2024/CVE-2024-500xx/CVE-2024-50025.json | 80 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50026.json | 104 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50027.json | 80 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50028.json | 80 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50029.json | 92 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50030.json | 80 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50031.json | 116 +++- CVE-2024/CVE-2024-500xx/CVE-2024-50032.json | 104 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50036.json | 120 +++- CVE-2024/CVE-2024-500xx/CVE-2024-50037.json | 80 ++- CVE-2024/CVE-2024-500xx/CVE-2024-50038.json | 116 +++- CVE-2024/CVE-2024-500xx/CVE-2024-50039.json | 128 +++- CVE-2024/CVE-2024-500xx/CVE-2024-50040.json | 156 ++++- README.md | 73 +- _state.csv | 725 ++++++++++---------- 93 files changed, 8553 insertions(+), 955 deletions(-) create mode 100644 CVE-2024/CVE-2024-484xx/CVE-2024-48428.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49380.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49381.json create mode 100644 CVE-2024/CVE-2024-497xx/CVE-2024-49753.json create mode 100644 CVE-2024/CVE-2024-497xx/CVE-2024-49757.json diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48970.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48970.json index 6f49c3f8b54..f479b6683a3 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48970.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48970.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48970", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:09.177", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:24:22.060", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,157 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: af_unix: Obtener user_ns de in_skb en unix_diag_get_exact(). Wei Chen inform\u00f3 una desreferencia NULL en sk_user_ns() [0][1], y Paolo diagnostic\u00f3 la causa ra\u00edz: en unix_diag_get_exact(), el skb reci\u00e9n asignado no tiene sk. [2] Debemos obtener el user_ns de NETLINK_CB(in_skb).sk y pasarlo a sk_diag_fill(). [0]: ERROR: desreferencia de puntero NULL del n\u00facleo, direcci\u00f3n: 0000000000000270 #PF: acceso de lectura del supervisor en modo n\u00facleo #PF: error_code(0x0000) - p\u00e1gina no presente PGD 12bbce067 P4D 12bbce067 PUD 12bc40067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 0 PID: 27942 Comm: syz-executor.0 No contaminado 6.1.0-rc5-next-20221118 #2 Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-48-gd9c812dda519-prebuilt.qemu.org 04/01/2014 RIP: 0010:sk_user_ns include/net/sock.h:920 [en l\u00ednea] RIP: 0010:sk_diag_dump_uid net/unix/diag.c:119 [en l\u00ednea] RIP: 0010:sk_diag_fill+0x77d/0x890 net/unix/diag.c:170 C\u00f3digo: 89 ef e8 66 d4 2d fd c7 44 24 40 00 00 00 00 49 8d 7c 24 18 e8 54 d7 2d fd 49 8b 5c 24 18 48 8d bb 70 02 00 00 e8 43 d7 2d fd <48> 8b 9b 70 02 00 00 48 8d 7b 10 e8 33 d7 2d fd 48 8b 5b 10 48 8d RSP: 0018:ffffc90000d67968 EFLAGS: 00010246 RAX: ffff88812badaa48 RBX: 0000000000000000 RCX: ff840d481d RDX: 0000000000000465 RSI: 0000000000000000 RDI: 0000000000000270 RBP: ffffc90000d679a8 R08: 0000000000000277 R09: 0000000000000000 R10: 0001ffffffffffff R11: 0001c90000d679a8 R12: ffff88812ac03800 R13: ffff88812c87c400 R14: ffff88812ae42210 R15: ffff888103026940 FS: 00007f08b4e6f700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000270 CR3: 000000012c58b000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: unix_diag_get_exact net/unix/diag.c:285 [en l\u00ednea] unix_diag_handler_dump+0x3f9/0x500 net/unix/diag.c:317 __sock_diag_cmd net/core/sock_diag.c:235 [en l\u00ednea] sock_diag_rcv_msg+0x237/0x250 net/core/sock_diag.c:266 netlink_rcv_skb+0x13e/0x250 net/netlink/af_netlink.c:2564 sock_diag_rcv+0x24/0x40 net/core/sock_diag.c:277 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [en l\u00ednea] netlink_unicast+0x5e9/0x6b0 net/netlink/af_netlink.c:1356 netlink_sendmsg+0x739/0x860 net/netlink/af_netlink.c:1932 sock_sendmsg_nosec net/socket.c:714 [en l\u00ednea] sock_sendmsg net/socket.c:734 [en l\u00ednea] ____sys_sendmsg+0x38f/0x500 net/socket.c:2476 ___sys_sendmsg net/socket.c:2530 [en l\u00ednea] __sys_sendmsg+0x197/0x230 net/socket.c:2559 __do_sys_sendmsg net/socket.c:2568 [en l\u00ednea] __se_sys_sendmsg net/socket.c:2566 [en l\u00ednea] __x64_sys_sendmsg+0x42/0x50 net/socket.c:2566 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x4697f9 C\u00f3digo: f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f08b4e6ec48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000077bf80 RCX: 00000000004697f9 RDX: 000000000000000 RSI: 00000000200001c0 RDI: 000000000000003 RBP: 00000000004d29e9 R08: 0000000000000000 R09: 000000000000000 R10: 00000000000000000 R11: 0000000000000246 R12: 000000000077bf80 R13: 0000000000000000 R14: 000000000077bf80 R15: 00007ffdb36bc6c0 M\u00f3dulos vinculados en: CR2: 0000000000000270 [1]: https://lore.kernel.org/netdev/CAO4mrfdvyjFpokhNsiwZiP-wpdSD0AStcJwfKcKQdAALQ9_2Qw@mail.gmail.com/ [2]: https://lore.kernel.org/netdev/e04315e7c90d9a75613f3993c2baf2d344eef7eb.camel@redhat.com/" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.3", + "versionEndExcluding": "5.4.227", + "matchCriteriaId": "AB721816-DC8C-4872-90CD-02D2105999D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.159", + "matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.83", + "matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/575a6266f63dbb3b8eb1da03671451f0d81b8034", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5c014eb0ed6c8c57f483e94cc6e90f34ce426d91", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9c1d6f79a2c7b8221dcec27defc6dc461052ead4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b3abe42e94900bdd045c472f9c9be620ba5ce553", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c66d78aee55dab72c92020ebfbebc464d4f5dd2a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48971.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48971.json index 3b6b1f6e3dc..a8a8382ed6d 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48971.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48971.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48971", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:09.260", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:23:38.807", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,171 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: Se solucion\u00f3 el problema de no limpiar el led cuando bt_init fallo bt_init() llama a bt_leds_init() para registrar el led, pero si falla m\u00e1s tarde, no se llama a bt_leds_cleanup() para anular su registro. Esto puede causar p\u00e1nico si se libera el argumento \"bluetooth-power\" en el texto y luego otro led_trigger_register() intenta acceder a \u00e9l: ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: ffffffffc06d3bc0 RIP: 0010:strcmp+0xc/0x30 Seguimiento de llamadas: led_trigger_register+0x10d/0x4f0 led_trigger_register_simple+0x7d/0x100 bt_init+0x39/0xf7 [bluetooth] do_one_initcall+0xd0/0x4e0" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9", + "versionEndExcluding": "4.19.269", + "matchCriteriaId": "583D408E-67CE-427E-9097-897D64F9D40E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.227", + "matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.159", + "matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.83", + "matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2c6cf0afc3856359e620e96edd952457d258e16c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f3957c7eb4e07df944169a3e50a4d6790e1c744", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5ecf7cd6fde5e72c87122084cf00d63e35d8dd9f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a66c3a94285552f6a8e45d73b34ebbad11d388b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e7b950458156d410509a08c41930b75e72985938", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/edf7284a98296369dd0891a0457eec37df244873", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48972.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48972.json index 8afda4df14c..b368d81d7a3 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48972.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48972.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48972", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:09.343", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:22:33.897", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,199 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mac802154: se corrige el INIT_LIST_HEAD faltante en ieee802154_if_add(). La prueba de inyecci\u00f3n de errores del kernel informa null-ptr-deref de la siguiente manera: ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000008 RIP: 0010:cfg802154_netdev_notifier_call+0x120/0x310 include/linux/list.h:114 Seguimiento de llamadas: raw_notifier_call_chain+0x6d/0xa0 kernel/notifier.c:87 call_netdevice_notifiers_info+0x6e/0xc0 net/core/dev.c:1944 unregister_netdevice_many_notify+0x60d/0xcb0 net/core/dev.c:1982 unregister_netdevice_queue+0x154/0x1a0 net/core/dev.c:10879 register_netdevice+0x9a8/0xb90 net/core/dev.c:10083 ieee802154_if_add+0x6ed/0x7e0 net/mac802154/iface.c:659 ieee802154_register_hw+0x29c/0x330 net/mac802154/main.c:229 mcr20a_probe+0xaaa/0xcb1 drivers/net/ieee802154/mcr20a.c:1316 ieee802154_if_add() asigna wpan_dev como datos privados de netdev, pero No inicializa la lista en la estructura wpan_dev. cfg802154_netdev_notifier_call() administra la lista cuando se registra o cancela el registro del dispositivo y puede generar una desreferencia de PTR nula. Use INIT_LIST_HEAD() para inicializarla correctamente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.9.336", + "matchCriteriaId": "29BF4771-EF94-4681-A778-F55F6FB556F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.302", + "matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.269", + "matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.227", + "matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.159", + "matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.83", + "matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1831d4540406708e48239cf38fd9c3b7ea98e08f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/42c319635c0cf7eb36eccac6cda76532f47b61a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/623918f40fa68e3bb21312a3fafb90f491bf5358", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7410f4d1221bb182510b7778ab6eefa8b9b7102d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9980a3ea20de40c83817877106c909cb032692d2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a110287ef4a423980309490df632e1c1e73b3dc9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b3d72d3135d2ef68296c1ee174436efd65386f04", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f00c84fb1635c27ba24ec5df65d5bd7d7dc00008", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48973.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48973.json index 9315fccd9f4..05a9ca7122f 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48973.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48973.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48973", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:09.430", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:35:54.687", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,199 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gpio: amd8111: Se solucion\u00f3 la fuga de recuento de referencia del dispositivo PCI. for_each_pci_dev() se implementa mediante pci_get_device(). El comentario de pci_get_device() dice que aumentar\u00e1 el recuento de referencia para el pci_dev devuelto y tambi\u00e9n disminuir\u00e1 el recuento de referencia para el pci_dev de entrada @from si no es NULL. Si interrumpimos el bucle for_each_pci_dev() con pdev no NULL, debemos llamar a pci_dev_put() para disminuir el recuento de referencia. Agregue el pci_dev_put() faltante despu\u00e9s de la etiqueta 'out'. Dado que pci_dev_put() puede manejar el par\u00e1metro de entrada NULL, no hay ning\u00fan problema para la rama 'Dispositivo no encontrado'. Para la ruta normal, agregue pci_dev_put() en amd_gpio_exit()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.6", + "versionEndExcluding": "4.9.336", + "matchCriteriaId": "3D2ECA1E-39DC-418A-978F-7C23CCF7E6B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.302", + "matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.269", + "matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.227", + "matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.159", + "matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.83", + "matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4271515f189bd5fe2ec86b4089dab7cb804625d2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/45fecdb9f658d9c82960c98240bc0770ade19aca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4749c5cc147c9860b96db1e71cc36d1de1bd3f59", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/48bd5d3801f6b67cc144449d434abbd5043a6d37", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5ee6413d3dd972930af787b2c0c7aaeb379fa521", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/71d591ef873f9ebb86cd8d053b3caee785b2de6a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b2bc053ebbba57a06fa655db5ea796de2edce445", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e364ce04d8f840478b09eee57b614de7cf1e743e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48974.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48974.json index 8d12765f2ab..f01361fdd2a 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48974.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48974.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48974", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:09.517", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:25:54.433", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,115 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: conntrack: correcci\u00f3n al usar __this_cpu_add en preemptible Actualmente en nf_conntrack_hash_check_insert(), cuando fallo en nf_ct_ext_valid_pre/post(), se llamar\u00e1 a NF_CT_STAT_INC() en el contexto preemptible, se puede activar un seguimiento de llamada: ERROR: uso de __this_cpu_add() en preemptible [00000000] c\u00f3digo: conntrack/1636 el llamador es nf_conntrack_hash_check_insert+0x45/0x430 [nf_conntrack] Seguimiento de llamada: dump_stack_lvl+0x33/0x46 check_preemption_disabled+0xc3/0xf0 Este parche es para solucionarlo cambiando para usar NF_CT_STAT_INC_ATOMIC() para la comprobaci\u00f3n de nf_ct_ext_valid_pre/post() en nf_conntrack_hash_check_insert(), as\u00ed como nf_ct_ext_valid_post() en __nf_conntrack_confirm(). Tenga en cuenta que la comprobaci\u00f3n de nf_ct_ext_valid_pre() en __nf_conntrack_confirm() es segura para usar NF_CT_STAT_INC(), ya que se encuentra bajo local_bh_disable()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.19", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "5709D44A-ADC7-40C9-BF0A-CF44C4FBDD69" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/9464d0b68f11a9bc768370c3260ec02b3550447b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d9bf1138a5db419db13bd9fcd3a7178d6bb20f7c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48983.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48983.json index ac6b94abbae..369a49e2aac 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48983.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48983.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48983", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:10.283", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:58:02.297", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,129 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: Se corrige un null-ptr-deref en io_tctx_exit_cb() Syzkaller informa un error de desreferencia NULL de la siguiente manera: ERROR: KASAN: null-ptr-deref en io_tctx_exit_cb+0x53/0xd3 Lectura de tama\u00f1o 4 en la direcci\u00f3n 0000000000000138 por la tarea file1/1955 CPU: 1 PID: 1955 Comm: file1 No contaminado 6.1.0-rc7-00103-gef4d3ea40565 #75 Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014 Seguimiento de llamadas: nivel_pila_volcado+0xcd/0x134 ? io_tctx_salir_cb+0x53/0xd3 informe_kasan+0xbb/0x1f0 ? io_tctx_salir_cb+0x53/0xd3 rango_comprobaci\u00f3n_kasan+0x140/0x190 io_tctx_salir_cb+0x53/0xd3 ejecuci\u00f3n_trabajo_tarea+0x164/0x250 ? cancelaci\u00f3n_trabajo_tarea+0x30/0x30 obtener_se\u00f1al+0x1c3/0x2440 ? degradaci\u00f3n_bloqueo+0x6e0/0x6e0 ? degradaci\u00f3n_bloqueo+0x6e0/0x6e0 ? se\u00f1ales_salida+0x8b0/0x8b0 ? desbloqueo_lectura_sin_datos+0x3b/0x70 ? obtener_sigframe_size+0x10/0x10 ? bloquear_hardirqs_on+0x79/0x100 ? poner_nombre+0xfe/0x140 ? do_execveat_common.isra.0+0x238/0x710 exit_to_user_mode_prepare+0x15f/0x250 syscall_exit_to_user_mode+0x19/0x50 do_syscall_64+0x42/0xb0 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0023:0x0 C\u00f3digo: No se puede acceder a los bytes del c\u00f3digo de operaci\u00f3n en 0xffffffffffffffd6. RSP: 002b:00000000fffb7790 EFLAGS: 00000200 ORIG_RAX: 000000000000000b RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 000000000000000 RDI: 000000000000000 RBP: 000000000000000 R08: 0000000000000000 R09: 00000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 P\u00e1nico del kernel: no se sincroniza: panic_on_warn establecido ... Esto sucede porque la adici\u00f3n de task_work desde io_ring_exit_work() no est\u00e1 sincronizada con la cancelaci\u00f3n de todos los elementos de trabajo, por ejemplo, de exec. La ejecuci\u00f3n de los dos est\u00e1 ordenada de manera que ambos son ejecutados por la propia tarea, pero si io_tctx_exit_cb() est\u00e1 en cola mientras cancelamos todos los elementos de trabajo de exec Y se ejecuta cuando la tarea sale al espacio de usuario en lugar de en el bucle principal en io_uring_cancel_generic(), entonces podemos encontrar current->io_uring == NULL y alcanzar el bloqueo anterior. Es seguro agregar esta verificaci\u00f3n NULL aqu\u00ed, porque la ejecuci\u00f3n de las dos rutas las realiza la propia tarea. [axboe: agregue un comentario de c\u00f3digo y tambi\u00e9n coloque una explicaci\u00f3n en el mensaje de confirmaci\u00f3n]" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.15.83", + "matchCriteriaId": "F3B523BF-F3E1-45F6-8064-D51E4E6D05E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/998b30c3948e4d0b1097e639918c5cff332acac5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d91edca1943453aaaba4f380f6f364346222e5cf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f895511de9d27fff71dad2c234ad53b4afd2b06c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48984.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48984.json index 0c522ec6995..a282b4c22f3 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48984.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48984.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48984", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:10.360", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:53:53.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,115 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: slcan: fix freed work crash La prueba LTP pty03 est\u00e1 provocando un fallo en slcan: BUG: kernel NULL pointer dereference, address: 0000000000000008 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 348 Comm: kworker/0:3 Not tainted 6.0.8-1-default #1 openSUSE Tumbleweed 9d20364b934f5aab0a9bdf84e8f45cfdfae39dab Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 01/04/2014 Cola de trabajo: 0x0 (eventos) RIP: 0010:process_one_work (/home/rich/kernel/linux/kernel/workqueue.c:706 /home/rich/kernel/linux/kernel/workqueue.c:2185) C\u00f3digo: 49 89 ff 41 56 41 55 41 54 55 53 48 89 f3 48 83 ec 10 48 8b 06 48 8b 6f 48 49 89 c4 45 30 e4 a8 04 b8 00 00 00 00 4c 0f 44 e0 <49> 8b 44 24 08 44 8b a8 00 01 00 00 41 83 e5 20 f6 45 10 04 75 0e RSP: 0018:ffffaf7b40f47e98 EFLAGS: 00010046 RAX: 000000000000000 RBX: ffff9d644e1b8b48 RCX: ffff9d649e439968 RDX: 00000000ffff8455 RSI: ffff9d644e1b8b48 RDI: ffff9d64764aa6c0 RBP: ffff9d649e4335c0 R08: 0000000000000c00 R09: ffff9d64764aa734 R10: 0000000000000007 R11: 0000000000000001 R12: 0000000000000000 R13: ffff9d649e4335e8 R14: ffff9d64490da780 R15: ffff9d64764aa6c0 FS: 000000000000000(0000) GS:ffff9d649e400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 0000000036424000 CR4: 00000000000006f0 Seguimiento de llamadas: worker_thread (/home/rich/kernel/linux/kernel/workqueue.c:2436) kthread (/home/rich/kernel/linux/kernel/kthread.c:376) ret_from_fork (/home/rich/kernel/linux/arch/x86/entry/entry_64.S:312) Aparentemente, el tx_work de slcan se libera mientras se programa. Mientras que slcan_netdev_close() (lado netdev) llama a flush_work(&sl->tx_work), slcan_close() (lado tty) no lo hace. Entonces, cuando el netdev nunca se configura, pero el tty est\u00e1 lleno de bytes y se lo obliga a activar la escritura, el trabajo se programa, pero nunca se vac\u00eda. Por lo tanto, agregue un flush_work() adicional a slcan_close() para asegurarse de que el trabajo se vac\u00eda en todas las circunstancias. el commit de correcciones a continuaci\u00f3n movi\u00f3 flush_work() de slcan_close() a slcan_netdev_close(). \u00bfCu\u00e1l fue la raz\u00f3n detr\u00e1s de esto? \u00bfQuiz\u00e1s podamos eliminar el que est\u00e1 en slcan_netdev_close()? Veo el mismo patr\u00f3n en can327. Entonces, tal vez necesite la misma correcci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "6F673D41-57C0-46F3-AFE3-7FC909A29B19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", + "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/9e2709d58a14a10eb00d919acd7dec071c33f8c8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fb855e9f3b6b42c72af3f1eb0b288998fe0d5ebb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48992.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48992.json index b3387f8cf85..9710618d96b 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48992.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48992.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48992", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:11.067", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:51:38.037", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,188 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: soc-pcm: Agregar comprobaci\u00f3n NULL en la reparentalizaci\u00f3n de BE Agregar comprobaci\u00f3n NULL en la API dpcm_be_reparent para manejar el error de desreferencia de puntero NULL del kernel. El problema se produjo en la prueba de fuzzing." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.9.336", + "matchCriteriaId": "99B9ECF9-423E-4A61-B103-DB964B227DA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.302", + "matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.269", + "matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.227", + "matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.159", + "matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.83", + "matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.13", + "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0760acc2e6598ad4f7bd3662db2d907ef0838139", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34a9796bf0684bfd54e96a142560d560c21c983b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f74b9aa8d58c18927bb9b65dd5ba70a5fd61615", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d4dd21a79dbb862d2ebcf9ed90e646416009ff0d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/db8f91d424fe0ea6db337aca8bc05908bbce1498", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e7166d6821c15f3516bcac8ae3f155924da1908c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f2ba66d8738584d124aff4e760ed1337f5f6dfb6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f6f45e538328df9ce66aa61bafee1a5717c4b700", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48995.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48995.json index df592768627..6684e5e7b8e 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48995.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48995.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48995", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:11.343", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:52:51.117", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,138 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Entrada: raydium_ts_i2c - arregla p\u00e9rdida de memoria en raydium_i2c_send() Hay una p\u00e9rdida de kmem cuando se prueba raydium_i2c_ts con bpf mock device: unreferenced object 0xffff88812d3675a0 (size 8): comm \"python3\", pid 349, jiffies 4294741067 (age 95.695s) hex dump (first 8 bytes): 11 0e 10 c0 01 00 04 00 ........ backtrace: [<0000000068427125>] __kmalloc+0x46/0x1b0 [<0000000090180f91>] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts] [<000000006e631aee>] raydium_i2c_initialize.cold+0xbc/0x3e4 [raydium_i2c_ts] [<00000000dc6fcf38>] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts] [<00000000a310de16>] i2c_device_probe+0x651/0x680 [<00000000f5a96bf3>] really_probe+0x17c/0x3f0 [<00000000096ba499>] __driver_probe_device+0xe3/0x170 [<00000000c5acb4d9>] dispositivo_de_sonda_de_controlador+0x49/0x120 [<00000000264fe082>] __controlador_de_adjuntar_dispositivo+0xf7/0x150 [<00000000f919423c>] bus_para_cada_unidad+0x114/0x180 [<00000000e067feca>] __adjuntar_dispositivo+0x1e5/0x2d0 [<0000000054301fc2>] dispositivo_de_sonda_de_bus+0x126/0x140 [<00000000aad93b22>] dispositivo_agregar+0x810/0x1130 [<00000000c086a53f>] i2c_new_client_device+0x352/0x4e0 [<000000003c2c248c>] of_i2c_register_device+0xf1/0x110 [<00000000ffec4177>] of_i2c_notify+0x100/0x160 objeto sin referencia 0xffff88812d3675c8 (tama\u00f1o 8): comm \"python3\", pid 349, jiffies 4294741070 (antig\u00fcedad 95,692 s) volcado hexadecimal (primeros 8 bytes): 22 00 36 2d 81 88 ff ff \".6-.... traza inversa: [<0000000068427125>] __kmalloc+0x46/0x1b0 [<0000000090180f91>] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts] [<000000001d5c9620>] raydium_i2c_initialize.cold+0x223/0x3e4 [raydium_i2c_ts] [<00000000dc6fcf38>] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts] [<00000000a310de16>] i2c_device_probe+0x651/0x680 [<00000000f5a96bf3>] realmente_sondeo+0x17c/0x3f0 [<00000000096ba499>] __dispositivo_de_sonda_de_controlador+0xe3/0x170 [<00000000c5acb4d9>] dispositivo_de_sonda_de_controlador+0x49/0x120 [<00000000264fe082>] __dispositivo_adjunto_controlador+0xf7/0x150 [<00000000f919423c>] bus_para_cada_unidad+0x114/0x180 [<00000000e067feca>] __dispositivo_adjunto+0x1e5/0x2d0 [<0000000054301fc2>] bus_probe_device+0x126/0x140 [<00000000aad93b22>] device_add+0x810/0x1130 [<00000000c086a53f>] i2c_new_client_device+0x352/0x4e0 [<000000003c2c248c>] of_i2c_register_device+0xf1/0x110 [<00000000ffec4177>] of_i2c_notify+0x100/0x160 Despu\u00e9s del comando BANK_SWITCH del BUS i2c, sin importar si se produjo un \u00e9xito o un error, se debe liberar el tx_buf." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.158", + "matchCriteriaId": "B758FB5D-0A1B-49DF-BD29-C32C1F3D275F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/097c1c7a28e3da8f2811ba532be6e81faab15aab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/53b9b1201e34ccc895971218559123625c56fbcd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c9a59939deb4bfafdc451100c03d1e848b4169b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a82869ac52f3d9db4b2cf8fd41edc2dee7a75a61", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49002.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49002.json index ceb623dc644..0b98d171dc8 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49002.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49002.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49002", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:11.853", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:24:12.620", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,194 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: Se corrige la p\u00e9rdida de recuento de referencias del dispositivo PCI en dmar_dev_scope_init(). for_each_pci_dev() se implementa mediante pci_get_device(). El comentario de pci_get_device() dice que aumentar\u00e1 el recuento de referencias para el pci_dev devuelto y tambi\u00e9n disminuir\u00e1 el recuento de referencias para el pci_dev de entrada @from si no es NULL. Si interrumpimos el bucle for_each_pci_dev() con pdev no NULL, debemos llamar a pci_dev_put() para disminuir el recuento de referencias. Agregue el pci_dev_put() faltante para la ruta de error para evitar la p\u00e9rdida del recuento de referencias." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.15", + "versionEndExcluding": "4.9.335", + "matchCriteriaId": "2F74B69C-8ADE-4B1E-B15B-C50D11EEC4A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.301", + "matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.268", + "matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.226", + "matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.158", + "matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2a8f7b90681472948de172dbbf5a54cd342870aa", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4bedbbd782ebbe7287231fea862c158d4f08a9e3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/71c4a621985fc051ab86d3a86c749069a993fcb2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/876d7bfb89273997056220029ff12b1c2cc4691d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5c65cd56aed027f8a97fda8b691caaeb66d115e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bdb613ef179ad4bb9d56a2533e9b30e434f1dfb7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cbdd83bd2fd67142b03ce9dbdd1eab322ff7321f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d47bc9d7bcdbb9adc9703513d964b514fee5b0bf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49003.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49003.json index badfec8803e..277f2f0c209 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49003.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49003.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49003", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:11.920", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:12:59.897", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,124 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvme: se corrige la protecci\u00f3n SRCU de la lista nvme_ns_head El recorrido por la lista de hermanos nvme_ns_head est\u00e1 protegido por el srcu del cabezal en nvme_ns_head_submit_bio() pero no por nvme_mpath_revalidate_paths(). La eliminaci\u00f3n de espacios de nombres de la lista tambi\u00e9n fallo al sincronizar el srcu. Por lo tanto, el trabajo de escaneo simult\u00e1neo puede causar use-after-free. Mantenga el bloqueo del srcu del cabezal en nvme_mpath_revalidate_paths() y sincronice con el srcu, no con el RCU global, en nvme_ns_remove(). Se observ\u00f3 el siguiente p\u00e1nico al realizar conexiones NVMe/RDMA con multipath nativo en el kernel Rocky Linux 8.6 (parece que el kernel ascendente tiene la misma condici\u00f3n de ejecuci\u00f3n). El desensamblaje muestra que la instrucci\u00f3n que fallo es cmp 0x50(%rdx),%rcx; capacidad de c\u00f3mputo != get_capacity(ns->disk). La direcci\u00f3n 0x50 est\u00e1 desreferenciada porque ns->disk es NULL. El disco NULL parece ser el resultado de un trabajo de escaneo simult\u00e1neo que libera el espacio de nombres (observe la l\u00ednea de registro en el medio del p\u00e1nico). [37314.206036] ERROR: no se puede manejar la desreferencia del puntero NULL del n\u00facleo en 0000000000000050 [37314.206036] nvme0n3: se detect\u00f3 un cambio de capacidad de 0 a 11811160064 [37314.299753] PGD 0 P4D 0 [37314.299756] Oops: 0000 [#1] SMP PTI [37314.299759] CPU: 29 PID: 322046 Comm: kworker/u98:3 Kdump: cargado Tainted: GWX --------- - - 4.18.0-372.32.1.el8test86.x86_64 #1 [37314.299762] Nombre del hardware: Dell Inc. PowerEdge R720/0JP31P, BIOS 2.7.0 23/05/2018 [37314.299763] Cola de trabajo: nvme-wq nvme_scan_work [nvme_core] [37314.299783] RIP: 0010:nvme_mpath_revalidate_paths+0x26/0xb0 [nvme_core] [37314.299790] C\u00f3digo: 1f 44 00 00 66 66 66 66 90 55 53 48 8b 5f 50 48 8b 83 c8 c9 00 00 48 8b 13 48 8b 48 50 48 39 d3 74 20 48 8d 42 d0 48 8b 50 20 <48> 3b 4a 50 74 05 f0 80 60 70 ef 48 8b 50 30 48 8d 42 d0 48 39 d3 [37315.058803] RSP: 0018:ffffabe28f913d10 EFLAGS: 00010202 [37315.121316] RAX: ffff927a077da800 RBX: ffff92991dd70000 RCX: 0000000001600000 [37315.206704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff92991b719800 [37315.292106] RBP: ffff929a6b70c000 R08: 000000010234cd4a R09: c0000000ffff7fff [37315.377501] R10: 0000000000000001 R11: ffffabe28f913a30 R12: 000000000000000 [37315.462889] R13: ffff92992716600c R14: ffff929964e6e030 R15: ffff92991dd70000 [37315.548286] FS: 0000000000000000(0000) GS:ffff92b87fb80000(0000) knlGS:0000000000000000 [37315.645111] CS: 0010 DS: 0000 ES: 0000 CR0: 000000080050033 [37315.713871] CR2: 000000000000050 CR3: 0000002208810006 CR4: 00000000000606e0 [37315.799267] Seguimiento de llamadas: [37315.828515] nvme_update_ns_info+0x1ac/0x250 [n\u00facleo_nvme] [37315.892075] nvme_validate_or_alloc_ns+0x2ff/0xa00 [n\u00facleo_nvme] [37315.961871] ? __blk_mq_free_request+0x6b/0x90 [37316.015021] nvme_scan_work+0x151/0x240 [n\u00facleo_nvme] [37316.073371] process_one_work+0x1a7/0x360 [37316.121318] ? crear_trabajador+0x1a0/0x1a0 [37316.168227] subproceso_trabajador+0x30/0x390 [37316.212024] ? crear_trabajador+0x1a0/0x1a0 [37316.258939] kthread+0x10a/0x120 [37316.297557] ? M\u00f3dulos vinculados en: nvme_rdma nvme_tcp(X) nvme_fabrics nvme_core netconsole iscsi_tcp libiscsi_tcp dm_queue_length dm_service_time nf_conntrack_netlink br_netfilter bridge stp llc superposici\u00f3n nft_chain_nat ipt_MASQUERADE nf_nat xt_addrtype xt_CT nft_counter xt_state xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_comment xt_multiport nft_compat nf_tables libcrc32c nfnetlink dm_multipath tg3 rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_core_mod ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm intel_rapl_msr iTCO_wdt iTCO_vendor_support dcdbas intel_rapl_common sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel ipmi_ssif kvm irqbypass crct10dif_pclmul crc32_pclmul mlx5_ib ghash_clmulni_intel ib_uverbs rapl intel_cstate intel_uncore ib_core ipmi_si joydev mei_me---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "C947DE0F-3C67-410C-9D9B-DCBE9D8ACB8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5b566d09ab1b975566a53f9c5466ee260d087582", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/787d81d4eb150e443e5d1276c6e8f03cfecc2302", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/899d2a05dc14733cfba6224083c6b0dd5a738590", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49004.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49004.json index 81f40112ccf..d75b32dde95 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49004.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49004.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49004", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:11.990", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:21:21.593", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,124 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: Sincronizar las asignaciones de kernel de la tabla de p\u00e1ginas efi antes de cambiar La tabla de p\u00e1ginas efi se crea inicialmente como una copia de la tabla de p\u00e1ginas del kernel. Con VMAP_STACK habilitado, las pilas del kernel se asignan en el \u00e1rea vmalloc: si la pila se asigna en un nuevo PGD (uno que no estaba presente en el momento de la creaci\u00f3n de la tabla de p\u00e1ginas efi o no se sincroniz\u00f3 en un error vmalloc anterior), el kernel tomar\u00e1 una trampa al cambiar a la tabla de p\u00e1ginas efi cuando se accede a la pila del kernel vmalloc, lo que resulta en un p\u00e1nico del kernel. Solucione eso actualizando las asignaciones de kernel efi antes de cambiar a la tabla de p\u00e1ginas efi." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "F4165171-EE33-4D81-A676-357C0DDDA2D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3f105a742725a1b78766a55169f1d827732e62b8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/96f479383d92944406d4b3f2bc03c2f640def9f1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fa7a7d185ef380546b4b1fed6f84f31dbae8cec7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49005.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49005.json index 02ab23c07b0..e6befc9ebe1 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49005.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49005.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49005", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:12.040", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:17:56.817", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,201 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: ops: Fix bounds check for _sx controls Para los controles _sx, la sem\u00e1ntica del campo max no es la habitual, max es el n\u00famero de pasos en lugar del valor m\u00e1ximo. Esto significa que nuestra comprobaci\u00f3n en snd_soc_put_volsw_sx() solo debe comprobarse con el valor m\u00e1ximo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9.300", + "versionEndExcluding": "4.9.335", + "matchCriteriaId": "2F7DD4C9-FE19-497E-B2F9-C094A69EFDFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.265", + "versionEndExcluding": "4.14.301", + "matchCriteriaId": "7BC661F9-672A-422C-A1AE-66BB70C1815E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.228", + "versionEndExcluding": "4.19.268", + "matchCriteriaId": "7B9A6578-30BB-46F2-A669-96F6F8030A4B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.178", + "versionEndExcluding": "5.4.226", + "matchCriteriaId": "A2867EFB-E39E-448E-9A07-D268C880E4C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.99", + "versionEndExcluding": "5.10.158", + "matchCriteriaId": "C8E48E4E-390B-49DD-9AEC-B0000F048AAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.22", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "17C8626C-FF3E-4843-971D-4998D55BD5A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16.8", + "versionEndExcluding": "5.17", + "matchCriteriaId": "75F55BC5-65F9-43AF-BE7B-5C16E5F52E0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "0FEB9103-AAEF-499A-A71B-752143D3A506" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/325d94d16e3131b54bdf07356e4cd855e0d853fc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/46bab25cc0230df60d1c02b651cc5640a14b08df", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4a95a49f26308782b4056401989ecd7768fda8fa", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/698813ba8c580efb356ace8dbf55f61dac6063a8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/73dce3c1d48c4662bdf3ccbde1492c2cb4bfd8ce", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98b15c706644bebc19d2e77ccc360cc51444f6d0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b50c9641897274c3faef5f95ac852f54b94be2e8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e46adadf19248d59af3aa6bc52e09115bf479bf7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49006.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49006.json index 5e87e599fcf..b14b283aec0 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49006.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49006.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49006", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:12.103", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:30:07.190", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,152 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rastreo: B\u00faferes libres cuando se elimina un evento din\u00e1mico usado Despu\u00e9s de que se hayan agregado y eliminado 65536 eventos din\u00e1micos, el campo \"tipo\" del evento usa el primer n\u00famero de tipo que est\u00e1 disponible (no usado actualmente por otros eventos). Un n\u00famero de tipo es el identificador de los blobs binarios en el b\u00fafer de anillo de rastreo (conocidos como eventos) para mapearlos a la l\u00f3gica que puede analizar el blob binario. El problema es que si se rastrea un evento din\u00e1mico (como un evento kprobe) y est\u00e1 en el b\u00fafer de anillo, y luego ese evento se elimina (porque es din\u00e1mico, lo que significa que se puede crear y destruir), si se crea otro evento din\u00e1mico que tenga el mismo n\u00famero, se usar\u00e1 la l\u00f3gica de ese nuevo evento al analizar el blob binario. Para mostrar c\u00f3mo esto puede ser un problema, lo siguiente puede bloquear el kernel: # cd /sys/kernel/tracing # for i in `seq 65536`; Para cada iteraci\u00f3n de lo anterior, la escritura en kprobe_events eliminar\u00e1 el evento anterior y crear\u00e1 uno nuevo (con el mismo formato) y aumentar\u00e1 el n\u00famero de tipo al siguiente disponible hasta que el n\u00famero de tipo alcance m\u00e1s de 65535, que es el n\u00famero m\u00e1ximo para el tipo de 16 bits. Despu\u00e9s de que alcanza ese n\u00famero, la l\u00f3gica para asignar un nuevo n\u00famero simplemente busca el siguiente n\u00famero disponible. Cuando se elimina un evento din\u00e1mico, ese n\u00famero est\u00e1 disponible para ser reutilizado por el pr\u00f3ximo evento din\u00e1mico creado. Es decir, una vez que lo anterior alcanza el n\u00famero m\u00e1ximo, el n\u00famero asignado al evento en ese bucle seguir\u00e1 siendo el mismo. Ahora, eso significa que eliminar un evento din\u00e1mico y crear otro reutilizar\u00e1 el n\u00famero de tipo de eventos anteriores. Aqu\u00ed es donde pueden suceder cosas malas. Despu\u00e9s de que finaliza el bucle anterior, el evento kprobes/foo que lee el primer par\u00e1metro de la llamada a la funci\u00f3n do_sys_openat2 como un entero. # echo 1 > kprobes/foo/enable # cat /etc/passwd > /dev/null # cat seguimiento cat-2211 [005] .... 2007.849603: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196 cat-2211 [005] .... 2007.849620: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196 cat-2211 [005] .... 2007.849838: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196 cat-2211 [005] .... 2007.849880: foo: (do_sys_openat2+0x0/0x130) arg1=4294967196 # echo 0 > kprobes/foo/enable Ahora si borramos el kprobe y creamos uno nuevo que lea una cadena: # echo 'p:kprobes/foo do_sys_openat2 +0($arg2):string' > kprobe_events Y ahora podemos hacer el trace: # cat trace sendmail-1942 [002] ..... 530.136320: foo: (do_sys_openat2+0x0/0x240) arg1= cat-2046 [004] ..... 530.930817: foo: (do_sys_openat2+0x0/0x240) arg1=\"????????????????????????????????????????????? ????????????????????????????????????????????????????????????????\" cat-2046 [004] ..... 530.930961: foo: (do_sys_openat2+0x0/0x240) arg1=\"????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????\" cat-2046 [004] ..... 530.934278: foo: (do_sys_openat2+0x0/0x240) arg1=\"????????????????????????????????????????????? ??????????????????????????????????????????????????\" cat-2046 [004] ..... 530.934563: foo: (do_sys_openat2+0x0/0x240) arg1=\"????????????????????????????????????????? ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.33", + "versionEndExcluding": "5.4.226", + "matchCriteriaId": "B43AE6EF-9908-464B-9B18-4334334F0ABA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.158", + "matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1603feac154ff38514e8354e3079a455eb4801e2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/417d5ea6e735e5d88ffb6c436cf2938f3f476dd1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4313e5a613049dfc1819a6dfb5f94cf2caff9452", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/be111ebd8868d4b7c041cb3c6102e1ae27d6dc1d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c52d0c8c4f38f7580cff61c4dfe1034c580cedfd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49007.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49007.json index 740c8ab3601..b800407cee3 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49007.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49007.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49007", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:12.197", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:35:25.910", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,193 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: corrige la desreferencia de puntero NULL en nilfs_palloc_commit_free_entry() Syzbot inform\u00f3 un error de desreferencia de puntero nulo: NILFS (loop0): segctord iniciando. Intervalo de construcci\u00f3n = 5 segundos, frecuencia de CP < 30 segundos. fallo de protecci\u00f3n general, probablemente para direcci\u00f3n no can\u00f3nica 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref en rango [0x000000000000010-0x0000000000000017] CPU: 1 PID: 3603 Comm: segctord No contaminado 6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0 Nombre del hardware: Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022 RIP: 0010:nilfs_palloc_commit_free_entry+0xe5/0x6b0 fs/nilfs2/alloc.c:608 C\u00f3digo: 00 00 00 00 fc ff df 80 3c 02 00 0f 85 cd 05 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 73 08 49 8d 7e 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 26 05 00 00 49 8b 46 10 ser a6 00 00 00 48 c7 c7 RSP: 0018:ffffc90003dff830 EFLAGS: 00010212 RAX: dffffc00000000000 RBX: ffff88802594e218 RCX: 000000000000000d RDX: 00000000000000002 RSI: 0000000000002000 RDI: 0000000000000010 RBP: ffff888071880222 R08: 000000000000005 R09: 000000000000003f R10: 000000000000000d R11: 0000000000000000 R12: ffff888071880158 R13: ffff88802594e220 R14: 0000000000000000 R15: 0000000000000004 FS: 000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fb1c08316a8 CR3: 0000000018560000 CR4: 0000000000350ee0 Seguimiento de llamadas: nilfs_dat_commit_free fs/nilfs2/dat.c:114 [en l\u00ednea] nilfs_dat_commit_end+0x464/0x5f0 fs/nilfs2/dat.c:193 nilfs_dat_commit_update+0x26/0x40 fs/nilfs2/dat.c:236 nilfs_btree_commit_update_v+0x87/0x4a0 fs/nilfs2/btree.c:1940 nilfs_btree_commit_propagate_v fs/nilfs2/btree.c:2016 [en l\u00ednea] nilfs_btree_propagate_v fs/nilfs2/btree.c:2046 [en l\u00ednea] nilfs_btree_propagate+0xa00/0xd60 fs/nilfs2/btree.c:2088 nilfs_bmap_propagate+0x73/0x170 fs/nilfs2/bmap.c:337 nilfs_collect_file_data+0x45/0xd0 fs/nilfs2/segment.c:568 nilfs_segctor_apply_buffers+0x14a/0x470 fs/nilfs2/segment.c:1018 nilfs_segctor_scan_file+0x3f4/0x6f0 fs/nilfs2/segment.c:1067 nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1197 [en l\u00ednea] nilfs_segctor_collect fs/nilfs2/segment.c:1503 [en l\u00ednea] nilfs_segctor_do_construct+0x12fc/0x6af0 fs/nilfs2/segment.c:2045 nilfs_segctor_construct+0x8e3/0xb30 fs/nilfs2/segment.c:2379 nilfs_segctor_thread_construct fs/nilfs2/segment.c:2487 [en l\u00ednea] nilfs_segctor_thread+0x3c3/0xf30 fs/nilfs2/segment.c:2570 kthread+0x2e4/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306 ... Si el archivo de metadatos DAT est\u00e1 da\u00f1ado en el disco, existe un caso en el que req->pr_desc_bh es NULL y blocknr es 0 en nilfs_dat_commit_end() durante una operaci\u00f3n de \u00e1rbol b que actualiza en cascada los nodos ancestros del \u00e1rbol b, porque nilfs_dat_commit_alloc() para un bloque de nivel inferior puede inicializar el blocknr en la misma entrada DAT entre nilfs_dat_prepare_end() y nilfs_dat_commit_end(). Si esto sucede, nilfs_dat_commit_end() llama a nilfs_dat_commit_free() sin encabezados de b\u00fafer v\u00e1lidos en req->pr_desc_bh y req->pr_bitmap_bh, y provoca la desreferencia del puntero NULL anterior en la funci\u00f3n nilfs_palloc_commit_free_entry(), lo que provoca un bloqueo. Solucione este problema agregando una comprobaci\u00f3n NULL en req->pr_desc_bh y req->pr_bitmap_bh antes de nilfs_palloc_commit_free_entry() en nilfs_dat_commit_free(). Esto tambi\u00e9n llama a nilfs_error() en ese caso para notificar que hay un fallo fatal en los metadatos del sistema de archivos y evitar operaciones futuras." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.9.335", + "matchCriteriaId": "136389E3-6553-4B2F-94DB-15BC9CE17183" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.301", + "matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.268", + "matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.226", + "matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.158", + "matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.82", + "matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/165c7a3b27a3857ebf57f626b9f38b48b6792e68", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f2c59506ae39496588ceb8b88bdbdbaed895d63", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/33021419fd81efd3d729a7f19341ba4b98fe66ce", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/381b84f60e549ea98cec4666c6c728b1b3318756", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9a130b72e6bd1fb07fc3cde839dc6fb53da76f07", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc3fd3293887b4cf84a9109700faeb82de533c89", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e858917ab785afe83c14f5ac141301216ccda847", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f0a0ccda18d6fd826d7c7e7ad48a6ed61c20f8b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-490xx/CVE-2022-49008.json b/CVE-2022/CVE-2022-490xx/CVE-2022-49008.json index d9611bfd9cd..e0e27241a32 100644 --- a/CVE-2022/CVE-2022-490xx/CVE-2022-49008.json +++ b/CVE-2022/CVE-2022-490xx/CVE-2022-49008.json @@ -2,8 +2,8 @@ "id": "CVE-2022-49008", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:12.290", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:38:30.063", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,110 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: can327: can327_feed_frame_to_netdev(): corrige una posible fuga de skb cuando netdev est\u00e1 inactivo En can327_feed_frame_to_netdev(), no liberaba el skb cuando netdev estaba inactivo, y todos los que llamaban a can327_feed_frame_to_netdev() tampoco liberaban el skb asignado. Eso desencadenar\u00eda una fuga de skb. Arr\u00e9glelo a\u00f1adiendo kfree_skb() en can327_feed_frame_to_netdev() cuando netdev est\u00e9 inactivo. No probado, solo compilado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0", + "versionEndExcluding": "6.0.12", + "matchCriteriaId": "F513F5E9-B8E2-43FB-AA15-D6D48CA2B0E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", + "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", + "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/797b1d9fc0e1f4351e4ad49b078c1a3cdc0d4a08", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8fa452cfafed521aaf5a18c71003fe24b1ee6141", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-431xx/CVE-2024-43173.json b/CVE-2024/CVE-2024-431xx/CVE-2024-43173.json index 8cfcd2c77d1..c68c2cf1f6b 100644 --- a/CVE-2024/CVE-2024-431xx/CVE-2024-43173.json +++ b/CVE-2024/CVE-2024-431xx/CVE-2024-43173.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43173", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-10-22T15:15:06.800", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:40:19.977", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@us.ibm.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "psirt@us.ibm.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,35 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "557B94A2-6EC2-4F29-95AE-306B55C7C11D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "DB02F586-96A0-4FAC-91CD-2B48EF222945" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.ibm.com/support/pages/node/7173596", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-441xx/CVE-2024-44100.json b/CVE-2024/CVE-2024-441xx/CVE-2024-44100.json index dad4e8b5c88..c96337c9cb7 100644 --- a/CVE-2024/CVE-2024-441xx/CVE-2024-44100.json +++ b/CVE-2024/CVE-2024-441xx/CVE-2024-44100.json @@ -2,13 +2,13 @@ "id": "CVE-2024-44100", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.293", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T14:15:11.590", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "N/A" + "value": "Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45334.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45334.json index f2370475698..98e5e1de7cc 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45334.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45334.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45334", "sourceIdentifier": "security@trendmicro.com", "published": "2024-10-22T19:15:05.670", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:41:43.473", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@trendmicro.com", "type": "Secondary", @@ -39,10 +59,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:antivirus_one:*:*:*:*:*:macos:*:*", + "versionEndExcluding": "3.10.6", + "matchCriteriaId": "0EF1EBC8-B7CC-45F4-B61C-2C1E58FB136B" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-14461", - "source": "security@trendmicro.com" + "source": "security@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45335.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45335.json index 40969991e27..0f70ac7d278 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45335.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45335.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45335", "sourceIdentifier": "security@trendmicro.com", "published": "2024-10-22T19:15:05.840", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:37:39.387", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security@trendmicro.com", "type": "Secondary", @@ -39,10 +59,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:antivirus_one:*:*:*:*:*:macos:*:*", + "versionEndExcluding": "3.10.6", + "matchCriteriaId": "0EF1EBC8-B7CC-45F4-B61C-2C1E58FB136B" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-07255", - "source": "security@trendmicro.com" + "source": "security@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46902.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46902.json index 924324f8ab9..96ebeecffdd 100644 --- a/CVE-2024/CVE-2024-469xx/CVE-2024-46902.json +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46902.json @@ -2,8 +2,8 @@ "id": "CVE-2024-46902", "sourceIdentifier": "security@trendmicro.com", "published": "2024-10-22T19:15:06.130", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:50:23.897", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "security@trendmicro.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8", + "versionEndExcluding": "6.6", + "matchCriteriaId": "77ED7D00-6C55-4F2D-A97F-2A8AB569BCF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1078:*:*:*:*:*:*", + "matchCriteriaId": "DE216061-F408-439A-90DC-9880010B2D58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1080:*:*:*:*:*:*", + "matchCriteriaId": "A1E1C9C3-7A9B-4661-BF34-ABECD8A64C83" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1077:*:*:*:*:*:*", + "matchCriteriaId": "2F359F80-0A0A-4A1D-BC4E-3C8C0A2C4063" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1086:*:*:*:*:*:*", + "matchCriteriaId": "4E125CD6-99D1-4C4C-9FB6-ADDBB7EB380D" + } + ] + } + ] + } + ], "references": [ { "url": "https://success.trendmicro.com/en-US/solution/KA-0017793", - "source": "security@trendmicro.com" + "source": "security@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1227/", - "source": "security@trendmicro.com" + "source": "security@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46903.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46903.json index 1892205cf0e..162aa5235cb 100644 --- a/CVE-2024/CVE-2024-469xx/CVE-2024-46903.json +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46903.json @@ -2,8 +2,8 @@ "id": "CVE-2024-46903", "sourceIdentifier": "security@trendmicro.com", "published": "2024-10-22T19:15:06.283", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:47:28.607", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@trendmicro.com", "type": "Secondary", @@ -39,14 +59,72 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8", + "versionEndExcluding": "6.6", + "matchCriteriaId": "77ED7D00-6C55-4F2D-A97F-2A8AB569BCF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1078:*:*:*:*:*:*", + "matchCriteriaId": "DE216061-F408-439A-90DC-9880010B2D58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1080:*:*:*:*:*:*", + "matchCriteriaId": "A1E1C9C3-7A9B-4661-BF34-ABECD8A64C83" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1077:*:*:*:*:*:*", + "matchCriteriaId": "2F359F80-0A0A-4A1D-BC4E-3C8C0A2C4063" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1086:*:*:*:*:*:*", + "matchCriteriaId": "4E125CD6-99D1-4C4C-9FB6-ADDBB7EB380D" + } + ] + } + ] + } + ], "references": [ { "url": "https://success.trendmicro.com/en-US/solution/KA-0017793", - "source": "security@trendmicro.com" + "source": "security@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1228/", - "source": "security@trendmicro.com" + "source": "security@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47014.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47014.json index 170699b22c3..6b427c9af2f 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47014.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47014.json @@ -2,13 +2,13 @@ "id": "CVE-2024-47014", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.513", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T14:15:11.783", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "N/A" + "value": "Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-330537292." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47015.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47015.json index f84a338afc7..695a68d7979 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47015.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47015.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47015", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.570", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T15:35:13.317", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-10-01", diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47016.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47016.json index 2ac4d20b3ea..9a6f7e2be55 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47016.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47016.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47016", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.617", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T15:35:14.487", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "there is a possible privilege escalation due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-10-01", diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47017.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47017.json index d96484c6cc1..222ad53eaaa 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47017.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47017.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47017", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.680", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T15:35:16.170", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-10-01", diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47018.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47018.json index 0c8a4a4f31e..7a9306ec739 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47018.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47018.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47018", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.737", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T15:35:17.940", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-10-01", diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47019.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47019.json index 9ca3286c0eb..9ccb8265c61 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47019.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47019.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47019", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.790", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T15:35:19.497", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In ProtocolEmbmsSaiListAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-10-01", diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47020.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47020.json index 6625bab53d5..4979f81bc3d 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47020.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47020.json @@ -2,13 +2,13 @@ "id": "CVE-2024-47020", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.843", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T14:15:11.833", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "N/A" + "value": "Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47022.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47022.json index 76ac49904e3..ca7be93ac6d 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47022.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47022.json @@ -2,13 +2,13 @@ "id": "CVE-2024-47022", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:16.950", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T14:15:11.877", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "N/A" + "value": "Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47030.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47030.json index 1e5d0d589ec..e7a5d9c3975 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47030.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47030.json @@ -2,13 +2,13 @@ "id": "CVE-2024-47030", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:17.390", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T14:15:11.917", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "N/A" + "value": "Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-315191818." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47031.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47031.json index 38c33a76dbb..1c7f3120c43 100644 --- a/CVE-2024/CVE-2024-470xx/CVE-2024-47031.json +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47031.json @@ -2,13 +2,13 @@ "id": "CVE-2024-47031", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-10-25T11:15:17.447", - "lastModified": "2024-10-25T12:56:07.750", + "lastModified": "2024-10-25T14:15:11.960", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "N/A" + "value": "Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-329163861." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47819.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47819.json index 94a125c6354..122b8303142 100644 --- a/CVE-2024/CVE-2024-478xx/CVE-2024-47819.json +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47819.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47819", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-22T16:15:07.500", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:24:36.823", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -12,11 +12,31 @@ }, { "lang": "es", - "value": " Umbraco, un sistema de gesti\u00f3n de contenido .NET gratuito y de c\u00f3digo abierto, tiene una vulnerabilidad de cross-site scripting a partir de la versi\u00f3n 14.0.0 y anteriores a las versiones 14.3.1 y 15.0.0. Esto se puede aprovechar para obtener acceso a puntos finales con privilegios m\u00e1s altos, por ejemplo, si consigue que un usuario con privilegios de administrador ejecute el c\u00f3digo, puede elevar potencialmente a todos los usuarios y otorgarles privilegios de administrador o acceder a contenido protegido. Las versiones 14.3.1 y 15.0.0 contienen un parche. Como workaround, aseg\u00farese de que el acceso a la secci\u00f3n Diccionario solo se conceda a usuarios de confianza." + "value": "Umbraco, un sistema de gesti\u00f3n de contenido .NET gratuito y de c\u00f3digo abierto, tiene una vulnerabilidad de cross-site scripting a partir de la versi\u00f3n 14.0.0 y anteriores a las versiones 14.3.1 y 15.0.0. Esto se puede aprovechar para obtener acceso a endpoints con privilegios m\u00e1s altos, por ejemplo, si consigue que un usuario con privilegios de administrador ejecute el c\u00f3digo, puede elevar potencialmente a todos los usuarios y otorgarles privilegios de administrador o acceder a contenido protegido. Las versiones 14.3.1 y 15.0.0 contienen un parche. Como workaround, aseg\u00farese de que el acceso a la secci\u00f3n Diccionario solo se conceda a usuarios de confianza." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,10 +71,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0.0", + "versionEndExcluding": "14.3.1", + "matchCriteriaId": "A6E7FB7D-A5F2-42FF-BB08-B4428D7517E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-c5g6-6xf7-qxp3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-484xx/CVE-2024-48428.json b/CVE-2024/CVE-2024-484xx/CVE-2024-48428.json new file mode 100644 index 00000000000..0bd643482be --- /dev/null +++ b/CVE-2024/CVE-2024-484xx/CVE-2024-48428.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-48428", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-25T15:15:18.827", + "lastModified": "2024-10-25T15:15:18.827", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/%40powerful-/account-takeover-ato-via-the-reset-password-cve-2024-48428-84892d6211d6", + "source": "cve@mitre.org" + }, + { + "url": "https://medium.com/h7w/full-account-takeover-via-password-reset-link-manipulation-840fb9402967", + "source": "cve@mitre.org" + }, + { + "url": "https://www.linkedin.com/posts/said-al-ghammari-301972285_0day-bugbountytips-bugbountytip-activity-7227418100034412544-2ocu/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.olivevle.com/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48925.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48925.json index bf2cd3aa349..12c596a94d7 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48925.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48925.json @@ -2,8 +2,8 @@ "id": "CVE-2024-48925", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-22T16:15:07.853", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:12:18.833", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -55,10 +75,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0.0", + "versionEndExcluding": "14.3.0", + "matchCriteriaId": "C572B30F-163B-4133-98A0-4FE1EF147F75" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-4gp9-ff99-j6vj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49378.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49378.json index 8472a3ea557..e6b76ca1d8b 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49378.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49378.json @@ -2,7 +2,7 @@ "id": "CVE-2024-49378", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-25T13:15:18.090", - "lastModified": "2024-10-25T13:15:18.090", + "lastModified": "2024-10-25T15:35:20.597", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -55,6 +55,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49380.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49380.json new file mode 100644 index 00000000000..da1542f884e --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49380.json @@ -0,0 +1,96 @@ +{ + "id": "CVE-2024-49380", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-25T14:15:12.040", + "lastModified": "2024-10-25T15:35:20.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.9, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/plentico/plenti/blob/01825e0dcd3505fac57adc2edf29f772d585c008/cmd/serve.go#L205", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/plentico/plenti/releases/tag/v0.7.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://securitylab.github.com/advisories/GHSL-2024-297_GHSL-2024-298_plenti/", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49381.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49381.json new file mode 100644 index 00000000000..52e9c7449f0 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49381.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-49381", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-25T14:15:12.160", + "lastModified": "2024-10-25T14:15:12.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.7, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/plentico/plenti/blob/01825e0dcd3505fac57adc2edf29f772d585c008/cmd/serve.go#L205", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/plentico/plenti/releases/tag/v0.7.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://securitylab.github.com/advisories/GHSL-2024-297_GHSL-2024-298_plenti/", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49753.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49753.json new file mode 100644 index 00000000000..faec2216091 --- /dev/null +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49753.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2024-49753", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-25T14:15:12.280", + "lastModified": "2024-10-25T14:15:12.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Zitadel is open-source identity infrastructure software. Versions prior to 2.64.1, 2.63.6, 2.62.8, 2.61.4, 2.60.4, 2.59.5, and 2.58.7 have a flaw in the URL validation mechanism of Zitadel actions allows bypassing restrictions intended to block requests to localhost (127.0.0.1). The isHostBlocked check, designed to prevent such requests, can be circumvented by creating a DNS record that resolves to 127.0.0.1. This enables actions to send requests to localhost despite the intended security measures. This vulnerability potentially allows unauthorized access to unsecured internal endpoints, which may contain sensitive information or functionalities. Versions 2.64.1, 2.63.6, 2.62.8, 2.61.4, 2.60.4, 2.59.5, and 2.58.7 contain a patch. No known workarounds are available." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.58.7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.59.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.60.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.61.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.62.8", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.63.6", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.64.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-6cf5-w9h3-4rqv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49757.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49757.json new file mode 100644 index 00000000000..8b54433d56a --- /dev/null +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49757.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2024-49757", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-25T15:15:18.957", + "lastModified": "2024-10-25T15:15:18.957", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the \"User Registration allowed\" option only hid the registration button on the login page. Users could bypass this restriction by directly accessing the registration URL (/ui/login/loginname) and register a user that way. Versions 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7 contain a patch. No known workarounds are available." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.58.7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.59.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.60.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.61.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.62.7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.63.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.64.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-3rmw-76m6-4gjc", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49880.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49880.json index 3a8a5fe8cab..cacc6b8eaa0 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49880.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49880.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49880", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:10.373", - "lastModified": "2024-10-23T15:13:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:42:58.203", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,94 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: correcci\u00f3n de un problema en alloc_flex_gd() Wesley inform\u00f3 de un problema: ======================================================================= EXT4-fs (dm-5): cambio de tama\u00f1o del sistema de archivos de 7168 a 786432 bloques ------------[ corte aqu\u00ed ]------------ \u00a1ERROR del kernel en fs/ext4/resize.c:324! CPU: 9 UID: 0 PID: 3576 Comm: resize2fs No contaminado 6.11.0+ #27 RIP: 0010:ext4_resize_fs+0x1212/0x12d0 Rastreo de llamadas: __ext4_ioctl+0x4e0/0x1800 ext4_ioctl+0x12/0x20 __x64_sys_ioctl+0x99/0xd0 x64_sys_call+0x1206/0x20d0 do_syscall_64+0x72/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e == ... Tome n=0,flexbg_size=16 como ejemplo: last:15 |o---------------|--------------n-| o_group:0 redimensionar a n_group:30 El reproductor correspondiente es: img=test.img rm -f $img truncate -s 600M $img mkfs.ext4 -F $img -b 1024 -G 16 8M dev=`losetup -f --show $img` mkdir -p /tmp/test mount $dev /tmp/test resize2fs $dev 248M Elimine el problema m\u00e1s 1 para solucionar el problema y agregue un WARN_ON_ONCE() para evitar que el problema vuelva a ocurrir. [ Nota: otro reprocesador que esta confirmaci\u00f3n corrige es: img=test.img rm -f $img truncate -s 25MiB $img mkfs.ext4 -b 4096 -E nodiscard,lazy_itable_init=0,lazy_journal_init=0 $img truncate -s 3GiB $img dev=`losetup -f --show $img` mkdir -p /tmp/test mount $dev /tmp/test resize2fs $dev 3G umount $dev losetup -d $dev -- TYT ]" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-193" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "0E3AE738-A62B-4806-9D9C-933998214C6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0d80d2b8bf613398baf7185009e35f9d0459ecb0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6121258c2b33ceac3d21f6a221452692c465df88", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/acb559d6826116cc113598640d105094620c2526", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49881.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49881.json index 42635fda5f9..fd3d2da7797 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49881.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49881.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49881", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:10.560", - "lastModified": "2024-10-23T15:13:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:43:18.153", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,145 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: actualizaci\u00f3n de orig_path en ext4_find_extent() En ext4_find_extent(), si la ruta no es lo suficientemente grande, la liberamos y establecemos *orig_path en NULL. Pero despu\u00e9s de reasignar e inicializar correctamente la ruta, no actualizamos *orig_path, en cuyo caso el llamador obtiene una ruta v\u00e1lida pero un ppath NULL, y esto puede causar una desreferencia de puntero NULL o una p\u00e9rdida de memoria de ruta. Por ejemplo: ext4_split_extent path = *ppath = 2000 ext4_find_extent if (depth > path[0].p_maxdepth) kfree(path = 2000); *orig_path = path = NULL; path = kcalloc() = 3000 ext4_split_extent_at(*ppath = NULL) path = *ppath; ex = path[depth].p_ext; // \u00a1Desreferencia de puntero NULL! ===================================================================== ERROR: Desreferencia de puntero NULL del n\u00facleo, direcci\u00f3n: 000000000000010 CPU: 6 UID: 0 PID: 576 Comm: fsstress No contaminado 6.11.0-rc2-dirty #847 RIP: 0010:ext4_split_extent_at+0x6d/0x560 Rastreo de llamada: ext4_split_extent.isra.0+0xcb/0x1b0 ext4_ext_convert_to_initialized+0x168/0x6c0 ext4_ext_handle_unwritten_extents+0x325/0x4d0 ext4_ext_map_blocks+0x520/0xdb0 ext4_map_blocks+0x2b0/0x690 ext4_iomap_begin+0x20e/0x2c0 [...] ====================================================================== Por lo tanto, *orig_path se actualiza cuando la b\u00fasqueda de extensi\u00f3n tiene \u00e9xito, de modo que el llamador puede usar path o *ppath de forma segura." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "5C882E98-F19D-47B6-A807-73BB9ABA763C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/11b230100d6801c014fab2afabc8bdea304c1b96", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5b4b2dcace35f618fe361a87bae6f0d13af31bc1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6766937d0327000ac1b87c97bbecdd28b0dd6599", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6801ed1298204d16a38571091e31178bfdc3c679", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9fcb1717d75061d3653ed69365c8d45331815cd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b63481b3a388ee2df9e295f97273226140422a42", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f55ecc58d07a6c1f6d6d5b5af125c25f8da0bda2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49883.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49883.json index b3bf326f613..8bb9eb762bc 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49883.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49883.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49883", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.060", - "lastModified": "2024-10-23T15:13:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:43:29.440", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,145 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evitar use-after-free en ext4_ext_insert_extent() Como mencion\u00f3 Ojaswin en Link, en ext4_ext_insert_extent(), si la ruta se reasigna en ext4_ext_create_new_leaf(), usaremos la ruta obsoleta y causaremos UAF. A continuaci\u00f3n, se muestra un seguimiento de muestra con valores ficticios: ext4_ext_insert_extent path = *ppath = 2000 ext4_ext_create_new_leaf(ppath) ext4_find_extent(ppath) path = *ppath = 2000 if (depth > path[0].p_maxdepth) kfree(path = 2000); *ppath = path = NULL; path = kcalloc() = 3000 *ppath = 3000; return path; /* aqu\u00ed la ruta sigue siendo 2000, UAF! */ eh = path[depth].p_hdr ===================================================================== ERROR: KASAN: slab-use-after-free en ext4_ext_insert_extent+0x26d4/0x3330 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff8881027bf7d0 por la tarea kworker/u36:1/179 CPU: 3 UID: 0 PID: 179 Comm: kworker/u6:1 No contaminado 6.11.0-rc2-dirty #866 Seguimiento de llamadas: ext4_ext_insert_extent+0x26d4/0x3330 ext4_ext_map_blocks+0xe22/0x2d40 ext4_map_blocks+0x71e/0x1700 ext4_do_writepages+0x1290/0x2800 [...] Asignado por la tarea 179: ext4_find_extent+0x81c/0x1f70 ext4_ext_map_blocks+0x146/0x2d40 ext4_map_blocks+0x71e/0x1700 ext4_do_writepages+0x1290/0x2800 ext4_writepages+0x26d/0x4e0 do_writepages+0x175/0x700 [...] Liberado por la tarea 179: kfree+0xcb/0x240 ext4_find_extent+0x7c0/0x1f70 ext4_ext_insert_extent+0xa26/0x3330 ext4_ext_map_blocks+0xe22/0x2d40 ext4_map_blocks+0x71e/0x1700 ext4_do_writepages+0x1290/0x2800 ext4_writepages+0x26d/0x4e0 do_writepages+0x175/0x700 [...]================================================================== As\u00ed que use *ppath para actualizar el path para evitar el problema de arriba" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "5C882E98-F19D-47B6-A807-73BB9ABA763C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/51db04892a993cace63415be99848970a0f15ef2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5e811066c5ab709b070659197dccfb80ab650ddd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8162ee5d94b8c0351be0a9321be134872a7654a1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9df59009dfc6d9fc1bd9ddf6c5ab6e56d6ed887a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a164f3a432aae62ca23d03e6d926b122ee5b860d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/beb7b66fb489041c50c6473100b383f7a51648fc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bfed082ce4b1ce6349b05c09a0fa4f3da35ecb1b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49884.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49884.json index 32b2434978b..668ac76e309 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49884.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49884.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49884", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.130", - "lastModified": "2024-10-23T15:13:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:37:00.070", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,145 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: correcci\u00f3n de slab-use-after-free en ext4_split_extent_at() Nos topamos con el siguiente use after free: ====================================================================== ERROR: KASAN: slab-use-after-free en ext4_split_extent_at+0xba8/0xcc0 Lectura de tama\u00f1o 2 en la direcci\u00f3n ffff88810548ed08 por la tarea kworker/u20:0/40 CPU: 0 PID: 40 Comm: kworker/u20:0 No contaminado 6.9.0-dirty #724 Seguimiento de llamadas: kasan_report+0x93/0xc0 ext4_split_extent_at+0xba8/0xcc0 ext4_split_extent.isra.0+0x18f/0x500 ext4_split_convert_extents+0x275/0x750 ext4_ext_handle_unwritten_extents+0x73e/0x1580 ext4_ext_map_blocks+0xe20/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] Asignado por la tarea 40: __kmalloc_noprof+0x1ac/0x480 ext4_find_extent+0xf3b/0x1e70 ext4_ext_map_blocks+0x188/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] Liberado por la tarea 40: kfree+0xf1/0x2b0 ext4_find_extent+0xa71/0x1e70 ext4_ext_insert_extent+0xa22/0x3260 ext4_split_extent_at+0x3ef/0xcc0 ext4_split_extent.isra.0+0x18f/0x500 ext4_split_convert_extents+0x275/0x750 ext4_ext_handle_unwritten_extents+0x73e/0x1580 ext4_ext_map_blocks+0xe20/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] ==================================================================== El flujo de activaci\u00f3n del problema es el siguiente: ext4_split_extent_at path = *ppath ext4_ext_insert_extent(ppath) ext4_ext_create_new_leaf(ppath) ext4_find_extent(orig_path) path = *orig_path read_extent_tree_block // devuelve -ENOMEM o -EIO ext4_free_ext_path(path) kfree(path) *orig_path = NULL a. Si err es -ENOMEM: ext4_ext_dirty(path + path->p_depth) // \u00a1\u00a1\u00a1path use after free!!! b. Si err es -EIO y tenemos EXT_DEBUG definido: ext4_ext_show_leaf(path) eh = path[depth].p_hdr // \u00a1\u00a1\u00a1La ruta tambi\u00e9n es use after free!!! Por lo tanto, cuando intente poner a cero o corregir la longitud de la extensi\u00f3n, llame a ext4_find_extent() para actualizar la ruta. Adem\u00e1s, usamos *ppath directamente como una entrada de ext4_ext_show_leaf() para evitar un posible use after free cuando se define EXT_DEBUG y para evitar actualizaciones de ruta innecesarias." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "5C882E98-F19D-47B6-A807-73BB9ABA763C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5d949ea75bb529ea6342e83465938a3b0ac51238", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8fe117790b37c84c651e2bad9efc0e7fda73c0e3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/915ac3630488af0ca194dc63b86d99802b4f6e18", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5401d4c3e2a3d25643c567d26e6de327774a2c9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c26ab35702f8cd0cdc78f96aa5856bfb77be798f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cafcc1bd62934547c76abf46c6d0d54f135006fe", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e52f933598b781d291b9297e39c463536da0e185", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49889.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49889.json index 5a16a009279..5956084bb76 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49889.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49889.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49889", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.513", - "lastModified": "2024-10-23T15:13:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:37:34.400", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evitar use after free en ext4_ext_show_leaf() En ext4_find_extent(), path puede liberarse por error o reasignarse, por lo que el uso de un *ppath previamente guardado puede haberse liberado y, por lo tanto, puede activar el use after free, de la siguiente manera: ext4_split_extent path = *ppath; ext4_split_extent_at(ppath) path = ext4_find_extent(ppath) ext4_split_extent_at(ppath) // ext4_find_extent no puede liberar path // pero la puesta a cero tiene \u00e9xito ext4_ext_show_leaf(inode, path) eh = path[depth].p_hdr // use after free de path !!! De manera similar a ext4_split_extent_at(), usamos *ppath directamente como entrada para ext4_ext_show_leaf(). Por cierto, corrige un error ortogr\u00e1fico. El mismo problema en ext4_ext_handle_unwritten_extents(). Dado que 'path' solo se usa en ext4_ext_show_leaf(), elimine 'path' y use *ppath directamente. Este problema se activa solo cuando se define EXT_DEBUG y, por lo tanto, no afecta la funcionalidad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2eba3b0cc5b8de624918d21f32b5b8db59a90b39", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34b2096380ba475771971a778a478661a791aa15", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4999fed877bb64e3e7f9ab9996de2ca983c41928", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4e2524ba2ca5f54bdbb9e5153bea00421ef653f5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8b114f2cc7dd5d36729d040b68432fbd0f0a8868", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b0cb4561fc4284d04e69c8a66c8504928ab2484e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d483c7cc1796bd6a80e7b3a8fd494996260f6b67", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49890.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49890.json index 0659bb85685..a54eff71813 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49890.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49890.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49890", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.580", - "lastModified": "2024-10-23T15:13:58.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:41:41.680", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/pm: aseg\u00farese de que fw_info no sea nulo antes de usarlo Esto resuelve la advertencia de valor de retorno nulo desreferenciado informada por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/016bf0294b401246471c6710c6bf9251616228b6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/186fb12e7a7b038c2710ceb2fb74068f1b5d55a4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29f388945770bd0a6c82711436b2bc98b0dfac92", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8adf4408d482faa51b2c14e60bfd9946ec1911a4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9550d8d6f19fac7623f044ae8d9503825b325497", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b511474f49588cdca355ebfce54e7eddbf7b75a5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fd5f4ac1a986f0e7e9fa019201b5890554f87bcf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49891.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49891.json index 8830603de0d..a491f7cca1e 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49891.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49891.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49891", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.657", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:42:27.193", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: lpfc: Validar punteros hdwq antes de desreferenciar en rutas de reinicio/errata Cuando el HBA est\u00e1 experimentando un reinicio o est\u00e1 manejando un evento de erratas, pueden ocurrir fallos de desreferencia de ptr NULL en rutinas como lpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk() o lpfc_abort_handler(). Agregue verificaciones de ptr NULL antes de desreferenciar punteros hdwq que pueden haberse liberado debido a operaciones que colisionan con un controlador de eventos de reinicio o erratas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2be1d4f11944cd6283cb97268b3e17c4424945ca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99a801e2fca39a6f31e543fc3383058a8955896f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fd665c8dbdb19548965b0ae80c490de00e906366", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49892.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49892.json index 62e236df0c8..fe5adb23e16 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49892.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49892.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49892", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.757", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:32:23.250", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: inicializar el valor predeterminado de get_bytes_per_element en 1. Las variables, utilizadas como denominadores y que quiz\u00e1s no se asignen a otros valores, no deben ser 0. bytes_per_element_y y bytes_per_element_c se inicializan mediante get_bytes_per_element(), que nunca debe devolver 0. Esto corrige 10 problemas de DIVIDE_BY_ZERO informados por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1f9f8186e239222f1c8d3dd73bf3bc6ae86c5e76", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3334ab72cbba55a632f24579cd47c4a4e5e69cda", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4067f4fa0423a89fb19a30b57231b384d77d2610", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a23d6029e730f8a151b1a34afb169baac1274583", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc00d211da4ffad5314a2043b50bdc8ff8a33724", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c7630935d9a4986e8c0ed91658a781b7a77d73f7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f921335123f6620c3dce5c96fbb95f18524a021c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49893.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49893.json index d54e8932934..a816b37aa7b 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49893.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49893.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49893", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.850", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:32:44.987", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: comprobar stream_status antes de usarlo [QU\u00c9 Y C\u00d3MO] dc_state_get_stream_status puede devolver null y, por lo tanto, debe comprobarse null antes de usar stream_status. Esto soluciona 1 problema de NULL_RETURNS informado por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "6D5FF9C2-A011-4A64-B614-F9244ED2EA0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4914c8bfee1843fae046a12970b6f178e6642659", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/58a8ee96f84d2c21abb85ad8c22d2bbdf59bd7a9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49894.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49894.json index 3e905e4d27c..82cbca82fa6 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49894.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49894.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49894", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.913", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:32:58.803", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Corrige el \u00edndice fuera de los l\u00edmites en la traducci\u00f3n del formato de hardware degamma Corrige el problema del \u00edndice fuera de los l\u00edmites en la funci\u00f3n `cm_helper_translate_curve_to_degamma_hw_format`. El problema podr\u00eda ocurrir cuando el \u00edndice 'i' excede el n\u00famero de puntos de funci\u00f3n de transferencia (TRANSFER_FUNC_POINTS). La correcci\u00f3n agrega una verificaci\u00f3n para garantizar que 'i' est\u00e9 dentro de los l\u00edmites antes de acceder a los puntos de funci\u00f3n de transferencia. Si 'i' est\u00e1 fuera de los l\u00edmites, la funci\u00f3n devuelve falso para indicar un error. Reportado por smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de b\u00fafer 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de b\u00fafer 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de b\u00fafer 'output_tf->tf_pts.blue' 1025 <= s32max" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/07078fa5d589a7fbce8f81ea8acf7aa0021ab38e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/122e3a7a8c7bcbe3aacddd6103f67f9f36bed473", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2495c8e272d84685403506833a664fad932e453a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f5da549535be8ccd2ab7c9abac8562ad370b181", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7e99058eb2e86aabd7a10761e76cae33d22b49f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c130a3c09e3746c1a09ce26c20d21d449d039b1d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c6979719012a90e5b8e3bc31725fbfdd0b9b2b79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49895.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49895.json index d71b29f46b0..569f600054c 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49895.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49895.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49895", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:11.990", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:35:35.013", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Se corrige el \u00edndice fuera de los l\u00edmites en la traducci\u00f3n del formato de hardware degamma de DCN30. Esta confirmaci\u00f3n aborda un posible problema de \u00edndice fuera de los l\u00edmites en la funci\u00f3n `cm3_helper_translate_curve_to_degamma_hw_format` en el m\u00f3dulo de administraci\u00f3n de color DCN30. El problema podr\u00eda ocurrir cuando el \u00edndice 'i' excede la cantidad de puntos de funci\u00f3n de transferencia (TRANSFER_FUNC_POINTS). La correcci\u00f3n agrega una verificaci\u00f3n para garantizar que 'i' est\u00e9 dentro de los l\u00edmites antes de acceder a los puntos de funci\u00f3n de transferencia. Si 'i' est\u00e1 fuera de los l\u00edmites, la funci\u00f3n devuelve falso para indicar un error. Reportado por smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:338 cm3_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de b\u00fafer 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:339 cm3_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de b\u00fafer 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:340 cm3_helper_translate_curve_to_degamma_hw_format() error: desbordamiento de b\u00fafer 'output_tf->tf_pts.blue' 1025 <= s32max" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0d38a0751143afc03faef02d55d31f70374ff843", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad89f83343a501890cf082c8a584e96b59fe4015", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc50b614d59990747dd5aeced9ec22f9258991ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c4fdc2d6fea129684b82bab90bb52fbace494a58", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de6ee4f9e6b1c36b4fdc7c345c1a6de9e246093e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f3ccd855b4395ce65f10dd37847167f52e122b70", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f5c3d306de91a4b69cfe3eedb72b42d452593e42", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49899.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49899.json index ee417a0f316..c92a461432f 100644 --- a/CVE-2024/CVE-2024-498xx/CVE-2024-49899.json +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49899.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49899", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:12.253", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:35:52.620", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Inicializar el valor predeterminado de los denominadores en 1 [QU\u00c9 Y C\u00d3MO] Las variables utilizadas como denominadores y que quiz\u00e1s no est\u00e9n asignadas a otros valores, no deben ser 0. Cambie su valor predeterminado a 1 para que nunca sean 0. Esto corrige 10 problemas de DIVIDE_BY_ZERO informados por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "6D5FF9C2-A011-4A64-B614-F9244ED2EA0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7f8e93b862aba08d540f1e9e03e0ceb4d0cfd5fb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b995c0a6de6c74656a0c39cd57a0626351b13e3c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49900.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49900.json index aaa6422ffae..6babf71e7db 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49900.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49900.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49900", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:12.320", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:24:23.710", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: Se corrige el acceso a uninit-value de new_ea en ea_buffer syzbot informa que lzo1x_1_do_compress est\u00e1 usando uninit-value: ========================================================= ERROR: KMSAN: uninit-value en lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178 ... Uninit se almacen\u00f3 en la memoria en: ea_put fs/jfs/xattr.c:639 [en l\u00ednea] ... La variable local ea_buf se cre\u00f3 en: __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662 __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934 ========================================================== El motivo es que ea_buf->new_ea no se inicializa correctamente. Solucione esto usando memset para vaciar su contenido al principio en ea_get()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2b59ffad47db1c46af25ccad157bb3b25147c35c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6041536d18c5f51a84bc37cd568cbab61870031e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7c244d5b48284a770d96ff703df2dfeadf804a73", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8ad8b531de79c348bcb8133e7f5e827b884226af", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8b1dcf25c26d42e4a68c4725ce52a0543c7878cc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c076b3746224982eebdba5c9e4b1467e146c0d64", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d7444f91a9f93eaa48827087ed0f3381c194181d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49901.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49901.json index 89d38d9c99b..29859f866cb 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49901.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49901.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49901", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:12.480", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:05:16.967", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,102 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm/adreno: Asignar msm_gpu->pdev antes para evitar nullptrs Hay algunos casos, como el descubierto por Commit 46d4efcccc68 (\"drm/msm/a6xx: Evitar una desreferencia nullptr cuando fallo la configuraci\u00f3n de speedbin\") donde msm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL); se llama en gpu->pdev == NULL, ya que el dispositivo GPU a\u00fan no se ha inicializado por completo. Resulta que hay m\u00e1s que solo la ruta mencionada anteriormente que hace que esto suceda (por ejemplo, el caso cuando hay datos de speedbin en el cat\u00e1logo, pero opp-supported-hw falta en DT). Asignar msm_gpu->pdev antes parece ser la soluci\u00f3n menos dolorosa para esto, as\u00ed que hazlo. Parche: https://patchwork.freedesktop.org/patch/602742/" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "8B527B5F-BDDA-424E-932E-16FCAAB575E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/16007768551d5bfe53426645401435ca8d2ef54f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9288a9676c529ad9c856096db68fad812499bc4a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9773737375b20070ea935203fd66cb9fa17c5acb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e8ac2060597a5768e4699bb61d604b4c09927b85", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49904.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49904.json index fe547adad97..6c2b7a20f49 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49904.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49904.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49904", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:12.960", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:54:47.737", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: agregar comprobaci\u00f3n de lista vac\u00eda para evitar problemas de puntero nulo Agrega comprobaci\u00f3n de lista vac\u00eda para evitar problemas de puntero nulo en algunos casos especiales. - list_for_each_entry_safe()" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4416377ae1fdc41a90b665943152ccd7ff61d3c5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5ec731ef47f1dba34daad3e51a93de793f9319ac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e87763946f708063d7e5303339598abbb8c5aac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49919.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49919.json index 2dc908c1cd5..b1599bd0021 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49919.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49919.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49919", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.117", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:55:47.027", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Agregar comprobaci\u00f3n NULL para head_pipe en dcn201_acquire_free_pipe_for_layer Esta confirmaci\u00f3n soluciona un posible problema de desreferencia de puntero nulo en la funci\u00f3n `dcn201_acquire_free_pipe_for_layer`. El problema podr\u00eda ocurrir cuando `head_pipe` es nulo. La correcci\u00f3n agrega una comprobaci\u00f3n para garantizar que `head_pipe` no sea nulo antes de confirmarlo. Si `head_pipe` es nulo, la funci\u00f3n devuelve NULL para evitar una posible desreferencia de puntero nulo. Reportado por smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn201/dcn201_resource.c:1016 Error de dcn201_acquire_free_pipe_for_layer(): anteriormente asumimos que 'head_pipe' podr\u00eda ser nulo (ver l\u00ednea 1010)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/390d757621f5f35d11a63ed7d9d3262ead240064", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a1b1655a490a492a5a6987254c935ecce4eb9de", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f22f4754aaa47d8c59f166ba3042182859e5dff7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49920.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49920.json index 52dac652050..5f3d0c8aa0a 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49920.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49920.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49920", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.180", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:56:32.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: comprobar punteros nulos antes de m\u00faltiples usos [QU\u00c9 Y C\u00d3MO] Los punteros, como stream_enc y dc->bw_vbios, se comprueban como nulos previamente en la misma funci\u00f3n, por lo que Coverity advierte \"implica que stream_enc y dc->bw_vbios podr\u00edan ser nulos\". Se utilizan varias veces en el c\u00f3digo posterior y es necesario comprobarlos. Esto soluciona 10 problemas de FORWARD_NULL informados por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "6D5FF9C2-A011-4A64-B614-F9244ED2EA0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/26787fb6c2b2ee0d1a7e1574b36f4711ae40fe27", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fdd5ecbbff751c3b9061d8ebb08e5c96119915b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49921.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49921.json index 6624604e621..e9a06e587fd 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49921.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49921.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49921", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.260", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:01:21.077", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: comprobar punteros nulos antes de usarlos [QU\u00c9 Y C\u00d3MO] Los punteros, como dc->clk_mgr, se comprueban antes en la misma funci\u00f3n, por lo que Coverity advierte que \"implica que \"dc->clk_mgr\" podr\u00eda ser nulo\". Como resultado, estos punteros deben comprobarse cuando se utilicen nuevamente. Esto soluciona 10 problemas de FORWARD_NULL informados por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "6D5FF9C2-A011-4A64-B614-F9244ED2EA0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5b35bf1a82eb29841b67ff5643ba83762250fc24", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/be1fb44389ca3038ad2430dac4234669bc177ee3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49922.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49922.json index 1ccc09d2852..2a9daf2c237 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49922.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49922.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49922", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.327", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:56:06.057", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: comprobar punteros nulos antes de usarlos [QU\u00c9 Y C\u00d3MO] Estos punteros se comprobaron previamente en la misma funci\u00f3n, lo que indica que podr\u00edan ser nulos, como inform\u00f3 Coverity. Como resultado, deben comprobarse cuando se vuelvan a utilizar. Esto soluciona el problema 3 FORWARD_NULL informado por Coverity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1ff12bcd7deaeed25efb5120433c6a45dd5504a8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5e9386baa3033c369564d55de4bab62423e8a1d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/65e1d2c291553ef3f433a0b7109cc3002a5f40ae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49924.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49924.json index e7ba8a731c4..4cec5ff67a9 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49924.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49924.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49924", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.450", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:21:40.623", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: pxafb: Arregla posible use after free en pxafb_task() En la funci\u00f3n pxafb_probe, llama a la funci\u00f3n pxafb_init_fbinfo, despu\u00e9s de lo cual &fbi->task se asocia con pxafb_task. Adem\u00e1s, dentro de esta funci\u00f3n pxafb_init_fbinfo, la funci\u00f3n pxafb_blank dentro de la estructura &pxafb_ops es capaz de programar trabajo. Si eliminamos el m\u00f3dulo que llamar\u00e1 a pxafb_remove para hacer la limpieza, llamar\u00e1 a la funci\u00f3n unregister_framebuffer que puede llamar a do_unregister_framebuffer para liberar fbi->fb a trav\u00e9s de put_fb_info(fb_info), mientras que se utilizar\u00e1 el trabajo mencionado anteriormente. La secuencia de operaciones que pueden llevar a un error de UAF es la siguiente: CPU0 CPU1 | pxafb_task pxafb_remove | unregister_framebuffer(info) | do_unregister_framebuffer(fb_info) | put_fb_info(fb_info) | // free fbi->fb | set_ctrlr_state(fbi, state) | __pxafb_lcd_power(fbi, 0) | fbi->lcd_power(on, &fbi->fb.var) | //use fbi->fb Solucione el problema asegur\u00e1ndose de cancelar el trabajo antes de continuar con la limpieza en pxafb_remove. Tenga en cuenta que solo el usuario root puede eliminar el controlador en tiempo de ejecuci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3c0d416eb4bef705f699213cee94bf54b6acdacd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4a6921095eb04a900e0000da83d9475eb958e61e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cda484e584be34d55ee17436ebf7ad11922b97a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a3a855764dbacbdb1cc51e15dc588f2d21c93e0e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aaadc0cb05c999ccd8898a03298b7e5c31509b08", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e6897e299f57b103e999e62010b88e363b3eebae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fdda354f60a576d52dcf90351254714681df4370", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49928.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49928.json index 41487203c26..9d59a139c64 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49928.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49928.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49928", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.813", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:22:31.013", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtw89: evitar la lectura fuera de los l\u00edmites al cargar elementos FW de potencia TX Debido a que loop-expression lo har\u00e1 una vez m\u00e1s antes de obtener false de cond-expression, el c\u00f3digo original copi\u00f3 un tama\u00f1o de entrada m\u00e1s all\u00e1 de la regi\u00f3n v\u00e1lida. Solucione el problema moviendo la copia de la entrada a loop-body." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4007c3d2da31d0c755ea3fcf55e395118e5d5621", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/83c84cdb75572048b67d6a3916283aeac865996e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ed2e4bb17a4884cf29c3347353d8aabb7265b46c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49929.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49929.json index c3e53cc5707..f23028cb403 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49929.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49929.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49929", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.907", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:22:53.763", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,102 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: mvm: evitar la desreferencia del puntero NULL iwl_mvm_tx_skb_sta() e iwl_mvm_tx_mpdu() verifican que el puntero mvmvsta no sea NULL. Recupera este puntero utilizando iwl_mvm_sta_from_mac80211, que est\u00e1 desreferenciando el puntero ieee80211_sta. Si sta es NULL, iwl_mvm_sta_from_mac80211 desreferenciar\u00e1 un puntero NULL. Solucione esto comprobando el puntero sta antes de recuperar el mvmsta de \u00e9l. Si sta no es NULL, entonces mvmsta tampoco lo es." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "8B527B5F-BDDA-424E-932E-16FCAAB575E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/557a6cd847645e667f3b362560bd7e7c09aac284", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6dcadb2ed3b76623ab96e3e7fbeda1a374d01c28", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0b4f5d94934c290479180868a32c15ba36a6d9e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cdbf51bfa4b0411820806777da36d93d49bc49a1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49930.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49930.json index 038ccc73c4d..497982e3c05 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49930.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49930.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49930", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:14.990", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:23:14.283", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath11k: arreglo de acceso fuera de los l\u00edmites a la matriz en las estad\u00edsticas de SoC Actualmente, la matriz ath11k_soc_dp_stats::hal_reo_error est\u00e1 definida con un tama\u00f1o m\u00e1ximo de DP_REO_DST_RING_MAX. Sin embargo, la funci\u00f3n ath11k_dp_process_rx() accede a ath11k_soc_dp_stats::hal_reo_error utilizando el ID de anillo SRNG de destino REO, lo cual es incorrecto. El ID de anillo SRNG difiere del ID de anillo normal, y este uso conduce a un acceso a la matriz fuera de los l\u00edmites. Para solucionar este problema, modifique ath11k_dp_process_rx() para utilizar el ID de anillo normal directamente en lugar del ID de anillo SRNG para evitar el acceso a la matriz fuera de los l\u00edmites. Probado en: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/01b77f5ee11c89754fb836af8f76799d3b72ae2f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0f26f26944035ec67546a944f182cbad6577a9c0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4dd732893bd38cec51f887244314e2b47f0d658f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6045ef5b4b00fee3629689f791992900a1c94009", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/69f253e46af98af17e3efa3e5dfa72fcb7d1983d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/73e235728e515faccc104b0153b47d0f263b3344", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7a552bc2f3efe2aaf77a85cb34cdf4a63d81a1a7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49931.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49931.json index b0e3c7657b6..252a32e7743 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49931.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49931.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49931", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:15.080", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:16:07.980", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,102 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath12k: arreglo de acceso fuera de los l\u00edmites a la matriz en las estad\u00edsticas de SoC Actualmente, la matriz ath12k_soc_dp_stats::hal_reo_error est\u00e1 definida con un tama\u00f1o m\u00e1ximo de DP_REO_DST_RING_MAX. Sin embargo, la funci\u00f3n ath12k_dp_rx_process() accede a ath12k_soc_dp_stats::hal_reo_error utilizando el ID de anillo SRNG de destino REO, lo cual es incorrecto. El ID de anillo SRNG difiere del ID de anillo normal, y este uso conduce a un acceso a la matriz fuera de los l\u00edmites. Para solucionar este problema, modifique ath12k_dp_rx_process() para utilizar el ID de anillo normal directamente en lugar del ID de anillo SRNG para evitar el acceso a la matriz fuera de los l\u00edmites. Probado en: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "8B527B5F-BDDA-424E-932E-16FCAAB575E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/a4aef827a41cdaf6201bbaf773c1eae4e20e967b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad791e3ec60cb66c1e4dc121ffbf872df312427d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0e4274d9dc9f8409d56d622cd3ecf7b6fd49e2f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e106b7ad13c1d246adaa57df73edb8f8b8acb240", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49936.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49936.json index 4fd458dc2f2..ab1a1428f8d 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49936.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49936.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49936", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:15.413", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:16:22.713", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/xen-netback: evitar UAF en xenvif_flush_hash() Durante la llamada de iteraci\u00f3n list_for_each_entry_rcu de xenvif_flush_hash, kfree_rcu no existe dentro de la secci\u00f3n cr\u00edtica de lectura de rcu, por lo que si se llama a kfree_rcu cuando finaliza el per\u00edodo de gracia de rcu durante la iteraci\u00f3n, se produce UAF al acceder a head->next despu\u00e9s de que la entrada se libera. Por lo tanto, para resolver esto, debe cambiarlo a list_for_each_entry_safe." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0fa5e94a1811d68fbffa0725efe6d4ca62c03d12", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/143edf098b80669d05245b2f2367dd156a83a2c5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/54d8639af5568fc41c0e274fc3ec9cf86c59fcbb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a0465723b8581cad27164c9073fd780904cd22d4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7f0073fcd12ed7de185ef2c0af9d0fa1ddef22c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d408889d4b54f5501e4becc4dbbb9065143fbf4e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/efcff6ce7467f01f0753609f420333f3f2ceceda", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49941.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49941.json index c451efc2801..f1cc849f8d5 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49941.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49941.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49941", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:15.780", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:17:30.543", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,80 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gpiolib: Corrige la posible desreferencia de puntero NULL en gpiod_get_label() En `gpiod_get_label()`, es posible que `srcu_dereference_check()` pueda devolver un puntero NULL, lo que lleva a un escenario en el que se accede a `label->str` sin verificar si `label` en s\u00ed es NULL. Este parche agrega una comprobaci\u00f3n NULL adecuada para `label` antes de acceder a `label->str`. La comprobaci\u00f3n para `label->str != NULL` se elimina porque `label->str` nunca puede ser NULL si `label` no es NULL. Esto corrige el problema en el que el nombre de la etiqueta se imprim\u00eda como `(efault)` al volcar el archivo GPIO de sysfs cuando `label == NULL`." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "4AFC8E2E-533A-4A7D-A42F-F36A6F1445C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7b99b5ab885993bff010ebcd93be5e511c56e28a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9ee4b907d7a5d7a53b4ff7727c371ff3d44ccbbb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49942.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49942.json index d1c3427dc73..f21282185f2 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49942.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49942.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49942", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:15.843", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:56:59.397", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,94 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Impedir el acceso a puntero nulo en xe_migrate_copy xe_migrate_copy est\u00e1 dise\u00f1ado para copiar el contenido de los recursos de TTM. Cuando el recurso de origen es nulo, activar\u00e1 una desreferencia de puntero NULL en xe_migrate_copy. Para evitar esta situaci\u00f3n, actualice el indicador de origen a verdadero para este caso; el indicador activar\u00e1 xe_migrate_clear en lugar de xe_migrate_copy. Rastreo de problemas: <7> [317.089847] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Paso 14, tama\u00f1os: 4194304 y 4194304 <7> [317.089945] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Paso 15, tama\u00f1os: 4194304 y 4194304 <1> [317.128055] ERROR: desreferencia de puntero NULL del n\u00facleo, direcci\u00f3n: 0000000000000010 <1> [317.128064] #PF: acceso de lectura del supervisor en modo n\u00facleo <1> [317.128066] #PF: error_code(0x0000) - no presente p\u00e1gina <6> [317.128069] PGD 0 P4D 0 <4> [317.128071] Ups: Ups: 0000 [#1] PREEMPT SMP NOPTI <4> [317.128074] CPU: 1 UID: 0 PID: 1440 Comm: kunit_try_catch Contaminado: G U N 6.11.0-rc7-xe #1 <4> [317.128078] Contaminado: [U]=USUARIO, [N]=PRUEBA <4> [317.128080] Nombre del hardware: Intel Corporation Lunar Lake Client Platform/LNL-M LP5 RVP1, BIOS LNLMFWI1.R00.3221.D80.2407291239 29/07/2024 <4> [317.128082] RIP: 0010:xe_migrate_copy+0x66/0x13e0 [xe] <4> [317.128158] C\u00f3digo: 00 00 48 89 8d e0 fe ff ff 48 8b 40 10 4c 89 85 c8 fe ff ff 44 88 8d bd fe ff ff 65 48 8b 3c 25 28 00 00 00 48 89 7d d0 31 ff <8b> 79 10 48 89 85 a0 fe ff ff 48 8b 00 48 89 b5 d8 fe ff ff 83 ff <4> [317.128162] RSP: 0018:ffffc9000167f9f0 EFLAGS: 00010246 <4> [317.128164] RAX: ffff8881120d8028 RBX: ffff88814d070428 RCX: 0000000000000000 <4> [317.128166] X: ffff88813cb99c00 RSI: 0000000004000000 RDI: 0000000000000000 <4> [317.128168] RBP: ffffc9000167fbb8 R08: ffff88814e7b1f08 R09: 00000000000000001 <4> [317.128170] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88814e7b1f08 <4> [317.128172] R13: ffff88814e7b1f08 R14: ffff88813cb99c00 R15: 0000000000000001 <4> [317.128174] FS: 0000000000000000(0000) GS:ffff88846f280000(0000) knlGS:0000000000000000 <4> [317.128176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 <4> [317.128178] CR2: 000000000000010 CR3: 000000011f676004 CR4: 0000000000770ef0 <4> [317.128180] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 <4> [317.128182] DR3: knlGS:0000000000000000 <4> [317.128176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 <4> [317.128178] CR2: 0000000000000010 CR3: 000000011f676004 CR4: 0000000000770ef0 <4> [317.128180] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 <4> [317.128182] DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400 <4> [317.128184] PKRU: 55555554 <4> [317.128185] Seguimiento de llamadas: <4> [317.128187] <4> [317.128189] ? show_regs+0x67/0x70 <4> [317.128194] ? __die_body+0x20/0x70 <4> [317.128196] ? __die+0x2b/0x40 <4> [317.128198] ? page_fault_oops+0x15f/0x4e0 <4> [317.128203] ? do_user_addr_fault+0x3fb/0x970 <4> [317.128205] ? lock_acquire+0xc7/0x2e0 <4> [317.128209]? exc_page_fault+0x87/0x2b0 <4> [317.128212] ? asm_exc_page_fault+0x27/0x30 <4> [317.128216] ? xe_migrate_copy+0x66/0x13e0 [xe] <4> [317.128263] ? __lock_acquire+0xb9d/0x26f0 <4> [317.128265] ? __lock_acquire+0xb9d/0x26f0 <4> [317.128267] ? sg_free_append_table+0x20/0x80 <4> [317.128271] ? lock_acquire+0xc7/0x2e0 <4> [317.128273] ? mark_held_locks+0x4d/0x80 <4> [317.128275] ? trace_hardirqs_on+0x1e/0xd0 <4> [317.128278] ? __pm_runtime_resume+0x60/0xa0 <4> [317.128284] xe_bo_move+0x682/0xc50 [xe] <4> [317.128315] ? lock_is_held_type+0xaa/0x120 <4> [317.128318] ttm_bo_handle_move_mem+0xe5/0x1a0 [ttm] <4> [317.128324] ttm_bo_validate+0xd1/0x1a0 [ttm] <4> [317.128328] +0x721/0xc10 [xe] <" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "0E3AE738-A62B-4806-9D9C-933998214C6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/16e0267db156f8a4ea16bfb3ac3f5743c9698df3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7257d9c9a3c6cfe26c428e9b7ae21d61f2f55a79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f5199b6971f0717c2d31685953971fa2e1b9e1a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49981.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49981.json index 3b3fe65beb7..01bf5e25085 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49981.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49981.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49981", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:18.670", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:56:40.073", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,149 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: venus: se corrige el error de use after free en venus_remove debido a la condici\u00f3n de ejecuci\u00f3n en venus_probe, core->work est\u00e1 vinculado con venus_sys_error_handler, que se usa para manejar el error. El c\u00f3digo usa core->sys_err_done para que funcione la sincronizaci\u00f3n. El core->work se inicia en venus_event_notify. Si llamamos a venus_remove, puede haber un trabajo sin pescar. La secuencia posible es la siguiente: CPU0 CPU1 |venus_sys_error_handler venus_remove | hfi_destroy | venus_hfi_destroy | kfree(hdev); | |hfi_reinit |venus_hfi_queues_reinit |//use hdev Arr\u00e9glelo cancelando el trabajo en venus_remove." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.13", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "95F0968E-E3F7-42E8-A144-E4B74A2B6541" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/10941d4f99a5a34999121b314afcd9c0a1c14f15", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2a541fcc0bd2b05a458e9613376df1289ec11621", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/60b6968341a6dd5353554f3e72db554693a128a5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b0686aedc5f1343442d044bd64eeac7e7a391f4e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bf6be32e2d39f6301ff1831e249d32a8744ab28a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c5a85ed88e043474161bbfe54002c89c1cb50ee2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d925e9f7fb5a2dbefd1a73fc01061f38c7becd4c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49982.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49982.json index c65ada65ea6..e8bbc20a055 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49982.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49982.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49982", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:18.733", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:08:03.790", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,167 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: aoe: soluciona el posible problema de use-after-free en m\u00e1s lugares Para solucionar CVE-2023-6270, f98364e92662 (\"aoe: soluciona el posible problema de use-after-free en aoecmd_cfg_pkts\") hace que tx() llame a dev_put() en lugar de hacerlo en aoecmd_cfg_pkts(). Esto evita que tx() se ejecute en use-after-free. Luego, Nicolai Stange encontr\u00f3 que m\u00e1s lugares en aoe tienen un posible problema de use-after-free con tx(). Por ejemplo, revalidate(), aoecmd_ata_rw(), resend(), probe() y aoecmd_cfg_rsp(). Esas funciones tambi\u00e9n usan aoenet_xmit() para enviar paquetes a la cola de tx. Por lo tanto, tambi\u00e9n deber\u00edan usar dev_hold() para aumentar el refcnt de skb->dev. Por otra parte, mover dev_put() a tx() hace que el refcnt de skb->dev se reduzca a un valor negativo, porque los dev_hold() correspondientes no se llaman en revalidate(), aoecmd_ata_rw(), resend(), probe() y aoecmd_cfg_rsp(). Este parche solucion\u00f3 este problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.214", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "A8846BE7-5AEC-4A74-8E34-0FE8B1205194" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.153", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "41952CCA-3B42-425D-A5FF-DE2474EC8369" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.83", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "161F9759-367F-4944-B666-215896634DCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.23", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "45944AD8-B4B6-4255-83BA-8A6750FEE47B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7.11", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "2DF20568-DF11-4303-9FA2-3DA7F6C84BD3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "158EBA02-95B5-4E0A-85BC-1EAC91B085F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:4.19.311:*:*:*:*:*:*:*", + "matchCriteriaId": "70FB9763-2A30-46A0-8FC0-C8152849C55A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.4.273:*:*:*:*:*:*:*", + "matchCriteriaId": "517FA340-6242-490E-A71D-B855DEF4C620" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/07b418d50ccbbca7e5d87a3a0d41d436cefebf79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6d6e54fc71ad1ab0a87047fd9c211e75d86084a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8253a60c89ec35c8f36fb2cc08cdf854c7a3eb58", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/89d9a69ae0c667e4d9d028028e2dcc837bae626f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/acc5103a0a8c200a52af7d732c36a8477436a3d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc2cbf7525ac288e07d465f5a1d8cb8fb9599254", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f63461af2c1a86af4217910e47a5c46e3372e645", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49992.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49992.json index b19c715c3fc..ee194d706eb 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49992.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49992.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49992", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:19.387", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:52:00.273", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -12,30 +12,119 @@ }, { "lang": "es", - "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/stm: Evite problemas de use after free con crtc y plane ltdc_load() llama a las funciones drm_crtc_init_with_planes(), drm_universal_plane_init() y drm_encoder_init(). Estas funciones no deben llamarse con par\u00e1metros asignados con devm_kzalloc() para evitar problemas de use after free [1]. Use asignaciones administradas por el marco DRM. Encontrado por Linux Verification Center (linuxtesting.org). [1] https://lore.kernel.org/lkml/u366i76e3qhh3ra5oxrtngjtm2u5lterkekcz6y2jkndhuxzli@diujon4h7qwb/" + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/stm: Evite problemas de use after free con crtc y plane ltdc_load() llama a las funciones drm_crtc_init_with_planes(), drm_universal_plane_init() y drm_encoder_init(). Estas funciones no deben llamarse con par\u00e1metros asignados con devm_kzalloc() para evitar problemas de use after free [1]. Use asignaciones administradas por el framework DRM. Encontrado por Linux Verification Center (linuxtesting.org). [1] https://lore.kernel.org/lkml/u366i76e3qhh3ra5oxrtngjtm2u5lterkekcz6y2jkndhuxzli@diujon4h7qwb/" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "180292D6-C3A4-4883-98A3-77F4D56F8081" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/0a1741d10da29aa84955ef89ae9a03c4b6038657", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/19dd9780b7ac673be95bf6fd6892a184c9db611f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/454e5d7e671946698af0f201e48469e5ddb42851", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b22eec4b57d04befa90e8554ede34e6c67257606", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d02611ff001454358be6910cb926799e2d818716", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49993.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49993.json index 1a283fb588e..5a3a2a119d3 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49993.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49993.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49993", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:19.477", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:52:19.167", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: Se corrige el bloqueo potencial si se llama a qi_submit_sync con un recuento de 0 Si se invoca qi_submit_sync() con 0 descriptores de invalidaci\u00f3n (por ejemplo, para fines de vaciado de DMA), podemos encontrarnos con un error en el que un hilo de env\u00edo no detecta la finalizaci\u00f3n de invalidation_wait. Posteriormente, esto condujo a un bloqueo suave. Actualmente, este error no tiene impacto en los usuarios existentes porque ning\u00fan llamante est\u00e1 enviando invalidaciones con 0 descriptores. Esta correcci\u00f3n permitir\u00e1 a los futuros usuarios (como DMA drain) llamar a qi_submit_sync() con un recuento de 0. Supongamos que el hilo T1 invoca qi_submit_sync() con descriptores distintos de cero, mientras que, al mismo tiempo, el hilo T2 llama a qi_submit_sync() con cero descriptores. Ambos hilos entran entonces en un bucle while, esperando a que se completen sus respectivos descriptores. T1 detecta su finalizaci\u00f3n (es decir, el estado invalidation_wait de T1 cambia a QI_DONE por HW) y procede a llamar a reclaim_free_desc() para recuperar todos los descriptores, incluyendo potencialmente los adyacentes de otros subprocesos que tambi\u00e9n est\u00e1n marcados como QI_DONE. Durante este tiempo, mientras T2 espera adquirir el qi->q_lock, el hardware IOMMU puede completar la invalidaci\u00f3n para T2, estableciendo su estado en QI_DONE. Sin embargo, si la ejecuci\u00f3n de reclaim_free_desc() por parte de T1 libera el descriptor invalidation_wait de T2 y cambia su estado a QI_FREE, T2 no observar\u00e1 el estado QI_DONE para su invalidation_wait y permanecer\u00e1 bloqueado indefinidamente. Este bloqueo suave no ocurre cuando solo se env\u00edan descriptores distintos de cero. En tales casos, los descriptores de invalidaci\u00f3n se intercalan entre los descriptores de espera con el estado QI_IN_USE, actuando como barreras. Estas barreras evitan que el c\u00f3digo de recuperaci\u00f3n libere por error descriptores que pertenecen a otros remitentes. Considere la siguiente l\u00ednea de tiempo de ejemplo: T1 T2 ========================================= ID1 WD1 while(WD1!=QI_DONE) unlock lock WD1=QI_DONE* WD2 while(WD2!=QI_DONE) unlock lock WD1==QI_DONE? ID1=QI_DONE WD2=DONE* reclaim() ID1=FREE WD1=FREE WD2=FREE unlock soft lockup! T2 nunca ve QI_DONE en WD2 Donde: ID = descriptor de invalidaci\u00f3n WD = descriptor de espera * Escrito por hardware La ra\u00edz del problema es que el indicador de estado del descriptor QI_DONE se usa para dos prop\u00f3sitos conflictivos: 1. se\u00f1alar que un descriptor est\u00e1 listo para ser recuperado (para ser liberado) 2. se\u00f1alar por el hardware que un descriptor de espera est\u00e1 completo La soluci\u00f3n (en este parche) es la separaci\u00f3n de estados mediante el uso del indicador QI_FREE para #1. Una vez que los descriptores de invalidaci\u00f3n de un hilo est\u00e1n completos, su estado se establecer\u00eda en QI_FREE. La funci\u00f3n reclaim_free_desc() solo liberar\u00eda los descriptores marcados como QI_FREE en lugar de los marcados como QI_DONE. Este cambio asegura que T2 (del ejemplo anterior) observar\u00e1 correctamente la finalizaci\u00f3n de su invalidation_wait (marcada como QI_DONE)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.55", + "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/07e4e92f84b7d3018b7064ef8d8438aeb54a2ca5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3cf74230c139f208b7fb313ae0054386eee31a81", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8840dc73ac9e1028291458ef1429ec3c2524ffec", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92ba5b014d5435dd7a1ee02a2c7f2a0e8fe06c36", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de9e7f68762585f7532de8a06de9485bf39dbd38", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dfdbc5ba10fb792c9d6d12ba8cb6e465f97365ed", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e03f00aa4a6c0c49c17857a4048f586636abdc32", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-499xx/CVE-2024-49994.json b/CVE-2024/CVE-2024-499xx/CVE-2024-49994.json index ac32235a2f4..30b4b77107d 100644 --- a/CVE-2024/CVE-2024-499xx/CVE-2024-49994.json +++ b/CVE-2024/CVE-2024-499xx/CVE-2024-49994.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49994", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T18:15:19.557", - "lastModified": "2024-10-23T15:13:25.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:52:32.877", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: corregir desbordamiento de entero en BLKSECDISCARD Descubr\u00ed de forma independiente el commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 bloque: corregir desbordamiento en blk_ioctl_discard() pero para borrado seguro. Mismo problema: uint64_t r[2] = {512, 18446744073709551104ULL}; ioctl(fd, BLKSECDISCARD, r); entrar\u00e1 en un bucle casi infinito dentro de blkdev_issue_secure_erase(): a.out: intento de acceso m\u00e1s all\u00e1 del final del dispositivo loop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048 bio_check_eod: 3286214 devoluciones de llamadas suprimidas" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.14", + "matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.3", + "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0842ddd83939eb4db940b9af7d39e79722bc41aa", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/697ba0b6ec4ae04afb67d3911799b5e2043b4455", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6c9915fa9410cbb9bd75ee283c03120046c56d3d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50019.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50019.json index 84b13aeffa3..e8650e252fd 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50019.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50019.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50019", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.510", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:45:56.190", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,127 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: kthread: unpark solo kthread aparcado Llamar a kthread unparking incondicionalmente es mayormente inofensivo cuando el kthread ya est\u00e1 desestacionado. Luego, la activaci\u00f3n simplemente se ignora porque el objetivo no est\u00e1 en estado TASK_PARKED. Sin embargo, si el kthread es por CPU, la activaci\u00f3n est\u00e1 precedida por una llamada a kthread_bind() que espera que la tarea est\u00e9 inactiva y en estado TASK_PARKED, lo que obviamente no es el caso si est\u00e1 desestacionada. Como resultado, llamar a kthread_stop() en un kthread por CPU no estacionado activa esta advertencia: ADVERTENCIA: CPU: 0 PID: 11 en kernel/kthread.c:525 __kthread_bind_mask kernel/kthread.c:525 kthread_stop+0x17a/0x630 kernel/kthread.c:707 destroy_workqueue+0x136/0xc40 kernel/workqueue.c:5810 wg_destruct+0x1e2/0x2e0 drivers/net/wireguard/device.c:257 netdev_run_todo+0xe1a/0x1000 net/core/dev.c:10693 default_device_exit_batch+0xa14/0xa90 net/core/dev.c:11769 ops_exit_list net/core/net_namespace.c:178 [en l\u00ednea] cleanup_net+0x89d/0xcc0 net/core/net_namespace.c:640 process_one_work kernel/workqueue.c:3231 [en l\u00ednea] process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312 worker_thread+0x86d/0xd70 kernel/workqueue.c:3393 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Solucione esto omitiendo el desestacionamiento innecesario mientras Detener un kthread." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/19a5029981c87c2ad0845e713837faa88f5d8e2b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/214e01ad4ed7158cab66498810094fac5d09b218", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/40a6e660d2a3a7a5cb99f0b8ff4fb41bad039f68", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8608196a155cb6cfae04d96b10a2652d0327e33f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cda5423c1a1c906062ef235c940f249b97d9d135", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50020.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50020.json index e3fbccd1aa3..9bcea763651 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50020.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50020.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50020", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.573", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:50:42.230", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,92 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: Se corrige el manejo incorrecto de refcount en ice_sriov_set_msix_vec_count() Este parche soluciona un problema con el manejo incorrecto del recuento de referencias en la funci\u00f3n ice_sriov_set_msix_vec_count(). Primero, la funci\u00f3n llama a ice_get_vf_by_id(), que incrementa el recuento de referencias del puntero vf. Si la llamada posterior a ice_get_vf_vsi() fallo, la funci\u00f3n actualmente devuelve un error sin disminuir el recuento de referencias del puntero vf, lo que lleva a una p\u00e9rdida del recuento de referencias. El comportamiento correcto, como se implement\u00f3 en este parche, es disminuir el recuento de referencias usando ice_put_vf(vf) antes de devolver un error cuando vsi es NULL. En segundo lugar, la funci\u00f3n llama a ice_sriov_get_irqs(), que establece vf->first_vector_idx. Si esta llamada devuelve un valor negativo, lo que indica un error, la funci\u00f3n devuelve un error sin disminuir el recuento de referencia del puntero vf, lo que genera otra p\u00e9rdida de recuento de referencia. El parche soluciona este problema agregando una llamada a ice_put_vf(vf) antes de devolver un error cuando vf->first_vector_idx < 0. Este error fue identificado por una herramienta de an\u00e1lisis est\u00e1tico experimental desarrollada por nuestro equipo. La herramienta se especializa en analizar operaciones de recuento de referencia e identificar posibles errores de administraci\u00f3n de los recuentos de referencia. En este caso, la herramienta marc\u00f3 la operaci\u00f3n de disminuci\u00f3n faltante como un problema potencial, lo que llev\u00f3 a este parche." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7.10", + "versionEndExcluding": "6.8", + "matchCriteriaId": "15130BF0-E913-4EC3-B479-B8FA35896797" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "C354E062-80AD-4947-809C-E798BC6AAA39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/416dbb815ca69684de148328990ba0ec53e6dbc1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d517cf89874c6039e6294b18d66f40988e62502a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50021.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50021.json index 4343706725c..8f059999d45 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50021.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50021.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50021", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.630", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:52:13.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,85 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: Se corrige el manejo incorrecto de refcount en ice_dpll_init_rclk_pins() Este parche soluciona un problema de manejo de recuento de referencias en la funci\u00f3n ice_dpll_init_rclk_pins(). La funci\u00f3n llama a ice_dpll_get_pins(), que incrementa el recuento de referencias de los recursos relevantes. Sin embargo, si se cumple la condici\u00f3n WARN_ON((!vsi || !vsi->netdev)), la funci\u00f3n actualmente devuelve un error sin liberar correctamente los recursos adquiridos por ice_dpll_get_pins(), lo que lleva a una p\u00e9rdida de recuento de referencias. Para resolver esto, la comprobaci\u00f3n se ha movido a la parte superior de la funci\u00f3n. Esto garantiza que la funci\u00f3n verifique el estado antes de que se adquieran recursos, lo que evita la necesidad de una gesti\u00f3n de recursos adicional en la ruta de error. Este error fue identificado por una herramienta de an\u00e1lisis est\u00e1tico experimental desarrollada por nuestro equipo. La herramienta se especializa en analizar operaciones de recuento de referencias y detectar posibles problemas donde los recursos no se administran correctamente. En este caso, la herramienta marc\u00f3 la operaci\u00f3n de liberaci\u00f3n faltante como un problema potencial, lo que llev\u00f3 al desarrollo de este parche." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/aefecead9d08f4a35ab6f51ba2e408d2cef4e31d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ccca30a18e36a742e606d5bf0630e75be7711d0a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50022.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50022.json index 463e9e21c7f..1bcb6632f1b 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50022.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50022.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50022", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.690", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:05:57.403", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,113 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: device-dax: alineaci\u00f3n correcta de pgoff en dax_set_mapping() pgoff debe alinearse usando ALIGN_DOWN() en lugar de ALIGN(). De lo contrario, vmf->address no alineado con fault_size se alinear\u00e1 con la siguiente alineaci\u00f3n, lo que puede provocar que El fallo de memoria obtenga la direcci\u00f3n incorrecta. Es una situaci\u00f3n sutil que solo se puede observar en page_mapped_in_vma() despu\u00e9s de que dev_dax_huge_fault gestione El fallo de p\u00e1gina. Generalmente, hay pocas posibilidades de realizar page_mapped_in_vma en la p\u00e1gina de dev-dax a menos que se trate de una inyecci\u00f3n de error espec\u00edfica en el dispositivo dax para activar un MCE (fallo de memoria). En ese caso, se activar\u00e1 page_mapped_in_vma() para determinar qu\u00e9 tarea est\u00e1 accediendo a la direcci\u00f3n de fallo y matar esa tarea al final. Usamos un dispositivo dax desarrollado por nosotros mismos (que es un mapeo alineado de 2M) para realizar una inyecci\u00f3n de error en una direcci\u00f3n aleatoria. Result\u00f3 que el error inyectado en una direcci\u00f3n no alineada a 2M estaba causando un MCE interminable hasta que surgi\u00f3 el p\u00e1nico. Debido a que page_mapped_in_vma() segu\u00eda generando una direcci\u00f3n incorrecta y la tarea que acced\u00eda a la direcci\u00f3n fallida nunca se finalizaba correctamente: [3783.719419] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: recuperada [3784.049006] mce: Error de memoria de hardware sin corregir en el acceso de usuario en 200c9742380 [3784.049190] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: recuperada [3784.448042] mce: Error de memoria de hardware sin corregir en el acceso de usuario en 200c9742380 [3784.448186] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: recuperada [3784.792026] mce: Error de memoria de hardware sin corregir en el acceso de usuario en 200c9742380 [3784.792179] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [3785.162502] mce: Error de memoria de hardware sin corregir en el acceso de usuario en 200c9742380 [3785.162633] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [3785.461116] mce: Error de memoria de hardware sin corregir en el acceso de usuario en 200c9742380 [3785.461247] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [3785.764730] mce: Error de memoria de hardware sin corregir en acceso de usuario en 200c9742380 [3785.764859] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [3786.042128] mce: Error de memoria de hardware sin corregir en acceso de usuario en 200c9742380 [3786.042259] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [3786.464293] mce: Error de memoria de hardware sin corregir en acceso de usuario en 200c9742380 [3786.464423] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [3786.818090] mce: Error de memoria de hardware sin corregir en acceso de usuario en 200c9742380 [ 3786.818217] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado [ 3787.085297] mce: Error de memoria de hardware sin corregir en el acceso de usuario en 200c9742380 [ 3787.085424] Error de memoria: 0x200c9742: acci\u00f3n de recuperaci\u00f3n para la p\u00e1gina dax: Recuperado Nos llev\u00f3 varias semanas localizar este problema, pero finalmente usamos bpftrace para rastrear El fallo de p\u00e1gina y la direcci\u00f3n mce e identificamos el problema con \u00e9xito. Joao agreg\u00f3: ; Es probable que nunca lo reproduzcamos en producci\u00f3n porque siempre fijamos : las regiones device-dax en la alineaci\u00f3n de regi\u00f3n que proporcionan (Qemu hace : de manera similar con prealloc en la memoria respaldada por hugetlb/archivo). Creo que este error requiere que toquemos regiones del dispositivo DAX *no fijadas* que no est\u00e9n alineadas con la alineaci\u00f3n seleccionada del dispositivo DAX (tama\u00f1o de p\u00e1gina, es decir, 4K/2M/1G)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "09358D68-A717-469E-B900-8002A642E29A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7fcbd9785d4c17ea533c42f20a9083a83f301fa6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9c4198dfdca818c5ce19c764d90eabd156bbc6da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b822007e8db341d6f175c645ed79866db501ad86", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e877427d218159ac29c9326100920d24330c9ee6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50023.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50023.json index 5cd956fa9fc..17007c05310 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50023.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50023.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50023", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.763", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:07:10.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,99 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: phy: Eliminar la entrada LED de la lista de LED al anular el registro El commit c938ab4da0eb (\"net: phy: Eliminar manualmente los LED para garantizar el orden correcto\") corrigi\u00f3 correctamente un problema con el uso de devm_ pero no elimin\u00f3 la entrada LED de la lista de LED. Esto causa p\u00e1nico del kernel en un escenario espec\u00edfico donde el puerto para el PHY se desactiva y activa y se elimina el kmod para el PHY. Al desactivar el puerto la primera vez, los LED asociados se anulan correctamente el registro. El kmod asociado para el PHY ahora se elimina. El kmod ahora se agrega nuevamente y el puerto ahora se activa, los LED asociados se registran nuevamente. Al desactivar el puerto nuevamente por segunda vez despu\u00e9s de estos pasos, la lista de LED ahora tiene 4 elementos. Con los primeros 2 ya anulados previamente y los 2 nuevos registrados nuevamente. Esto causa un p\u00e1nico del kernel ya que los primeros 2 elementos deber\u00edan haberse eliminado. Arregle esto eliminando correctamente el elemento cuando el LED no est\u00e1 registrado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "A04D6BA8-90D7-4CEF-832D-EBB8568FB0E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/143ffa7878e2d9d9c3836ee8304ce4930f7852a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f50b5d74c68e551667e265123659b187a30fe3a5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fba363f4d244269a0ba7abb8df953a244c6749af", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50024.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50024.json index 422f0c98e9c..0326e1b890a 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50024.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50024.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50024", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.850", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:08:58.293", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,141 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: Corrige un bucle inseguro en la lista El kernel puede bloquearse al eliminar una familia genetlink si a\u00fan hay oyentes para esa familia: Oops: Acceso al kernel al \u00e1rea incorrecta, sig: 11 [#1] ... NIP [c000000000c080bc] netlink_update_socket_mc+0x3c/0xc0 LR [c000000000c0f764] __netlink_clear_multicast_users+0x74/0xc0 Rastreo de llamadas: __netlink_clear_multicast_users+0x74/0xc0 genl_unregister_family+0xd4/0x2d0 Cambia el bucle inseguro en la lista a uno seguro, porque dentro del bucle hay una eliminaci\u00f3n de elementos de esta lista." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.32", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "55B1128C-32C2-4BFA-94CA-82EBE52BE30E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "B8FAF52D-C7FB-4C74-AAE4-40660F84762E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "504F69F3-4FD5-4DA8-BDB2-29C3596A3E0C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "93BCF2E0-79C7-4648-9026-BB2D02449545" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "327EC9BC-2736-40A9-839A-3068588BE430" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1cdec792b2450105b1314c5123a9a0452cb2c2f0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1dae9f1187189bc09ff6d25ca97ead711f7e26f9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3be342e0332a7c83eb26fbb22bf156fdca467a5d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/49f9b726bf2bf3dd2caf0d27cadf4bc1ccf7a7dd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5f03a7f601f33cda1f710611625235dc86fd8a9e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/68ad5da6ca630a276f0a5c924179e57724d00013", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50025.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50025.json index f0f89f25036..78f7d254901 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50025.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50025.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50025", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.930", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:12:00.453", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,85 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: fnic: mover la inicializaci\u00f3n de flush_work fuera del bloque if Despu\u00e9s de el commit 379a58caa199 (\"scsi: fnic: mover fnic_fnic_flush_tx() a una cola de trabajo\"), puede suceder que un elemento de trabajo se env\u00ede a una cola de trabajo no inicializada. Esto puede tener el efecto de que el elemento que se est\u00e1 poniendo en cola nunca se ponga en cola y cualquier acci\u00f3n posterior que dependa de \u00e9l no se lleve a cabo. Se observa la siguiente advertencia mientras se carga el controlador fnic: kernel: ADVERTENCIA: CPU: 11 PID: 0 en ../kernel/workqueue.c:1524 __queue_work+0x373/0x410 kernel: kernel: queue_work_on+0x3a/0x50 kernel: fnic_wq_copy_cmpl_handler+0x54a/0x730 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24] kernel: fnic_isr_msix_wq_copy+0x2d/0x60 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24] kernel: __handle_irq_event_percpu+0x36/0x1a0 kernel: handle_irq_event_percpu+0x30/0x70 kernel: handle_irq_event+0x34/0x60 kernel: handle_edge_irq+0x7e/0x1a0 kernel: __common_interrupt+0x3b/0xb0 kernel: common_interrupt+0x58/0xa0 kernel: Se ha observado que esto puede interrumpir el redescubrimiento de dispositivos Fibre Channel despu\u00e9s de un fallo temporal de la estructura. Este parche lo soluciona moviendo la inicializaci\u00f3n de la cola de trabajo fuera de un bloque if en fnic_probe()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "C354E062-80AD-4947-809C-E798BC6AAA39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/6b7836b80061bf1accc5d78b12bc086aed252388", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f30e5f77d2f205ac14d09dec40fd4bb76712f13d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50026.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50026.json index da63592b7f2..a5546544bd7 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50026.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50026.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50026", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:15.993", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:13:04.783", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,113 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: wd33c93: No usar valor scsi_pointer obsoleto Se introdujo una regresi\u00f3n con el commit dbb2da557a6a (\"scsi: wd33c93: Mover el puntero SCSI a datos de comando privados\") que da como resultado un error en wd33c93_intr(). Esa confirmaci\u00f3n agreg\u00f3 la variable scsi_pointer y la inicializ\u00f3 desde hostdata->connected. Sin embargo, durante la selecci\u00f3n, hostdata->connected a\u00fan no es v\u00e1lido. Solucione esto obteniendo el scsi_pointer actual desde hostdata->selecting." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.18", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "F61A7CD6-359A-4A6B-8E7A-D0876BDC43AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3afeceda855dea9b85cddd96307d4d17c8742005", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9023ed8d91eb1fcc93e64dc4962f7412b1c4cbec", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b60ff1a95c7c386cdd6153de3d7d85edaeabd800", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e04642a207f1d2ae28a08624c04c67f5681f3451", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50027.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50027.json index 80982186b5e..a6ada0146c1 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50027.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50027.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50027", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.093", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:19:07.347", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,85 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: thermal: core: copia libre de tzp junto con la zona t\u00e9rmica. A\u00fan se puede acceder al objeto al que apunta tz->tzp despu\u00e9s de liberarlo en thermal_zone_device_unregister(), por lo que debe mover su liberaci\u00f3n al punto despu\u00e9s de que se haya completado la eliminaci\u00f3n en el que ya no se pueda acceder a \u00e9l." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4", + "versionEndIncluding": "6.11.4", + "matchCriteriaId": "A1A39D0B-911D-4BC7-B521-FC88BD5E23EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/827a07525c099f54d3b15110408824541ec66b3c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bdb0d40507c85bee33c2a71fde7b2e857346f112", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50028.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50028.json index a0ad1a4abd0..0d523233a7b 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50028.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50028.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50028", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.163", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:21:23.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,85 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: thermal: core: recuento de referencia de la zona en thermal_zone_get_by_id() Hay lugares en el c\u00f3digo de netlink t\u00e9rmico donde nada impide que el objeto de zona t\u00e9rmica desaparezca mientras se accede a \u00e9l despu\u00e9s de que thermal_zone_get_by_id() lo haya devuelto. Para solucionar esto, haga que thermal_zone_get_by_id() obtenga una referencia en el objeto de dispositivo de zona t\u00e9rmica que se devolver\u00e1 con la ayuda de get_device(), bajo thermal_list_lock, y ajuste todos sus llamadores a este cambio con la ayuda de la infraestructura cleanup.h." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "E7C7402D-CBDE-4B07-833D-4B8DC6E5C230" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/a42a5839f400e929c489bb1b58f54596c4535167", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c95538b286efc6109c987e97a051bc7844ede802", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50029.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50029.json index 5bf9cd5217d..6d2fbb66768 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50029.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50029.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50029", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.227", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:27:06.047", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,99 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: hci_conn: Fix UAF en hci_enhanced_setup_sync Esto verifica si la conexi\u00f3n ACL sigue siendo v\u00e1lida, ya que podr\u00eda destruirse mientras hci_enhanced_setup_sync est\u00e1 pendiente de cmd_sync, lo que genera el siguiente seguimiento: ERROR: KASAN: slab-use-after-free en hci_enhanced_setup_sync+0x91b/0xa60 Lectura de tama\u00f1o 1 en la direcci\u00f3n ffff888002328ffd por la tarea kworker/u5:2/37 CPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 No contaminado 6.11.0-rc6-01300-g810be445d8d6 #7099 Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 01/04/2014 Cola de trabajo: hci0 hci_cmd_sync_work Seguimiento de llamadas: dump_stack_lvl+0x5d/0x80 ? hci_enhanced_setup_sync+0x91b/0xa60 print_report+0x152/0x4c0 ? hci_enhanced_setup_sync+0x91b/0xa60 ? __virt_addr_valid+0x1fa/0x420 ? hci_enhanced_setup_sync+0x91b/0xa60 kasan_report+0xda/0x1b0 ? hci_enhanced_setup_sync+0x91b/0xa60 hci_enhanced_setup_sync+0x91b/0xa60 ? __pfx_hci_enhanced_setup_sync+0x10/0x10 ? __pfx___mutex_lock+0x10/0x10 hci_cmd_sync_work+0x1c2/0x330 process_one_work+0x7d9/0x1360 ? __pfx_lock_acquire+0x10/0x10 ? __pfx_process_one_work+0x10/0x10 ? asignar_trabajo+0x167/0x240 subproceso_trabajador+0x5b7/0xf60 ? __kthread_parkme+0xac/0x1c0 ? __pfx_worker_thread+0x10/0x10 ? __pfx_worker_thread+0x10/0x10 kthread+0x293/0x360 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2f/0x70 ? Asignado por la tarea 34: kasan_save_stack+0x30/0x50 kasan_save_track+0x14/0x30 __kasan_kmalloc+0x8f/0xa0 __hci_conn_add+0x187/0x17d0 hci_connect_sco+0x2e1/0xb90 sco_sock_connect+0x2a2/0xb80 __sys_connect+0x227/0x2a0 __x64_sys_connect+0x6d/0xb0 do_syscall_64+0x71/0x140 entrada_SYSCALL_64_after_hwframe+0x76/0x7e Liberado por la tarea 37: kasan_save_stack+0x30/0x50 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x101/0x160 kfree+0xd0/0x250 device_release+0x9a/0x210 kobject_put+0x151/0x280 hci_conn_del+0x448/0xbf0 hci_abort_conn_sync+0x46f/0x980 hci_cmd_sync_work+0x1c2/0x330 process_one_work+0x7d9/0x1360 worker_thread+0x5b7/0xf60 kthread+0x293/0x360 ret_de_la_bifurcaci\u00f3n+0x2f/0x70 ret_de_la_bifurcaci\u00f3n_asm+0x1a/0x30" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "45E9874A-13E1-45C8-AECD-CD72B9C14C36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/18fd04ad856df07733f5bb07e7f7168e7443d393", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/867639300759e3e1c5b1e1a5ff89231f263a32a7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98ccd44002d88cbf4edfc4480df532a3da5a013e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50030.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50030.json index 4ee3b97c5cd..b8a188c3fdb 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50030.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50030.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50030", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.290", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T14:06:40.707", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,85 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe/ct: evitar UAF en send_recv() Asegurarnos de que serializamos con el lado de finalizaci\u00f3n para evitar que UAF con valla salga del \u00e1mbito en la pila, ya que no tenemos ni idea de si se activar\u00e1 despu\u00e9s del tiempo de espera antes de que podamos borrar del xa. Tambi\u00e9n tenemos algunas cargas y almacenamientos dependientes para los que necesitamos el orden correcto, y carecemos de las barreras necesarias. Arregla esto tomando el ct->lock despu\u00e9s de la espera, que tambi\u00e9n est\u00e1 retenido por el lado de finalizaci\u00f3n. v2 (Badal): - Tambi\u00e9n se imprime despu\u00e9s de adquirir el bloqueo y ver el tiempo de espera. (seleccionado de el commit 52789ce35c55ccd30c4b67b9cc5b2af55e0122ea)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "C354E062-80AD-4947-809C-E798BC6AAA39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/8ed7dd4c55e4fb21531a9645aeb66a30eaf43a46", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/db7f92af626178ba59dbbcdd5dee9ec24a987a88", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50031.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50031.json index 528eb8c88c5..7d8b4c0e135 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50031.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50031.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50031", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.350", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:30:15.727", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,127 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/v3d: Detener el perfmon activo antes de ser destruido Al ejecutar `kmscube` con uno o m\u00e1s monitores de rendimiento habilitados a trav\u00e9s de `GALLIUM_HUD`, puede ocurrir el siguiente p\u00e1nico del kernel: [ 55.008324] No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual 00000000052004a4 [ 55.008368] Informaci\u00f3n de aborto de memoria: [ 55.008377] ESR = 0x0000000096000005 [ 55.008387] EC = 0x25: DABT (EL actual), IL = 32 bits [ 55.008402] SET = 0, FnV = 0 [ 55.008412] EA = 0, S1PTW = 0 [ 55.008421] FSC = 0x05: error de traducci\u00f3n de nivel 1 [ 55.008434] Informaci\u00f3n de interrupci\u00f3n de datos: [ 55.008442] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 [ 55.008455] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 55.008467] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 55.008481] pgtable de usuario: p\u00e1ginas de 4k, VA de 39 bits, pgdp=00000001046c6000 [ 55.008497] [000000000052004a4] pgd=0000000000000000, p4d=00000000000000000, pud=0000000000000000 [ 55.008525] Error interno: Oops: 0000000096000005 [#1] PREEMPT SMP [ 55.008542] M\u00f3dulos vinculados en: rfcomm [...] vc4 v3d snd_soc_hdmi_codec drm_display_helper gpu_sched drm_shmem_helper cec drm_dma_helper drm_kms_helper i2c_brcmstb drm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight [ 55.008799] CPU: 2 PID: 166 Comm: v3d_bin Contaminado: GC 6.6.47+rpt-rpi-v8 #1 Debian 1:6.6.47-1+rpt1 [ 55.008824] Nombre del hardware: Raspberry Pi 4 Modelo B Rev 1.5 (DT) [ 55.008838] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 55.008855] pc : __mutex_lock.constprop.0+0x90/0x608 [ 55.008879] lr : __mutex_lock.constprop.0+0x58/0x608 [ 55.008895] sp : ffffffc080673cf0 [ 55.008904] x29: ffffffc080673cf0 x28: 0000000000000000 x27: ffffff8106188a28 [ 55.008926] x26: ffffff8101e78040 x25: ffffff8101baa6c0 x24: ffffffd9d989f148 [ 55.008947] x23: ffffffda1c2a4008 x22: 0000000000000002 x21: ffffffc080673d38 [ 55.008968] x20: ffffff8101238000 x19: ffffff8104f83188 x18: 0000000000000000 [ 55.008988] x17: 0000000000000000 x16: ffffffda1bd04d18 x15: 00000055bb08bc90 [ 55.009715] x14: 000000000000000 x13: 0000000000000000 x12: ffffffda1bd4cbb0 [ 55.010433] x11: 00000000fa83b2da x10: 0000000000001a40 x9: ffffffda1bd04d04 [55.011162] x8: ffffff8102097b80 x7: 0000000000000000 x6: 00000000030a5857 [55.011880] x5: 00ffffffffffffff x4: 0300000005200470 x3: 0300000005200470 [55.012598] x2: ffffff8101238000 x1: 0000000000000021 x0 : 0300000005200470 [ 55.013292] Rastreo de llamadas: [ 55.013959] __mutex_lock.constprop.0+0x90/0x608 [ 55.014646] __mutex_lock_slowpath+0x1c/0x30 [ 55.015317] mutex_lock+0x50/0x68 [ 55.015961] v3d_perfmon_stop+0x40/0xe0 [v3d] [ 55.016627] v3d_bin_job_run+0x10c/0x2d8 [v3d] [ 55.017282] drm_sched_main+0x178/0x3f8 [gpu_sched] [ 55.017921] kthread+0x11c/0x128 [ 55.018554] ret_from_fork+0x10/0x20 [ 55.019168] C\u00f3digo: f9400260 f1001c1f 54001ea9 927df000 (b9403401) [ 55.019776] ---[ fin del seguimiento 000000000000000 ]--- [ 55.020411] nota: v3d_bin[166] sali\u00f3 con preempt_count 1 Este problema surge porque, al cerrar el descriptor de archivo (lo que sucede cuando interrumpimos `kmscube`), el monitor de rendimiento activo no se detiene. Aunque todos los monitores de rendimiento se destruyen en `v3d_perfmon_close_file()`, el puntero del monitor de rendimiento activo (`v3d->active_perfmon`) a\u00fan se conserva. Si se ejecuta de nuevo `kmscube`, el controlador intentar\u00e1 detener el monitor de rendimiento activo utilizando el puntero obsoleto en `v3d->active_perfmon`. Sin embargo, este puntero ya no es v\u00e1lido porque el proceso anterior ya ha finalizado y todos los monitores de rendimiento asociados con \u00e9l se han destruido y liberado. Para solucionar esto, cuando el monitor de rendimiento activo pertenece a un proceso determinado, det\u00e9ngalo expl\u00edcitamente antes de destruirlo y liberarlo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "151D0F58-4482-4AA5-87D2-803A6F5164C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/07c51108d9e278831c16191d1223ee49986e7890", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0c9e9a3a4873705740b19300cadc6599170646ef", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/24ab54a066d2ef671b03eb909ca2114c0c9ac1e7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/333767cbce6ac20ec794c76eec82ed0ef55022db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7d1fd3638ee3a9f9bca4785fffb638ca19120718", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50032.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50032.json index de2e9b0bb6a..9d48bf34c75 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50032.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50032.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50032", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.417", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:34:22.353", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,111 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rcu/nocb: Se ha corregido la activaci\u00f3n de rcuog desde un softirq sin conexi\u00f3n. Despu\u00e9s de que una CPU se haya desconectado y antes de que finalmente llame a rcutree_report_cpu_dead(), a\u00fan hay oportunidades para que se pongan en cola devoluciones de llamadas, por ejemplo, desde un softirq. Cuando eso sucede en NOCB, la activaci\u00f3n de rcuog se pospone a trav\u00e9s de una IPI a una CPU en l\u00ednea para no llamar al programador y correr el riesgo de armar el ancho de banda RT despu\u00e9s de que los temporizadores hr se hayan migrado y deshabilitado. Pero realizar una IPI sincronizada desde un softirq tiene errores, como se informa en el siguiente escenario: ADVERTENCIA: CPU: 1 PID: 26 en kernel/smp.c:633 smp_call_function_single M\u00f3dulos vinculados en: rcutorture torture CPU: 1 UID: 0 PID: 26 Comm: immigration/1 No contaminado 6.11.0-rc1-00012-g9139f93209d1 #1 Detenedor: multi_cpu_stop+0x0/0x320 <- __stop_cpus+0xd0/0x120 RIP: 0010:smp_call_function_single swake_up_one_online __call_rcu_nocb_wake __call_rcu_common ? rcu_torture_one_read call_timer_fn __run_timers run_timer_softirq handle_softirqs irq_exit_rcu ? tick_handle_periodic sysvec_apic_timer_interrupt Solucione esto forzando la activaci\u00f3n diferida de rcuog a trav\u00e9s del temporizador NOCB cuando la CPU est\u00e9 fuera de l\u00ednea. La activaci\u00f3n real se realizar\u00e1 desde rcutree_report_cpu_dead()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.54", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "28067F77-C1B2-4A04-BA6B-2C4955E8853E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10.13", + "versionEndExcluding": "6.11", + "matchCriteriaId": "B88D322F-6F03-45A1-8C58-9E45EAB64B13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11.2", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "72A93F71-1302-40DD-847E-3C6D29220EAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1.113:*:*:*:*:*:*:*", + "matchCriteriaId": "81EA2611-0623-46DE-8378-F900B6B1EC79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/84a5feebba10354c683983f5f1372a144225e4c2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e66b1e01f2eb3209d08122572f41f7838b79540d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f7345ccc62a4b880cf76458db5f320725f28e400", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json index 5bb26da1567..8e44bc18168 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50036", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.717", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:41:31.273", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,127 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: no retrasar dst_entries_add() en dst_release() dst_entries_add() usa datos por CPU que podr\u00edan liberarse en el desmantelamiento de netns de ip6_route_net_exit() llamando a dst_entries_destroy() Antes de que se pueda llamar a ip6_route_net_exit(), liberamos todos los dst asociados con este netns, a trav\u00e9s de llamadas a dst_release(), que espera un per\u00edodo de gracia de rcu antes de llamar a dst_destroy() El uso de dst_entries_add() en dst_destroy() es arriesgado, porque dst_entries_destroy() ya podr\u00eda haberse llamado. La disminuci\u00f3n del n\u00famero de dst debe ocurrir antes. Notas: 1) en el caso de CONFIG_XFRM, dst_destroy() puede llamar a dst_release_immediate(child), lo que tambi\u00e9n podr\u00eda causar UAF si el hijo no tiene DST_NOCOUNT configurado. Los encargados del mantenimiento de IPSEC podr\u00edan echar un vistazo y ver c\u00f3mo solucionar esto. 2) Tambi\u00e9n se est\u00e1 discutiendo sobre la eliminaci\u00f3n de este recuento de dst, lo que podr\u00eda suceder en kernels futuros." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10.50", + "versionEndExcluding": "3.11", + "matchCriteriaId": "2702B874-20FE-463B-A335-04F2589F4DC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.12.26", + "versionEndExcluding": "3.13", + "matchCriteriaId": "429F18C3-B964-4E6B-B230-62AFAB287B6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.14.14", + "versionEndExcluding": "3.15", + "matchCriteriaId": "FFD7BD6D-B8D7-4500-B111-701224430EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.15.7", + "versionEndExcluding": "3.16", + "matchCriteriaId": "FE4AB437-E3F2-44F6-A535-9DC3B6975B1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.16", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "B63575AE-DD69-4DB8-AC13-036544FA3558" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "327EC9BC-2736-40A9-839A-3068588BE430" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3c7c918ec0aa3555372c5a57f18780b7a96c5cfc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ac888d58869bb99753e7652be19a151df9ecb35d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eae7435b48ffc8e9be0ff9cfeae40af479a609dd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50037.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50037.json index c6c835f7edd..dd4b5d5b9d2 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50037.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50037.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50037", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.790", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:43:07.520", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,85 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/fbdev-dma: Solo limpiar la E/S diferida si es necesario el commit 5a498d4d06d6 (\"drm/fbdev-dma: Solo instalar la E/S diferida si es necesario\") inicializa la E/S diferida solo si se usa. Sin embargo, drm_fbdev_dma_fb_destroy() llama a fb_deferred_io_cleanup() incondicionalmente con struct fb_info.fbdefio == NULL. KASAN con el controlador de pantalla de silicio de Apple fuera del \u00e1rbol publica la siguiente advertencia de __flush_work() de una estructura aleatoria work_struct en lugar de las derefs de puntero NULL esperadas. [ 22.053799] ------------[ cortar aqu\u00ed ]------------ [ 22.054832] ADVERTENCIA: CPU: 2 PID: 1 en kernel/workqueue.c:4177 __flush_work+0x4d8/0x580 [ 22.056597] M\u00f3dulos vinculados en: uhid bnep uinput nls_ascii ip6_tables ip_tables i2c_dev loop fuse dm_multipath nfnetlink zram hid_magicmouse btrfs xor xor_neon brcmfmac_wcc raid6_pq hci_bcm4377 bluetooth brcmfmac hid_apple brcmutil nvmem_spmi_mfd simple_mfd_spmi dockchannel_hid cfg80211 joydev regmap_spmi nvme_apple ecdh_generic ecc macsmc_hid rfkill dwc3 appledrm snd_soc_macaudio macsmc_power nvme_core apple_isp phy_apple_atc apple_sart apple_rtkit_helper apple_dockchannel tps6598x macsmc_hwmon snd_soc_cs42l84 videobuf2_v4l2 spmi_apple_controller nvmem_apple_efuses videobuf2_dma_sg apple_z2 videobuf2_memops spi_nor panel_summit videobuf2_common asahi videodev pwm_apple apple_dcp snd_soc_apple_mca apple_admac spi_apple clk_apple_nco i2c_pasemi_platform snd_pcm_dmaengine mc i2c_pasemi_core mux_core ofpart adpdrm drm_dma_helper apple_dart apple_soc_cpufreq leds_pwm phram [ 22.073768] CPU: 2 UID: 0 PID: 1 Comm: systemd-shutdow No contaminado 6.11.2-asahi+ #asahi-dev [ 22.075612] Nombre del hardware: Apple MacBook Pro (13 pulgadas, M2, 2022) (DT) [ 22.077032] pstate: 01400005 (nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 22.078567] pc : __flush_work+0x4d8/0x580 [ 22.079471] lr : __flush_work+0x54/0x580 [ [22.080345] sp: ffffc000836ef820 [22.081089] x29: ffffc000836ef880 x28: 0000000000000000 x27: ffff80002ddb7128 [22.082678] x26: dfffc0000000000 x25: 1ffff000096f0c57 x24: ffffc00082d3e358 [22.084263] x23: ffff80004b7862b8 x22: dfffc0000000000 x21: ffff80005aa1d470 [22.085855] x20: ffff80004b786000 x19: ffff80004b7862a0 x18: 0000000000000000 [ 22.087439] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000005 [ 22.089030] x14: 1ffff800106ddf0a x13: 0000000000000000 x12: 0000000000000000 [ 22.090618] x11: ffffb800106ddf0f x10: dfffc00000000000 x9: 1ffff800106ddf0e [22.092206] x8: 0000000000000000 x7: aaaaaaaaaaaaaaaa x6: 0000000000000001 [22.093790] x5: 00836ef728 x4: 0000000000000000 x3: 0000000000000020 [22.095368] x2: 00000000000000008 x1: 00000000000000aa x0: 00000000000000000 [ 22.096955] Rastreo de llamadas: [ 22.097505] __flush_work+0x4d8/0x580 [ 22.098330] flush_delayed_work+0x80/0xb8 [ 22.099231] fb_deferred_io_cleanup+0x3c/0x130 [ 22.100217] drm_fbdev_dma_fb_destroy+0x6c/0xe0 [drm_dma_helper] [ 22.101559] anular registro de b\u00fafer de fotogramas+0x210/0x2f0 [ 22.102575] drm_fb_helper_anular registro de informaci\u00f3n+0x48/0x60 [ 22.103683] drm_fbdev_dma_client_unregister+0x4c/0x80 [drm_dma_helper] [ 22.105147] drm_client_dev_unregister+0x1cc/0x230 [ 22.106217] drm_dev_unregister+0x58/0x570 [ 22.107125] apple_drm_unbind+0x50/0x98 [appledrm] [ 22.108199] component_del+0x1f8/0x3a8 [ 22.109042] dcp_platform_shutdown+0x24/0x38 [apple_dcp] [ 22.110357] platform_shutdown+0x70/0x90 [ 22.111219] apagado_dispositivo+0x368/0x4d8 [ 22.112095] reinicio_kernel+0x6c/0x1d0 [ 22.112946] reinicio_del_sistema_arm64+0x1c8/0x328 [ 22.113868] invocar_llamada_al_sistema+0x78/0x1a8 [ 22.114703] hacer_el0_svc+0x124/0x1a0 [ 22.115498] el0_svc+0x3c/0xe0 [ 22.116181] controlador_sincronizaci\u00f3n_el0t_64+0x70/0xc0 [ 22.117110] el0t_64_sync+0x190/0x198 [ 22.117931] ---[ fin de seguimiento 0000000000000000 ]---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "66F99BD9-E74F-4CC8-834E-B73BD4643C7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5a4a8ea14c54c651ec532a480bd560d0c6e52f3d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fcddc71ec7ecf15b4df3c41288c9cf0b8e886111", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50038.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50038.json index b8eb3a1c563..f6e9b4b118d 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50038.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50038.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50038", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.877", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:45:51.340", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,127 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: xtables: evita NFPROTO_UNSPEC donde sea necesario syzbot logr\u00f3 llamar a xt_cluster match a trav\u00e9s de ebtables: ADVERTENCIA: CPU: 0 PID: 11 en net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_table+0x174b/0x2a40 El m\u00f3dulo se registra en NFPROTO_UNSPEC, pero asume el procesamiento de paquetes ipv4/ipv6. Como esto solo es \u00fatil para restringir el tr\u00e1fico TCP/UDP que termina localmente, reg\u00edstrelo solo para la familia ipv4 e ipv6. Pablo se\u00f1ala que este es un problema general, los usuarios directos de la interfaz set/getsockopt pueden llamar a destinos/coincidencias que solo estaban destinados a usarse con tablas ip(6). Compruebe todas las coincidencias y objetivos UNSPEC para ver si hay problemas similares: - las coincidencias y los objetivos est\u00e1n bien excepto si asumen que skb_network_header() es v\u00e1lido - esto solo es cierto cuando se llama desde la capa inet: la pila ip(6) extrae el encabezado ip/ipv6 en el \u00e1rea de datos lineales. - los objetivos que devuelven XT_CONTINUE u otros veredictos de xtables tambi\u00e9n deben restringirse, son incompatibles con el traverser de ebtables, por ejemplo, EBT_CONTINUE es un valor completamente diferente de XT_CONTINUE. La mayor\u00eda de las coincidencias/objetivos se cambian para registrarse para NFPROTO_IPV4/IPV6, ya que se proporcionan para su uso por ip(6)tables. El objetivo MARK tambi\u00e9n lo usan arptables, as\u00ed que reg\u00edstrese tambi\u00e9n para NFPROTO_ARP. Mientras tanto, abandone si connbytes no puede habilitar la familia conntrack correspondiente. Este cambio pasa las autopruebas en iptables.git." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.30", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "B7B7108B-7220-433F-A168-6ECF9D7F65F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0bfcb7b71e735560077a42847f69597ec7dcc326", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cdc55ec6222bb195995cc58f7cb46e4d8907056", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/85ff9a0f793ca52c527e75cd40a69c948627ebde", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f482bb7e27b37f1f734bb9a8eeb28b23d59d189", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/997f67d813ce0cf5eb3cdb8f124da68141e91b6c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50039.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50039.json index 54ff2111ecb..aed8bfd89fd 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50039.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50039.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50039", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.957", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:47:04.950", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,141 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sched: acepta TCA_STAB solo para qdisc ra\u00edz La mayor\u00eda de las qdisc mantienen su lista de espera utilizando qdisc_pkt_len(skb) asumiendo que es invariable entre los controladores enqueue() y dequeue(). Desafortunadamente, syzbot puede hacer que un host se bloquee con bastante facilidad utilizando una combinaci\u00f3n TBF + SFQ, con un STAB en SFQ [1] No podemos admitir TCA_STAB en un nivel arbitrario, esto requerir\u00eda mantener el almacenamiento por qdisc. [1] [ 88.796496] ERROR: desreferencia de puntero NULL del n\u00facleo, direcci\u00f3n: 0000000000000000 [ 88.798611] #PF: acceso de lectura del supervisor en modo n\u00facleo [ 88.799014] #PF: error_code(0x0000) - p\u00e1gina no presente [ 88.799506] PGD 0 P4D 0 [ 88.799829] Oops: Oops: 0000 [#1] SMP NOPTI [ 88.800569] CPU: 14 UID: 0 PID: 2053 Comm: b371744477 No contaminado 6.12.0-rc1-virtme #1117 [ 88.801107] Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 01/04/2014 [ 88.801779] RIP: 0010:sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq [ 88.802544] C\u00f3digo: 0f b7 50 12 48 8d 04 d5 00 00 00 00 48 89 d6 48 29 d0 48 8b 91 c0 01 00 00 48 c1 e0 03 48 01 c2 66 83 7a 1a 00 7e c0 48 8b 3a <4c> 8b 07 4c 89 02 49 89 50 08 48 c7 47 08 00 00 00 00 48 c7 07 00 Todo el c\u00f3digo ======== 0: 0f b7 50 12 movzwl 0x12(%rax),%edx 4: 48 8d 04 d5 00 00 00 lea 0x0(,%rdx,8),%rax b: 00 c: 48 89 d6 mov %rdx,%rsi f: 48 29 d0 sub %rdx,%rax 12: 48 8b 91 c0 01 00 00 mov 0x1c0(%rcx),%rdx 19: 48 c1 e0 03 shl $0x3,%rax 1d: 48 01 c2 suma %rax,%rdx 20: 66 83 7a 1a 00 cmpw $0x0,0x1a(%rdx) 25: 7e c0 jle 0xffffffffffffffe7 27: 48 8b 3a mov (%rdx),%rdi 2a:* 4c 8b 07 mov (%rdi),%r8 <-- instrucci\u00f3n de captura 2d: 4c 89 02 mov %r8,(%rdx) 30: 49 89 50 08 mov %rdx,0x8(%r8) 34: 48 c7 47 08 00 00 00 movq $0x0,0x8(%rdi) 3b: 00 3c: 48 rex.W 3d: c7 .byte 0xc7 3e: 07 (malo) ... C\u00f3digo que comienza con la instrucci\u00f3n que fallo ============================================= 0: 4c 8b 07 mov (%rdi),%r8 3: 4c 89 02 mov %r8,(%rdx) 6: 49 89 50 08 mov %rdx,0x8(%r8) a: 48 c7 47 08 00 00 00 movq $0x0,0x8(%rdi) 11: 00 12: 48 rex.W 13: c7 .byte 0xc7 14: 07 (malo) ... [ 88.803721] RSP: 0018:ffff9a1f892b7d58 EFLAGS: 00000206 [ 88.804032] RAX: 0000000000000000 RBX: ffff9a1f8420c800 RCX: ffff9a1f8420c800 [ 88.8 04560] RDX: ffff9a1f81bc1440 RSI: 00000000000000000 RDI: 0000000000000000 [ 88.805056] RBP: ffffffffc04bb0e0 R08: 0000000000000001 R09: 00000000ff7f9a1f [ 88.805473] R10: 000000000001001b R11: 0000000000009a1f R12: 0000000000000140 [ 88.806194] R13: 0000000000000001 R14: ffff9a1f886df400 R15: ffff9a1f886df4ac [ 88.806734] FS: 00007f445601a740(0000) GS:ffff9a2e7fd80000(0000) knlGS:0000000000000000 [ 88.807225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.807672] CR2: 0000000000000000 CR3: 000000050cc46000 CR4: 00000000000006f0 [ 88.808165] Seguimiento de llamadas: [ 88.808459] [ 88.808710] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) [ 88.809261] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) [ 88.810074] ? sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq [ 88.810411] sfq_reset (net/sched/sch_sfq.c:525) sch_sfq [ 88.810671] qdisc_reset (./include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 ./include/linux/skbuff.h:3304 ./include/linux/skbuff.h:3310 net/sched/sch_g ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.27", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "F57D1442-15E5-4DEF-B815-CC318D489E35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1edf039ee01788ffc25625fe58a903ae2efa213e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3cb7cf1540ddff5473d6baeb530228d19bc97b8a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3dc6ee96473cc2962c6db4297d4631f261be150f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/76feedc74b90270390fbfdf74a2e944e96872363", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8fb6503592d39065316f45d267c5527b4e7cd995", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/adbc3eef43fc94c7c8436da832691ae02333a972", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50040.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50040.json index 206850e139b..b14504e8a6d 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50040.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50040.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50040", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:17.050", - "lastModified": "2024-10-23T15:12:34.673", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-25T15:49:33.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,169 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igb: No encender el dispositivo despu\u00e9s de un error no fatal el commit 004d25060c78 (\"igb: Reparar igb_down colgado en eliminaci\u00f3n sorpresa\") cambi\u00f3 igb_io_error_detected() para ignorar los errores pcie no fatales con el fin de evitar que la tarea se cuelgue que puede suceder cuando se llama a igb_down() varias veces. Esto caus\u00f3 un problema al procesar errores transitorios no fatales. igb_io_resume(), que se llama despu\u00e9s de igb_io_error_detected(), asume que el dispositivo es derribado por igb_io_error_detected() si la interfaz est\u00e1 activa. Esto result\u00f3 en un p\u00e1nico con el seguimiento de pila a continuaci\u00f3n. [ T3256] igb 0000:09:00.0 haeth0: igb: el enlace NIC haeth0 est\u00e1 inactivo [ T292] pcieport 0000:00:1c.5: AER: Error no corregido (no fatal) recibido: 0000:09:00.0 [ T292] igb 0000:09:00.0: Error de bus PCIe: gravedad=No corregido (no fatal), tipo=Capa de transacci\u00f3n, (ID del solicitante) [ T292] igb 0000:09:00.0: dispositivo [8086:1537] estado/m\u00e1scara de error=00004000/00000000 [ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: Encabezado TLP: 00000000 00000000 00000000 00000000 [ T292] pcieport 0000:00:1c.5: AER: mensaje de transmisi\u00f3n error_detected [ T292] igb 0000:09:00.0: Se inform\u00f3 un error no fatal y no corregible. [ T292] pcieport 0000:00:1c.5: AER: mensaje de transmisi\u00f3n mmio_enabled [ T292] pcieport 0000:00:1c.5: AER: mensaje de transmisi\u00f3n de reanudaci\u00f3n [ T292] ------------[ cortar aqu\u00ed ]------------ [ T292] \u00a1ERROR del kernel en net/core/dev.c:6539! [ T292] c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP [ T292] RIP: 0010:napi_enable+0x37/0x40 [ T292] Seguimiento de llamadas: [ T292] [ T292] ? die+0x33/0x90 [ T292] ? do_trap+0xdc/0x110 [ T292] ? napi_enable+0x37/0x40 [ T292] ? napi_enable+0x37/0x40 [ T292] ? napi_enable+0x37/0x40 [ T292] ? exc_invalid_op+0x4e/0x70 [ T292] ? napi_enable+0x37/0x40 [ T292] ? asm_exc_invalid_op+0x16/0x20 [ T292] ? napi_enable+0x37/0x40 [ T292] ? igb_up+0x41/0x150 [ T292] igb_io_resume+0x25/0x70 [ T292] report_resume+0x54/0x70 [ T292] ? informe_congelado_detectado+0x20/0x20 [ T292] pci_walk_bus+0x6c/0x90 [ T292] ? aer_print_port_info+0xa0/0xa0 [ T292] pcie_do_recovery+0x22f/0x380 [ T292] aer_process_err_devices+0x110/0x160 [ T292] aer_isr+0x1c1/0x1e0 [ T292] ? deshabilitar_irq_nosync+0x10/0x10 [ T292] irq_thread_fn+0x1a/0x60 [ T292] irq_thread+0xe3/0x1a0 [ T292] ? Para solucionar este problema, igb_io_resume() verifica si la interfaz est\u00e1 ejecut\u00e1ndose y si el dispositivo no est\u00e1 inactivo, esto significa que igb_io_error_detected() no inactiv\u00f3 el dispositivo y no es necesario activarlo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.322", + "versionEndExcluding": "4.15", + "matchCriteriaId": "A396AAC4-8EF4-431E-A38C-9FC50FD1D13E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.291", + "versionEndExcluding": "4.20", + "matchCriteriaId": "562E7628-8B2C-4374-AD43-F402A8609611" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.251", + "versionEndExcluding": "5.5", + "matchCriteriaId": "44DA80F9-E53B-4731-AC41-BD9BAFB7661D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.188", + "versionEndExcluding": "5.10.227", + "matchCriteriaId": "670179FE-A86F-4BA2-A637-52F9DB94C84C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.150", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "2E4E31DD-8C47-4256-8F26-3D090D6031AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.42", + "versionEndExcluding": "6.1.113", + "matchCriteriaId": "CF06D507-5D67-4E3D-8279-FFAFC0F6C6FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.7", + "versionEndExcluding": "6.5", + "matchCriteriaId": "78D465F1-2AAE-44B0-94DE-389ED298943D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.5", + "versionEndExcluding": "6.6.57", + "matchCriteriaId": "C1CF6300-B342-45C7-AC3B-2B6182FF2BC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.4", + "matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0a94079e3841d00ea5abb05e3233d019a86745f6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/330a699ecbfc9c26ec92c6310686da1230b4e7eb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/500be93c5d53b7e2c5314292012185f0207bad0c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/57c5053eaa5f9a8a99e34732e37a86615318e464", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6a39c8f5c8aae74c5ab2ba466791f59ffaab0178", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d79af3af2f49c6aae9add3d492c04d60c1b85ce4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index d4cd17e90f7..e892b385dec 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-25T14:00:49.744998+00:00 +2024-10-25T16:00:31.271744+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-25T13:57:51.800000+00:00 +2024-10-25T15:58:02.297000+00:00 ``` ### Last Data Feed Release @@ -33,52 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -267070 +267075 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `5` -- [CVE-2024-10374](CVE-2024/CVE-2024-103xx/CVE-2024-10374.json) (`2024-10-25T12:15:02.410`) -- [CVE-2024-10378](CVE-2024/CVE-2024-103xx/CVE-2024-10378.json) (`2024-10-25T12:15:02.650`) -- [CVE-2024-10379](CVE-2024/CVE-2024-103xx/CVE-2024-10379.json) (`2024-10-25T12:15:02.890`) -- [CVE-2024-10380](CVE-2024/CVE-2024-103xx/CVE-2024-10380.json) (`2024-10-25T13:15:17.547`) -- [CVE-2024-10381](CVE-2024/CVE-2024-103xx/CVE-2024-10381.json) (`2024-10-25T13:15:17.810`) -- [CVE-2024-49376](CVE-2024/CVE-2024-493xx/CVE-2024-49376.json) (`2024-10-25T13:15:17.957`) -- [CVE-2024-49378](CVE-2024/CVE-2024-493xx/CVE-2024-49378.json) (`2024-10-25T13:15:18.090`) -- [CVE-2024-9991](CVE-2024/CVE-2024-99xx/CVE-2024-9991.json) (`2024-10-25T13:15:18.250`) +- [CVE-2024-48428](CVE-2024/CVE-2024-484xx/CVE-2024-48428.json) (`2024-10-25T15:15:18.827`) +- [CVE-2024-49380](CVE-2024/CVE-2024-493xx/CVE-2024-49380.json) (`2024-10-25T14:15:12.040`) +- [CVE-2024-49381](CVE-2024/CVE-2024-493xx/CVE-2024-49381.json) (`2024-10-25T14:15:12.160`) +- [CVE-2024-49753](CVE-2024/CVE-2024-497xx/CVE-2024-49753.json) (`2024-10-25T14:15:12.280`) +- [CVE-2024-49757](CVE-2024/CVE-2024-497xx/CVE-2024-49757.json) (`2024-10-25T15:15:18.957`) ### CVEs modified in the last Commit -Recently modified CVEs: `278` +Recently modified CVEs: `86` -- [CVE-2024-6826](CVE-2024/CVE-2024-68xx/CVE-2024-6826.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-7763](CVE-2024/CVE-2024-77xx/CVE-2024-7763.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-8312](CVE-2024/CVE-2024-83xx/CVE-2024-8312.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-8666](CVE-2024/CVE-2024-86xx/CVE-2024-8666.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-8667](CVE-2024/CVE-2024-86xx/CVE-2024-8667.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-8717](CVE-2024/CVE-2024-87xx/CVE-2024-8717.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-8959](CVE-2024/CVE-2024-89xx/CVE-2024-8959.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9109](CVE-2024/CVE-2024-91xx/CVE-2024-9109.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9214](CVE-2024/CVE-2024-92xx/CVE-2024-9214.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9235](CVE-2024/CVE-2024-92xx/CVE-2024-9235.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9302](CVE-2024/CVE-2024-93xx/CVE-2024-9302.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9374](CVE-2024/CVE-2024-93xx/CVE-2024-9374.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9488](CVE-2024/CVE-2024-94xx/CVE-2024-9488.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9531](CVE-2024/CVE-2024-95xx/CVE-2024-9531.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9598](CVE-2024/CVE-2024-95xx/CVE-2024-9598.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9607](CVE-2024/CVE-2024-96xx/CVE-2024-9607.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9628](CVE-2024/CVE-2024-96xx/CVE-2024-9628.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9630](CVE-2024/CVE-2024-96xx/CVE-2024-9630.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9650](CVE-2024/CVE-2024-96xx/CVE-2024-9650.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9686](CVE-2024/CVE-2024-96xx/CVE-2024-9686.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9692](CVE-2024/CVE-2024-96xx/CVE-2024-9692.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9864](CVE-2024/CVE-2024-98xx/CVE-2024-9864.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9865](CVE-2024/CVE-2024-98xx/CVE-2024-9865.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9943](CVE-2024/CVE-2024-99xx/CVE-2024-9943.json) (`2024-10-25T12:56:07.750`) -- [CVE-2024-9949](CVE-2024/CVE-2024-99xx/CVE-2024-9949.json) (`2024-10-25T12:56:07.750`) +- [CVE-2024-49942](CVE-2024/CVE-2024-499xx/CVE-2024-49942.json) (`2024-10-25T14:56:59.397`) +- [CVE-2024-49981](CVE-2024/CVE-2024-499xx/CVE-2024-49981.json) (`2024-10-25T14:56:40.073`) +- [CVE-2024-49982](CVE-2024/CVE-2024-499xx/CVE-2024-49982.json) (`2024-10-25T15:08:03.790`) +- [CVE-2024-49992](CVE-2024/CVE-2024-499xx/CVE-2024-49992.json) (`2024-10-25T14:52:00.273`) +- [CVE-2024-49993](CVE-2024/CVE-2024-499xx/CVE-2024-49993.json) (`2024-10-25T14:52:19.167`) +- [CVE-2024-49994](CVE-2024/CVE-2024-499xx/CVE-2024-49994.json) (`2024-10-25T14:52:32.877`) +- [CVE-2024-50019](CVE-2024/CVE-2024-500xx/CVE-2024-50019.json) (`2024-10-25T14:45:56.190`) +- [CVE-2024-50020](CVE-2024/CVE-2024-500xx/CVE-2024-50020.json) (`2024-10-25T14:50:42.230`) +- [CVE-2024-50021](CVE-2024/CVE-2024-500xx/CVE-2024-50021.json) (`2024-10-25T14:52:13.890`) +- [CVE-2024-50022](CVE-2024/CVE-2024-500xx/CVE-2024-50022.json) (`2024-10-25T15:05:57.403`) +- [CVE-2024-50023](CVE-2024/CVE-2024-500xx/CVE-2024-50023.json) (`2024-10-25T15:07:10.487`) +- [CVE-2024-50024](CVE-2024/CVE-2024-500xx/CVE-2024-50024.json) (`2024-10-25T15:08:58.293`) +- [CVE-2024-50025](CVE-2024/CVE-2024-500xx/CVE-2024-50025.json) (`2024-10-25T15:12:00.453`) +- [CVE-2024-50026](CVE-2024/CVE-2024-500xx/CVE-2024-50026.json) (`2024-10-25T15:13:04.783`) +- [CVE-2024-50027](CVE-2024/CVE-2024-500xx/CVE-2024-50027.json) (`2024-10-25T15:19:07.347`) +- [CVE-2024-50028](CVE-2024/CVE-2024-500xx/CVE-2024-50028.json) (`2024-10-25T15:21:23.237`) +- [CVE-2024-50029](CVE-2024/CVE-2024-500xx/CVE-2024-50029.json) (`2024-10-25T15:27:06.047`) +- [CVE-2024-50030](CVE-2024/CVE-2024-500xx/CVE-2024-50030.json) (`2024-10-25T14:06:40.707`) +- [CVE-2024-50031](CVE-2024/CVE-2024-500xx/CVE-2024-50031.json) (`2024-10-25T15:30:15.727`) +- [CVE-2024-50032](CVE-2024/CVE-2024-500xx/CVE-2024-50032.json) (`2024-10-25T15:34:22.353`) +- [CVE-2024-50036](CVE-2024/CVE-2024-500xx/CVE-2024-50036.json) (`2024-10-25T15:41:31.273`) +- [CVE-2024-50037](CVE-2024/CVE-2024-500xx/CVE-2024-50037.json) (`2024-10-25T15:43:07.520`) +- [CVE-2024-50038](CVE-2024/CVE-2024-500xx/CVE-2024-50038.json) (`2024-10-25T15:45:51.340`) +- [CVE-2024-50039](CVE-2024/CVE-2024-500xx/CVE-2024-50039.json) (`2024-10-25T15:47:04.950`) +- [CVE-2024-50040](CVE-2024/CVE-2024-500xx/CVE-2024-50040.json) (`2024-10-25T15:49:33.317`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a3a74fd748d..2da29be9066 100644 --- a/_state.csv +++ b/_state.csv @@ -212583,11 +212583,11 @@ CVE-2022-48967,0,0,9a4dff8791ae44e4087bbdddb5fbc68f8736e971375d2e967fe26661594f6 CVE-2022-48968,0,0,017a1d2b13f226f7bddbc210b2bd3cf757d1f0d39cf99f216cca9b576a19e95d,2024-10-23T15:13:25.583000 CVE-2022-48969,0,0,9d5e3023502dbcf73cf247c9ccac819ef4bcc5ebe125f185e7eeef2c89ccaf31,2024-10-23T15:13:25.583000 CVE-2022-4897,0,0,0a243664793293bb535173693d8b2bb850e8caf27eb71e5f98003bf4c293392a,2023-11-07T03:59:15.853000 -CVE-2022-48970,0,0,45c85a1af32aaabc82a280a88744dc74a183e44f43b2cbbbe39c736815048512,2024-10-23T15:13:25.583000 -CVE-2022-48971,0,0,bd54fbb0c1a1f8256ecbe84a7983dc4c347ecac0b3edefb38623b0e7f19e9ecc,2024-10-23T15:13:25.583000 -CVE-2022-48972,0,0,da53d09fee0b743c4e84c6fc45c7699f24d076dbb3308f2587610f748901c7b9,2024-10-23T15:13:25.583000 -CVE-2022-48973,0,0,6116dced52fd879b051aa3b01cef0aaa1a44c0b61123ce31efefbe7ba874b90b,2024-10-23T15:13:25.583000 -CVE-2022-48974,0,0,01ad91b6f0b9cd76af6e1848676d091c9ae53df34bdf7dcf3c4c3aa2369d9ac0,2024-10-23T15:13:25.583000 +CVE-2022-48970,0,1,40b192859836fb9e4b4ff740c2d192f1bd91b2f3915520635abf192612070d19,2024-10-25T15:24:22.060000 +CVE-2022-48971,0,1,998975336af1feca0df2eeedd516faed136509784fd2222bb672c33e3083f72f,2024-10-25T15:23:38.807000 +CVE-2022-48972,0,1,1b38bc5eab69345ffacf3735f7c4d7a21942b008815acccb4048e2196ca88ff8,2024-10-25T15:22:33.897000 +CVE-2022-48973,0,1,976ef450614292c62923177c314a4b2aa5b18418ae239de605da93f276c749ea,2024-10-25T15:35:54.687000 +CVE-2022-48974,0,1,665d9c03b3d3f1f2b3e7ecc5cabdfc4e26418e7914055dc95137c3a3c52dd1bf,2024-10-25T15:25:54.433000 CVE-2022-48975,0,0,5aa03611cf6147e6cbe4a65152583e0072aea2d5e51c8399c173faf09094d685,2024-10-23T15:13:25.583000 CVE-2022-48976,0,0,a64de68b36096327ba87788e46c4482923e9b464dece26a8aba3dd90cbbbdf36,2024-10-23T15:13:25.583000 CVE-2022-48977,0,0,22a1f9cacabe8dede59f80dc5c8e91dcb66c9e473ead5c6f5b52cff09106031d,2024-10-23T15:13:25.583000 @@ -212597,8 +212597,8 @@ CVE-2022-4898,0,0,45b8fe73140eae686f75256e6a033fa7f76a1c506314cc4b83a596aba96b02 CVE-2022-48980,0,0,8d526640cbdfc2eac896bd10a04a158881a6eaf9b8c038323a974e23d54cd968,2024-10-23T15:13:25.583000 CVE-2022-48981,0,0,964b5764196aa475d717a98d105807ba1ba56de8f543da7fb2f4d00ef08bab19,2024-10-23T15:13:25.583000 CVE-2022-48982,0,0,2b231419453512dd11ff8c1000c255778689437792243f66ab1524a71b12fbdf,2024-10-23T15:13:25.583000 -CVE-2022-48983,0,0,89c99eb008e4543f59ffb9b8f97206fd39b58250924e143ecfa056eefd701519,2024-10-23T15:13:25.583000 -CVE-2022-48984,0,0,c9c64f59c6e0ae126ed5ccdad9f415b181e68b350fc343ea20dafa489e069d0e,2024-10-23T15:13:25.583000 +CVE-2022-48983,0,1,dfa67a553ef1fa3c57f719e3548ad9b975bf5a0f74df240dd01055c881443dcd,2024-10-25T15:58:02.297000 +CVE-2022-48984,0,1,e51fd7e8de77f3a8cf163611cb2f09fc6b7014335c2a9168caf96cf9450b0b0f,2024-10-25T15:53:53.890000 CVE-2022-48985,0,0,6cf11753a689d662f9255b9369c8210e89bb6def1b70b9ecf2bda7c020ae1116,2024-10-23T15:13:25.583000 CVE-2022-48986,0,0,6c9de2cdc1f05896064512205d6a856f3488acd470650f11d2c15464c4a320e4,2024-10-23T15:13:25.583000 CVE-2022-48987,0,0,7e41a00ba39093b717c7e7821e300a97872c374b14c3fe63fb5c52c9819075bf,2024-10-23T15:13:25.583000 @@ -212607,10 +212607,10 @@ CVE-2022-48989,0,0,ec3acefd81e80f8987880bd73f4eb6f75823cd54c45158afed0c4749ffd0f CVE-2022-4899,0,0,64070b82b08d57aace9b84f3711bc30a23fda3b7a68f2b187d0af07aa5382f53,2023-11-07T03:59:16.090000 CVE-2022-48990,0,0,76b3abca04cda73be5b91a655a68e9ea48b8941272ce2e5ded70924fe2f52256,2024-10-23T15:13:25.583000 CVE-2022-48991,0,0,6a7cb21a3ac184136cd0ab4a861f7301f05b1785725a9d2367d58cd519d1b08f,2024-10-23T15:13:25.583000 -CVE-2022-48992,0,0,d92c8ca8a95948e1be7457194a40c222a8e8302589496e8a10d5354e69202cbf,2024-10-23T15:13:25.583000 +CVE-2022-48992,0,1,8f56e9ce177d276837e828e603f41b46405afcc8129dce28e104445db61b74c5,2024-10-25T15:51:38.037000 CVE-2022-48993,0,0,ef216d3e2a04a71a8d804734065ba340ce4d331bb10df8d692bb266c02e77712,2024-10-23T09:15:02.593000 CVE-2022-48994,0,0,b4a7042332d16d435ad130f7c8d429b85afe54d674c86946aa6b2b6c75399002,2024-10-23T15:13:25.583000 -CVE-2022-48995,0,0,e54f5dd18ba65c44008367d91a18d6310df7d1e2fbae548bd76ee6f2ab064a75,2024-10-23T15:13:25.583000 +CVE-2022-48995,0,1,6d50aef3372db06b6d495aa3016571870681b9327c2409bc5336d097bc2fa483,2024-10-25T15:52:51.117000 CVE-2022-48996,0,0,0f669c5d177a55ab1de24ef7aebf7206e81a91803f760e8aa9a6146660e8c4e1,2024-10-23T15:13:25.583000 CVE-2022-48997,0,0,b7b9d54e465f5a467cd4544e1b3ea1f9aa1fa07b25224a4e924ef74e6000999e,2024-10-23T15:13:25.583000 CVE-2022-48998,0,0,b57fd57be2b9c4c0639652b977cb6f002cc2a4810b1a8b3ec1079b25ac9d83fc,2024-10-23T15:13:25.583000 @@ -212618,13 +212618,13 @@ CVE-2022-48999,0,0,ec5be2b03e3b5b7d38590253ae9fa2814424968d957fec2c8bd6f94554050 CVE-2022-4900,0,0,190b62a537516e288099ba80e5f84457dcb946e631ca8348b4310cc8613075c4,2023-11-30T22:15:07.600000 CVE-2022-49000,0,0,66fc4f4f03879d9d446108a6269b018e290959a61a92a2a2ba3fb133109a0b85,2024-10-23T15:13:25.583000 CVE-2022-49001,0,0,a7ebb50038c6320990b6a4272aa8a293aee28015fce836d5217b5b7746259999,2024-10-23T15:13:25.583000 -CVE-2022-49002,0,0,22bdfc71018f2426b9a8955e420dc9e9d9e78e107e21c022489ca86ca6e9e407,2024-10-23T15:13:25.583000 -CVE-2022-49003,0,0,3c41ee1b6f67935f3dbaee5c17ff067b795e8a1dade147c4e4670edf7dacf33a,2024-10-23T15:13:25.583000 -CVE-2022-49004,0,0,ef8f6c91fd2e0c960e79d053b02a1200e69708a26daae4e65a75c0ee555da105,2024-10-23T15:13:25.583000 -CVE-2022-49005,0,0,996bcc00649f5f4d6806dab3ae223e12d9b68c5372e06c85334c63daf1a1a662,2024-10-23T15:13:25.583000 -CVE-2022-49006,0,0,11e74bb0eed70588405216f8164bddc6145e3f7d92995a8a649678fb341b062c,2024-10-23T15:13:25.583000 -CVE-2022-49007,0,0,d8181ccdf2d774c95472fe77412f5c5f6b4c10d6c0a508bc04c802e0d59cc425,2024-10-23T15:13:25.583000 -CVE-2022-49008,0,0,858dc4a8a05732b95c403be0591a3fe4ca899c97593a1ac4eca126dfe89df3b4,2024-10-23T15:13:25.583000 +CVE-2022-49002,0,1,fad7889d4553e8099b0d53ab53b5daa8b36d6d338a8c65200d67fb3b44de9d3c,2024-10-25T14:24:12.620000 +CVE-2022-49003,0,1,f8f764dbf52fdce662c912f1975da1ca6c961f4536dbe6925188461916d8623f,2024-10-25T14:12:59.897000 +CVE-2022-49004,0,1,9c8dbf0cc81a830f0d0ecd035cf3bc42a715d008e6d3d287c61a14372514dd29,2024-10-25T14:21:21.593000 +CVE-2022-49005,0,1,de8257fea0e0e9e525e4fda95dd143199b5ba5111c51aba2e22c48891a98b6a6,2024-10-25T14:17:56.817000 +CVE-2022-49006,0,1,613ea51d8cb2b6449aca8bc74a817a49e50a168402a8a56f46fafcf943691389,2024-10-25T14:30:07.190000 +CVE-2022-49007,0,1,33e96300d82fbe5750da700bd783cbe78b7a9540ce3d6802469853aa17e2a91c,2024-10-25T14:35:25.910000 +CVE-2022-49008,0,1,db310da9fd926d3f79b0455eea90fafecd815ab721fa430fd567ca460419cada,2024-10-25T14:38:30.063000 CVE-2022-49009,0,0,bd4572466d1414f52fbe7936b1a0c728ae05c93f9a35a8642cb3c09affa0841c,2024-10-24T18:59:25.877000 CVE-2022-4901,0,0,b216b364f33ab0ef7a0c7606c08559e2c099c064cab5e2ac5756fa24252b7a04,2023-03-09T01:06:23.703000 CVE-2022-49010,0,0,d80576c7b56f00013ea7b7dc864a80d590c14a16de91c0b1fdc858f0c8ef5805,2024-10-24T19:03:50.847000 @@ -224837,7 +224837,7 @@ CVE-2023-32642,0,0,d91c5380d189025aa5163a86d9509094b24974a0fd122edf9aac4db4f7db0 CVE-2023-32643,0,0,d9aaa87dfc0b26a97d073d7950e12f1b9ce4ce7f2b4c69d5a00ae687ddb0388f,2024-04-26T09:15:07.127000 CVE-2023-32644,0,0,a354953f4dc4989b7b46cb55cf08179c3a1e29618db34fa29ce42ae9c36e21d4,2024-02-14T15:01:51.137000 CVE-2023-32645,0,0,857d6cc902eefc1d9512ca3bece7549ec7eef38c002db86a230c5d650c8de20d,2023-10-12T22:27:09.257000 -CVE-2023-32646,0,1,a0e89ebe4d85458421245d42892ba840a989aa0a3ab5ac0c5b07fd3fb2b868da,2024-10-25T13:54:38.737000 +CVE-2023-32646,0,0,a0e89ebe4d85458421245d42892ba840a989aa0a3ab5ac0c5b07fd3fb2b868da,2024-10-25T13:54:38.737000 CVE-2023-32647,0,0,4e49ef2dce5500c3745634f186eda67b3ba6efb3ab14954d1408922ffebd0d1b,2024-02-14T15:01:51.137000 CVE-2023-32649,0,0,22b9514becd10eb679dd28ac11c5883dd073215affaee5996a16965af56cdacc,2024-09-20T11:15:13.117000 CVE-2023-3265,0,0,471c4818cf3d140a8514e2ffc1948be656fcb1771a62c82080073ff1643bcfa6,2023-08-22T16:20:24.977000 @@ -225762,7 +225762,7 @@ CVE-2023-33867,0,0,1a8e7d0e8c56a682c6abf40ee75c08a1e7ef62b3e9a7eb9d5fd5410c3e4be CVE-2023-33868,0,0,0e28e9338f541f5660ce00fb3167b23c7859e3be244ab594265b13cb552314a4,2023-07-14T13:28:07.760000 CVE-2023-33869,0,0,bdf5a9ed383832ff1e817b4a24fcbc1a321bda77e6a5610c4af65eb3eb59b5e6,2023-06-28T12:51:10.270000 CVE-2023-3387,0,0,9fc2571392c952c405ddfb5a891267720d0ec86c9bed736b2b6230b75da072a0,2023-11-07T04:18:39.447000 -CVE-2023-33870,0,1,bf7292048c7b2b7673696e73221817c36059b2c74bb356355ed3b35673b5f331,2024-10-25T13:51:32.943000 +CVE-2023-33870,0,0,bf7292048c7b2b7673696e73221817c36059b2c74bb356355ed3b35673b5f331,2024-10-25T13:51:32.943000 CVE-2023-33871,0,0,96c8ccbff62f4d12f55c1a905b7d0a1b516165541956dc1cc67fcf6b6e21d20d,2023-11-07T04:15:26.133000 CVE-2023-33872,0,0,92cd4375c88626a6b81d41637ee6ce9adc07c40c298d7663144d91807417598f,2023-11-21T19:57:06.720000 CVE-2023-33873,0,0,d1ccb40050da5992e5ffdd027a839611bfa1cd04d6a7680944ff558dbe7f266c,2023-12-08T17:27:53.197000 @@ -237752,7 +237752,7 @@ CVE-2023-50349,0,0,04dfffcfcf4dfab27ce1ed21e44739e7fb4333c936c205d032d1c437e44a0 CVE-2023-5035,0,0,d3b1e13474896261f496e3c1ea44375668225ccd4ad1d69a2c4e96fce647a697,2023-11-09T19:54:28.697000 CVE-2023-50350,0,0,30808ae55f858010cc57fe0042a1ad50eb4dccfe3bc3f8085acb55885767be7b,2024-01-09T19:44:18.793000 CVE-2023-50351,0,0,8b5e0ddbf8f02b84d512f227e1927e5797e4a7a06ad179af091819fe71ae8fa1,2024-01-09T19:41:58.467000 -CVE-2023-50355,0,1,706f88184489596c14a5c63753c0225e52a1df633c6814923bfb857c4618806e,2024-10-25T12:56:07.750000 +CVE-2023-50355,0,0,706f88184489596c14a5c63753c0225e52a1df633c6814923bfb857c4618806e,2024-10-25T12:56:07.750000 CVE-2023-50356,0,0,afc5a7e88cb3a2a29820a92eb33919ca114eed7ff54c11165c52a68496c27451,2024-02-15T11:15:09.127000 CVE-2023-50357,0,0,c49fba6a6b8ae43153115bdc180d0a50fda6badb9bd287f826717a708c649d3b,2024-02-15T11:15:09.717000 CVE-2023-50358,0,0,affeae249fec946895d3bef4063e720c758024b3343a9b8cb10accf20047afe3,2024-02-15T06:15:45.960000 @@ -242323,9 +242323,9 @@ CVE-2024-10002,0,0,5edc9992c96bddffc59b658ba4018e947312c70ae5ecd37f00776e6aca84f CVE-2024-10003,0,0,7ac769c9b6f213d999f9907a6b5f6a438cde86170274ef0088cef2f9496da509,2024-10-23T15:12:34.673000 CVE-2024-10004,0,0,2b01ad1fe33b0387cc6ecf8ca605118100ba1eac830a494972582a4b13530ed3,2024-10-16T20:35:08.850000 CVE-2024-1001,0,0,481a263280d7671352a0e81cdb22876e1831937aba78d275dcb085f339a7c9b0,2024-05-17T02:35:08.903000 -CVE-2024-10011,0,1,b82cad7a266ac941493a6589c7af0eff273fe2e36d28fba66b1420614eed8185,2024-10-25T12:56:07.750000 +CVE-2024-10011,0,0,b82cad7a266ac941493a6589c7af0eff273fe2e36d28fba66b1420614eed8185,2024-10-25T12:56:07.750000 CVE-2024-10014,0,0,1395463dc1e29fd6db71d83f72260a8cd3462c205364f301260cc7f7b129af31,2024-10-18T12:52:33.507000 -CVE-2024-10016,0,1,21d0091eaff7fe7567d1651c36c431401391330eaae7a5e6c3e21a28cc10ea9f,2024-10-25T12:56:07.750000 +CVE-2024-10016,0,0,21d0091eaff7fe7567d1651c36c431401391330eaae7a5e6c3e21a28cc10ea9f,2024-10-25T12:56:07.750000 CVE-2024-10018,0,0,2aa14605c63d984e9b2fdfd4b3872cd3e6ce36a0ab239799435cd07454bf385f,2024-10-16T18:35:03.460000 CVE-2024-1002,0,0,da9ff0a1d838ebe2cbec1ae9defbaf7310d6b3493363163f0389be14aee69800,2024-05-17T02:35:09.013000 CVE-2024-10021,0,0,6df5b82bec28e371ca7d7ba7f52fc071f45722354fdfe7b2e6f4842f1f48ebe4,2024-10-21T13:13:25.677000 @@ -242341,7 +242341,7 @@ CVE-2024-10041,0,0,d3a5fc70054a78d48c6ae937cda2967a3e628fbc08e88f2a331a6962f073b CVE-2024-10045,0,0,df53331c9b7607363b5960cd2fb00b418f72be4924f4b02eb17d04eadab916e2,2024-10-23T15:12:34.673000 CVE-2024-10049,0,0,53720c9da49b26dcdd62ca517621f91bdc81303aa9036eed1b0a1b7834addde0,2024-10-18T12:52:33.507000 CVE-2024-1005,0,0,1191b4a20d5b719ff3ba58b8e13bb4278d19f2133e7221e782230a58acb2d18f,2024-05-17T02:35:09.367000 -CVE-2024-10050,0,1,d8b5aaf0fed099523fa2ba7c0c86d11fc479440388170ed27b77f7313b983d74,2024-10-25T12:56:07.750000 +CVE-2024-10050,0,0,d8b5aaf0fed099523fa2ba7c0c86d11fc479440388170ed27b77f7313b983d74,2024-10-25T12:56:07.750000 CVE-2024-10055,0,0,f23c4e0430e3651b3e5a88876f1cbabbd51c53a5add393f17e3c2bc07307aa14,2024-10-22T16:28:59.297000 CVE-2024-10057,0,0,d8a525e53057703eafafe41b97e25f6595177cb8b862a21217c338a0239a3d3c,2024-10-21T20:53:22.813000 CVE-2024-1006,0,0,fe82f3d0065ffa9f2a59eb5b63e144d9442dc24b73dc23626043d548cf903e88,2024-05-17T02:35:09.467000 @@ -242363,7 +242363,7 @@ CVE-2024-1010,0,0,b9c2292e551f86bb732084025c958f6307d4b05614efbc31206ace678efe61 CVE-2024-10100,0,0,551af785b2583dfc00dd65a689907bc427d5051278643ae24a3a0c57fb4f9ff3,2024-10-18T12:52:33.507000 CVE-2024-10101,0,0,1d42831444f093da17057d1135157fc2c61373ed2c6e3aa4b33071a4d1f4b2d6,2024-10-18T12:52:33.507000 CVE-2024-1011,0,0,a83b664837c33e7f0f4cec42868f7bdd93765cacc9e6b97b43804e8b07af65f2,2024-05-17T02:35:09.987000 -CVE-2024-10112,0,1,3a01d2baa33f19e143abe5aabe181ccab32faac99effca8d7325142fe7220a64,2024-10-25T12:56:07.750000 +CVE-2024-10112,0,0,3a01d2baa33f19e143abe5aabe181ccab32faac99effca8d7325142fe7220a64,2024-10-25T12:56:07.750000 CVE-2024-10115,0,0,2f48f8fc2fb64e7eea0f8a197e6ea039f4addb791184326175f5bf3196ca43c6,2024-10-18T19:15:13.600000 CVE-2024-10118,0,0,20c350d413130c355373caed8d6cb5911ff957b85489cebdf58c361a0299d81f,2024-10-18T12:52:33.507000 CVE-2024-10119,0,0,3a739123963202923959a689b720abc71b056e98e226f3cc9103b43eebd575a4,2024-10-18T12:52:33.507000 @@ -242389,9 +242389,9 @@ CVE-2024-1014,0,0,8e546db835ee0e62e0f6ed5b95e90d5586231fc78746cbbfef7db3d61b3c5f CVE-2024-10140,0,0,ec9d51c2fc14eea2e4cdb7aa8f8bd180db2ec005ceca8608d4d081404a2e210c,2024-10-22T14:19:08.420000 CVE-2024-10141,0,0,1a2024f75553982bce647b93dbf2bff672eefec5950fa457467c64b98f6e45c7,2024-10-23T20:27:09.370000 CVE-2024-10142,0,0,f8d897c68f0699e753bf4964aa75eec3baa1d06414695c8d5256c262c45a3b84,2024-10-22T18:11:20.450000 -CVE-2024-10148,0,1,0c93f34118f3d317cba0296546753a49674da982e537b744ad583ddb64a0718a,2024-10-25T12:56:07.750000 +CVE-2024-10148,0,0,0c93f34118f3d317cba0296546753a49674da982e537b744ad583ddb64a0718a,2024-10-25T12:56:07.750000 CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000 -CVE-2024-10150,0,1,5f14e23442b695ffc6305ea36bb7f1d29cf94348c2998d477d28fdabe8635760,2024-10-25T12:56:07.750000 +CVE-2024-10150,0,0,5f14e23442b695ffc6305ea36bb7f1d29cf94348c2998d477d28fdabe8635760,2024-10-25T12:56:07.750000 CVE-2024-10153,0,0,d622b7ea723b18e6ddfc603f2d4acbb1cff3ff02ebe01257835c2e3461165bac,2024-10-22T14:45:04.670000 CVE-2024-10154,0,0,616a267b44cd60e0ee1735747cba3df9611277c523e780e0ba795002232a909b,2024-10-22T14:44:47.807000 CVE-2024-10155,0,0,d9565565ebd915b9f68cad2dcd8279d89c17488c917f6907534ebb29d04e2fbe,2024-10-22T14:43:42.607000 @@ -242412,9 +242412,9 @@ CVE-2024-1017,0,0,50b68641acb97d381e6a65107328f0dab0fccf027bea27ef0f379cc0581197 CVE-2024-10170,0,0,43858dc94e553ea996e2f62171c2a07580bf4384f9d10283ecd355d244289e84,2024-10-21T21:33:49.663000 CVE-2024-10171,0,0,6def7c486839e6a93365a9531b31890798e7138f9c8ee651ff23d937de5aea60,2024-10-21T21:33:26.937000 CVE-2024-10173,0,0,a9b223ad26342bae0ecb573e6f6a805ec316d304fdef819b8c7ff56b9edef74b,2024-10-22T17:05:13.483000 -CVE-2024-10176,0,1,142987a8f419783b163ba6354525e6bb8e3054620537017112986773c0d037e4,2024-10-25T12:56:07.750000 +CVE-2024-10176,0,0,142987a8f419783b163ba6354525e6bb8e3054620537017112986773c0d037e4,2024-10-25T12:56:07.750000 CVE-2024-1018,0,0,6a41753bbb9bddfdeb27e8da1aa301f604399583ccfe73ec2b7c0e024f66f45f,2024-05-17T02:35:10.733000 -CVE-2024-10180,0,1,eeda8a52eb376af37ac54d80ec17aa95c78c556dda331af160350bff0915b632,2024-10-25T12:56:07.750000 +CVE-2024-10180,0,0,eeda8a52eb376af37ac54d80ec17aa95c78c556dda331af160350bff0915b632,2024-10-25T12:56:07.750000 CVE-2024-10183,0,0,120f83031d6b056b9464662cc23a397a8370d5b6b85b4ebf16896e12042e7ae6,2024-10-23T15:12:34.673000 CVE-2024-10189,0,0,c7e7e9c9433451acc4ead77e2398a65c092c06680c0a336db7286291fd8ac494,2024-10-23T15:12:34.673000 CVE-2024-1019,0,0,9d34fb91efb6a448073ac765944da7eab7ec7fd07c6fef378639c859599f6841,2024-02-20T02:15:49.973000 @@ -242449,63 +242449,63 @@ CVE-2024-10279,0,0,e64edd41252858e04d752ad843858b5ee1ffab4901d78e52b3de9d4b7b86a CVE-2024-1028,0,0,e7c94049b8605ccb1520e715a47348e2114f12f58dfbf02bb50626d7afd3f607,2024-05-17T02:35:11.530000 CVE-2024-10280,0,0,5929b917545d8ac9a5712190601c52463c1c49843096ab22a3ee3e511638c603,2024-10-23T15:12:34.673000 CVE-2024-10281,0,0,9a36c44d0eeb7437ca773f59beacf73fd89778a77f7f1816f560992a33fce085,2024-10-23T15:12:34.673000 -CVE-2024-10282,0,1,9d45e63ca0ccee17574ce4d245c4d458e1a7e498e08f4ce8e9bd34d321578afc,2024-10-25T12:56:36.827000 -CVE-2024-10283,0,1,e5b6dda0bf47aeac47f850a3001618b40f11489e8626473f41c8434a4a71ab53,2024-10-25T12:56:36.827000 +CVE-2024-10282,0,0,9d45e63ca0ccee17574ce4d245c4d458e1a7e498e08f4ce8e9bd34d321578afc,2024-10-25T12:56:36.827000 +CVE-2024-10283,0,0,e5b6dda0bf47aeac47f850a3001618b40f11489e8626473f41c8434a4a71ab53,2024-10-25T12:56:36.827000 CVE-2024-10286,0,0,00d08dc008bd1989e54b5705c1beff1950aa6f43f0a4065f0f61313516d3cdf8,2024-10-24T04:08:14.833000 CVE-2024-10287,0,0,f35de541a09293478313fb52f4e207e82b325b3fc6432429ed8850f6465c2bda,2024-10-24T04:07:33.057000 CVE-2024-10288,0,0,fd731f2fa655e977394860f265053908b8d125d4076d3124439c81d187b95c3b,2024-10-24T04:07:45.110000 CVE-2024-10289,0,0,7362f8b5a4aaa787d5c8f070f69545dea8207d6f1adb78df74793ff58580e97d,2024-10-24T04:07:51.340000 CVE-2024-1029,0,0,0f58435c5c731694bc563330e2e0cc48091c7d28b092c9a25a6684c410525166,2024-05-17T02:35:11.633000 -CVE-2024-10290,0,1,32b9d717368e635aaa8618e36c6d8aa6019577a9299bfc82735cfbe7d195d08d,2024-10-25T12:56:36.827000 -CVE-2024-10291,0,1,fd412c10cd6013aab887d93cbc2181d48237388090fd13fe8dfb5beb60e8728b,2024-10-25T12:56:36.827000 -CVE-2024-10292,0,1,975709ecde5a9c624d050d87ca366654895aaf30dfb30dadf10da57ad7e74bac,2024-10-25T12:56:36.827000 -CVE-2024-10293,0,1,97810b693c214de7eba440fa721337a0acab1625229c9faa2817690aeba72f4c,2024-10-25T12:56:36.827000 -CVE-2024-10295,0,1,05be2217733c9dc82e0ab847a99213d443b6eb2416a14b489bddd760491fe8e9,2024-10-25T12:56:07.750000 -CVE-2024-10296,0,1,3731dd63766ea164d82646758d87e47e2e2d1ca9061034b26ec431458662311d,2024-10-25T12:56:36.827000 -CVE-2024-10297,0,1,7059e1e2bb8cf8e51a328b566020cbc23abd446f188f444527bfee9442b2adad,2024-10-25T12:56:36.827000 -CVE-2024-10298,0,1,182fddfc46dce2e154a9d7232dcd133e34601980b0699619ad9ebc89c9d41132,2024-10-25T12:56:07.750000 -CVE-2024-10299,0,1,3f9d2a84b81fd1d46a6bc0dc8cb6a067838da188f2f1d1614d47c67215bc1829,2024-10-25T12:56:07.750000 +CVE-2024-10290,0,0,32b9d717368e635aaa8618e36c6d8aa6019577a9299bfc82735cfbe7d195d08d,2024-10-25T12:56:36.827000 +CVE-2024-10291,0,0,fd412c10cd6013aab887d93cbc2181d48237388090fd13fe8dfb5beb60e8728b,2024-10-25T12:56:36.827000 +CVE-2024-10292,0,0,975709ecde5a9c624d050d87ca366654895aaf30dfb30dadf10da57ad7e74bac,2024-10-25T12:56:36.827000 +CVE-2024-10293,0,0,97810b693c214de7eba440fa721337a0acab1625229c9faa2817690aeba72f4c,2024-10-25T12:56:36.827000 +CVE-2024-10295,0,0,05be2217733c9dc82e0ab847a99213d443b6eb2416a14b489bddd760491fe8e9,2024-10-25T12:56:07.750000 +CVE-2024-10296,0,0,3731dd63766ea164d82646758d87e47e2e2d1ca9061034b26ec431458662311d,2024-10-25T12:56:36.827000 +CVE-2024-10297,0,0,7059e1e2bb8cf8e51a328b566020cbc23abd446f188f444527bfee9442b2adad,2024-10-25T12:56:36.827000 +CVE-2024-10298,0,0,182fddfc46dce2e154a9d7232dcd133e34601980b0699619ad9ebc89c9d41132,2024-10-25T12:56:07.750000 +CVE-2024-10299,0,0,3f9d2a84b81fd1d46a6bc0dc8cb6a067838da188f2f1d1614d47c67215bc1829,2024-10-25T12:56:07.750000 CVE-2024-1030,0,0,34264c5a1a4e97f6ee4441192a69e3a5aa9d9614a8467bdc88cd76d1a9884fe0,2024-05-17T02:35:11.737000 -CVE-2024-10300,0,1,0f1c3dcfa436dddf319fa507de84a27903859bee7806d8166e59b8ed4cf9916b,2024-10-25T12:56:07.750000 -CVE-2024-10301,0,1,774b09626a31a7a9cb638e2934cb9a21776b22d0dba749d89f118e1850f05197,2024-10-25T12:56:07.750000 +CVE-2024-10300,0,0,0f1c3dcfa436dddf319fa507de84a27903859bee7806d8166e59b8ed4cf9916b,2024-10-25T12:56:07.750000 +CVE-2024-10301,0,0,774b09626a31a7a9cb638e2934cb9a21776b22d0dba749d89f118e1850f05197,2024-10-25T12:56:07.750000 CVE-2024-1031,0,0,6576162a78ac686f55e5931a6b8f02ff6c7312ac04792581e6d78da8a91700d4,2024-05-17T02:35:11.843000 -CVE-2024-10313,0,1,0a692e743da8a6f5929e9a5e61a16c962249b9fbffffedea4a154098bf7390c0,2024-10-25T12:56:07.750000 +CVE-2024-10313,0,0,0a692e743da8a6f5929e9a5e61a16c962249b9fbffffedea4a154098bf7390c0,2024-10-25T12:56:07.750000 CVE-2024-1032,0,0,06925fc416f8ceea7fb895efc2e3f765d4f064c5150968a9409448741aa1fb78,2024-05-17T02:35:11.947000 -CVE-2024-10327,0,1,5a1546502e73211d148718e818d15cec9bc5841df26bde254740ef77c9d65b28,2024-10-25T12:56:07.750000 +CVE-2024-10327,0,0,5a1546502e73211d148718e818d15cec9bc5841df26bde254740ef77c9d65b28,2024-10-25T12:56:07.750000 CVE-2024-1033,0,0,6041b3ccd70df4052a8c26438331689f702c93b37a47aeb2d707df9d77ed7f49,2024-05-17T02:35:12.047000 -CVE-2024-10331,0,1,7db3978f3af331926e6dbc0b348677f0ce3ba5cec6100247fa9b9851e74301d0,2024-10-25T12:56:07.750000 -CVE-2024-10332,0,1,f5b2f39a2af4e4ca43edc3fb818fd22985b528866227753e69ec49cca9bc6022,2024-10-25T12:56:07.750000 -CVE-2024-10335,0,1,ed697e1cb50a4fc6a8629a6f6256995275c0a6653b98e079e6055fba65c0c23e,2024-10-25T12:56:07.750000 -CVE-2024-10336,0,1,e579d59135cca057f98b0e09d586d494298b2730fcd48f60f67de2078fa431b5,2024-10-25T12:56:07.750000 -CVE-2024-10337,0,1,071d8737aa70f708a13cfc2ce8e372a1cf2c0e96267ee1570aec4ba67ba75eae,2024-10-25T12:56:07.750000 -CVE-2024-10338,0,1,3fc160975980cf09cc32031cde75644bdd04f676013b98dd4a41e5098c76b20c,2024-10-25T12:56:07.750000 +CVE-2024-10331,0,0,7db3978f3af331926e6dbc0b348677f0ce3ba5cec6100247fa9b9851e74301d0,2024-10-25T12:56:07.750000 +CVE-2024-10332,0,0,f5b2f39a2af4e4ca43edc3fb818fd22985b528866227753e69ec49cca9bc6022,2024-10-25T12:56:07.750000 +CVE-2024-10335,0,0,ed697e1cb50a4fc6a8629a6f6256995275c0a6653b98e079e6055fba65c0c23e,2024-10-25T12:56:07.750000 +CVE-2024-10336,0,0,e579d59135cca057f98b0e09d586d494298b2730fcd48f60f67de2078fa431b5,2024-10-25T12:56:07.750000 +CVE-2024-10337,0,0,071d8737aa70f708a13cfc2ce8e372a1cf2c0e96267ee1570aec4ba67ba75eae,2024-10-25T12:56:07.750000 +CVE-2024-10338,0,0,3fc160975980cf09cc32031cde75644bdd04f676013b98dd4a41e5098c76b20c,2024-10-25T12:56:07.750000 CVE-2024-1034,0,0,454f09f0f5fc636699352f4449a6882a204ccb564a121fe5e40109839ef595a1,2024-05-17T02:35:12.150000 -CVE-2024-10341,0,1,0e0a9affbce7c0fd1940e7153c924bfb3ba43bf71cc69020fca65383ad207429,2024-10-25T12:56:07.750000 -CVE-2024-10342,0,1,a0e1e7bfbf8df77686478a8b39f35ce7b5adbe1b31b823f7a8e84fab31750de9,2024-10-25T12:56:07.750000 -CVE-2024-10343,0,1,4101b5a530cab96c4e2ed3f7591bd8e9e62c4ce861db441511cf50880ecd2465,2024-10-25T12:56:07.750000 -CVE-2024-10348,0,1,27c3cc27c2da413ed5375013f3d5375c1eb0aa6ad2d92fbdc92579deef6e8340,2024-10-25T12:56:07.750000 -CVE-2024-10349,0,1,0a8c45eabe0ce4c72f326b034cb2d2ea69bdad111adb86509fd8bb4c45b660b5,2024-10-25T12:56:07.750000 +CVE-2024-10341,0,0,0e0a9affbce7c0fd1940e7153c924bfb3ba43bf71cc69020fca65383ad207429,2024-10-25T12:56:07.750000 +CVE-2024-10342,0,0,a0e1e7bfbf8df77686478a8b39f35ce7b5adbe1b31b823f7a8e84fab31750de9,2024-10-25T12:56:07.750000 +CVE-2024-10343,0,0,4101b5a530cab96c4e2ed3f7591bd8e9e62c4ce861db441511cf50880ecd2465,2024-10-25T12:56:07.750000 +CVE-2024-10348,0,0,27c3cc27c2da413ed5375013f3d5375c1eb0aa6ad2d92fbdc92579deef6e8340,2024-10-25T12:56:07.750000 +CVE-2024-10349,0,0,0a8c45eabe0ce4c72f326b034cb2d2ea69bdad111adb86509fd8bb4c45b660b5,2024-10-25T12:56:07.750000 CVE-2024-1035,0,0,792864ab2b0f8151b262ffe209c5f075ae9ac530a32ee5bddc4609b3d7d6306a,2024-05-17T02:35:12.253000 -CVE-2024-10350,0,1,a804077603af8538320e43f8f2607975677419dc24cab7b9e4b6d714d4de7d7a,2024-10-25T12:56:07.750000 -CVE-2024-10351,0,1,0669fd862bd943e91d4fd75dd5a3a4f23e3a0ecf8b6b598b3fa3044b7bf8c6d6,2024-10-25T12:56:07.750000 -CVE-2024-10353,0,1,34f363c95bbc45d4e85ef2856d7e0d5110b6c82bce311f5e8fc9036257eb83b7,2024-10-25T12:56:07.750000 -CVE-2024-10354,0,1,d5bf96c00ae597f7009c34e3844c5889f0c0763a1e1b97eab0af94f26675c82a,2024-10-25T12:56:07.750000 -CVE-2024-10355,0,1,7a858a56547ed44307c9a540d3394b900b64454d40ccf6ae564bf35aa8fa4990,2024-10-25T12:56:07.750000 +CVE-2024-10350,0,0,a804077603af8538320e43f8f2607975677419dc24cab7b9e4b6d714d4de7d7a,2024-10-25T12:56:07.750000 +CVE-2024-10351,0,0,0669fd862bd943e91d4fd75dd5a3a4f23e3a0ecf8b6b598b3fa3044b7bf8c6d6,2024-10-25T12:56:07.750000 +CVE-2024-10353,0,0,34f363c95bbc45d4e85ef2856d7e0d5110b6c82bce311f5e8fc9036257eb83b7,2024-10-25T12:56:07.750000 +CVE-2024-10354,0,0,d5bf96c00ae597f7009c34e3844c5889f0c0763a1e1b97eab0af94f26675c82a,2024-10-25T12:56:07.750000 +CVE-2024-10355,0,0,7a858a56547ed44307c9a540d3394b900b64454d40ccf6ae564bf35aa8fa4990,2024-10-25T12:56:07.750000 CVE-2024-1036,0,0,aa65a53beadc56e4dda3efe9acb5802f242935c19973e66e0ff7f62d01b276fd,2024-05-17T02:35:12.357000 -CVE-2024-10368,0,1,bd751cf8f0908c7885868477a03f4653af3e113fc89fdbd03353e34dff9f8f68,2024-10-25T12:56:07.750000 -CVE-2024-10369,0,1,7ae7d6c6e004766971ac0d79eb28bd21cccdeb76fc8a447fe3f3b470463f1503,2024-10-25T12:56:07.750000 +CVE-2024-10368,0,0,bd751cf8f0908c7885868477a03f4653af3e113fc89fdbd03353e34dff9f8f68,2024-10-25T12:56:07.750000 +CVE-2024-10369,0,0,7ae7d6c6e004766971ac0d79eb28bd21cccdeb76fc8a447fe3f3b470463f1503,2024-10-25T12:56:07.750000 CVE-2024-1037,0,0,dc80ea945a1c7339fa73e61584161c3f0eb5c7e682984c3146b230e695ed7de9,2024-02-14T19:09:45.253000 -CVE-2024-10370,0,1,27188c86ba90849a9c0d88afec58d3a2edeb9103c555ee60d22fc4a3d5210d79,2024-10-25T12:56:07.750000 -CVE-2024-10371,0,1,65ab03bc64c2ab1d3cbd0f73ecb984de0f85f8b01221902cf20919617b579114,2024-10-25T12:56:07.750000 -CVE-2024-10372,0,1,55d82ebc64e3347208b42e044461acfe18dba6e494597fc717ca90fd21fd7f16,2024-10-25T12:56:07.750000 -CVE-2024-10374,1,1,7790d94803baee2c2a9a346f5727b3f8fa2f864d9522e5ceae124a52fbb8369d,2024-10-25T12:56:07.750000 -CVE-2024-10376,0,1,f82f08f1ceca9553145aba97b8462c352f4e5d7c7ee750ca3d73316f521c8aa7,2024-10-25T12:56:07.750000 -CVE-2024-10377,0,1,a15010b5ad5322f79230df4206509f3830d24cc27a02c60cbaafdcf05dc546a6,2024-10-25T12:56:07.750000 -CVE-2024-10378,1,1,f96d78c466727891d6770df4b523902e99af433e665127d34225b4275b798b13,2024-10-25T12:56:07.750000 -CVE-2024-10379,1,1,3c7753aa53a7f490ce21f7358197ba3a7c5845bca9dfc769528ab53d2e506bc3,2024-10-25T12:56:07.750000 +CVE-2024-10370,0,0,27188c86ba90849a9c0d88afec58d3a2edeb9103c555ee60d22fc4a3d5210d79,2024-10-25T12:56:07.750000 +CVE-2024-10371,0,0,65ab03bc64c2ab1d3cbd0f73ecb984de0f85f8b01221902cf20919617b579114,2024-10-25T12:56:07.750000 +CVE-2024-10372,0,0,55d82ebc64e3347208b42e044461acfe18dba6e494597fc717ca90fd21fd7f16,2024-10-25T12:56:07.750000 +CVE-2024-10374,0,0,7790d94803baee2c2a9a346f5727b3f8fa2f864d9522e5ceae124a52fbb8369d,2024-10-25T12:56:07.750000 +CVE-2024-10376,0,0,f82f08f1ceca9553145aba97b8462c352f4e5d7c7ee750ca3d73316f521c8aa7,2024-10-25T12:56:07.750000 +CVE-2024-10377,0,0,a15010b5ad5322f79230df4206509f3830d24cc27a02c60cbaafdcf05dc546a6,2024-10-25T12:56:07.750000 +CVE-2024-10378,0,0,f96d78c466727891d6770df4b523902e99af433e665127d34225b4275b798b13,2024-10-25T12:56:07.750000 +CVE-2024-10379,0,0,3c7753aa53a7f490ce21f7358197ba3a7c5845bca9dfc769528ab53d2e506bc3,2024-10-25T12:56:07.750000 CVE-2024-1038,0,0,c7b47d6608546def6f3304631405edc76ac6151bae95644217fe0b19e7498b5e,2024-03-13T18:16:18.563000 -CVE-2024-10380,1,1,fbc6bdf17d1189e11e8b0a1f98f107dfa2f1f98f4113f4f2078dda76042f5da0,2024-10-25T13:15:17.547000 -CVE-2024-10381,1,1,6ffe44cfcb0700d41680c7c9242cba169e32dff153adc942340c76d32ff0166c,2024-10-25T13:15:17.810000 +CVE-2024-10380,0,0,fbc6bdf17d1189e11e8b0a1f98f107dfa2f1f98f4113f4f2078dda76042f5da0,2024-10-25T13:15:17.547000 +CVE-2024-10381,0,0,6ffe44cfcb0700d41680c7c9242cba169e32dff153adc942340c76d32ff0166c,2024-10-25T13:15:17.810000 CVE-2024-1039,0,0,823ba846a6d7c1759f085b54cf23829cdbadd28135927175e007d2b5df85a6ad,2024-02-07T14:09:47.017000 CVE-2024-1040,0,0,b32f85342f197693d2db41df3bf264f5b00d802b0a5fb12822762c63c498621d,2024-02-07T17:11:40.623000 CVE-2024-1041,0,0,991d5a9e7f9515845650bb9d6b0cbb707e5b40a6073b13e973f0804460a34ef9,2024-04-10T13:23:38.787000 @@ -243540,23 +243540,23 @@ CVE-2024-20257,0,0,94e6f725ee467caadda6c4f11d4a2013bcc777b9457d0e9c013d22aaa9d3e CVE-2024-20258,0,0,dd86e76a96b4e6a893c0c6ec61ba16ebd8778c22b6c500e3943b86dcf8fd547a,2024-07-03T01:46:01.017000 CVE-2024-20259,0,0,b030aa6453db8e20f0a04d40b0f287f88d896d1fac7ce9dc4574fc3152667686,2024-03-27T17:48:21.140000 CVE-2024-2026,0,0,ab8e0446e355058e8d457eece1c7755ea02ace0a1b5891450eaff276723ece15,2024-04-10T13:23:38.787000 -CVE-2024-20260,0,1,e1fb5372ebeb2821531f3a082b09e7e0c81c08aa5e7c68ae16a7295e0b5db40e,2024-10-25T12:56:36.827000 +CVE-2024-20260,0,0,e1fb5372ebeb2821531f3a082b09e7e0c81c08aa5e7c68ae16a7295e0b5db40e,2024-10-25T12:56:36.827000 CVE-2024-20261,0,0,5c65061910678ae58b328f6a0e37c321fe1bf57a9d47085baeb418960297a3d6,2024-05-22T18:59:20.240000 CVE-2024-20262,0,0,d20e355bf64045bb726321c22659f6c213d6a34b5f8360db4262a3c1acced6db,2024-03-13T18:15:58.530000 CVE-2024-20263,0,0,a03c106a8ca3bb4647e4caa99728a3814edbbe0073eadd982e4b8d15f1108007,2024-02-06T19:23:20.600000 -CVE-2024-20264,0,1,5609462932f15c597bbf504d3d594975ad6434ea487e9719e65ddd4489d8efe2,2024-10-25T12:56:36.827000 +CVE-2024-20264,0,0,5609462932f15c597bbf504d3d594975ad6434ea487e9719e65ddd4489d8efe2,2024-10-25T12:56:36.827000 CVE-2024-20265,0,0,405f08c8e7e8849163f2eb6a8e5eb3eed5d428c9d5f1700fe4a57c86124fbf2c,2024-03-27T17:48:21.140000 CVE-2024-20266,0,0,6dbb5ce45980d47bf7eb6b4f22011bf963dd46d368a6ae781e4da8879de7a610,2024-03-13T18:15:58.530000 CVE-2024-20267,0,0,49082794ba6fffb4cd0ccafc96537e8303023b31c83143a02b2c16e741876cc2,2024-03-04T22:45:43.893000 -CVE-2024-20268,0,1,7759be7dd4a356ca6b6a1b7455ca1dbb1f9d36388e26159b0a01ddd63697ab84,2024-10-25T12:56:36.827000 -CVE-2024-20269,0,1,88cd558963686c8b9cab30a70eeb1a0bd7a6f2c656c08d7e9d1afca9fd10068d,2024-10-25T12:56:36.827000 +CVE-2024-20268,0,0,7759be7dd4a356ca6b6a1b7455ca1dbb1f9d36388e26159b0a01ddd63697ab84,2024-10-25T12:56:36.827000 +CVE-2024-20269,0,0,88cd558963686c8b9cab30a70eeb1a0bd7a6f2c656c08d7e9d1afca9fd10068d,2024-10-25T12:56:36.827000 CVE-2024-2027,0,0,8a6da780f00ef83adadf5b93e79e41584ae4ce15f32aba2548f6552eaa755565,2024-04-10T13:23:38.787000 CVE-2024-20270,0,0,eb515a12dde6cc2ab0dfdeee187efe297a3536ebbda30c8e847c7138ffa84d0d,2024-02-02T16:15:54.227000 CVE-2024-20271,0,0,9bce8a64e9296ad22ee19fd2c64f9f191014f0d9052b00608129f7da079ff720,2024-03-27T17:48:21.140000 CVE-2024-20272,0,0,9a8b431abc55ae18c0094ec2d1030d59c5263518a92577c729598443278bbea6,2024-02-02T16:15:54.683000 -CVE-2024-20273,0,1,8b112f4b02470eba863801e1e42e3a98c5ae162f3044482e8541663023d9c97c,2024-10-25T12:56:36.827000 -CVE-2024-20274,0,1,25e605d9d54d4da58104cfd092dd6dbcffc594540622946f0085313336b1d18e,2024-10-25T12:56:36.827000 -CVE-2024-20275,0,1,d642880c67354f21dd660d8005bc15eea0945814b36b39237dce1aa9d5118339,2024-10-25T12:56:36.827000 +CVE-2024-20273,0,0,8b112f4b02470eba863801e1e42e3a98c5ae162f3044482e8541663023d9c97c,2024-10-25T12:56:36.827000 +CVE-2024-20274,0,0,25e605d9d54d4da58104cfd092dd6dbcffc594540622946f0085313336b1d18e,2024-10-25T12:56:36.827000 +CVE-2024-20275,0,0,d642880c67354f21dd660d8005bc15eea0945814b36b39237dce1aa9d5118339,2024-10-25T12:56:36.827000 CVE-2024-20276,0,0,77220479d2c4e0a0ce7772faba7bb9374ec34b0cd2307655f714f3eba6dc1b93,2024-03-27T17:48:21.140000 CVE-2024-20277,0,0,736a7d458de43e0c8ef102aeef0adf3c0541fbbca3219355ca4fb06899462f58,2024-02-02T16:15:54.787000 CVE-2024-20278,0,0,12aa1590b3e8a6125d7154bf2a045b19659a28fc2d4df972ed53df9e81e82c57,2024-03-27T17:48:21.140000 @@ -243579,11 +243579,11 @@ CVE-2024-20293,0,0,616028e08a52b8ee6918b00b66aa203f272bb9f0716f3e2ece06ab3be6eda CVE-2024-20294,0,0,742861094e87571e845203e831bfb7a087118860ed05792647beba51da9e1c54,2024-02-29T13:49:29.390000 CVE-2024-20295,0,0,440a3fe735baf91af4ba8e7f15eaba3890b664a180f3cc6b1b84c3c2ae93a20b,2024-04-25T13:18:20.370000 CVE-2024-20296,0,0,40bbd38e07d81658299d895ad9afa6a2a8c553e04b04f72d9f3dda0ddd6b036f,2024-07-18T12:28:43.707000 -CVE-2024-20297,0,1,76d14dfa0f9509c5a289050d83c9a1077f8a1eeb56a70f5510a545859db5b18f,2024-10-25T12:56:36.827000 -CVE-2024-20298,0,1,d7b78fb64fa5c6dd7ebb9f35d881d018ce49ab3417e1e31c1e9af7349e826844,2024-10-25T12:56:36.827000 -CVE-2024-20299,0,1,ea63fdda38ab3c5e4dfbc8dc2825b521c61b9797c2ccf660e32cd8336c48d5df,2024-10-25T12:56:36.827000 +CVE-2024-20297,0,0,76d14dfa0f9509c5a289050d83c9a1077f8a1eeb56a70f5510a545859db5b18f,2024-10-25T12:56:36.827000 +CVE-2024-20298,0,0,d7b78fb64fa5c6dd7ebb9f35d881d018ce49ab3417e1e31c1e9af7349e826844,2024-10-25T12:56:36.827000 +CVE-2024-20299,0,0,ea63fdda38ab3c5e4dfbc8dc2825b521c61b9797c2ccf660e32cd8336c48d5df,2024-10-25T12:56:36.827000 CVE-2024-2030,0,0,f47e609ec6da92e4d0f51eb73197726fa40c04bd5fba84d7e80690a86556bbc1,2024-03-13T18:15:58.530000 -CVE-2024-20300,0,1,2c6145cb8a8bdce4d25bc4fb0d9158de2182f6c4b0288358081ef17d8ec8c1e8,2024-10-25T12:56:36.827000 +CVE-2024-20300,0,0,2c6145cb8a8bdce4d25bc4fb0d9158de2182f6c4b0288358081ef17d8ec8c1e8,2024-10-25T12:56:36.827000 CVE-2024-20301,0,0,ee58125f54e59b57e5b1ea49a524ecc5e7feeaab3c308ff448cca9b61624ff41,2024-03-07T13:52:27.110000 CVE-2024-20302,0,0,bb282df08e1d4adc1029a76ce336553cafd173c3d92914cdfd5b12151cc62afc,2024-04-03T17:24:18.150000 CVE-2024-20303,0,0,393665d251452d2f76b8a508b1c314e9e2878d06110c2d34091d44dcf2cc0a6d,2024-03-27T17:48:21.140000 @@ -243614,10 +243614,10 @@ CVE-2024-20325,0,0,54ea99e12b48a3199864bbc6b8e057b2420390f797e4ed26add8a6233c894 CVE-2024-20326,0,0,fc15c10256dd5a166a1027ec5ae4c1e91a980e0789f9cd1c71ded8bffcb2bc99,2024-07-03T01:46:03.803000 CVE-2024-20327,0,0,2a507e36cc296b47cc299425ea02720eb37cb46ee21e1b819fdbd44ab608c928,2024-03-13T18:15:58.530000 CVE-2024-20328,0,0,e64c0687495a40f9ecee0bb3a778a786de8f7c2c3bc47f7e8f9d7cb2e2feaa92,2024-03-01T22:22:25.913000 -CVE-2024-20329,0,1,d0562fafdffb744c45ee1d7e04fd26b3ae3fe48472947f027287e2b9d2df2f07,2024-10-25T12:56:36.827000 +CVE-2024-20329,0,0,d0562fafdffb744c45ee1d7e04fd26b3ae3fe48472947f027287e2b9d2df2f07,2024-10-25T12:56:36.827000 CVE-2024-2033,0,0,892e4525fdc9a24c67717f6bae7974a0431189616f9c08a3ecfab5a122c6fa8c,2024-04-10T13:23:38.787000 -CVE-2024-20330,0,1,d04d9cade47e14519d969f60623ff510edb3d28b3bf121c8d0dd78989b897e67,2024-10-25T12:56:36.827000 -CVE-2024-20331,0,1,1edb67fa41f73e24bb04d107fa98b47b49533f0a085f36e6c05019d2a69f9d41,2024-10-25T12:56:36.827000 +CVE-2024-20330,0,0,d04d9cade47e14519d969f60623ff510edb3d28b3bf121c8d0dd78989b897e67,2024-10-25T12:56:36.827000 +CVE-2024-20331,0,0,1edb67fa41f73e24bb04d107fa98b47b49533f0a085f36e6c05019d2a69f9d41,2024-10-25T12:56:36.827000 CVE-2024-20332,0,0,26f138359eebae9b93dd534c37bd2e0eadd8f2090b9372a1604e6dbd4d4b38f8,2024-04-03T17:24:18.150000 CVE-2024-20333,0,0,a9cf37f279014aaeb1b44ced238e2455395f4982508f682aac206cd9791404fd,2024-03-27T17:48:21.140000 CVE-2024-20334,0,0,e33ad74f302c1a5c76e2802518dc9baee72b2876d58eb107a37b467217796798,2024-04-03T17:24:18.150000 @@ -243625,10 +243625,10 @@ CVE-2024-20335,0,0,3ae82e4e51ce7dc67e890bbf3242dddc369bcec5a9c67ccb96545dde173de CVE-2024-20336,0,0,7da9174c756054acc761610c3354924a4d132dd65f90fcdc8e0995c2dbe104c8,2024-03-07T13:52:27.110000 CVE-2024-20337,0,0,a7c8d58b2276bc115bd59fc582b798a8fadaf5ed39ee4effba6490a0740366a8,2024-03-07T13:52:27.110000 CVE-2024-20338,0,0,510c65881ff77bd5a9b4264c80e30939b8e2e91bda87ae599bea8187a8352e74,2024-03-07T13:52:27.110000 -CVE-2024-20339,0,1,bb442a0d72a8fd0d63dcf5d6d88014a96d226682c3b9308c53929c6b4b81a853,2024-10-25T12:56:36.827000 -CVE-2024-20340,0,1,a370f66f23ccb4d296c49e63715d028aa9e86d52cd2be451354da0bff126e82e,2024-10-25T12:56:36.827000 -CVE-2024-20341,0,1,da9ebd50ac4e6981052efe2b72055b2491d82a59a32b242101d832eba7c95a65,2024-10-25T12:56:36.827000 -CVE-2024-20342,0,1,31a852cdc24c899debe319c4fa019b75f169a4f4c08ab71708e09cea372643ce,2024-10-25T12:56:36.827000 +CVE-2024-20339,0,0,bb442a0d72a8fd0d63dcf5d6d88014a96d226682c3b9308c53929c6b4b81a853,2024-10-25T12:56:36.827000 +CVE-2024-20340,0,0,a370f66f23ccb4d296c49e63715d028aa9e86d52cd2be451354da0bff126e82e,2024-10-25T12:56:36.827000 +CVE-2024-20341,0,0,da9ebd50ac4e6981052efe2b72055b2491d82a59a32b242101d832eba7c95a65,2024-10-25T12:56:36.827000 +CVE-2024-20342,0,0,31a852cdc24c899debe319c4fa019b75f169a4f4c08ab71708e09cea372643ce,2024-10-25T12:56:36.827000 CVE-2024-20343,0,0,7c9d164f9ec94ab3681a2158dfc37a563399321d4ad394ceb86611456e6f03d7,2024-10-07T17:42:40.777000 CVE-2024-20344,0,0,0c95d8c456a266581d87105f2300bfe021552d9f4a6b780624736cdaf9bbf776,2024-02-29T13:49:29.390000 CVE-2024-20345,0,0,e5a5f742b4ff4031a273ec9fe2b2ad050940d29d6b880414ea07f31d237eeb39,2024-03-07T13:52:27.110000 @@ -243637,7 +243637,7 @@ CVE-2024-20347,0,0,b7a6ed5ce0c3cf37e0f41269507973b9ad509f6fe22a9ad105d991e5f0ee5 CVE-2024-20348,0,0,11d8baf9f242470d1ef8d7212943b2dddf3a3133229405d4842c11f474e90460,2024-04-03T17:24:18.150000 CVE-2024-2035,0,0,216279b16f620c2ff4b0a8961dd1dd14e0bafebc256a395c018effc533e0c28d,2024-10-11T14:20:05.590000 CVE-2024-20350,0,0,a12c7038f7859e98d5699951ee7006a12ff1675d76aabb6f00e8b49b9f735c1a,2024-09-26T13:32:02.803000 -CVE-2024-20351,0,1,aa73a4272f2bc722b3d6ac87bb2a1769d90c06c1f1c69a6f1a80c1908512cd80,2024-10-25T12:56:36.827000 +CVE-2024-20351,0,0,aa73a4272f2bc722b3d6ac87bb2a1769d90c06c1f1c69a6f1a80c1908512cd80,2024-10-25T12:56:36.827000 CVE-2024-20352,0,0,b6df069392724fdc834a80403afd09f590785680a76232df596c3f6fea90f0b6,2024-04-03T17:24:18.150000 CVE-2024-20353,0,0,e2f72ffa3936c97cc6267050a0bce7d53259a8a25c98d8322d782dc399b18d7e,2024-04-26T15:22:27.803000 CVE-2024-20354,0,0,2b17296c0b4719e35a35904483c6c06073bfa6005008b3509f848c7bb9f4faf5,2024-03-27T17:48:21.140000 @@ -243651,30 +243651,30 @@ CVE-2024-20360,0,0,b9376885f3bd33f8b376cfcd9d1a4c2997937c1a075603d8638d862812d3e CVE-2024-20361,0,0,8fc8c6bd1287a52550fd38650e66a5006a20e7eae1aa8f8c99b728af1c48ddd5,2024-05-22T18:59:20.240000 CVE-2024-20362,0,0,0fe85dbbc396fc356835f570820efb6142358d26355d59753469b06ab8b1d26f,2024-04-03T17:24:18.150000 CVE-2024-20363,0,0,fd62098992468346229d2c9f8f88c3a0bdc7312cacd90d8bf7a2b7925976c048,2024-07-03T01:46:06.070000 -CVE-2024-20364,0,1,f39734b291125d567a56f80d651e614675a81ffedf7761321cf4d60c9969f754,2024-10-25T12:56:36.827000 +CVE-2024-20364,0,0,f39734b291125d567a56f80d651e614675a81ffedf7761321cf4d60c9969f754,2024-10-25T12:56:36.827000 CVE-2024-20365,0,0,b941e81c62a5622fb3207cd284578983abbf20cf62d6c3be738ab76890047c8c,2024-10-08T14:28:42.727000 CVE-2024-20366,0,0,ce7e4ab0363f4b2934fc27a08480c4ec05827340dd08325d4de96e54b996f48f,2024-05-15T18:35:11.453000 CVE-2024-20367,0,0,0d59cd325b5448a23ac62ba4d011225bdec20c6d4a20e9044f14a66801d9654b,2024-04-03T17:24:18.150000 CVE-2024-20368,0,0,11ba77e6ca928b43fcf33bd9b64c67655ca382b15bfec85a328bbca787a43cf3,2024-04-03T17:24:18.150000 CVE-2024-20369,0,0,e23910e4adf6ac7fe444b246c85eb12e2e56e7b12054f1339b9256c8ec4ec112,2024-05-15T18:35:11.453000 -CVE-2024-20370,0,1,9c8d802e115773847851e6a87a7c6331398027635ff6abdb8c313a21d8306cc9,2024-10-25T12:56:36.827000 -CVE-2024-20372,0,1,a4511016c009f980124ac63fc0680e5a88dfb0104fc9939a3889252dcb7670b6,2024-10-25T12:56:36.827000 -CVE-2024-20374,0,1,638aea96f5a8f2793180f79bfbc09147af2cc1875a0c35f4bdc3fa0fc97f0c14,2024-10-25T12:56:36.827000 +CVE-2024-20370,0,0,9c8d802e115773847851e6a87a7c6331398027635ff6abdb8c313a21d8306cc9,2024-10-25T12:56:36.827000 +CVE-2024-20372,0,0,a4511016c009f980124ac63fc0680e5a88dfb0104fc9939a3889252dcb7670b6,2024-10-25T12:56:36.827000 +CVE-2024-20374,0,0,638aea96f5a8f2793180f79bfbc09147af2cc1875a0c35f4bdc3fa0fc97f0c14,2024-10-25T12:56:36.827000 CVE-2024-20375,0,0,a4ae364a987d406a5046b71b718fe2e5ce4da208cd9db67ac24eb19997b1276b,2024-08-21T17:24:59.627000 CVE-2024-20376,0,0,616e740c2ab9d6be811f96c68e43db8bad88fc7cef9833f2acf95234fb3cc478,2024-05-01T19:50:25.633000 -CVE-2024-20377,0,1,a39653bbe91a0a291f943f988acda320ed98a22801a8699f75aa41f301f033fc,2024-10-25T12:56:36.827000 +CVE-2024-20377,0,0,a39653bbe91a0a291f943f988acda320ed98a22801a8699f75aa41f301f033fc,2024-10-25T12:56:36.827000 CVE-2024-20378,0,0,1d0c211142ee7b64cb979c7d6fe81a8dda4cc3d613763c0904f9ebf5643e5461,2024-05-01T19:50:25.633000 -CVE-2024-20379,0,1,b7cc4496c028fb42ee4b3d4e0a1de57bee4da29ce66334b45fb077b0313f3602,2024-10-25T12:56:36.827000 +CVE-2024-20379,0,0,b7cc4496c028fb42ee4b3d4e0a1de57bee4da29ce66334b45fb077b0313f3602,2024-10-25T12:56:36.827000 CVE-2024-2038,0,0,84783e34583c406994ceb062343516951516f0b07f0d721026ee845e3108d0ec,2024-05-24T01:15:30.977000 CVE-2024-20380,0,0,ed7ad99e229e06574506624c01ede2d6fb857cd8a1e722ec6a335ed1ef4a76e1,2024-04-19T13:10:25.637000 CVE-2024-20381,0,0,5afd1f58e322b631892fd0b679ab12e22dc7593190ff9ffdf30dc24fabdc730b,2024-10-08T21:43:28.757000 -CVE-2024-20382,0,1,f4c43f90fbb215b7e2a39ee54a09a21fd1175510302f47583c0c603c84a5d88c,2024-10-25T12:56:36.827000 +CVE-2024-20382,0,0,f4c43f90fbb215b7e2a39ee54a09a21fd1175510302f47583c0c603c84a5d88c,2024-10-25T12:56:36.827000 CVE-2024-20383,0,0,3adbaddaf4554eb7166804e65fe9fdbf83fea813b82dd738821e310951cf1618,2024-05-15T19:15:07.900000 -CVE-2024-20384,0,1,4038bb891ccafebd319d8d0f652a39b605bdf82eaf26b7800ead7e461cb5351e,2024-10-25T12:56:36.827000 +CVE-2024-20384,0,0,4038bb891ccafebd319d8d0f652a39b605bdf82eaf26b7800ead7e461cb5351e,2024-10-25T12:56:36.827000 CVE-2024-20385,0,0,acb41bb9b0e8de27149b5546043f469887d2173135754c6ef5f9970c450eec9d,2024-10-08T14:22:34.120000 -CVE-2024-20386,0,1,ec0e5ae21397279adf776b51097381cd7a7cf0d180927e8eaca967549314d99d,2024-10-25T12:56:36.827000 -CVE-2024-20387,0,1,b4c9cdb24740b4cea08e24602a2064cf37001b2d4256f348b38bf79f16a040a3,2024-10-25T12:56:36.827000 -CVE-2024-20388,0,1,f1dc8301879d3c47543769502175925591498a0e820517ed33480f80b76d9655,2024-10-25T12:56:36.827000 +CVE-2024-20386,0,0,ec0e5ae21397279adf776b51097381cd7a7cf0d180927e8eaca967549314d99d,2024-10-25T12:56:36.827000 +CVE-2024-20387,0,0,b4c9cdb24740b4cea08e24602a2064cf37001b2d4256f348b38bf79f16a040a3,2024-10-25T12:56:36.827000 +CVE-2024-20388,0,0,f1dc8301879d3c47543769502175925591498a0e820517ed33480f80b76d9655,2024-10-25T12:56:36.827000 CVE-2024-20389,0,0,9d9dfa82add773af2318fea3c227cdb315f4c8df4ee8e66f868a7095c866fa43,2024-05-16T15:44:44.683000 CVE-2024-2039,0,0,0fb3eb6d9df1cb8dd04206e4fde20555dc794b24595aa985157932f2a933450d,2024-04-10T13:23:38.787000 CVE-2024-20390,0,0,7596f8a252957b7a86b18b13b44a3f994e7e9bd3a3934d5a22e0cf6b5c4165f3,2024-10-07T17:51:37.197000 @@ -243689,33 +243689,33 @@ CVE-2024-20399,0,0,164174c543ab6ae29aa0171daa283df0ddb65a3fecfd5ef8bf748eebe57b6 CVE-2024-2040,0,0,84818b4f00c676396e69702449b7daec96ba4021835b05a5adb074a919ab8480,2024-07-08T14:18:10.367000 CVE-2024-20400,0,0,e22f5359b4eae3d1123c96473d077f1ed8cfcffe9256c923e22249fabd71dd12,2024-07-18T12:28:43.707000 CVE-2024-20401,0,0,4e570494182ec3fb0c9186b46f7948499e59b61e9f8ec1f0ca5200f010002753,2024-07-18T12:28:43.707000 -CVE-2024-20402,0,1,ebf1c94edc15f41dd1acee7e74bad1fe75e372fa7cc77317fd871c7c61ef9b6c,2024-10-25T12:56:36.827000 -CVE-2024-20403,0,1,eb872864d8d33171534d7781e7ca7f40dbaf6a84142c33664cdbf1a79c747f4f,2024-10-25T12:56:36.827000 +CVE-2024-20402,0,0,ebf1c94edc15f41dd1acee7e74bad1fe75e372fa7cc77317fd871c7c61ef9b6c,2024-10-25T12:56:36.827000 +CVE-2024-20403,0,0,eb872864d8d33171534d7781e7ca7f40dbaf6a84142c33664cdbf1a79c747f4f,2024-10-25T12:56:36.827000 CVE-2024-20404,0,0,9ff8f593f71d4a0ff7aecb6b668971610942799ed16450e68ad59cf7f0b9f5af,2024-06-13T20:25:46.837000 CVE-2024-20405,0,0,2fa5b4e65c2f399507a2e57227d51876c94b3517d024d761ea8ec8bc4f4a8a91,2024-06-18T18:04:04.497000 CVE-2024-20406,0,0,7d60bf0d9d6961c2b6b66dc82a40eb5c60b9f8634630e4f8bc14ebf8ca20093e,2024-10-07T17:56:43.103000 -CVE-2024-20407,0,1,d91b04a7d82008e51a2e50318f7c8ab68bda2655a589165e4f8d06e1b504c55d,2024-10-25T12:56:36.827000 -CVE-2024-20408,0,1,998feca93484f2d4b390f79e8c26719e5340e787766f9cd21c8b5855add94edd,2024-10-25T12:56:36.827000 -CVE-2024-20409,0,1,835679d17e6593da4e2403cfab04e230123d9ca9da855b133a25ea29ee007ef7,2024-10-25T12:56:36.827000 +CVE-2024-20407,0,0,d91b04a7d82008e51a2e50318f7c8ab68bda2655a589165e4f8d06e1b504c55d,2024-10-25T12:56:36.827000 +CVE-2024-20408,0,0,998feca93484f2d4b390f79e8c26719e5340e787766f9cd21c8b5855add94edd,2024-10-25T12:56:36.827000 +CVE-2024-20409,0,0,835679d17e6593da4e2403cfab04e230123d9ca9da855b133a25ea29ee007ef7,2024-10-25T12:56:36.827000 CVE-2024-2041,0,0,7b4fc911113d944c485bed2a7f958b069e0536bf197811dc0e3dcb8018df3bd7,2024-05-06T14:15:07.747000 -CVE-2024-20410,0,1,e24d445fd90a4397a6a772a4f466146d1249603dbb60a8fe7defa9becedf8025,2024-10-25T12:56:36.827000 +CVE-2024-20410,0,0,e24d445fd90a4397a6a772a4f466146d1249603dbb60a8fe7defa9becedf8025,2024-10-25T12:56:36.827000 CVE-2024-20411,0,0,4f003e5090f28bf95bd35a4fbdae5180d9a8ba20c425549807eec3131f67ce95,2024-08-29T13:25:27.537000 -CVE-2024-20412,0,1,98fe7a5862ce0435e94f459cc380f6731f224b2de6aaf35729ca1e7ed37af631,2024-10-25T12:56:36.827000 +CVE-2024-20412,0,0,98fe7a5862ce0435e94f459cc380f6731f224b2de6aaf35729ca1e7ed37af631,2024-10-25T12:56:36.827000 CVE-2024-20413,0,0,eef91fa550f9bdcbf9b050eb11a257fdd75cd91f9c74286f67575b2cf9d8093e,2024-08-29T13:25:27.537000 CVE-2024-20414,0,0,18adcabc3ea83c021e3e42e80805abb0da254bdf76c23740c5471d9c9fa12ab4,2024-10-02T20:02:22.740000 -CVE-2024-20415,0,1,ace1385581011ed019184aa3fb43120119a465cbfa23a70765745569ce25b180,2024-10-25T12:56:36.827000 +CVE-2024-20415,0,0,ace1385581011ed019184aa3fb43120119a465cbfa23a70765745569ce25b180,2024-10-25T12:56:36.827000 CVE-2024-20416,0,0,36fba5d0b9a663051d43c2072f34c721bf06b423d2ffa103fc7cf93ef9750d67,2024-07-18T12:28:43.707000 CVE-2024-20417,0,0,2b2621922f4e9896d58ad85f7dd970402245ce4da0539fb0012d7404735b7f45,2024-08-22T12:48:02.790000 CVE-2024-20419,0,0,0795f6e87845f9b46dc3400495c49fb48a047d8ed4e9d1842a04ff7724f0ad68,2024-08-13T17:15:22.787000 CVE-2024-2042,0,0,148bfce3b5f48e2144e9167826ed5f6f120e539bf15296a435b2ce580e8b1f74,2024-03-17T22:38:29.433000 CVE-2024-20420,0,0,1b6307b08ac5336375cc3664c71d09f27461a9a614efe41992a97e5a892448ec,2024-10-22T15:12:47.983000 CVE-2024-20421,0,0,b8d90bf4638dbe0c37023b3ff1bd11c5ac7ded44281786691979af6c9dbb0983,2024-10-22T17:51:08.113000 -CVE-2024-20424,0,1,ffa62354c649fb92a19c53bb88a63b5a68961428021270eef69bc0cdf2db3939,2024-10-25T12:56:36.827000 -CVE-2024-20426,0,1,de1754515a9d08a81fb464f1c350f5eea8399c648858dacb1404601225681f6e,2024-10-25T12:56:36.827000 +CVE-2024-20424,0,0,ffa62354c649fb92a19c53bb88a63b5a68961428021270eef69bc0cdf2db3939,2024-10-25T12:56:36.827000 +CVE-2024-20426,0,0,de1754515a9d08a81fb464f1c350f5eea8399c648858dacb1404601225681f6e,2024-10-25T12:56:36.827000 CVE-2024-20429,0,0,f467ae3dedce5a1f38518317999bbc8fc79bc2960eb95679505ee1fcb992ae20,2024-07-18T12:28:43.707000 CVE-2024-2043,0,0,7a3896d230f6f1ae602a08f92e2eaaa644b5893021849dee8a675eb9b7c81e88,2024-05-02T18:00:37.360000 CVE-2024-20430,0,0,10fa05ef1e262e03d3ec6f9856a4fd60e476d60000f282e33b3976f1a0227974,2024-09-18T18:56:05.510000 -CVE-2024-20431,0,1,6e003e429a8df086dd1ff6f0b7da7a4b9d9bab91964164b6fe0eced227d5847c,2024-10-25T12:56:36.827000 +CVE-2024-20431,0,0,6e003e429a8df086dd1ff6f0b7da7a4b9d9bab91964164b6fe0eced227d5847c,2024-10-25T12:56:36.827000 CVE-2024-20432,0,0,7fd746c387447b9ece17aaab52e949ef84dfd8dfcd9de8216b6df6b205f1574f,2024-10-08T14:10:35.317000 CVE-2024-20433,0,0,5e566651815d3cb842d80bb54328b0e8280ee578655d8a254f288aa4418bce20,2024-10-03T13:34:37.547000 CVE-2024-20434,0,0,904368830c218856dc09e88c749c79a929855ae5c25f03306a83a7691e310e6c,2024-10-08T16:20:30.933000 @@ -243752,20 +243752,20 @@ CVE-2024-20467,0,0,c1af58980ccad99499fcb95639264b5a0614f69936f5a7ffc5edb35f8fbf6 CVE-2024-20469,0,0,394110c2afcd5812c9d147805c76bc56d743563b5c07576e0d27ad32427aafe0,2024-09-20T16:58:14.327000 CVE-2024-2047,0,0,65f16d2420b90c918e9e57877aac5f0440eb772d779ccbd58288e6312f3c8025,2024-04-01T01:12:59.077000 CVE-2024-20470,0,0,f40c5f3d443e730674f42085e42ea8d2de51e3f4830b15dca54c9f67812afae9,2024-10-09T16:55:23.887000 -CVE-2024-20471,0,1,f35661a3bf731b3bd13e57e19325d6ddf355fae41cae47491facb4131f55321f,2024-10-25T12:56:07.750000 -CVE-2024-20472,0,1,37eb983ee5948918a2bc1d5690a220cfac0023636bf132d7092dbc737ddd6d95,2024-10-25T12:56:07.750000 -CVE-2024-20473,0,1,2d57f5872b9714b78ab60197bfde583f93b4b83044706c37134fb4244a91c35f,2024-10-25T12:56:07.750000 -CVE-2024-20474,0,1,4b73cccb20a7e98398f308852ba00f4e89c7a73993e5d70131d6203522944c88,2024-10-25T12:56:07.750000 +CVE-2024-20471,0,0,f35661a3bf731b3bd13e57e19325d6ddf355fae41cae47491facb4131f55321f,2024-10-25T12:56:07.750000 +CVE-2024-20472,0,0,37eb983ee5948918a2bc1d5690a220cfac0023636bf132d7092dbc737ddd6d95,2024-10-25T12:56:07.750000 +CVE-2024-20473,0,0,2d57f5872b9714b78ab60197bfde583f93b4b83044706c37134fb4244a91c35f,2024-10-25T12:56:07.750000 +CVE-2024-20474,0,0,4b73cccb20a7e98398f308852ba00f4e89c7a73993e5d70131d6203522944c88,2024-10-25T12:56:07.750000 CVE-2024-20475,0,0,3f291467cc737decf2fac9adb4dea13bddd59923e910f2a0d4abb07dc30557b9,2024-10-03T17:49:17.797000 CVE-2024-20477,0,0,546baafd3f9cb181a62a5bf8f2d6a935693c1d9566bac043856053043d6e851c,2024-10-08T16:00:30.167000 CVE-2024-20478,0,0,7159d6f0353997233b844f180b9acaa4a22410a663dfe8445f14235dd4611029,2024-08-29T13:25:27.537000 CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000 CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3cc0,2024-06-10T17:16:25.067000 CVE-2024-20480,0,0,1929c3dc705e1e48392e67050891180fdb659aa9ab6d1d255c10d5b0e58c773c,2024-10-03T20:07:33.900000 -CVE-2024-20481,0,1,744395bbf856aa6d6fb62caedc65d809b92b57a2e800d1268b1fc2e93488fecb,2024-10-25T12:56:07.750000 -CVE-2024-20482,0,1,c505bd145f9bf1b6b0a0c01302a4586adad5dfa33086e10ef815e7cb1d8f4913,2024-10-25T12:56:07.750000 +CVE-2024-20481,0,0,744395bbf856aa6d6fb62caedc65d809b92b57a2e800d1268b1fc2e93488fecb,2024-10-25T12:56:07.750000 +CVE-2024-20482,0,0,c505bd145f9bf1b6b0a0c01302a4586adad5dfa33086e10ef815e7cb1d8f4913,2024-10-25T12:56:07.750000 CVE-2024-20483,0,0,7bbf4d5b1e3697b5bad7f81531333e630361007007985921b04d8f51e2bedc77,2024-10-03T01:44:17.827000 -CVE-2024-20485,0,1,5676d455c5c74a14ae9e8ea761092b4ccea7f25b150dd70cffdd2f214235258c,2024-10-25T12:56:07.750000 +CVE-2024-20485,0,0,5676d455c5c74a14ae9e8ea761092b4ccea7f25b150dd70cffdd2f214235258c,2024-10-25T12:56:07.750000 CVE-2024-20486,0,0,1ec7a6c2a991b67e11827b3b316fed30b5b5340988b303f9088e0f10e2e894f9,2024-08-22T12:48:02.790000 CVE-2024-20488,0,0,b3c319abc05ee7d52fc498f08ba4c2d91fe7b6f1527a7957b5c4a113170ee559,2024-09-06T17:18:11.813000 CVE-2024-20489,0,0,d68cce5506ad42f67e500e952ef8846db91b43a7e51bd083fc776681145c15d8,2024-10-03T01:40:11.637000 @@ -243773,9 +243773,9 @@ CVE-2024-2049,0,0,398a9eaf0287296877598afba029844504bbde28a3270479d8cbbb594cc11b CVE-2024-20490,0,0,35fe5d8ca4a68248677c43c34084b321931d0d2945ab4df4da8782f5e23eb605,2024-10-08T15:15:39.160000 CVE-2024-20491,0,0,a6a1b451f6dda658d800035b80719f5bd0d6502321ff1f094bbee2194c64d03b,2024-10-08T15:55:08.933000 CVE-2024-20492,0,0,2a16b24462714ef70d9e342f3dfc09a86ef4cf713f3ed6d37bd4c4f35d4f0135,2024-10-08T16:07:26.280000 -CVE-2024-20493,0,1,d069c205cbf1d306382c8ab9d06c0f657190e79e830def30d8e5e42cf6a4fdad,2024-10-25T12:56:07.750000 -CVE-2024-20494,0,1,db014ac368aeaef465010712dd8bcda762614219e10d7d7c57490c923b6a69db,2024-10-25T12:56:07.750000 -CVE-2024-20495,0,1,46b2341455343adfc8802fa1cf49217376580150021f478375b2a4fc64fd9188,2024-10-25T12:56:07.750000 +CVE-2024-20493,0,0,d069c205cbf1d306382c8ab9d06c0f657190e79e830def30d8e5e42cf6a4fdad,2024-10-25T12:56:07.750000 +CVE-2024-20494,0,0,db014ac368aeaef465010712dd8bcda762614219e10d7d7c57490c923b6a69db,2024-10-25T12:56:07.750000 +CVE-2024-20495,0,0,46b2341455343adfc8802fa1cf49217376580150021f478375b2a4fc64fd9188,2024-10-25T12:56:07.750000 CVE-2024-20496,0,0,127f60097f974f24aadc62900a388547cdf18c3a62d9e6416696d085e67625df,2024-09-26T13:32:02.803000 CVE-2024-20497,0,0,422eb4ecec5d7dd92ef5d49505af3bc2f0e220b53f5fa76471b6dd3d460b94cb,2024-09-05T12:53:21.110000 CVE-2024-20498,0,0,f163bbceccccd5135efcc240b318bf6f09c1a57795ce60620399b214d4e300ea,2024-10-08T18:32:54.457000 @@ -243804,7 +243804,7 @@ CVE-2024-20521,0,0,1256f22cccdc014ca7c6dcaf50cda0cfa20b26ee2ae968d316f808a9bafa0 CVE-2024-20522,0,0,4751fc0b46eb3f3442a4302d9aa0da06e525e7320f0f9f33ce2b1091dde97b23,2024-10-08T13:48:19.060000 CVE-2024-20523,0,0,c7bf45998c89086dd758eb4d3eeb25d63406d90c0a145566280d2888a4fab120,2024-10-08T13:48:29.500000 CVE-2024-20524,0,0,1ddae342fccf4faf6880cbe25cc035c1903428edec9e63909e1d89933e06b31e,2024-10-08T13:48:58.273000 -CVE-2024-20526,0,1,f137cef7bdf382970d0b1ec1fa0711aa3536fa2f71ea2637ee55ebb7f30374cb,2024-10-25T12:56:07.750000 +CVE-2024-20526,0,0,f137cef7bdf382970d0b1ec1fa0711aa3536fa2f71ea2637ee55ebb7f30374cb,2024-10-25T12:56:07.750000 CVE-2024-2053,0,0,0d41c4e474c0960eb5e2399ded25845c51347c47ec843b53809f61d1e3d8fe3e,2024-08-06T15:35:13.397000 CVE-2024-2054,0,0,5af7272a2140be959232b9c889b5facdacd3c4cf8342e14293010d7ec8d01b60,2024-08-05T20:35:09.723000 CVE-2024-2055,0,0,07b933beaff1c6c6636c1d85ffcd111ff83285195075526678d7cb747831ae01,2024-08-26T16:35:08.047000 @@ -250827,8 +250827,8 @@ CVE-2024-30118,0,0,a600cbc3312207feafbf7858618a61f6dd2c38296d39ec303171804559f68 CVE-2024-30119,0,0,4baed8c508a821c818525782701105249753896feab644ba3efffba269f578b9,2024-07-03T01:53:51.120000 CVE-2024-3012,0,0,ae30314159430e25e9f2b09f2e0a440cd8bb99b7d72b62fa4eb73b4affe20188,2024-05-17T02:39:40.620000 CVE-2024-30120,0,0,f704816cf356d01bbdb53903a0b14bef34a589a7c9185030672ca3a1f14e4a1c,2024-06-17T12:42:04.623000 -CVE-2024-30122,0,1,b78e8f60e4d0df5148447073604013d9d8b1860e36c446b761d204643c69cb09,2024-10-25T12:56:36.827000 -CVE-2024-30124,0,1,f7ed66bdff59058c393ed9ac26165b8f3f76b955467f6c28a2ed31fa02a2f9e6,2024-10-25T12:56:36.827000 +CVE-2024-30122,0,0,b78e8f60e4d0df5148447073604013d9d8b1860e36c446b761d204643c69cb09,2024-10-25T12:56:36.827000 +CVE-2024-30124,0,0,f7ed66bdff59058c393ed9ac26165b8f3f76b955467f6c28a2ed31fa02a2f9e6,2024-10-25T12:56:36.827000 CVE-2024-30125,0,0,1e8984bc19e1a45cd2a6c4ac0b43f227ca7f3a8dcb96ab9c16c6ada82e4faa52,2024-07-19T13:01:44.567000 CVE-2024-30126,0,0,1dc4258efb62007b2fcf00852fe3af92d237972fa2c163c391fddf8c594d1425,2024-07-19T13:01:44.567000 CVE-2024-30128,0,0,c924b379265c859e8daf7f44eeec6d1dc40d7540b45d81bbd3137e5592a1e7b5,2024-09-26T13:32:02.803000 @@ -256093,7 +256093,7 @@ CVE-2024-3738,0,0,cebdf6c67207ccd8240919e9596b8485c51e6607a12a8dcdfff13f6ddbdbfe CVE-2024-37380,0,0,4ce1330fb679655262ab3b818cd133f9eef1b7c4341268f445fa1434d34f9951,2024-07-24T12:55:13.223000 CVE-2024-37381,0,0,9fe6fde53d8260503255e878e5a3cad14d0e0ad42f178326952eb9a7c509519f,2024-08-01T13:53:31.757000 CVE-2024-37382,0,0,a8a740545d65ebc631499231db822baee95a9596af82e521bd493b8948bb2169,2024-08-29T14:29:32.920000 -CVE-2024-37383,0,1,749376f10dc0a15dd5d224c633d6641b07e533f7f05a91ed9e4f71b969f627db,2024-10-25T13:56:29.010000 +CVE-2024-37383,0,0,749376f10dc0a15dd5d224c633d6641b07e533f7f05a91ed9e4f71b969f627db,2024-10-25T13:56:29.010000 CVE-2024-37384,0,0,4ede7c4b4e1e1de259445d49ca3b43a6d0a75b7dcaf1ea245b8f6306c1e67bb9,2024-07-03T02:04:17.060000 CVE-2024-37385,0,0,5f654dacc6b54aa57eac57d975e30bca933785ac3cff88e1e1d552468bd97c34,2024-08-01T13:53:32.450000 CVE-2024-37386,0,0,e26fe4180478658f5d7116e982a44893b27c0547f48ec9e4efebd50f599527d1,2024-08-01T13:53:36.410000 @@ -256767,7 +256767,7 @@ CVE-2024-38308,0,0,fe139b0ba6074f0e39f21bcc0d3b2863f88a6047b3a5a779d5f8bedf54884 CVE-2024-3831,0,0,50e818929dc56e84afc0dd8fe8fae7a8b323529f272034386ddae5543191124f,2024-05-14T16:11:39.510000 CVE-2024-38312,0,0,1eb38797c2d82d591d8abe57f1d4573a3412cb86f39c7ea700474f2d0b5ea92a,2024-08-07T17:47:36.897000 CVE-2024-38313,0,0,6104dc2b29b4c8ac118d88c83436ea8db6780255231d99b7909daa998f4d9c3c,2024-09-12T17:48:33.947000 -CVE-2024-38314,0,1,f6779768f4219a29e7fb5c314e44a3b795ebd00deea2d47268dafa4509b69189,2024-10-25T12:56:07.750000 +CVE-2024-38314,0,0,f6779768f4219a29e7fb5c314e44a3b795ebd00deea2d47268dafa4509b69189,2024-10-25T12:56:07.750000 CVE-2024-38315,0,0,aeb4bea82071a33b9340679ee227ee40ee52d5ed9a6712f0f0c3d02c04ca6f7f,2024-09-20T14:09:24.733000 CVE-2024-38319,0,0,baca4c6dd463198ff6e83e4d1d026e029418f6c2a504c13c76e1be823b804509,2024-06-24T12:57:36.513000 CVE-2024-3832,0,0,9a695728462575e75497ca13bb41d4307d467f786773e32ceb92b024954b50b9,2024-08-14T20:35:21.240000 @@ -258014,8 +258014,8 @@ CVE-2024-40422,0,0,d3469c3cd9d0a29c183d0e0059bb4038c9b4a37bd15891a6493843f933bd0 CVE-2024-40425,0,0,00190f9170b077ba334795fc09138437ec577bc0e167bbe92fc8ad126823e729,2024-08-01T13:57:26.300000 CVE-2024-4043,0,0,50e67cd87d2761034ee2e0514a61b1574f18a654fe271a8568be1eaa53e96b2e,2024-05-24T01:15:30.977000 CVE-2024-40430,0,0,546dc110e07f45ee3ffd84e8af87c8ef8c5f6d93dcd27e587cb3a3c5233f7799,2024-09-13T21:15:10.357000 -CVE-2024-40431,0,1,862b6c893fe096afdccb93ed3a55864deccdaeed36836ce002d389d00d0baf66,2024-10-25T12:56:07.750000 -CVE-2024-40432,0,1,bd91193829da0e5783226fb88bedf4e491885b2d1de3d53c4dda1361b8746fd3,2024-10-25T12:56:07.750000 +CVE-2024-40431,0,0,862b6c893fe096afdccb93ed3a55864deccdaeed36836ce002d389d00d0baf66,2024-10-25T12:56:07.750000 +CVE-2024-40432,0,0,bd91193829da0e5783226fb88bedf4e491885b2d1de3d53c4dda1361b8746fd3,2024-10-25T12:56:07.750000 CVE-2024-40433,0,0,e7a4ec9affcd5459ba2865b747a3c21f3af0ec6afc5f3d7573785ee38941782a,2024-08-01T13:57:28.500000 CVE-2024-4044,0,0,e5bbe7519a57f32e10b3da751a3cb9112f45a7270ca309aa6997e34b1ffc6b95,2024-05-14T16:11:39.510000 CVE-2024-40441,0,0,c6514ede5c7f5ef8c83cfb03126d88402099d182d6578c9b7395512c5db252a8,2024-09-26T13:32:55.343000 @@ -258097,7 +258097,7 @@ CVE-2024-40576,0,0,8423823b913f3d1284aae2224b689bfefe0b7a1b018e49f904fd4948fdba6 CVE-2024-4058,0,0,517dff31dd649a4fc97ec9b0700bafce6dc3cd3c4729ffb175a77bfe0097ad6e,2024-08-01T13:59:23.240000 CVE-2024-4059,0,0,c49986e07be30ca2c850f4613369c1702dff21e7018832f61c83284c95e0cc00,2024-05-03T03:16:29.430000 CVE-2024-40594,0,0,5f8b4e7b3001e206c4db42bfb10b66a5767bd1e5041c1bca9998a882526a992d,2024-07-08T15:49:22.437000 -CVE-2024-40595,0,1,c44d4f6c466d7ef5eae926dc07df3df9a34ba4de6b2deba6d973ce015e367bf0,2024-10-25T12:56:07.750000 +CVE-2024-40595,0,0,c44d4f6c466d7ef5eae926dc07df3df9a34ba4de6b2deba6d973ce015e367bf0,2024-10-25T12:56:07.750000 CVE-2024-40596,0,0,eba237165708995f6d88799cc22362156aa815eb2255f3ea66a6ad9f417cfe2d,2024-07-09T16:45:08.760000 CVE-2024-40597,0,0,9253bd3e0343b7becb6fbf27eb19f59c2b782f333d3980529c893721abdb7002,2024-07-08T15:49:22.437000 CVE-2024-40598,0,0,de25c69f35558b8aca0a1bbf15e54892da14954831f161b4abaf3c33fd743682,2024-07-09T16:45:38.957000 @@ -258248,7 +258248,7 @@ CVE-2024-40806,0,0,de19bdc26ad947be78b25439a4c081cef03a9ac0cf8596ce40e06ed665906 CVE-2024-40807,0,0,a57ec3a3bb089ed252f2f8c175043165750e676422e4f67fbb537c1821f4ad1a,2024-08-15T16:35:50.210000 CVE-2024-40809,0,0,9737181761f09811942af1648871be698e164a1e26e2d7cb09625587b1583d46,2024-08-15T16:26:51.523000 CVE-2024-4081,0,0,2b1a13825488c3123a899d577616f27ebfa5f72481cbd0378e19b046630c7604,2024-09-12T16:43:42.490000 -CVE-2024-40810,0,1,b3ee1f427a02755546a6c3590116dbb871c7dd0e4c73818a72be9de7336a5140,2024-10-25T12:56:07.750000 +CVE-2024-40810,0,0,b3ee1f427a02755546a6c3590116dbb871c7dd0e4c73818a72be9de7336a5140,2024-10-25T12:56:07.750000 CVE-2024-40811,0,0,58a2466a72dd67097326f2c18b9b99f24e15edfadd201715f3a11dc5fe430f0a,2024-08-01T13:58:09.693000 CVE-2024-40812,0,0,c246dcffc924270886f6bb5d99cc189e11e554cbf0acf5a0b6d7c76bf5b7cabf,2024-08-15T16:26:53.560000 CVE-2024-40813,0,0,eaec9d679620cbe04b5224752ba0981027a92f3e1bca89f18faeb08b9aaf1ce7,2024-08-15T16:15:52.613000 @@ -258773,8 +258773,8 @@ CVE-2024-41611,0,0,8ae08bbc5635b26df3869144a2b3bde07b8fa7e9c586a9249f8dfa55a99d4 CVE-2024-41613,0,0,775a6c9724ba70bc56dce8939e74722c2b403153bd1f36f976e189d003a6a574,2024-08-14T18:13:25.017000 CVE-2024-41614,0,0,97dd4cb6722c16dd67b90bd84237880c8504a680bb995ffa9e8927a86d821a05,2024-08-14T18:14:16.073000 CVE-2024-41616,0,0,a87f80cfe19fdc1adad71691ba6015b314ae0892eefb4d086c289749db2f63df,2024-08-07T20:54:20.793000 -CVE-2024-41617,0,1,d454369fb9478c459444e405c97dace29ea2373b8b92830241d88775a2071739,2024-10-25T12:56:07.750000 -CVE-2024-41618,0,1,7bce50e0a2127f666aaceae19714c4b43168d90d1b219b47e6f33ff7b607fdd9,2024-10-25T12:56:07.750000 +CVE-2024-41617,0,0,d454369fb9478c459444e405c97dace29ea2373b8b92830241d88775a2071739,2024-10-25T12:56:07.750000 +CVE-2024-41618,0,0,7bce50e0a2127f666aaceae19714c4b43168d90d1b219b47e6f33ff7b607fdd9,2024-10-25T12:56:07.750000 CVE-2024-4162,0,0,1a4f39929c1df6d420ff35b2d8de51a57c5e5378a57b6e7a1a35abc1b5a3dc57,2024-05-08T13:15:00.690000 CVE-2024-41622,0,0,44ca2934b754519243a779c6615220559421c07f2d4e7de3fb58db6e584b3b36,2024-08-30T14:55:54.423000 CVE-2024-41623,0,0,c5ad0592f1bc8234d1c1b4349fa5edc0884d162d738c86d78b923fc809fc8e63,2024-08-23T15:35:07.653000 @@ -259401,7 +259401,7 @@ CVE-2024-42416,0,0,0c0ba6b9334c7e838b8d455f49871ca47f5d5630f34ccb39214f945ba5450 CVE-2024-42417,0,0,97db2e1cae78c6c5b15ff9e0f09e1c2fc00065af3496103746ac59f2d9475a69,2024-10-08T15:43:05.720000 CVE-2024-42418,0,0,1170a194d58fc93f3e0e1a535dff12de506530448528f0fff3eaea817d001f8b,2024-09-04T18:22:22.583000 CVE-2024-4242,0,0,9c58e9b9e77452c845f3c5179c3be4415982efd0430d3da14ab0345d444eccfb,2024-06-04T19:20:33.363000 -CVE-2024-42420,0,1,1db641a88dd6031aa41fe062293bcb938793c0df3cf60c817546258b3f54877b,2024-10-25T12:56:07.750000 +CVE-2024-42420,0,0,1db641a88dd6031aa41fe062293bcb938793c0df3cf60c817546258b3f54877b,2024-10-25T12:56:07.750000 CVE-2024-42423,0,0,d28867b0d8eebf1aff8bd3b42424cd5e577a7dd9340d9f0359d41e2fac4ef5ea,2024-09-20T19:42:20.417000 CVE-2024-42424,0,0,a3a79ec5b3f9e4721afc9742622d2616be4d7445c5c0aff9b4256e4bf8fbae09,2024-09-10T12:09:50.377000 CVE-2024-42425,0,0,6aa2353bd532f46d0a2e205868494bbec291e24ba1bbc1fc9f37a272eab1bd0b,2024-09-16T15:46:03.110000 @@ -259811,7 +259811,7 @@ CVE-2024-43165,0,0,8125472d7e20e379acd67d29cc7075b43b03a71223ce60c46b14d0ffb4bd9 CVE-2024-43167,0,0,c4eae034ed90d957ee0d40ac6b75e1eb711889b4b8905f404c5783e222980273,2024-10-21T12:15:03.837000 CVE-2024-43168,0,0,ef0081344887975b429a2b0b7741a490ebb03d62e914345ff88e9fc7663b3374,2024-10-21T12:15:04.327000 CVE-2024-4317,0,0,2ab51635ebb5a78f9093ee7220532c2f98c47bcb30186dfa33cf412783a7fe8e,2024-05-14T16:11:39.510000 -CVE-2024-43173,0,0,65f29b0905efb6c9d226bbe87834898e91f17362e5d152e0d961ca7ade84631d,2024-10-23T15:12:34.673000 +CVE-2024-43173,0,1,5fd3a7cd2e25eaa59bc7be29d2c1d5f9369e6e7564f4001a4cb0dbe8b47a7f52,2024-10-25T15:40:19.977000 CVE-2024-43177,0,0,3abc399faf2c0e72d4b29b578a8f0efca5fbe594cb17b0e330c46da3d5d7f655,2024-10-23T15:12:34.673000 CVE-2024-4318,0,0,3bd63bc61468b7ca3d2d40c33a55eb01fa72ff95d7d5fb5f0e4f8d9b094da54b,2024-05-16T13:03:05.353000 CVE-2024-43180,0,0,abb2e48a138ce8e840850ec2c73107ac445b622170d298531958775b0aa3e8a2,2024-09-20T17:28:06.617000 @@ -260007,7 +260007,7 @@ CVE-2024-43413,0,0,8e6331055eff0a1fc21c13ac1aa5a910957effe87064f315927a5ac8c4d91 CVE-2024-43414,0,0,41d126c00be1a75ca1d7b9b05a3a92eaf49a5d7831c24ad21608856181f8c11a,2024-09-12T21:33:40.887000 CVE-2024-4342,0,0,2403af0b003f5953a3d2a1b74bf46d64f4a354bc628b01d2ea5f60de4a4002c6,2024-06-03T14:46:24.250000 CVE-2024-43423,0,0,8fb21f51e563dd938c763581007e890cf5873a7efc6a39a36e929ea32ce34c0c,2024-10-01T15:41:32.537000 -CVE-2024-43424,0,1,4c04f8b95058148546b688b17371621ee3c95fda0b3ee413b0a65ab54d21e72a,2024-10-25T12:56:07.750000 +CVE-2024-43424,0,0,4c04f8b95058148546b688b17371621ee3c95fda0b3ee413b0a65ab54d21e72a,2024-10-25T12:56:07.750000 CVE-2024-4344,0,0,0e21345ffbddb43f0000901c1c1f7a4c33b525c68a381cd32a35ab8e755aa5fd,2024-06-03T14:46:24.250000 CVE-2024-43442,0,0,5431c5e587ae45a37d19d37e97d6aeb67638f78f0db0677df8b847e3725ec6a3,2024-08-26T16:35:12.860000 CVE-2024-43443,0,0,41bfb91b7f7c9bee48be0f5c8ffcdaa9039df695b92734c0f1b611ea064f9e04,2024-08-26T12:47:20.187000 @@ -260279,7 +260279,7 @@ CVE-2024-43844,0,0,a0d50b71edd9141ff92598003e1617be5ffa1f51ed6945e4adfc2aef19f18 CVE-2024-43845,0,0,d80433b94567f7553ba59d5578ff0ab177cc617e43797bbfe0b461c6dff68752,2024-10-22T15:15:07.240000 CVE-2024-43846,0,0,336ca6ce5d381bc8197cb8ae52aec5d82cb25fe9302c78389787b6ba92216525,2024-08-19T12:59:59.177000 CVE-2024-43847,0,0,835246f4f393ea975e0a8495b92ecf4d0f17d69854486c3d470ee96289075a6e,2024-08-19T12:59:59.177000 -CVE-2024-43848,0,1,574ca28c6f6f9483be8c689a91acf3081f69bbcf361ca8233d166c12381f4f93,2024-10-25T13:57:51.800000 +CVE-2024-43848,0,0,574ca28c6f6f9483be8c689a91acf3081f69bbcf361ca8233d166c12381f4f93,2024-10-25T13:57:51.800000 CVE-2024-43849,0,0,c09809025deb42d3e16ffa77bdd804cd5a554e28cbe29839183c2ce44189d8b9,2024-10-24T16:02:21.587000 CVE-2024-4385,0,0,218d1e7a4ca055c9cc2f26803db027cb337ddeafcf5f646e236db9e9e217180d,2024-05-16T13:03:05.353000 CVE-2024-43850,0,0,7e6dd9c8f88731d422517e091653519aa83f51a04dd873998a3ab4d290941bf3,2024-09-30T13:57:33.400000 @@ -260503,11 +260503,11 @@ CVE-2024-44094,0,0,745c42fe2d315a5bcee63bacf45ed85a137f90126e69b7519e917691efb99 CVE-2024-44095,0,0,b00dc9986da442410ed4230403c0d5027e748adf40134501c33f35c9b4d16312,2024-10-15T14:35:04.083000 CVE-2024-44096,0,0,9e10fae26ac71a12ed9f5239ac873ac3368309ebde15657c2661c84b3db39f54,2024-10-15T14:35:04.383000 CVE-2024-44097,0,0,965cf9d05fda49947baa77cde6164ca7e937d7f38563ab41cd3e9e9bd0e5a36b,2024-10-04T13:50:43.727000 -CVE-2024-44098,0,1,d55f7d6bd704aecf5357deedbb173336a776dfe22ab649cebbc7df67a8e16592,2024-10-25T12:56:07.750000 -CVE-2024-44099,0,1,cef1b52b87cb045fe362229d573416685e664fe9a620a39f6e73878a28bd66a1,2024-10-25T12:56:07.750000 +CVE-2024-44098,0,0,d55f7d6bd704aecf5357deedbb173336a776dfe22ab649cebbc7df67a8e16592,2024-10-25T12:56:07.750000 +CVE-2024-44099,0,0,cef1b52b87cb045fe362229d573416685e664fe9a620a39f6e73878a28bd66a1,2024-10-25T12:56:07.750000 CVE-2024-4410,0,0,ca43b98286a78ab63b5139b50b93fc074ee9aec4c16e78097aa3514c43622322,2024-07-29T14:12:08.783000 -CVE-2024-44100,0,1,cb7c0645fbc73110b36f0293b2662b3fab4559802b049579da2e33ad7759ce50,2024-10-25T12:56:07.750000 -CVE-2024-44101,0,1,583f76d53afea6250ddef045f5c30668d9eb48e1e8827b0f170aa5034ba6581d,2024-10-25T12:56:07.750000 +CVE-2024-44100,0,1,e9777f3823ca5f020625b7de7657f183ca0a32ff11566ee15e67030df4347240,2024-10-25T14:15:11.590000 +CVE-2024-44101,0,0,583f76d53afea6250ddef045f5c30668d9eb48e1e8827b0f170aa5034ba6581d,2024-10-25T12:56:07.750000 CVE-2024-44103,0,0,709653e0e681c50169d2a31a1ca4fa07ba0b9e103bee0789c715365497e0794a,2024-09-18T17:18:39.040000 CVE-2024-44104,0,0,929a3e88a508b197778cb9d698752e7d95d2a1fd6ba54e089d4187ada17accb8,2024-09-18T17:33:06.413000 CVE-2024-44105,0,0,6ace8c54c3fc6c9b1684fd8d42f178f1cce19bf6d08f58b02fdc3857633db641,2024-09-18T17:48:11.193000 @@ -260535,7 +260535,7 @@ CVE-2024-44133,0,0,37c73fbc80b87f8103d86196f929aadb6f994b40eadcbf5f51a2a2f17f44f CVE-2024-44134,0,0,6acd0998d9e90144e37860d44f416ff49a5729889dc934ad2ba9b80a8196fb3c,2024-09-24T18:26:26.963000 CVE-2024-44135,0,0,2e30daeacd1c058db0b211917dd4f5e9ef4b14081fb1be4edc5057672e88cbd8,2024-09-25T13:28:09.067000 CVE-2024-44139,0,0,1e5a55dd4e3bf6761362df168af8ec5360faa5b360c06fdbf37c0f9ce70d7baf,2024-09-24T18:30:34.863000 -CVE-2024-44141,0,1,57715e2d990f9d527737048c7f2d3ad8cfd6106560321ec000dbd72a512ea712,2024-10-25T12:56:07.750000 +CVE-2024-44141,0,0,57715e2d990f9d527737048c7f2d3ad8cfd6106560321ec000dbd72a512ea712,2024-10-25T12:56:07.750000 CVE-2024-44146,0,0,c66454fdf1b0d7a7564849f02f2f09da6c49b1097620ca2f5b88a9c465a751e4,2024-09-24T16:14:02.090000 CVE-2024-44147,0,0,8d82d5566ea29b70940c9c9f21d951cc6eb5498675d184ba22b8d555bbcad202,2024-09-20T12:31:20.110000 CVE-2024-44148,0,0,059ce4bebff22300cb485a8cc23c3238cb5bdcfaba9ac22cf4f5aea163483afa,2024-09-24T16:09:49.490000 @@ -260568,7 +260568,7 @@ CVE-2024-44181,0,0,6968e89bcc34da95b275f481a5e61eaf93b419f4e1f0ac49b3eaa4255a65d CVE-2024-44182,0,0,c8405a3d9209d8acdecd393b8c354b0a78369af6884ff3ac8bf0fb4d77988b16,2024-09-24T16:52:49.767000 CVE-2024-44183,0,0,57b9818651cb417289cf4085c7f242935e44b16eacbd02a55d723c9720089da4,2024-09-24T19:04:51.030000 CVE-2024-44184,0,0,2b4c62cacdeb539e2524aa34af1a6c1e7c1594f87082a2353399d1dc98f019f0,2024-09-24T19:03:08.110000 -CVE-2024-44185,0,1,b0c76e47df58347d88a892dfb664184118ae2a25a70c8397a93c48227ba7199c,2024-10-25T12:56:07.750000 +CVE-2024-44185,0,0,b0c76e47df58347d88a892dfb664184118ae2a25a70c8397a93c48227ba7199c,2024-10-25T12:56:07.750000 CVE-2024-44186,0,0,0a6ed69346f4ae3547e173619f5fb32c164a57eccfeb66e3a57b038524695fd7,2024-09-24T18:03:45.513000 CVE-2024-44187,0,0,d2d2c28ca4949100ff21bfe0c88cdee4654cdb1db67fcca21321bb7541d90ded,2024-09-25T13:25:52.043000 CVE-2024-44188,0,0,d9b3eca877b183751dacb80ba82d47175b17c9197d2f1bc3c870ce12e136ffb2,2024-09-24T20:38:27.090000 @@ -260581,8 +260581,8 @@ CVE-2024-44198,0,0,a791372ee4d27381da793bfaa9ff3602c34f52c134516fb46328053cb2cef CVE-2024-4420,0,0,02a774e6911ba5e1ba33187a3301eb3f9ee3d8fd212c89cee791dd002410f381,2024-05-21T12:37:59.687000 CVE-2024-44202,0,0,e17cdcd52ced4944b3cb8ebf1e0107ecaca0e3b137318260a8309f5868dfd271,2024-09-20T12:31:20.110000 CVE-2024-44204,0,0,cce14eca29e64799e75cbb56577d73ec78ca9f1623008c609fe84631f2fc2cc3,2024-10-04T17:29:54.933000 -CVE-2024-44205,0,1,59fd42a513f8b9b05510dc4d5cd2410ebf696fddc2b7f785062aa10ccb8441c9,2024-10-25T12:56:07.750000 -CVE-2024-44206,0,1,6d32fe777ad4ad629602e838e02c2bf263ced12e49e4f955b73bb10ec754db34,2024-10-25T12:56:07.750000 +CVE-2024-44205,0,0,59fd42a513f8b9b05510dc4d5cd2410ebf696fddc2b7f785062aa10ccb8441c9,2024-10-25T12:56:07.750000 +CVE-2024-44206,0,0,6d32fe777ad4ad629602e838e02c2bf263ced12e49e4f955b73bb10ec754db34,2024-10-25T12:56:07.750000 CVE-2024-44207,0,0,5abea1005e83abb1bfbb6f81a0f39beb744ed23d2413d7dffd0c9fbaec188a46,2024-10-04T17:31:41.970000 CVE-2024-4422,0,0,19c238465441950f6a856008185dbc8a7b4e94407f1040ce4816040c86860490,2024-05-30T13:15:41.297000 CVE-2024-4423,0,0,0715bc9caf3e0b170ca2968c721bdd1e236908d8891315bb75fdf772bdc9c875,2024-07-03T02:07:32.943000 @@ -260894,7 +260894,7 @@ CVE-2024-45028,0,0,7d5b512323cbd1eada9374cd0af8594b979474aff5440b5d3cab41fc49bfd CVE-2024-45029,0,0,21260e7ef8d10dc3c2200fe33709508a97de174b7662049f29f251b7e7a6c818,2024-09-13T16:29:29.740000 CVE-2024-4503,0,0,580a13ae85da881d7284f0e9b163135d237ab58a854d76134955e6cc28d662e6,2024-06-04T19:20:39.843000 CVE-2024-45030,0,0,a5fdbeca43ac64eed9d343d3ecb8fc38b2b39144c16b9671c8c2fb6202b08e32,2024-09-13T16:29:23.557000 -CVE-2024-45031,0,1,360f23830efd1386ed3cc99f496b8d558b08cb5b22c35a11d19bfb30bf81992a,2024-10-25T12:56:07.750000 +CVE-2024-45031,0,0,360f23830efd1386ed3cc99f496b8d558b08cb5b22c35a11d19bfb30bf81992a,2024-10-25T12:56:07.750000 CVE-2024-45032,0,0,9e9832070815f198bd13b47e9ba247da81e362143ea041571debdd67a5f9cbe7,2024-09-10T12:09:50.377000 CVE-2024-45034,0,0,6acf56312613a82c5715559f5b4f69be801ce2e626afadd3cfb4d0f3016179e1,2024-09-09T14:35:07.577000 CVE-2024-45036,0,0,b93ba1b942c2a90c7150ffd72c683d09bcb868f6dc285088962d5acc53d2e2e4,2024-08-27T13:01:37.913000 @@ -261052,7 +261052,7 @@ CVE-2024-45239,0,0,c3ffeaf25be7007252e004249861dec4385985427eba5bc5855dd2ae53128 CVE-2024-4524,0,0,8e732eea1a281702bf1b965cf73e8243f70f2376e5e0521757bce6618382002a,2024-06-04T19:20:41.520000 CVE-2024-45240,0,0,71d060de9ce29049494d6966979673903641ebddefc965fc9df5c7a08f6ba1cb,2024-08-26T12:47:20.187000 CVE-2024-45241,0,0,db0315abb9e90395d374e44a8c98955e324445d54e9a189001fc6da18a250f14,2024-08-26T16:35:14.650000 -CVE-2024-45242,0,1,f0d17732bd7b8206bbac1b9ef4d2395075a66cb6d8a0c56e8ce7c1788450dc23,2024-10-25T12:56:07.750000 +CVE-2024-45242,0,0,f0d17732bd7b8206bbac1b9ef4d2395075a66cb6d8a0c56e8ce7c1788450dc23,2024-10-25T12:56:07.750000 CVE-2024-45244,0,0,a9f691efb65025129369bbba49bc88f6c172529b68c55b8214f47c2d49100aff,2024-09-12T16:07:49.530000 CVE-2024-45245,0,0,b25df5848e1262f8558faee75f4c21da809ef74bc3ff13bc7e48405a4a50dd95,2024-10-07T17:47:48.410000 CVE-2024-45246,0,0,94be062f72d49f47aeb4b27d54c3f9016c0bc6c7db145a96e840fd34f148105c,2024-10-07T17:47:48.410000 @@ -261065,12 +261065,12 @@ CVE-2024-45251,0,0,4723402deaff257a03485bee19d0c63cf2e4218538079529007db41f2e86b CVE-2024-45252,0,0,d5507db1b0bfef3e2d4dc8033cbb1d8a5c92c659f9cc4356d3a7d9eed6325773,2024-10-07T17:47:48.410000 CVE-2024-45256,0,0,1ad6eb17928348883dd9cb354722f92894049d9e7bbed38aa0c5260ca73ab2c4,2024-08-26T13:35:02.937000 CVE-2024-45258,0,0,20ee97d2eb3a83f8d2a7be46b53936d32dfd424c455ff5dc5358a331a56dedc1,2024-08-26T14:35:08.627000 -CVE-2024-45259,0,1,863420d42e21db72c1b07933d8723178a5911c0e6cc75e40c6bcabffa4b6aac0,2024-10-25T12:56:07.750000 +CVE-2024-45259,0,0,863420d42e21db72c1b07933d8723178a5911c0e6cc75e40c6bcabffa4b6aac0,2024-10-25T12:56:07.750000 CVE-2024-4526,0,0,87a45e4eb41404ceb4b9ba3ca9513f18cac2687a381a0d6211a80485bbac625a,2024-06-04T19:20:41.720000 -CVE-2024-45260,0,1,ceb325048cd040b04e199513eec6da9a34677ef18da2bd54e38abda84dc5bb4d,2024-10-25T12:56:07.750000 -CVE-2024-45261,0,1,f7853f14c98fd6d78dfe5551b410132c11679cc637d9ace45238f1a4ee477be5,2024-10-25T12:56:07.750000 -CVE-2024-45262,0,1,47fd10f667714151bc713eb47abe3d3b5551157e162fb313231510268b3bf400,2024-10-25T12:56:07.750000 -CVE-2024-45263,0,1,04b5d8b6b8ac241aa5e446f1d5ff4c5cd681892a8981923c2e2d84440f6527b0,2024-10-25T12:56:07.750000 +CVE-2024-45260,0,0,ceb325048cd040b04e199513eec6da9a34677ef18da2bd54e38abda84dc5bb4d,2024-10-25T12:56:07.750000 +CVE-2024-45261,0,0,f7853f14c98fd6d78dfe5551b410132c11679cc637d9ace45238f1a4ee477be5,2024-10-25T12:56:07.750000 +CVE-2024-45262,0,0,47fd10f667714151bc713eb47abe3d3b5551157e162fb313231510268b3bf400,2024-10-25T12:56:07.750000 +CVE-2024-45263,0,0,04b5d8b6b8ac241aa5e446f1d5ff4c5cd681892a8981923c2e2d84440f6527b0,2024-10-25T12:56:07.750000 CVE-2024-45264,0,0,822145f9a1da648532bc7a1b41e14edccb94fd2d8996f04c204c8fc97c8f117a,2024-08-30T15:02:34.610000 CVE-2024-45265,0,0,0bfdc3ea11a3a8b692c725170390e0ed5e5bfa861ba7586668c7c78868fd4e58,2024-09-05T18:30:23.883000 CVE-2024-45269,0,0,930c2dda66909b7393cc3daf8d8e0bcb8066c589d45124dd784354d0c2c32ffd,2024-09-04T11:49:36.950000 @@ -261131,8 +261131,8 @@ CVE-2024-45323,0,0,c7408403154d2d18fc914b88a9df254c03b0863b353ec16a1e5cdd4039b8f CVE-2024-45327,0,0,34cd0fc64fb19ec545d442f8caf6da026f7560c6302dd0f3b1f687d00148ed60,2024-09-11T16:26:11.920000 CVE-2024-4533,0,0,aca3a412ead1ce1343d6f498450801be5e059db6302d74881039b5fe75fb6c09,2024-05-28T12:39:28.377000 CVE-2024-45330,0,0,44d2ce461eeddbf3a7a44fe92b128e09d8c56d9b0bb9a6c4f9c38a59d262f5be,2024-10-19T00:41:09.717000 -CVE-2024-45334,0,0,f6c05fece0cc4f139720ac1531928b166644d7d7b1188b541048e9127de13916,2024-10-23T15:12:34.673000 -CVE-2024-45335,0,0,8cf8dfa389d5ec74510eaa5b51d5c7cfd76807a8704cd642571f3a839f1a8528,2024-10-23T15:12:34.673000 +CVE-2024-45334,0,1,fbd6312b35c8dfb00b7b9cd224a77361e6b346b18836cc30a53c0b55e9ac4d31,2024-10-25T14:41:43.473000 +CVE-2024-45335,0,1,b274212e48083a12503af1b1ddd8aa59b1b69e860bfecb2e94b0f481925a580c,2024-10-25T14:37:39.387000 CVE-2024-4534,0,0,527a3127a7586bdf18d80cd2b5b17fe74ac5ed6a2aa4ee562148173cc1d9d3e9,2024-08-09T19:35:09.923000 CVE-2024-45346,0,0,2f7f906fa8e830e09f5dc1994b30102df77aeab36a86b7c31755a212ce377dbe,2024-08-29T03:15:05.247000 CVE-2024-45348,0,0,f8397568e636cad274a96a56fcdbc01af3feb6775d5986faa9442985588b0658,2024-09-26T13:32:55.343000 @@ -261350,7 +261350,7 @@ CVE-2024-45771,0,0,754a0f27219aa2eb6179ec627ac31099e8e2882043a643cfa7921ddb03dbb CVE-2024-45772,0,0,d4fcff511ac9c702d11d2981d4f53f578a5b533222a07c5c21d8a62a8451fded,2024-10-04T13:20:58.327000 CVE-2024-45773,0,0,fa80a32ca25578799d772108a6e7f2b87164fbdfd3820c41dab7e96e6c83084e,2024-09-30T12:45:57.823000 CVE-2024-4578,0,0,de2bf1ab8b65cf8119579f63d8e64a9383c9519828d1fae8ddac21d6dcb5605a,2024-06-27T19:25:12.067000 -CVE-2024-45785,0,1,c767e1e69b364ed84b851902a8d56f0251237479eaa5f11db06d1a32eb1c957c,2024-10-25T12:56:07.750000 +CVE-2024-45785,0,0,c767e1e69b364ed84b851902a8d56f0251237479eaa5f11db06d1a32eb1c957c,2024-10-25T12:56:07.750000 CVE-2024-45786,0,0,1027a4a71b54e4ed926e7c4d82608ed7bf7290e7e8486a1ac94d8f7e4edfad02,2024-09-18T20:12:47.337000 CVE-2024-45787,0,0,46f8564066b3f70e712610c0aca9059d9bda6862d53c941af56b2ef72737a51d,2024-09-18T18:15:07.650000 CVE-2024-45788,0,0,7ba304e58f1e132a77e708ed9119516e49dd167750ae6faec1e1736fde9ea7d4,2024-09-18T19:57:10.203000 @@ -261386,14 +261386,14 @@ CVE-2024-45823,0,0,69c87ecc16422910e33b859f46eb5ec7fd2de42f8535f15441d6fdd097693 CVE-2024-45824,0,0,10e16d904d2154d7119c6df05a22810044cd3b50093fd71dfd8bbe566411a270,2024-09-12T18:14:03.913000 CVE-2024-45825,0,0,772075ec5deeaf7c7029f931ec15621230c7b2330dcd87b5ccf7ab7721cf06f6,2024-10-02T14:43:08.720000 CVE-2024-45826,0,0,09e161f625f954ed804a43ac07521f29edea4489bb062a3b0321529236e21762,2024-10-02T14:35:38.017000 -CVE-2024-45829,0,1,5fcc3ad46d1018c5835861c5952059da5b0abe342511831d6e01b7692cd6c33a,2024-10-25T12:56:07.750000 +CVE-2024-45829,0,0,5fcc3ad46d1018c5835861c5952059da5b0abe342511831d6e01b7692cd6c33a,2024-10-25T12:56:07.750000 CVE-2024-4583,0,0,80422ff6020fca1720c5a88e28ab76aaa9a918b3afa6700e13782e64857c6739,2024-06-04T19:20:42.857000 CVE-2024-45833,0,0,d66bcdb35ef05ab6c240a22f01c308be4dcef309fd562be6507d54a47e85401a,2024-09-23T13:43:42.073000 CVE-2024-45835,0,0,2bbb89ffd28b8dc1adee7dde89d168866e6c50e525c50f0b4fc33c67b9ff7524,2024-09-17T12:11:48.833000 CVE-2024-45836,0,0,5a0939e240a8e3b241f5dc3c6e0f8a5a968ea3fe595864ad2efc4f2e304edab6,2024-10-03T00:35:53.797000 CVE-2024-45838,0,0,dfe4f9a1d2e726c4de1a4a47b1b23afb3202e549abc3544a5217222f7244203e,2024-10-17T17:15:12.220000 CVE-2024-4584,0,0,4d639afeee5354fec0a7cf3023bb849f2437d78f7cd875e4a49ac03b46b9ec82,2024-06-17T19:15:58.903000 -CVE-2024-45842,0,1,c315511abb14628a3ba6bec1fd32d1e237b7063a9073a5cc8635a45c6694aee2,2024-10-25T12:56:07.750000 +CVE-2024-45842,0,0,c315511abb14628a3ba6bec1fd32d1e237b7063a9073a5cc8635a45c6694aee2,2024-10-25T12:56:07.750000 CVE-2024-45843,0,0,d277f4e7f1b7f77ab48f44241b10d59e0715a005bfff8db99caa28f9596ebe66,2024-09-26T18:42:26.697000 CVE-2024-45844,0,0,3334bd3b9b2392aa2d0f5ee03ade6a34548c7982b5d5e379e9e9a74a74118d02,2024-10-16T16:38:14.557000 CVE-2024-45845,0,0,b549a9e321160df47bcb67d5d4737d4567fe304513c57d25b052b060dcd0ae25,2024-09-12T20:15:05.273000 @@ -261585,7 +261585,7 @@ CVE-2024-46470,0,0,4aeda2c990e579b9008226e62d5cbdc47a22a0fa6603152064e359fb3aa1b CVE-2024-46471,0,0,470c933b4642dc2897ace8d3fcae6cce28009d5c4dc28b3858aee18cd52a08d7,2024-09-30T12:45:57.823000 CVE-2024-46472,0,0,905efea5ffd69a3fd22b9ebc43e76cd3335e2f2038a60c220dd9d439817a4610,2024-09-30T12:45:57.823000 CVE-2024-46475,0,0,6dd32d21b34d5ed62fc4d47e4e31b7806525d2f693fc3da0c33e5fca3fe88762,2024-10-04T13:51:25.567000 -CVE-2024-46478,0,1,61ce286632a90c340e60c73ecdd02386b342d763e9f2ffafdf9469245b088409,2024-10-25T12:56:07.750000 +CVE-2024-46478,0,0,61ce286632a90c340e60c73ecdd02386b342d763e9f2ffafdf9469245b088409,2024-10-25T12:56:07.750000 CVE-2024-4648,0,0,911dfdcd448576dec5371ac5fe5f3ab9d434d7a73d2296063b028e9785e0deda,2024-06-04T19:20:44.580000 CVE-2024-46482,0,0,0bd11529577a79bda1c61c449bff3d306490c152de71c2fae5d4eea05925babd,2024-10-23T18:35:03.670000 CVE-2024-46483,0,0,efd1621b21138809f35625ddb77fc021e753097710878e96af20d908574d610c,2024-10-23T19:35:11.493000 @@ -261909,8 +261909,8 @@ CVE-2024-4689,0,0,a13cc88d2e9b12d452cf9b42ce57cc1735d851f3f551a07c40e7bb0f2ee113 CVE-2024-46897,0,0,2e86e25932c3365c9fccf8620fea0f0e322915cee2108f33175688332c9426e1,2024-10-22T14:09:46.913000 CVE-2024-46898,0,0,1121a0227e884e663de945d1f5ee0881d2211aaf4fceffe823ea2d2dc74e4f9c,2024-10-17T17:52:00.700000 CVE-2024-4690,0,0,8a659fbde289577b9d47a4e0b198b3a10d973db6b9b3690d157fcfdd9eceabd6,2024-10-21T15:51:10.467000 -CVE-2024-46902,0,0,7bfdb6b1b77fa1ead7ed4d641aa345dc6ec5d04ee00fc4bcb25d3fbda58dd5f2,2024-10-23T15:12:34.673000 -CVE-2024-46903,0,0,3b3917d8b7bb5ba2b9b2429e0545b7ed1791a9c11c0420bbf83786e19e1abf95,2024-10-23T15:12:34.673000 +CVE-2024-46902,0,1,27aaa174bb37d07c97f320c2cd9d7af55f96c8335147ef8fc1c8a8b59f67e5a3,2024-10-25T14:50:23.897000 +CVE-2024-46903,0,1,7fee2b3212a25981cfa72a0710938cae175881af6a149713d86f5858d178110f,2024-10-25T14:47:28.607000 CVE-2024-46911,0,0,611952a6b1126b54cf024e9a99d67e12cb7d1e8ec93fd9b8c3fb7fb963b348cf,2024-10-15T12:57:46.880000 CVE-2024-46914,0,0,8183f2e81bda981099173d1b49f2e9d3c952a93e63b81e2bd23ce00d12f134f9,2024-10-22T22:15:05.810000 CVE-2024-46918,0,0,bb2eeb1c2eb1e1757cf1750044772f91012857866544e10c0b718da276cf0057,2024-09-20T18:14:23.897000 @@ -261947,50 +261947,50 @@ CVE-2024-46988,0,0,e779744a9671f7163b46329d2305c8a1127f2655ca3ac90cf4c0a252af1bc CVE-2024-46989,0,0,fa29cba3c1dce457e1dbba7936349383199f9bdd1c6535b099705e0bc06fa139,2024-09-20T12:30:17.483000 CVE-2024-4699,0,0,094a3293d1ad6c00b8f42deb1643b829befd633ab0dcef49a183da331debaad7,2024-08-06T19:15:57.580000 CVE-2024-46990,0,0,a651df2006ba8ce24b06699e6e89ccb4decc32abf73ae7975ae4d0581b357bf8,2024-09-20T12:30:17.483000 -CVE-2024-46994,0,1,9591230d19d403993beb68c7c7a225ad4e0c4c679bf05e16be0a5777e5c6a819,2024-10-25T12:56:07.750000 -CVE-2024-46995,0,1,198b819aacc81cd55dc38768218a0a412df008803389aefae8d9c319be3061ec,2024-10-25T12:56:07.750000 -CVE-2024-46996,0,1,bc7556d042786d07a8ed6de6588d832ba1ee61e97932a0e35697add79b945827,2024-10-25T12:56:07.750000 +CVE-2024-46994,0,0,9591230d19d403993beb68c7c7a225ad4e0c4c679bf05e16be0a5777e5c6a819,2024-10-25T12:56:07.750000 +CVE-2024-46995,0,0,198b819aacc81cd55dc38768218a0a412df008803389aefae8d9c319be3061ec,2024-10-25T12:56:07.750000 +CVE-2024-46996,0,0,bc7556d042786d07a8ed6de6588d832ba1ee61e97932a0e35697add79b945827,2024-10-25T12:56:07.750000 CVE-2024-46997,0,0,1e9d71d3dbd956d3ef6cb30e686537e0e0a898601c4508e786607d0a3d9c0450,2024-10-07T17:20:10.427000 -CVE-2024-46998,0,1,a755455e609c4527b5b2b2b078eb48bed758cbebe84d7a3f61291efeca382cac,2024-10-25T12:56:07.750000 +CVE-2024-46998,0,0,a755455e609c4527b5b2b2b078eb48bed758cbebe84d7a3f61291efeca382cac,2024-10-25T12:56:07.750000 CVE-2024-46999,0,0,3f752cfc2057db8c9e88a86dc03848f68cfeb464ea96f96eaca0cf77bb84d96a,2024-09-24T20:20:39.253000 CVE-2024-4700,0,0,fa1a582bbd6e4a675ead2d89728236d2ca7c92c15fe998cffa14cb24a4febb9d,2024-05-21T12:37:59.687000 CVE-2024-47000,0,0,d44e65f26ff5211f3ae15f921442088284d2de145a1f7d23069c9caedddf80a6,2024-09-24T20:25:30.493000 CVE-2024-47001,0,0,2bb4bf673c202add583b3cb6aa8d87ad17a722980665125974c3d12c60f8fe21,2024-09-20T12:30:51.220000 CVE-2024-47003,0,0,c6454df65c14575f310d6ef1594423fd9063d7eb945a40e78647d22752216edb,2024-09-26T18:42:29.383000 -CVE-2024-47005,0,1,7b77ac0bacbfcb88a5342e13a161570f17cfae5eb9798156df4db32a9125ea41,2024-10-25T12:56:07.750000 +CVE-2024-47005,0,0,7b77ac0bacbfcb88a5342e13a161570f17cfae5eb9798156df4db32a9125ea41,2024-10-25T12:56:07.750000 CVE-2024-47007,0,0,3966cfd0855356af21029f9e88ce4245313f12b1445c555ff24527e36ea648db,2024-10-16T13:23:03.467000 CVE-2024-47008,0,0,ac9fc7439ea4c872f1a11d08feaa8243839dfaa7a5b88077656ebe89fc3922b6,2024-10-16T13:24:32.130000 CVE-2024-47009,0,0,264b3f36a46fb3043a7ff13a0518523aa897b1a061a2770490e43d56fad1b234,2024-10-16T13:26:39.990000 CVE-2024-4701,0,0,5f841f0540b46f49c80d409ca526b0c08d190fe4f1f5bc2d7cfb115b5ba38647,2024-05-14T16:11:39.510000 CVE-2024-47010,0,0,ee58b9d0b7d45ffa465af597d034eab50b110dc72368e1b0d3bbec3fe3bad3d6,2024-10-16T13:28:07.393000 CVE-2024-47011,0,0,834715db0c973116652eef0dcc6e7b991e8d6c4d096b7d3fa0496c73f0d11b86,2024-10-16T13:28:40.480000 -CVE-2024-47012,0,1,48ee9c2e60f1c3fdbb797fe7506ae5bd29a96b346912b9784e7b5f21c1040cfe,2024-10-25T12:56:07.750000 -CVE-2024-47013,0,1,190f11c14ed590e07e01ba9516bee238cab256108bd9f907d6f67a20bc3a2f78,2024-10-25T12:56:07.750000 -CVE-2024-47014,0,1,223fcb523ef9ffa360165f37b80319a1ee101569c6b4db19d2f015d580875e79,2024-10-25T12:56:07.750000 -CVE-2024-47015,0,1,52056d6d46f573ace98d23b16e65b3910e7556133956cbd85bba5d9de53e9b6b,2024-10-25T12:56:07.750000 -CVE-2024-47016,0,1,0c4bd64eb47bc936eeb20d85da17f6437a41b8250c4ea7a2a1173ad4c7b5a76a,2024-10-25T12:56:07.750000 -CVE-2024-47017,0,1,efc05736d1803b25a57d12b881ece9e6440c3545e1d469c3f18d69222cca4c5a,2024-10-25T12:56:07.750000 -CVE-2024-47018,0,1,60dfa3d4763e0a3194968446595fcb49de8d0ecee9e4d7b3da806b6c25992c13,2024-10-25T12:56:07.750000 -CVE-2024-47019,0,1,3033448ac42b198ee250ebf46c3499cffdd4d1bbe0244956dace4eed1026a276,2024-10-25T12:56:07.750000 +CVE-2024-47012,0,0,48ee9c2e60f1c3fdbb797fe7506ae5bd29a96b346912b9784e7b5f21c1040cfe,2024-10-25T12:56:07.750000 +CVE-2024-47013,0,0,190f11c14ed590e07e01ba9516bee238cab256108bd9f907d6f67a20bc3a2f78,2024-10-25T12:56:07.750000 +CVE-2024-47014,0,1,517bfa885256428630aad0993b455784cae5e87712cb97182016a861f18bb976,2024-10-25T14:15:11.783000 +CVE-2024-47015,0,1,ff96cfa0d9f88263fbfdd79733732a9ff330d97dcf8ab9375596378f10ba09df,2024-10-25T15:35:13.317000 +CVE-2024-47016,0,1,5bb480ec0e9fd631ee64eb7e86f79fadf399ca14a987be83ebc334f12731b432,2024-10-25T15:35:14.487000 +CVE-2024-47017,0,1,ec48a73c66b69cfdbd33128fb6e18b5a985fdcc5efbe00cd3212f49f8adb9439,2024-10-25T15:35:16.170000 +CVE-2024-47018,0,1,eedb7d680d05336a47b7c5cec7b0ea60c4e37027081d33e82730e86796977626,2024-10-25T15:35:17.940000 +CVE-2024-47019,0,1,d24bd2aac83874371574e3fdfb19f7aedd4a75be40a0b748ca8d115eb7cc0bbf,2024-10-25T15:35:19.497000 CVE-2024-4702,0,0,bbb2ec3c513c4ef6cbdc2bf640b4bb7115c796c33db7b092e6fb7d12cf64fdd5,2024-05-15T16:40:19.330000 -CVE-2024-47020,0,1,9e2905f1910f2f070e09b3ec5d703d208b3ddf01782acddc8cde997be0aa3640,2024-10-25T12:56:07.750000 -CVE-2024-47021,0,1,c76dc6b96a46993f8506ca6606d4ca47360f6031b2daa317a23260ae58f459eb,2024-10-25T12:56:07.750000 -CVE-2024-47022,0,1,1e0c0479e5e242d61279d7132eb8c156cc7487bfc804f508d29b705d1951b202,2024-10-25T12:56:07.750000 -CVE-2024-47023,0,1,a160120633f566da41dca5c1d4166256c3ed06e850b8cbe662f2b94d506ea18c,2024-10-25T12:56:07.750000 -CVE-2024-47024,0,1,c67aa502fb6dfb2b19cdbb6acf2c8bbce83a665eb81c15bcc8ab56c812d92bca,2024-10-25T12:56:07.750000 -CVE-2024-47025,0,1,946f9819faab76c42319bdd62225fe3615065571c56c1933783aa59a60b0fcf4,2024-10-25T12:56:07.750000 -CVE-2024-47026,0,1,6c02d4f4612dce56501f1b7426b722ddb31d01f70e8f1606b45d446a384a3115,2024-10-25T12:56:07.750000 -CVE-2024-47027,0,1,7307605742347fbd6bba9ff648be91b743fed72589b08621d97210e5fa4f01a3,2024-10-25T12:56:07.750000 -CVE-2024-47028,0,1,4be9ef6a15e8294398c5b238e53f40762716c84b35d14962a3f40612f0334a47,2024-10-25T12:56:07.750000 -CVE-2024-47029,0,1,c00fe33e29576eb4c886220b0ad76f4efa65f92e37faeea50d09a11b493ebbe7,2024-10-25T12:56:07.750000 +CVE-2024-47020,0,1,8cc56588fa67c6488d48725ca463b6e7c5121aa699e52d967ec763322c988e19,2024-10-25T14:15:11.833000 +CVE-2024-47021,0,0,c76dc6b96a46993f8506ca6606d4ca47360f6031b2daa317a23260ae58f459eb,2024-10-25T12:56:07.750000 +CVE-2024-47022,0,1,0021a56385b34320390d37d93b6b70f267a8ab1d92243aadd4981880ae362c7f,2024-10-25T14:15:11.877000 +CVE-2024-47023,0,0,a160120633f566da41dca5c1d4166256c3ed06e850b8cbe662f2b94d506ea18c,2024-10-25T12:56:07.750000 +CVE-2024-47024,0,0,c67aa502fb6dfb2b19cdbb6acf2c8bbce83a665eb81c15bcc8ab56c812d92bca,2024-10-25T12:56:07.750000 +CVE-2024-47025,0,0,946f9819faab76c42319bdd62225fe3615065571c56c1933783aa59a60b0fcf4,2024-10-25T12:56:07.750000 +CVE-2024-47026,0,0,6c02d4f4612dce56501f1b7426b722ddb31d01f70e8f1606b45d446a384a3115,2024-10-25T12:56:07.750000 +CVE-2024-47027,0,0,7307605742347fbd6bba9ff648be91b743fed72589b08621d97210e5fa4f01a3,2024-10-25T12:56:07.750000 +CVE-2024-47028,0,0,4be9ef6a15e8294398c5b238e53f40762716c84b35d14962a3f40612f0334a47,2024-10-25T12:56:07.750000 +CVE-2024-47029,0,0,c00fe33e29576eb4c886220b0ad76f4efa65f92e37faeea50d09a11b493ebbe7,2024-10-25T12:56:07.750000 CVE-2024-4703,0,0,7e57d47de6048bcd912b4c77aa51d488946887d89315e68305481f1a25780324,2024-06-11T18:06:31.967000 -CVE-2024-47030,0,1,a4e0f47ffe253d990bb85b12bdd3518ea2191e229c6086d7683046edd7613363,2024-10-25T12:56:07.750000 -CVE-2024-47031,0,1,272c2bf329dc9581a1f7f682ab7d4a54e65d57368650bb4c8208579c3f16b999,2024-10-25T12:56:07.750000 -CVE-2024-47033,0,1,57f4bccac57c0db5dc96d8abac1de80a1a6b39b09ce4859ef7c15ce36e29ec72,2024-10-25T12:56:07.750000 -CVE-2024-47034,0,1,bda76592a61659a6539d837d0ade446de2ab3b52648b65516d8423c9a6ed08b8,2024-10-25T12:56:07.750000 -CVE-2024-47035,0,1,0e72ef9028905a848055bc7b410f093c0da3a57b4981d99c0d27b3a65212ab53,2024-10-25T12:56:07.750000 +CVE-2024-47030,0,1,3be2a305b27576be0e6560e95b9293dd29db11df97610966c4be76782dd4afda,2024-10-25T14:15:11.917000 +CVE-2024-47031,0,1,b3e1a11628b63eb1d5c738aa227e8f278147c031544256d5366c807174523df5,2024-10-25T14:15:11.960000 +CVE-2024-47033,0,0,57f4bccac57c0db5dc96d8abac1de80a1a6b39b09ce4859ef7c15ce36e29ec72,2024-10-25T12:56:07.750000 +CVE-2024-47034,0,0,bda76592a61659a6539d837d0ade446de2ab3b52648b65516d8423c9a6ed08b8,2024-10-25T12:56:07.750000 +CVE-2024-47035,0,0,0e72ef9028905a848055bc7b410f093c0da3a57b4981d99c0d27b3a65212ab53,2024-10-25T12:56:07.750000 CVE-2024-4704,0,0,9637a93e192a5f32142e05687e31ff3688b029254561fc4728d18bbfa1666d6b,2024-07-03T02:07:57.433000 -CVE-2024-47041,0,1,ecab1ebcf3f5b96075afee2c32f3cb4aa145bc04e04eaa902e50bfc451dffce0,2024-10-25T12:56:07.750000 +CVE-2024-47041,0,0,ecab1ebcf3f5b96075afee2c32f3cb4aa145bc04e04eaa902e50bfc451dffce0,2024-10-25T12:56:07.750000 CVE-2024-47044,0,0,ee5fa186fb8ea19ca537298bbe2b5e712b21f44e9ac5aca4b5f7e41e68f91755,2024-10-17T02:15:02.840000 CVE-2024-47045,0,0,f477b3cad8608c11a6f4e2c578041877872bac107a164ee977d83ddf752336b4,2024-09-26T15:35:29.950000 CVE-2024-47046,0,0,7869fbf4e097ddf562d122b002ca5484caa2f32ab0ccc92f893d14cc4f35f687,2024-10-10T12:56:30.817000 @@ -262053,7 +262053,7 @@ CVE-2024-47139,0,0,0f452582d50349cfcaf670d7aa9a268535f2e93bfbde13d87a7977ed414d8 CVE-2024-4714,0,0,d7e9d9d95d84a12a856ae94c0b47f221a8b241db6b1f0d94ea74b84fa1b36764,2024-06-04T19:20:47.027000 CVE-2024-47145,0,0,1a35765c26b04b61b861cee47b184170021783241b94fd51efafd1127befdb57,2024-09-26T18:42:33.550000 CVE-2024-4715,0,0,8280b54df57d141f79c5c5ba7edbd4b8610f06a30ecbd5ba39cd6c268b4b3f05,2024-06-04T19:20:47.130000 -CVE-2024-47158,0,1,f2b07804e93b4946fc2c922f961cd9157a70eb2e9ba678b6ee9d7207447bb2ed,2024-10-25T12:56:07.750000 +CVE-2024-47158,0,0,f2b07804e93b4946fc2c922f961cd9157a70eb2e9ba678b6ee9d7207447bb2ed,2024-10-25T12:56:07.750000 CVE-2024-47159,0,0,f629ab8645ae2d3b373e84498ebe22f56e42f569db9052d68376aa856c847502,2024-09-24T18:09:50.877000 CVE-2024-4716,0,0,17dd73abada87214ed7c4da9787dcdd43aa5089416e4d3395c3029d4b8a776fa,2024-06-04T19:20:47.230000 CVE-2024-47160,0,0,c1aad4fed9b1c25a1ac730f435c0afe6164d933ac9e43b9a1caf75e24768ef64,2024-09-24T18:03:48.370000 @@ -262069,7 +262069,7 @@ CVE-2024-4717,0,0,7921e256cd1b57dcd690590999b44ca8d29db58a18405deda5f12fdfca691a CVE-2024-47170,0,0,5b51e77bbaf0aa4d73aaed7035aaf98c0f3c0e8a355756474eeb1aa8a1be9c4f,2024-09-30T12:46:20.237000 CVE-2024-47171,0,0,48e31c72c69d0bb6a9d666c7c99661a52d3c05dd11adcb85b19ee942d0085d2e,2024-09-30T12:46:20.237000 CVE-2024-47172,0,0,4b79f4b3803af95fc411c443fe5cc5794c9441cfc034adffdc054b0882caedf7,2024-10-04T13:51:25.567000 -CVE-2024-47173,0,1,05b2b633f7d32e023424835d76c61946451664d5230f0a57160406ff89f5847a,2024-10-25T12:56:07.750000 +CVE-2024-47173,0,0,05b2b633f7d32e023424835d76c61946451664d5230f0a57160406ff89f5847a,2024-10-25T12:56:07.750000 CVE-2024-47174,0,0,45d61976806e6f261b6617173dfdd81cff9ff5aea1e4ed00e3593fe1fbbae7df,2024-09-30T12:46:20.237000 CVE-2024-47175,0,0,98b0f302dda13c9ca08be74248115e033049a678f05ea7e4015fd75a9b0cd66d,2024-09-30T12:46:20.237000 CVE-2024-47176,0,0,1236859fb548f3604f95f88a62b235a85b1497f9815e39d76c2bb849d27602db,2024-10-02T20:15:11.520000 @@ -262220,7 +262220,7 @@ CVE-2024-47394,0,0,daa2fa23b6202a7be1b9a64f30715f76657ba6704579065bb397454b5369f CVE-2024-47395,0,0,90e43e7601880e084e28158fd0f757d2c1e8d3077c69265838f948abdb4cd942,2024-10-07T17:47:48.410000 CVE-2024-47396,0,0,6e476c6cf26f38283e3d61fa442a94302635b62a84c847a353123b5fa4f97bed,2024-10-04T13:51:25.567000 CVE-2024-4740,0,0,439bcc64d74362dfc2e1f6f7e2fb88748e7e0a568332807fb055a46f95bae835,2024-10-18T15:13:42.123000 -CVE-2024-47406,0,1,e1bbc16ab2610d9234ce1d6efcd9c6b88f75df26ec8f2e71694220745ef52ef1,2024-10-25T12:56:07.750000 +CVE-2024-47406,0,0,e1bbc16ab2610d9234ce1d6efcd9c6b88f75df26ec8f2e71694220745ef52ef1,2024-10-25T12:56:07.750000 CVE-2024-47410,0,0,42b59896d371aa29c83e01a1ce08752b8288a889a8db3630a5c6ba7966f3731c,2024-10-10T18:26:44.857000 CVE-2024-47411,0,0,5875ac529772763bf76adfec6337ced119d16dc7bedac06df0488c853721b19e,2024-10-10T18:26:54.153000 CVE-2024-47412,0,0,391d79d5da558802eae8e86cf3dd3b740642f9484cd58363cf9ca936b2f15d9d,2024-10-10T18:27:02.867000 @@ -262245,8 +262245,8 @@ CVE-2024-47459,0,0,dc476e38be60b6a1efda7726261f4c9f051d293bb6f4f7193aea3c1108a67 CVE-2024-4746,0,0,764da2d2faf52d5d8b005efc01764a8e4bfb42f0a65f0b328618a43b312322fb,2024-06-12T16:17:42.223000 CVE-2024-4747,0,0,071c88b133efa29a5bceaf4f1781edaa635d35ede69008d4aad9361c37e95f56,2024-05-14T16:11:39.510000 CVE-2024-4748,0,0,5ce71114653bf2c9cc6586a0117b72827b192c4aa4e8e27ac2b81ed4a0b190af,2024-10-10T16:15:08.630000 -CVE-2024-47481,0,1,c62f751f5883956274ffbb7fb20d002a8639b328715d32e48ced4180b14f0e12,2024-10-25T12:56:07.750000 -CVE-2024-47483,0,1,0f4b7569df71b2649716d0de895970912d67c410a2793dbed81cec8c0843ce79,2024-10-25T12:56:07.750000 +CVE-2024-47481,0,0,c62f751f5883956274ffbb7fb20d002a8639b328715d32e48ced4180b14f0e12,2024-10-25T12:56:07.750000 +CVE-2024-47483,0,0,0f4b7569df71b2649716d0de895970912d67c410a2793dbed81cec8c0843ce79,2024-10-25T12:56:07.750000 CVE-2024-47485,0,0,70c31bc26651c666f1f81bb314c02989bd53a835a51d6fdce38b5fab47a41c05,2024-10-22T16:23:22.890000 CVE-2024-47486,0,0,d0e2cdb063c29469a8d3896035823ed37b083b056a6c7ff12d1a7f59bad20ea5,2024-10-22T16:11:07.547000 CVE-2024-47487,0,0,89e5f946b42ae69712fe53b468ea8b777288a7068d88dd6a3031473d76e487d6,2024-10-22T16:10:08.027000 @@ -262288,7 +262288,7 @@ CVE-2024-47532,0,0,8782a61a2e6393b4eaa2920ce672fbaf71cd431530e5dbfab9dfea37a0c9d CVE-2024-47534,0,0,3fdf39e9d60bdd61b891053803d0cdd86e1d9b2f1594fae7730f1f0f0b99a057,2024-10-11T15:15:05.490000 CVE-2024-47536,0,0,353df15c5abe486c0bd2000eeee4b00375b2403ebe72a10be7f49c66f18c4bd4,2024-10-04T13:51:25.567000 CVE-2024-4754,0,0,43efa3a5287d05b500ecfcf4503ad62e1b41a22939150352bf102c1b98a3511a,2024-06-24T12:57:36.513000 -CVE-2024-47549,0,1,7ade178ec3f75e093180420df19b493912610c67ee118b5742bdf73abcc603f3,2024-10-25T12:56:07.750000 +CVE-2024-47549,0,0,7ade178ec3f75e093180420df19b493912610c67ee118b5742bdf73abcc603f3,2024-10-25T12:56:07.750000 CVE-2024-4755,0,0,ca5306e45de4985a027d64d4740785092288eb6abbd1ab6d1fda3377d88d4e7e,2024-07-03T02:08:01.477000 CVE-2024-47553,0,0,2212e0c73d31ee4117260b14c09959b86700d87277dc600c8b069eb02d73b59b,2024-10-11T20:04:08.623000 CVE-2024-47554,0,0,ed4aff6ea0e7ac69533e960f0592e4849edcc0303a79e4282ca0e96ec7b37a4c,2024-10-04T13:50:43.727000 @@ -262492,7 +262492,7 @@ CVE-2024-4779,0,0,7a9d6158e8d260b03b3581dd37b23bd10d59ba6243714ad236ba79968e8d9b CVE-2024-47790,0,0,d4701041e3b7826b48d6d13bc4c86004b58b4b8b272120def31051056a8f0260,2024-10-14T11:15:11.930000 CVE-2024-47793,0,0,9908766d9802c80c9f07e38bc1dd6d38dc8823614346066184a43b3d9b28a705,2024-10-21T21:25:36.697000 CVE-2024-4780,0,0,4aec24b958d50bff73d14c7bd2f67b2a9793d4893d5ddbdba18f0fb02ea18cc9,2024-07-16T13:43:58.773000 -CVE-2024-47801,0,1,f30e0197a6326534d922f35cca5195aa241c2f291d93f16ab7304dd3e12ac376,2024-10-25T12:56:07.750000 +CVE-2024-47801,0,0,f30e0197a6326534d922f35cca5195aa241c2f291d93f16ab7304dd3e12ac376,2024-10-25T12:56:07.750000 CVE-2024-47803,0,0,e1d97b5f24ae71b6bd2435048764e12dedac3de98ce838d43be96ca9d7087e5f,2024-10-04T13:50:43.727000 CVE-2024-47804,0,0,a4af3b64d3fcfe309769ac07755d247ecf7636977262b35234365d56289d52aa,2024-10-04T13:50:43.727000 CVE-2024-47805,0,0,22ba52af9df34d0a80a1165aace8dfa18730f593f709643a29e4cd8d37bffd53,2024-10-04T13:50:43.727000 @@ -262506,7 +262506,7 @@ CVE-2024-47815,0,0,843559a4031eaee974816014150940c4f18b7f6d93739de5a1866ac2ce670 CVE-2024-47816,0,0,c0bf0d33ec35192d4154926a2f4d5d81b042bde4dbbd41d5e4618f5e20416892,2024-10-10T12:51:56.987000 CVE-2024-47817,0,0,e954b96b63862e883b53cd879b63811973adbf39f1f221652228e04e702c2294,2024-10-10T12:57:21.987000 CVE-2024-47818,0,0,4d7e5ae8d80cd68e1a4826a976dd1a317a0485050783b2b6d50912171135a504,2024-10-10T12:57:21.987000 -CVE-2024-47819,0,0,a201b17d1277f48bd2a8213c81a510d8fc617942b304ecc358a5d34098e66f28,2024-10-23T15:12:34.673000 +CVE-2024-47819,0,1,62c26271cc7e827b67a56b805c4044787ed1a2ccfbdbca2087660524d24c77f5,2024-10-25T14:24:36.823000 CVE-2024-4782,0,0,37dcdb14f7d23ae467b62646ac8eb504448e2a7781e3c175892c72dc54d3aebf,2024-08-19T13:00:23.117000 CVE-2024-47822,0,0,659225121d6760adf8eca1f83c834e75b86ebec31d9e1e0ebc639ac3cc87e33f,2024-10-10T12:56:30.817000 CVE-2024-47823,0,0,aba6c10bf903d75799cabb92b24bf5cc826ec4b52223e2aab9a9f7d8d8298a07,2024-10-10T12:56:30.817000 @@ -262544,13 +262544,13 @@ CVE-2024-47874,0,0,88e5d0bddb2eed021dc78650aabb938bda29c8272245d4971b4c42756e899 CVE-2024-47875,0,0,7d3f699a2dfd28fae24f11f0ffebcb02477b8963ab93d8f474f9ee88d14cf58e,2024-10-15T12:58:51.050000 CVE-2024-47876,0,0,1c9291ffcd100f5445236e1c704211e20624e03c95916aeaee6676900242dcd8,2024-10-16T16:38:43.170000 CVE-2024-47877,0,0,42d52e9a067bcb9f8cadc0b4324eaa32d4b8c11c11d62f0e9296f0c93d92bc00,2024-10-15T12:57:46.880000 -CVE-2024-47878,0,1,c04801860d1e5fb3abd30700d30ee67b20f1a06f7a548f35c6b4d8d60068132f,2024-10-25T12:56:07.750000 -CVE-2024-47879,0,1,59b45feaaf4a8cf57e9effd22946f68b574db079cdbae5f200b89c2ed52ddf0f,2024-10-25T12:56:07.750000 +CVE-2024-47878,0,0,c04801860d1e5fb3abd30700d30ee67b20f1a06f7a548f35c6b4d8d60068132f,2024-10-25T12:56:07.750000 +CVE-2024-47879,0,0,59b45feaaf4a8cf57e9effd22946f68b574db079cdbae5f200b89c2ed52ddf0f,2024-10-25T12:56:07.750000 CVE-2024-4788,0,0,036e4ce9e476328c73022572d41365684f416f1f77ea3a1f5e72bdd2454ce2ec,2024-08-05T20:23:52.467000 -CVE-2024-47880,0,1,2aa03bc0f7d4d0c41d7c5b5270f0ebbd14a95aa63bdaf3ae3d1fe08d4da240e2,2024-10-25T12:56:07.750000 -CVE-2024-47881,0,1,3ba33752e5ae1ae39a54c03094d48418268856f27287297ee08d279410a37087,2024-10-25T12:56:07.750000 -CVE-2024-47882,0,1,174e7ea02b31ca5dd6b5512564429889aa4a2d00fe7a9fe2244fb9964102cde5,2024-10-25T12:56:07.750000 -CVE-2024-47883,0,1,1c1d6fec8df9eb0b860cf214b7833343df9c062f4d8dfc6161c5f58daedc8ebd,2024-10-25T12:56:07.750000 +CVE-2024-47880,0,0,2aa03bc0f7d4d0c41d7c5b5270f0ebbd14a95aa63bdaf3ae3d1fe08d4da240e2,2024-10-25T12:56:07.750000 +CVE-2024-47881,0,0,3ba33752e5ae1ae39a54c03094d48418268856f27287297ee08d279410a37087,2024-10-25T12:56:07.750000 +CVE-2024-47882,0,0,174e7ea02b31ca5dd6b5512564429889aa4a2d00fe7a9fe2244fb9964102cde5,2024-10-25T12:56:07.750000 +CVE-2024-47883,0,0,1c1d6fec8df9eb0b860cf214b7833343df9c062f4d8dfc6161c5f58daedc8ebd,2024-10-25T12:56:07.750000 CVE-2024-47884,0,0,4b7292fdbf8233f599cca6380416fda96798ff386a0442d2b37eeea12dd398ed,2024-10-15T12:57:46.880000 CVE-2024-47885,0,0,0d40ba494c86913544c4c9553c55befe8904b360cb2214c55ae6a6aeadb78d12,2024-10-15T12:57:46.880000 CVE-2024-47887,0,0,a738abaa50c0f4cc119f2ab1db4d555ac635e57265d1892adcc800cfdded0011,2024-10-18T12:53:04.627000 @@ -262558,10 +262558,10 @@ CVE-2024-47888,0,0,1ed854ade470bc163ad8c76031be0255e632797f8163938f76c7a31de7a78 CVE-2024-47889,0,0,661bf5d3df9343f9d9841050fa7811eba61ad27c7b6cfb90f97b1fd9293eaac0,2024-10-18T12:53:04.627000 CVE-2024-4789,0,0,991c3c0809892f7a4ebcc223f96155782fc07af160e30bd64d5fbc63735bec50,2024-05-17T18:35:35.070000 CVE-2024-4790,0,0,96aecd7cd4f769c190cdd6309a2627db4d493e5cf9efda536a135cb9a7f4eb96,2024-06-20T20:15:19.883000 -CVE-2024-47901,0,1,d704813455e1853d397b949d37588631de40839c185052fa26e621bb2fa4e0cb,2024-10-25T12:56:36.827000 -CVE-2024-47902,0,1,2e155c7d22a4c04970e17ece318ea189882cab29b016f1c35211ece78910a55b,2024-10-25T12:56:36.827000 -CVE-2024-47903,0,1,11eeb678068db65750f6560e1f1159b69f531599ad94490f298388f196efb288,2024-10-25T12:56:36.827000 -CVE-2024-47904,0,1,c161feef0618baec2e3776770bb2c41fedc6d33aa968f906cb7be80152b48818,2024-10-25T12:56:36.827000 +CVE-2024-47901,0,0,d704813455e1853d397b949d37588631de40839c185052fa26e621bb2fa4e0cb,2024-10-25T12:56:36.827000 +CVE-2024-47902,0,0,2e155c7d22a4c04970e17ece318ea189882cab29b016f1c35211ece78910a55b,2024-10-25T12:56:36.827000 +CVE-2024-47903,0,0,11eeb678068db65750f6560e1f1159b69f531599ad94490f298388f196efb288,2024-10-25T12:56:36.827000 +CVE-2024-47904,0,0,c161feef0618baec2e3776770bb2c41fedc6d33aa968f906cb7be80152b48818,2024-10-25T12:56:36.827000 CVE-2024-4791,0,0,45f7f0badd9eeca0c08f0ffcf78bd3c1e9a171e1e79fba42777d793a804985ff,2024-05-17T02:40:37.090000 CVE-2024-47910,0,0,da0097185007355b026dacc76d86a72088b7bf1d898f5a147fff92f16ae106b9,2024-10-07T19:37:43.677000 CVE-2024-47911,0,0,1780d2f9891b374cce407dc3e6f68171fc1b0dbbc46286fbacc7f087c63dae2c,2024-10-07T19:37:44.613000 @@ -262640,14 +262640,14 @@ CVE-2024-48119,0,0,6022221da5fd10d70715948b01fe2f7f8a0f43256a22ac2ee84f2922fba50 CVE-2024-4812,0,0,96f0244e64d02e8b825789000f88a75dd5b3d67c4d6e5fa4b2230b6ad5599e15,2024-06-18T18:49:19.783000 CVE-2024-48120,0,0,9504bbf5097a8042aa622e4bcffcd74f79e5a7cbeebb7a1d1951fd43248d522c,2024-10-15T16:35:09.650000 CVE-2024-4813,0,0,ffced1bec51c6384e79d75317b856f32e05abf0a3cdd3adf718b586086ffad4a,2024-06-04T19:20:50.970000 -CVE-2024-48139,0,1,58adfd4ad5d14e9290c7beb94672bc1925877b47c221370b67aede32a9c4bfaf,2024-10-25T12:56:07.750000 +CVE-2024-48139,0,0,58adfd4ad5d14e9290c7beb94672bc1925877b47c221370b67aede32a9c4bfaf,2024-10-25T12:56:07.750000 CVE-2024-4814,0,0,6ed65b628d782e4c0035f27d12907232951228fb5dd63de02df922628089b508,2024-06-04T19:20:51.077000 -CVE-2024-48140,0,1,ab88a4cea76b588e8807c35674ca34539cb7760a2303af2de3fe7ea49b8e90c9,2024-10-25T12:56:07.750000 -CVE-2024-48141,0,1,f853a3b6514a9f113366f907dcf08a8f876356fd18da6498484194ba625e807e,2024-10-25T12:56:07.750000 -CVE-2024-48142,0,1,4fb50954b1384ca3c2474625ffe298309170fdf75242d5b2db0493bcc203c6ec,2024-10-25T12:56:07.750000 -CVE-2024-48143,0,1,26c2b4a358e23b06a48f32e76ebfbc4bba3d0f8b03c430e00d9c294cff3bf09a,2024-10-25T12:56:07.750000 -CVE-2024-48144,0,1,fdb4eecf8121a078afe76760eccc74cd2b7d4a296fa77eb553646edbcf93e74b,2024-10-25T12:56:07.750000 -CVE-2024-48145,0,1,a7822e773b5e8b97e44909da5983b8285f14b3b7031fc690fa121b3e6000150c,2024-10-25T12:56:07.750000 +CVE-2024-48140,0,0,ab88a4cea76b588e8807c35674ca34539cb7760a2303af2de3fe7ea49b8e90c9,2024-10-25T12:56:07.750000 +CVE-2024-48141,0,0,f853a3b6514a9f113366f907dcf08a8f876356fd18da6498484194ba625e807e,2024-10-25T12:56:07.750000 +CVE-2024-48142,0,0,4fb50954b1384ca3c2474625ffe298309170fdf75242d5b2db0493bcc203c6ec,2024-10-25T12:56:07.750000 +CVE-2024-48143,0,0,26c2b4a358e23b06a48f32e76ebfbc4bba3d0f8b03c430e00d9c294cff3bf09a,2024-10-25T12:56:07.750000 +CVE-2024-48144,0,0,fdb4eecf8121a078afe76760eccc74cd2b7d4a296fa77eb553646edbcf93e74b,2024-10-25T12:56:07.750000 +CVE-2024-48145,0,0,a7822e773b5e8b97e44909da5983b8285f14b3b7031fc690fa121b3e6000150c,2024-10-25T12:56:07.750000 CVE-2024-4815,0,0,a12a3714528f7b768c4c9101b510e3e25b21fa14abf883b4fca5d245888d3088,2024-06-04T19:20:51.183000 CVE-2024-48150,0,0,3a74ef17dd937b2ce7ec4baf65ca0a0269cc457ed04e16b8c883126dbac56b6f,2024-10-15T16:35:10.450000 CVE-2024-48153,0,0,ed2a32bb2c14f00255ae97ac8d2c6b7371ced6a3b47f478082697408eb2eccac,2024-10-17T18:35:10.707000 @@ -262659,9 +262659,9 @@ CVE-2024-48180,0,0,5891665b96e5bb6f8325528a26dbdcd36c2f7a69e9155272862a28dae07f4 CVE-2024-4819,0,0,bc26e072d222c9731ee42bb1198fec18f8f3236e713c07e319d531bbf6577caa,2024-06-04T19:20:51.613000 CVE-2024-48192,0,0,50ca3857fa6f25fe2966bfab9679a90bf80eec0b1a66f64f4eaab1d030168651,2024-10-18T12:52:33.507000 CVE-2024-4820,0,0,832738c431d4032e72cf5367ea2c2310b7c6cd840d9bc0fc3f10b9e1f0e05ed2,2024-06-04T19:20:51.710000 -CVE-2024-48208,0,1,b02f86f1b335b3183358f07d84617fba93d01a0b465de0ef3561929c34125b92,2024-10-25T12:56:07.750000 +CVE-2024-48208,0,0,b02f86f1b335b3183358f07d84617fba93d01a0b465de0ef3561929c34125b92,2024-10-25T12:56:07.750000 CVE-2024-4821,0,0,dc7d4132f68a39a1fe6c6bac80c0ac3156e2e90bf5e433ad24749311cb9093af,2024-06-11T17:29:33.213000 -CVE-2024-48213,0,1,117f3b040dc13bc06ba79e6afb4438d02d6453981e7ddab2f51ac57958bb9036,2024-10-25T12:56:07.750000 +CVE-2024-48213,0,0,117f3b040dc13bc06ba79e6afb4438d02d6453981e7ddab2f51ac57958bb9036,2024-10-25T12:56:07.750000 CVE-2024-4822,0,0,35737e7a1acb373d4b9b0a7db2a81b8ded4d641f08c88a2e676b684417908472,2024-05-14T16:11:39.510000 CVE-2024-4823,0,0,0c5de98ac761e11f69c407a8dbff0028d3fe4b31e8abb3e2bfd72a91e6adb2ed,2024-05-14T16:11:39.510000 CVE-2024-48231,0,0,937449141a6aa1a64ac6ee0f623969ee8c2a56a4e76a3e216a9b1fafdd881546,2024-10-21T19:35:06.217000 @@ -262690,37 +262690,38 @@ CVE-2024-4841,0,0,65ebfdfe2681835a6b4ece6477d685d2c79df9dc285d61b3c6847a6703ab51 CVE-2024-48411,0,0,f02f5a173c68a1066ae1d0ad3ecb091448747ebc7ae5d98814db8ad4f2b7f72f,2024-10-16T19:35:11.290000 CVE-2024-48415,0,0,f0924ee00bd27af7c2e3b4df709006fd2e622c007a3785ddb6461472428a80bb,2024-10-23T16:35:09.317000 CVE-2024-4842,0,0,266948939b8663b41b45dca8cb12f3f3247c17eab2663a8a73d7a0fbf198d426,2024-05-30T20:15:09.703000 -CVE-2024-48423,0,1,8c282145a9dde1964a7595668e5968537e68f0c62ec8f7f792ca8b027908f113,2024-10-25T12:56:07.750000 -CVE-2024-48424,0,1,ee533150d47efc3108cae9b82d77aeffc985ad6f31e1c299d1eaedfbcdbff2c3,2024-10-25T12:56:07.750000 -CVE-2024-48425,0,1,df1f68bc528d6dfd39d403b8673e50b0c5a34729d3fbb1dc2fc99d2a9ef478e6,2024-10-25T12:56:07.750000 -CVE-2024-48426,0,1,e81e85165a900ebe44b3c1b666ef9e10ab0bb6a4f34405cfc3b6695d78f79056,2024-10-25T12:56:07.750000 -CVE-2024-48427,0,1,b7bd032e8bdf5711752138acdb68e40d7f3b7f526e0c14aa289eef0dcf1c40b3,2024-10-25T12:56:07.750000 +CVE-2024-48423,0,0,8c282145a9dde1964a7595668e5968537e68f0c62ec8f7f792ca8b027908f113,2024-10-25T12:56:07.750000 +CVE-2024-48424,0,0,ee533150d47efc3108cae9b82d77aeffc985ad6f31e1c299d1eaedfbcdbff2c3,2024-10-25T12:56:07.750000 +CVE-2024-48425,0,0,df1f68bc528d6dfd39d403b8673e50b0c5a34729d3fbb1dc2fc99d2a9ef478e6,2024-10-25T12:56:07.750000 +CVE-2024-48426,0,0,e81e85165a900ebe44b3c1b666ef9e10ab0bb6a4f34405cfc3b6695d78f79056,2024-10-25T12:56:07.750000 +CVE-2024-48427,0,0,b7bd032e8bdf5711752138acdb68e40d7f3b7f526e0c14aa289eef0dcf1c40b3,2024-10-25T12:56:07.750000 +CVE-2024-48428,1,1,445242dfb5fe2d8ffbd80ecefca24e9fb7c015e45d9fda28b70a454257506766,2024-10-25T15:15:18.827000 CVE-2024-4843,0,0,b365eeabe96e8dec3f961357ff342df21bbefef716d14e64f95fe3929d1e363a,2024-05-16T13:03:05.353000 CVE-2024-4844,0,0,b1cdfd63abb8075cb2a12dc44eacca2f75c6048adf9c4ea8b8b7c6072669030d,2024-05-16T13:03:05.353000 -CVE-2024-48440,0,1,5219db498a563dd1c6489094539901c4defdd8cd94636f8687a9af5fa80de2ee,2024-10-25T12:56:07.750000 -CVE-2024-48441,0,1,224bc247fd5f1747eb1e946da5b3115767d16a53740175a2dfcb73dea07b1575,2024-10-25T12:56:07.750000 -CVE-2024-48442,0,1,084bb62aa7e367eaa572c5f66b2188f35788a01f98625b5dbdc0959d7e2c72e8,2024-10-25T12:56:07.750000 +CVE-2024-48440,0,0,5219db498a563dd1c6489094539901c4defdd8cd94636f8687a9af5fa80de2ee,2024-10-25T12:56:07.750000 +CVE-2024-48441,0,0,224bc247fd5f1747eb1e946da5b3115767d16a53740175a2dfcb73dea07b1575,2024-10-25T12:56:07.750000 +CVE-2024-48442,0,0,084bb62aa7e367eaa572c5f66b2188f35788a01f98625b5dbdc0959d7e2c72e8,2024-10-25T12:56:07.750000 CVE-2024-4845,0,0,f8e5a569577a931ed62905431d3e7dc57f80df89344697bf8fc7f196d4c6a1d9,2024-07-23T17:23:41.597000 -CVE-2024-48454,0,1,6b6ca49a060c554891c90c2e114c529f7522d5800fbd375e9b33b5c669ae0f53,2024-10-25T12:56:07.750000 +CVE-2024-48454,0,0,6b6ca49a060c554891c90c2e114c529f7522d5800fbd375e9b33b5c669ae0f53,2024-10-25T12:56:07.750000 CVE-2024-4846,0,0,354213cecebbad5d2830809199864dadc70a5508c38afeb47a24b8f17c4c0fe1,2024-06-25T18:50:42.040000 CVE-2024-4847,0,0,3e175fcde7743d0dafc07697dcd3c0585505cba50a8840c440513434f4a1e2f1,2024-05-15T16:40:19.330000 CVE-2024-4848,0,0,e9a992014a82f7f25ea8b020a59a54821debcc21ba29ea30b909eb2d249ee224,2024-07-29T11:15:09.920000 CVE-2024-4849,0,0,ea1119b37dea5602dfce7972c7449fed4caaba21295f1145a8612489a3c2fd07,2024-05-20T13:00:34.807000 CVE-2024-48509,0,0,c6a322b44f1b5c48c99b4ab0a24ca78577b459bf4c9409e8862d334d073306ba,2024-10-23T15:12:34.673000 CVE-2024-4851,0,0,444f4e959fbd50fab42bb9cd6f5b1019a6d50ea56a5371bcf4f4fa6566e3e360,2024-10-17T18:45:13.093000 -CVE-2024-48514,0,1,772c22a7c82f7a2ba09c35b523755c3d2e15343c5a23d7fb25f81b1d3b219920,2024-10-25T12:56:07.750000 +CVE-2024-48514,0,0,772c22a7c82f7a2ba09c35b523755c3d2e15343c5a23d7fb25f81b1d3b219920,2024-10-25T12:56:07.750000 CVE-2024-4853,0,0,7e943be0a2434f6362f67f453fe22910f05fecde26076344b21d97f20b2d6efa,2024-08-29T15:15:31.687000 -CVE-2024-48538,0,1,d00c6ae109958170edcc3a2c583c2ac0637abae567969e57f7b9a648e6c8cb40,2024-10-25T12:56:07.750000 -CVE-2024-48539,0,1,1d5c8fdf188ef55366358121671809693c2ffcac98329c253bc948034dac981b,2024-10-25T12:56:07.750000 +CVE-2024-48538,0,0,d00c6ae109958170edcc3a2c583c2ac0637abae567969e57f7b9a648e6c8cb40,2024-10-25T12:56:07.750000 +CVE-2024-48539,0,0,1d5c8fdf188ef55366358121671809693c2ffcac98329c253bc948034dac981b,2024-10-25T12:56:07.750000 CVE-2024-4854,0,0,9d5d733c00183e47994464da1b76a252c7e4b8268459cd8a1634b1fda6297d73,2024-08-29T15:15:31.797000 -CVE-2024-48540,0,1,327a775e6b8b1e591747f57b3720a69e7aefde49218f062c18de2406ab7c9fb8,2024-10-25T12:56:07.750000 -CVE-2024-48541,0,1,445987ffb9995efed065af6e947aa780367ff397aa0e6a5c5154f3922a65938e,2024-10-25T12:56:07.750000 -CVE-2024-48542,0,1,3cd5de49086c2c00210e7dab5fa3a8eb1e801db273093814abbd4185d4a7eeaf,2024-10-25T12:56:07.750000 -CVE-2024-48544,0,1,066e44948f9e780845364a134f83700eb451ac395786b145ae7dc4bd6c567b2e,2024-10-25T12:56:07.750000 -CVE-2024-48545,0,1,526e7a7eda98f5b76056b1e3c0dcb0a03c8522781a641b3e6d9f807899c7ad11,2024-10-25T12:56:07.750000 -CVE-2024-48546,0,1,c0526f091ea1fc6a41583e2a8be7c3e4c052062995757ecf84eaaf849fb272b0,2024-10-25T12:56:07.750000 -CVE-2024-48547,0,1,9db332cc676278e21a081b803d57f1c54b011fe5dd42093550c345ebe0949637,2024-10-25T12:56:07.750000 -CVE-2024-48548,0,1,ec80620fd2405092cb652dc2117913ce945d52911c33fb7583254b23a981c173,2024-10-25T12:56:07.750000 +CVE-2024-48540,0,0,327a775e6b8b1e591747f57b3720a69e7aefde49218f062c18de2406ab7c9fb8,2024-10-25T12:56:07.750000 +CVE-2024-48541,0,0,445987ffb9995efed065af6e947aa780367ff397aa0e6a5c5154f3922a65938e,2024-10-25T12:56:07.750000 +CVE-2024-48542,0,0,3cd5de49086c2c00210e7dab5fa3a8eb1e801db273093814abbd4185d4a7eeaf,2024-10-25T12:56:07.750000 +CVE-2024-48544,0,0,066e44948f9e780845364a134f83700eb451ac395786b145ae7dc4bd6c567b2e,2024-10-25T12:56:07.750000 +CVE-2024-48545,0,0,526e7a7eda98f5b76056b1e3c0dcb0a03c8522781a641b3e6d9f807899c7ad11,2024-10-25T12:56:07.750000 +CVE-2024-48546,0,0,c0526f091ea1fc6a41583e2a8be7c3e4c052062995757ecf84eaaf849fb272b0,2024-10-25T12:56:07.750000 +CVE-2024-48547,0,0,9db332cc676278e21a081b803d57f1c54b011fe5dd42093550c345ebe0949637,2024-10-25T12:56:07.750000 +CVE-2024-48548,0,0,ec80620fd2405092cb652dc2117913ce945d52911c33fb7583254b23a981c173,2024-10-25T12:56:07.750000 CVE-2024-4855,0,0,c93719b20367086f39a585784c8fe87b51678f3d6fabb283bc26fc5dedf0f872,2024-08-29T15:15:31.893000 CVE-2024-4856,0,0,01234b09ea1a4585c989c1dc87d23ed182241e8a50536214983ade66b15e19f8,2024-06-04T16:57:41.053000 CVE-2024-4857,0,0,1a28f92c79b598b55521235359a1d50b478306861b37a5a0ef0abc4d3160ef4c,2024-06-04T16:57:41.053000 @@ -262815,7 +262816,7 @@ CVE-2024-4884,0,0,a2dcec8e16e916f3e6bf44fbf27e64f395ae27ac96c65779b6d04fbf5173b4 CVE-2024-4885,0,0,2608f2aa7fb5189467bda7bb610d4e03f1b43256b775a84e60ba9a3b8ac9b260,2024-09-06T22:44:27.840000 CVE-2024-4886,0,0,d27ca09c7d3a0108a7cfa4692eb479eab6127452085468fbf17d7a45144cc1ee,2024-06-11T17:14:56.323000 CVE-2024-4887,0,0,cd16cdbf0d661e24b4ec24b0cab770c7eb42c6fb6d3f727954351a4e0884953b,2024-06-07T14:56:05.647000 -CVE-2024-48870,0,1,9db15b771a088b28bd1f0b1772504cda9cfbd6a68039dc698e13b987df9abdfe,2024-10-25T12:56:07.750000 +CVE-2024-48870,0,0,9db15b771a088b28bd1f0b1772504cda9cfbd6a68039dc698e13b987df9abdfe,2024-10-25T12:56:07.750000 CVE-2024-4888,0,0,3f4c58ee217cc87037d385e3cb53da7d318e33e3629509fa30ad3e9220377781,2024-10-17T18:38:58.457000 CVE-2024-4889,0,0,98c988bc305180dfde4233cdb25b83940a2a23ecd5fc7825e58f1cc0fbfe5628,2024-10-15T19:00:09.633000 CVE-2024-4890,0,0,ee7720239380ab5c638f0803999a779457a74687c16e858d2acf0798605f57a2,2024-10-10T20:11:44.610000 @@ -262833,14 +262834,14 @@ CVE-2024-48919,0,0,a0a7ee1576689ebc33e8b3ae0ac8ebb40e27885e788e12cb9b562903133f1 CVE-2024-4892,0,0,86d55410ceaf3ecac0b7906bf27b918d65f0ae499a5475505564f001e752dae0,2024-06-13T18:36:09.013000 CVE-2024-48920,0,0,a03bdbd7875951f84a0ddd56d8e819e54834e1b20b1220c7604c44f7db3ea361,2024-10-18T12:52:33.507000 CVE-2024-48924,0,0,e474b369eaf4331d2ff3a579fbee4e63e8ec29b93749a9c533ecb0a1775a3de6,2024-10-18T12:52:33.507000 -CVE-2024-48925,0,0,3a078bcb4a89f0f86dd16bcf4b7d66e72e3ba5854d913637ee75a010ccd70548,2024-10-23T15:12:34.673000 +CVE-2024-48925,0,1,c9fcd7e04639957ea66d2331abf3d50745ade802e21b5a3409a8d69b208718a8,2024-10-25T14:12:18.833000 CVE-2024-48926,0,0,85f39ac2dcd7739b6ccfb6e70db444f1e5bc7351c40aca02df38e0890edc7565,2024-10-23T15:12:34.673000 CVE-2024-48927,0,0,01a9606e87c9d0fe295b7af78c12d3892f336c8d52386afeb159eacf9a03d0c7,2024-10-23T15:12:34.673000 CVE-2024-48929,0,0,8f42514e5e40293361141ad0a32c5cc2c18cee04cb42f38abe2f83b6fba170dd,2024-10-23T15:12:34.673000 CVE-2024-4893,0,0,c4900f559bdc4a1c952ec15ffc0a407a7d0fc758594c29af597940962bf437f6,2024-05-15T16:40:19.330000 CVE-2024-48930,0,0,c7b6cd0340da2631ccf07a7015b8cf581a1e5f29f6a6b1ff9f3168b16f8d9c48,2024-10-21T17:09:45.417000 -CVE-2024-48931,0,1,cb76da7947433082044eb8eab7c26fb2f1f77c9a2e73af320a6686276ae68e56,2024-10-25T12:56:07.750000 -CVE-2024-48932,0,1,f03344868acfc16b73af3784b9a6263628e84052cd2b89fcb271042dea382c8d,2024-10-25T12:56:07.750000 +CVE-2024-48931,0,0,cb76da7947433082044eb8eab7c26fb2f1f77c9a2e73af320a6686276ae68e56,2024-10-25T12:56:07.750000 +CVE-2024-48932,0,0,f03344868acfc16b73af3784b9a6263628e84052cd2b89fcb271042dea382c8d,2024-10-25T12:56:07.750000 CVE-2024-48933,0,0,eab55cc4133fd12eb852707496206c0c064cf1bfef188e95346821cf2dadf897,2024-10-15T18:56:52.363000 CVE-2024-48937,0,0,53216fc8a6fbe5febb4c086d6958028e95a58513bdf6caced98eaac34038db0e,2024-10-17T19:48:11.163000 CVE-2024-48938,0,0,42546c0230f7c9740d6f2b303141b0c584cd79f3d515c30c7b8554d560fc1ee9,2024-10-17T19:49:56.327000 @@ -262853,8 +262854,8 @@ CVE-2024-4895,0,0,f6b1e62d3b5bd64aea52e6768b6c469e049c941759a77bf99aa3b85ad7e20c CVE-2024-48957,0,0,73c8e1634cf56d3192b3375f11aa72eac69f0bcf8a4cb1f3b137dcc189616d8f,2024-10-11T21:36:47.930000 CVE-2024-48958,0,0,92a426e369946b14ff79b98b6fb42dd0c692d3b7d45d68198a4072bdaadf4922,2024-10-11T21:36:48.687000 CVE-2024-4896,0,0,20cc2dc19f323150528d4fb3a23b846b2e602fa65e075afe5dc2b86cb95d9c94,2024-05-22T12:46:53.887000 -CVE-2024-48963,0,1,bdd01dbb7cc0b2cce075b363190b75d4ff168a88095bbba6c378ffe59758c57e,2024-10-25T12:56:07.750000 -CVE-2024-48964,0,1,8a8fc0e5e4a77997ba103acac6ef27c47fd4b4c49fee961754ec2a65ae6f83c8,2024-10-25T12:56:07.750000 +CVE-2024-48963,0,0,bdd01dbb7cc0b2cce075b363190b75d4ff168a88095bbba6c378ffe59758c57e,2024-10-25T12:56:07.750000 +CVE-2024-48964,0,0,8a8fc0e5e4a77997ba103acac6ef27c47fd4b4c49fee961754ec2a65ae6f83c8,2024-10-25T12:56:07.750000 CVE-2024-4897,0,0,b80483aa02f533d1f5c4695afa1f7ec5dae4ecfa8b472cf561efa5d05f8ff11d,2024-07-02T17:44:45.700000 CVE-2024-4898,0,0,a64ada88476e7dbd5dca1f8ed9406bed15a3acb87fadbe7d9a4f3102502b7a67,2024-07-23T17:50:44.033000 CVE-2024-48987,0,0,bb1285db59c3075341f96aec62f9b4ce4709041d90082c7f3534792a4d32fb84,2024-10-15T12:58:51.050000 @@ -263016,18 +263017,20 @@ CVE-2024-49334,0,0,bcc2db18f40dffe6c4f8472b0ef26870ffad9612f58222d9017252998c694 CVE-2024-49335,0,0,64cc1bcb12301e7e8f03bc857d01393c7ba079fd3a08962dcf26c673c0054a8c,2024-10-24T14:50:16.557000 CVE-2024-4934,0,0,fd5d4b9709dde517f56a9aae7369c165c45ceba9bcf88bee680213c2fc56b62f,2024-08-01T13:59:37.220000 CVE-2024-49340,0,0,37285f025630fd9eb79c4269f84ef859e190bfac2e34728b5f3d3dbad2273eb0,2024-10-16T16:38:14.557000 -CVE-2024-49357,0,1,7776522f64eee88cf60b660f23a8e3680018e4294f315cbc2d7cd77e58372489,2024-10-25T12:56:07.750000 -CVE-2024-49358,0,1,bdd02d4959da5235555891bb20be37b288169366ca682fb4522c67de9cc6cf0e,2024-10-25T12:56:07.750000 -CVE-2024-49359,0,1,5986d2e125b14506c4f3650996bff6cd3c37abba20a0c6d0e585a0a0d4977b60,2024-10-25T12:56:07.750000 +CVE-2024-49357,0,0,7776522f64eee88cf60b660f23a8e3680018e4294f315cbc2d7cd77e58372489,2024-10-25T12:56:07.750000 +CVE-2024-49358,0,0,bdd02d4959da5235555891bb20be37b288169366ca682fb4522c67de9cc6cf0e,2024-10-25T12:56:07.750000 +CVE-2024-49359,0,0,5986d2e125b14506c4f3650996bff6cd3c37abba20a0c6d0e585a0a0d4977b60,2024-10-25T12:56:07.750000 CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a658,2024-08-06T18:29:27.013000 CVE-2024-49361,0,0,f551e9abf09d421b2a081416ae11d1d19a91d21656c86d2519f1c7f0e281007d,2024-10-21T17:10:22.857000 CVE-2024-49366,0,0,aa37188721af357c851b7fc33379d0188a960b9f96974610014dea2671948c2a,2024-10-23T15:13:58.783000 CVE-2024-49367,0,0,c9b869d3df961cbe6cd45089af2bd9e7675369053a02cc6adaf7052174946b00,2024-10-23T15:13:58.783000 CVE-2024-49368,0,0,7653bacc44e12cb471d1297a98c3c2ed197407d61a2b90effa86f38f0c320729,2024-10-23T15:13:58.783000 -CVE-2024-49370,0,1,53182a6ce2637f054e6cf92c623239d8b52a4ad6590d2f00fca7214b8ca5b926,2024-10-25T12:56:36.827000 +CVE-2024-49370,0,0,53182a6ce2637f054e6cf92c623239d8b52a4ad6590d2f00fca7214b8ca5b926,2024-10-25T12:56:36.827000 CVE-2024-49373,0,0,d6a9e6f6c722f791a40f83e3b6a0acb632418ab99ccc19489aebf72e45099e53,2024-10-23T15:12:34.673000 -CVE-2024-49376,1,1,a2f1fc0c46eafede66ea4a7282a6bf439f386a3056e7dcea26e39b9eef5c8b0f,2024-10-25T13:15:17.957000 -CVE-2024-49378,1,1,0593271bbabf8caec105b4d795af01dc9b4ec4374d49645a1f9874cfb4531757,2024-10-25T13:15:18.090000 +CVE-2024-49376,0,0,a2f1fc0c46eafede66ea4a7282a6bf439f386a3056e7dcea26e39b9eef5c8b0f,2024-10-25T13:15:17.957000 +CVE-2024-49378,0,1,c97d9deb0f6c411dabfee329dafdb02e819b4bbc66d5e9b222f63c2e79056d30,2024-10-25T15:35:20.597000 +CVE-2024-49380,1,1,1a56d17b0c1ca302fc6e774b0df6f0290a8aad0f38830efc984dd6e84ae08085,2024-10-25T15:35:20.800000 +CVE-2024-49381,1,1,4cba5c0f0db0443e1841fe15174b2d945328a0c5767e5510734ec6866bcc833b,2024-10-25T14:15:12.160000 CVE-2024-49382,0,0,cd14c2989a948ff9829f4d119b31d603af2c2c459b5f5d9afd11a73e5c1e5fec,2024-10-16T13:53:45.860000 CVE-2024-49383,0,0,8836e7d175d405b86f6d0105b03c4862827296be5b39fe5cde78189dfe892bb0,2024-10-16T13:53:04.380000 CVE-2024-49384,0,0,3ee9c94c4e7d62f73d98e9003a41428dea707c45ee737dda67404986a9c936b6,2024-10-16T13:52:19.317000 @@ -263096,43 +263099,45 @@ CVE-2024-49630,0,0,34d75746c00996da3a49f93eed6bc8a4f3be9da6c45cb9f15692d41526269 CVE-2024-49631,0,0,5230732de6a35313190c213cb431a622620f306560265c0ab55df925f02e4a2a,2024-10-24T14:12:59.600000 CVE-2024-4964,0,0,786ceb95d48675f478c0edd25187f0304d39eb81096edb79d2e9ae0401f68be3,2024-08-01T21:15:54.223000 CVE-2024-4965,0,0,5bd9bf33c1ad1b27237ab2761363d4d9817c8f50155c84d844f98b12772718a0,2024-08-08T15:15:18.730000 -CVE-2024-49652,0,1,58dff88968ac6ebf50ac5ee5e6f0dbbe476efcb65a1763b3700d032abe2d574d,2024-10-25T12:56:36.827000 -CVE-2024-49653,0,1,44403c7923c745007b13c40f85dd660179917ab02fffac37cb7e731d1660569b,2024-10-25T12:56:36.827000 -CVE-2024-49657,0,1,e92a5c0df7de7f82cf60825f720ce06f676c04466a67c860a119e8449aacc814,2024-10-25T12:56:36.827000 -CVE-2024-49658,0,1,75da9a8594fc78f2625eb2a430c46e94efcf375c07d5d68f964ab85a724848b9,2024-10-25T12:56:36.827000 +CVE-2024-49652,0,0,58dff88968ac6ebf50ac5ee5e6f0dbbe476efcb65a1763b3700d032abe2d574d,2024-10-25T12:56:36.827000 +CVE-2024-49653,0,0,44403c7923c745007b13c40f85dd660179917ab02fffac37cb7e731d1660569b,2024-10-25T12:56:36.827000 +CVE-2024-49657,0,0,e92a5c0df7de7f82cf60825f720ce06f676c04466a67c860a119e8449aacc814,2024-10-25T12:56:36.827000 +CVE-2024-49658,0,0,75da9a8594fc78f2625eb2a430c46e94efcf375c07d5d68f964ab85a724848b9,2024-10-25T12:56:36.827000 CVE-2024-4966,0,0,ca96dc16e6a41cb4de3af3c10d7787996b0688fd8eb0522e09efb3ad5052b418,2024-05-17T02:40:44.507000 -CVE-2024-49668,0,1,9e642c910e64115d4a4e8e29c9e810812ac3764efb5993cdb3bf654939e09f4c,2024-10-25T12:56:36.827000 -CVE-2024-49669,0,1,5ad5e91f97554ca3daa6c0ce2501004e522438a31e6641aa150e6fd0e7f90c0f,2024-10-25T12:56:36.827000 +CVE-2024-49668,0,0,9e642c910e64115d4a4e8e29c9e810812ac3764efb5993cdb3bf654939e09f4c,2024-10-25T12:56:36.827000 +CVE-2024-49669,0,0,5ad5e91f97554ca3daa6c0ce2501004e522438a31e6641aa150e6fd0e7f90c0f,2024-10-25T12:56:36.827000 CVE-2024-4967,0,0,8025a234fc289bdab04f9acbdc2478b7155048b60320bc8b6b7a0758b314e3b9,2024-06-04T19:20:55.777000 -CVE-2024-49671,0,1,3444bda7ece1f693d338db4cc79d717f379cdd40dbc44287f6100eec0598b12d,2024-10-25T12:56:36.827000 -CVE-2024-49675,0,1,c6e09b39dfdaf468c89ebc29589596eee519705df1761375fc6ab1777046823b,2024-10-25T12:56:36.827000 -CVE-2024-49676,0,1,dd890548fa1bcb69576eae4659e357c656125d877be6d06a44ddb178c101b43d,2024-10-25T12:56:36.827000 +CVE-2024-49671,0,0,3444bda7ece1f693d338db4cc79d717f379cdd40dbc44287f6100eec0598b12d,2024-10-25T12:56:36.827000 +CVE-2024-49675,0,0,c6e09b39dfdaf468c89ebc29589596eee519705df1761375fc6ab1777046823b,2024-10-25T12:56:36.827000 +CVE-2024-49676,0,0,dd890548fa1bcb69576eae4659e357c656125d877be6d06a44ddb178c101b43d,2024-10-25T12:56:36.827000 CVE-2024-4968,0,0,e5876599ebc72fb366518fd24786abd136bd58674cfc6b7ffb1fde29b7dfc2f8,2024-06-04T19:20:55.910000 -CVE-2024-49681,0,1,3b093dfd5a970f736ccea994447fae465682222fe1b4c870be33e2b5aeaae4d6,2024-10-25T12:56:07.750000 -CVE-2024-49682,0,1,4e47b24b4ccb89d6b9391034a4d9fd92d4e065ca66c40176951d133f1432962c,2024-10-25T12:56:07.750000 -CVE-2024-49683,0,1,bc1a3474e846828fd29db41c7bd81aa13fff7d9cc09d32d534f0bd6429a79990,2024-10-25T12:56:07.750000 -CVE-2024-49684,0,1,e9a627af5ddca9b4822ee6da7152da731788ee6f4ca218c2e1132330b65bb6b3,2024-10-25T12:56:36.827000 +CVE-2024-49681,0,0,3b093dfd5a970f736ccea994447fae465682222fe1b4c870be33e2b5aeaae4d6,2024-10-25T12:56:07.750000 +CVE-2024-49682,0,0,4e47b24b4ccb89d6b9391034a4d9fd92d4e065ca66c40176951d133f1432962c,2024-10-25T12:56:07.750000 +CVE-2024-49683,0,0,bc1a3474e846828fd29db41c7bd81aa13fff7d9cc09d32d534f0bd6429a79990,2024-10-25T12:56:07.750000 +CVE-2024-49684,0,0,e9a627af5ddca9b4822ee6da7152da731788ee6f4ca218c2e1132330b65bb6b3,2024-10-25T12:56:36.827000 CVE-2024-4969,0,0,ab0804889b5a888b9b65e9fe2bbd8691478393df4e0fc992e2c82c7a1daa3f54,2024-07-08T14:19:14.173000 -CVE-2024-49690,0,1,f8519a1e374a57a825b896cd1faf37ef6f9748445cc3d9105d4f22d925afe4f1,2024-10-25T12:56:36.827000 -CVE-2024-49691,0,1,8a34c0fdaee81aff7458f4efa7a33cb09c53971e5ca42eec6727b794ae5c88cf,2024-10-25T12:56:07.750000 -CVE-2024-49693,0,1,a6bc6e01718813c6856835300eb59007ffc63a5d82fdf60f6cd2f3594806ee66,2024-10-25T12:56:07.750000 -CVE-2024-49695,0,1,8a5b9aeadf7d14e4b9f3b28f3c39052ed1af2bd2ed904e93755acbf54f7db166,2024-10-25T12:56:07.750000 -CVE-2024-49696,0,1,a1b9111a692b97228f861a7c3aa5f8357700339f49226938288f062844c6a3b1,2024-10-25T12:56:07.750000 +CVE-2024-49690,0,0,f8519a1e374a57a825b896cd1faf37ef6f9748445cc3d9105d4f22d925afe4f1,2024-10-25T12:56:36.827000 +CVE-2024-49691,0,0,8a34c0fdaee81aff7458f4efa7a33cb09c53971e5ca42eec6727b794ae5c88cf,2024-10-25T12:56:07.750000 +CVE-2024-49693,0,0,a6bc6e01718813c6856835300eb59007ffc63a5d82fdf60f6cd2f3594806ee66,2024-10-25T12:56:07.750000 +CVE-2024-49695,0,0,8a5b9aeadf7d14e4b9f3b28f3c39052ed1af2bd2ed904e93755acbf54f7db166,2024-10-25T12:56:07.750000 +CVE-2024-49696,0,0,a1b9111a692b97228f861a7c3aa5f8357700339f49226938288f062844c6a3b1,2024-10-25T12:56:07.750000 CVE-2024-4970,0,0,57238e39937dd97cbba063724432adc0a3a93bd80ba7688359158539986e4d98,2024-06-24T19:30:39.397000 -CVE-2024-49701,0,1,05b078853e5913c8374ef2ab0747976bb05658aeca4ef612cbca140c4651dec5,2024-10-25T12:56:36.827000 -CVE-2024-49702,0,1,98abea8cf057549433531ca7d10b13a3e19ea5fb763e19a8b4d531392e6a5ab8,2024-10-25T12:56:07.750000 -CVE-2024-49703,0,1,288992d3aa938102894ac2e99a54992020fa0d2f0317125261ac0e4de56521a3,2024-10-25T12:56:07.750000 +CVE-2024-49701,0,0,05b078853e5913c8374ef2ab0747976bb05658aeca4ef612cbca140c4651dec5,2024-10-25T12:56:36.827000 +CVE-2024-49702,0,0,98abea8cf057549433531ca7d10b13a3e19ea5fb763e19a8b4d531392e6a5ab8,2024-10-25T12:56:07.750000 +CVE-2024-49703,0,0,288992d3aa938102894ac2e99a54992020fa0d2f0317125261ac0e4de56521a3,2024-10-25T12:56:07.750000 CVE-2024-4971,0,0,e1212bde7e83cc3c65186cf7cb8fd594e3ac7122768fa3e856e479fe91aac874,2024-05-22T12:46:53.887000 CVE-2024-4972,0,0,aca3b401df5f0f8efa87796dd64789aa2cecbea8af4c356f93adc161f1e5b552,2024-06-04T19:20:56.040000 CVE-2024-4973,0,0,c8cb9b832f42f8b36963a1241c53cb5d648196ebedc5ede632c88d17792d2e61,2024-06-04T19:20:56.140000 CVE-2024-4974,0,0,29381f582adec4042105cf6b841ea7b6d4575f99995b9ea6ba695d777207b6ba,2024-06-04T19:20:56.237000 CVE-2024-4975,0,0,d684ecfff12b84901405d8ee54394b9595e6fb8a06328936509cd0d9c152070c,2024-06-04T19:20:56.337000 -CVE-2024-49750,0,1,a7e8b2a926889afed7f90910ab6e5ec3cbfd5fe1c3a7f940d8c01d024ee8d1a6,2024-10-25T12:56:07.750000 -CVE-2024-49751,0,1,ff7d052700c88a06f3721dad1b8cfae38c2356a33cba16eba3e8bf2b6f89cf9e,2024-10-25T12:56:36.827000 -CVE-2024-49756,0,1,17e2aa8675de07a9bb36aad326a0b90c2e6105df968303ed06bc9a1149a476bc,2024-10-25T12:56:36.827000 +CVE-2024-49750,0,0,a7e8b2a926889afed7f90910ab6e5ec3cbfd5fe1c3a7f940d8c01d024ee8d1a6,2024-10-25T12:56:07.750000 +CVE-2024-49751,0,0,ff7d052700c88a06f3721dad1b8cfae38c2356a33cba16eba3e8bf2b6f89cf9e,2024-10-25T12:56:36.827000 +CVE-2024-49753,1,1,4f2cf1543f68230174c4b54915801b1759d37d299845b94e1586784b44ef5f86,2024-10-25T14:15:12.280000 +CVE-2024-49756,0,0,17e2aa8675de07a9bb36aad326a0b90c2e6105df968303ed06bc9a1149a476bc,2024-10-25T12:56:36.827000 +CVE-2024-49757,1,1,c6362d09c2d574e1f0ce09934d73589118196613bc86ccad430e266a30927c0b,2024-10-25T15:15:18.957000 CVE-2024-4976,0,0,fc4df77a0f9a74699614d42497ce42eb6f6db7897f4ce74b0071ab4cbdb2d9cf,2024-05-16T13:03:05.353000 -CVE-2024-49760,0,1,73350c3c15eb518e634dec8ba3e2da01f8968eca1d80c5872e6dfc5d4ab4dd78,2024-10-25T12:56:07.750000 -CVE-2024-49762,0,1,e267f4df9b55b0cddd8b82283d5a577158c52194b354f86421be17fb0c5fcf65,2024-10-25T12:56:07.750000 +CVE-2024-49760,0,0,73350c3c15eb518e634dec8ba3e2da01f8968eca1d80c5872e6dfc5d4ab4dd78,2024-10-25T12:56:07.750000 +CVE-2024-49762,0,0,e267f4df9b55b0cddd8b82283d5a577158c52194b354f86421be17fb0c5fcf65,2024-10-25T12:56:07.750000 CVE-2024-4977,0,0,f1472b15d6219c627718fd70559881283845ced10173940d62dfa6e1d38696a9,2024-08-01T13:59:37.487000 CVE-2024-4978,0,0,5928c3b846f5437fa931d5f8f8094b6c99b5e796eec27a2a5602f4b07774db40,2024-05-31T16:03:52.247000 CVE-2024-4980,0,0,1d2b61808b4cae121d6a29c34adc83b7ce102dcc100d7578fef807794b8506ae,2024-05-22T12:46:53.887000 @@ -263156,10 +263161,10 @@ CVE-2024-49863,0,0,41eb15cefa65add4e21060b9ff62fd64839f2e02cd81a7af8fe6b7da8453f CVE-2024-49864,0,0,11ee8b000b9a62890a75dd63920e4a33890ab9d058f73a94a2fe3382caeb81d2,2024-10-23T15:13:58.783000 CVE-2024-49865,0,0,c4cae66eab62f15595d2364d0fa9447b0b6ab33d31dbe60340c7ef0ef852d1c8,2024-10-24T03:44:33.947000 CVE-2024-49866,0,0,64fdfad45770d631f65ff417b8e0b441a9ced54aafec781f55abff0506219420,2024-10-23T15:13:58.783000 -CVE-2024-49867,0,1,27f10c02b98c806368112595f5ba4ec95781f3d6d3c3943c70e91fe73d7475ae,2024-10-25T12:54:27.637000 -CVE-2024-49868,0,1,37d398c92c20d512e80ede963848deae75bf0eadb962eb2205029a61fa927f31,2024-10-25T12:54:45.453000 +CVE-2024-49867,0,0,27f10c02b98c806368112595f5ba4ec95781f3d6d3c3943c70e91fe73d7475ae,2024-10-25T12:54:27.637000 +CVE-2024-49868,0,0,37d398c92c20d512e80ede963848deae75bf0eadb962eb2205029a61fa927f31,2024-10-25T12:54:45.453000 CVE-2024-49869,0,0,1ef7e6775f5061caa7e4dead4df8426a79419a75af385b7d702a23087606b23b,2024-10-24T20:28:21.597000 -CVE-2024-49870,0,1,e81833aefea057b5823d9cca085dcd9c92f3e703d9544affbcd6126d5d085f70,2024-10-25T12:55:03.577000 +CVE-2024-49870,0,0,e81833aefea057b5823d9cca085dcd9c92f3e703d9544affbcd6126d5d085f70,2024-10-25T12:55:03.577000 CVE-2024-49871,0,0,c02508465ea9d0c1ce0cc95a6cd2e44aadfbb3634ea87e7cb860d1d87e5795b7,2024-10-24T20:22:19.530000 CVE-2024-49872,0,0,f6cbcd97baebde3f8280c71cb6b25b64732424c878389d8a2470cbdc55168647,2024-10-23T15:13:58.783000 CVE-2024-49873,0,0,9dd0affda433e9ea1287a2619ec66001c95cda8669905ec1e1e5816fb33b6e00,2024-10-24T20:22:42.387000 @@ -263170,31 +263175,31 @@ CVE-2024-49877,0,0,d6737343e2e6d35b24e2372e9def747b4bc65b280702cdab9fa882c146701 CVE-2024-49878,0,0,b8c9bc38c52857d113170f626183012a77e29f98422a41470a6d55d4836a25af,2024-10-23T15:13:58.783000 CVE-2024-49879,0,0,4ba4f4e2755978e6b26e142493deaf8ac3f7043a28c24533d747809c633568d6,2024-10-24T19:59:12.897000 CVE-2024-4988,0,0,ff557f66f633c813e65ed42f6b56820b4233d3efc23d00548e6797ba166f3d35,2024-08-21T03:15:05.460000 -CVE-2024-49880,0,0,451749fefd67e74bbeb3c0f709643bae60f2a71eb71ec77d830a94e7a1231b73,2024-10-23T15:13:58.783000 -CVE-2024-49881,0,0,a457e708f151afe70f4353ab787a197eced712e7eb008a4ae460560f613817df,2024-10-23T15:13:58.783000 +CVE-2024-49880,0,1,09fe78431a330c18b67c01afff178e830e795e339c621997697590ac350f25d2,2024-10-25T14:42:58.203000 +CVE-2024-49881,0,1,1ac9145b68c4c2f4b94a95036353c1fa0b7d91749fafecd38814d212a6b25661,2024-10-25T14:43:18.153000 CVE-2024-49882,0,0,e28c808ad906fdf2d8b42e0337e716f32ce905464511139ffb16f8cabedad72e,2024-10-23T15:13:58.783000 -CVE-2024-49883,0,0,9716a4fde73a53061a7723088c0d40d3adc026fa1e880e0f5c5a85406e7e81a1,2024-10-23T15:13:58.783000 -CVE-2024-49884,0,0,4253c12c5a9400a34fd27d4f356e84e2304acbdab19f2414b5baae55a96e79dd,2024-10-23T15:13:58.783000 +CVE-2024-49883,0,1,ec0c00eef433bb3796bed996ed868314c1b85ed97638d00f928723bc15db1673,2024-10-25T14:43:29.440000 +CVE-2024-49884,0,1,56a97b328b797787713298030e345a1d9221c8bf304dc1e9b48c5401307c47fd,2024-10-25T14:37:00.070000 CVE-2024-49885,0,0,7454dd4079942ea8aa368264550142902e9d91264028a0091b5e06c3e31015df,2024-10-23T15:13:58.783000 CVE-2024-49886,0,0,d058b0110cc7ae718a3f90fe7bd717654f8b8374ccdac41e3166fd761799644f,2024-10-23T15:13:58.783000 CVE-2024-49887,0,0,e6db44b39cc00cffa6a621a85bfcf2139e4599af1b439fcb766e3952fb2c09b3,2024-10-23T15:13:58.783000 CVE-2024-49888,0,0,3f840da09cb58e8af69d24768fab0f04d52756c1cab879ffca1acbd8ff14327a,2024-10-23T15:13:58.783000 -CVE-2024-49889,0,0,190f37570d0338921a636ba2218dc229dabb2e2bb6c7df0fb584b720e7afefb2,2024-10-23T15:13:58.783000 -CVE-2024-49890,0,0,0344bb4b2e74084bb110984cd7cb15fc17a111b45e887522ce53a453cda58527,2024-10-23T15:13:58.783000 -CVE-2024-49891,0,0,1525f71483987227d889f020192eb4227580ac422200b0b0c58dfa345d498522,2024-10-23T15:13:25.583000 -CVE-2024-49892,0,0,c1416ac252f04fdab07ec36316b59cdae9170438e2419997d80c63c42701d4fa,2024-10-23T15:13:25.583000 -CVE-2024-49893,0,0,9831c49185790cfdd9ccaad9659921768e47b7538b2b05ea48dd7276a3d1ca93,2024-10-23T15:13:25.583000 -CVE-2024-49894,0,0,9e36c91fccd71a8140e4661b6b035e0f2c06854597fe9bb3fc036e42471579cc,2024-10-23T15:13:25.583000 -CVE-2024-49895,0,0,41e5b854547bb803be9c30afa2de7e0107599d5fa73a1d8d46241692e713844c,2024-10-23T15:13:25.583000 +CVE-2024-49889,0,1,3c863e63fd48c3db3419430a21a4d8c911f6ac7efa3158f64cf41f494445bbca,2024-10-25T14:37:34.400000 +CVE-2024-49890,0,1,585d995237d21981fb3b6b01c85816c0030dcc831f475278287062aff66de7b2,2024-10-25T14:41:41.680000 +CVE-2024-49891,0,1,d4a8cbcb6210dfe0148e3c78f189f223e8712de66bdeaea637d3f10c8e45cc0d,2024-10-25T14:42:27.193000 +CVE-2024-49892,0,1,de117843bce9902cbd5b0837be9e8525ced69404f709fcb10df4d4ee9a048442,2024-10-25T14:32:23.250000 +CVE-2024-49893,0,1,3717b4ca8d6b80b2332e3b4380301399a14ffca1d81d79c6e015fddfeebdf47a,2024-10-25T14:32:44.987000 +CVE-2024-49894,0,1,9eae7e9161fe1c02c7d95140789ecaced8a9c812472329ac2732c53169ffafcf,2024-10-25T14:32:58.803000 +CVE-2024-49895,0,1,a3362f6bbc386ce7ac26fe74d5d3d062bbc81e580aa1a7c79c54383b794d854e,2024-10-25T14:35:35.013000 CVE-2024-49896,0,0,3f1380eb65a46fd6c140a7018d3ebab6411c8e058bdb4421ef2ac6f41502b6df,2024-10-24T03:44:44.747000 CVE-2024-49897,0,0,f31524e1efc8ee5a9e73df951a18e06d10291aa5962ae940870f2cbc30aa66d4,2024-10-23T15:13:25.583000 CVE-2024-49898,0,0,b092955f008db9bd659627d8317ec57437e56c320204da394d02abc43f25a786,2024-10-24T03:43:20.723000 -CVE-2024-49899,0,0,a5f0145e815e0fee4eb42b4cfc98f9b8063718c43f49bd73f572e98a3301f0b7,2024-10-23T15:13:25.583000 -CVE-2024-49900,0,0,27f48280c2f7cf39a5eb5145a0ea91dee32362c0db93202141cc5370b19a9f59,2024-10-23T15:13:25.583000 -CVE-2024-49901,0,0,4c85a2a78714f180373a34b94a0c3030c446af18abe94b8c49f4841c023b7714,2024-10-23T15:13:25.583000 +CVE-2024-49899,0,1,93ca62dc4cb1f1b306f0d3b08db6fe171ff8e5656153ada772fdf9658d13299c,2024-10-25T14:35:52.620000 +CVE-2024-49900,0,1,05109ec6c753a9a5c4fafd0be348a76583349efc8e0b705e507cf20b2298c450,2024-10-25T14:24:23.710000 +CVE-2024-49901,0,1,4f68e53c02004eff12bd733174d930c7b48002facfffbf9a6968982a8338152e,2024-10-25T14:05:16.967000 CVE-2024-49902,0,0,3fe235ed65651ec18a8b1f6f0acf83e71c546f542c12b0c09828768c24b587f6,2024-10-23T15:13:25.583000 -CVE-2024-49903,0,1,2539e5e120442e7cdfefdbc99ff64f4cc7dbf0fb64facc5f0a4d31d992b6f119,2024-10-25T13:40:06.810000 -CVE-2024-49904,0,0,7493ac321f6503f4e18c67ad0882fc55725cebe44088b8d8d961e60946b59037,2024-10-23T15:13:25.583000 +CVE-2024-49903,0,0,2539e5e120442e7cdfefdbc99ff64f4cc7dbf0fb64facc5f0a4d31d992b6f119,2024-10-25T13:40:06.810000 +CVE-2024-49904,0,1,97945585b118f8c6be2209a6e9d3878cf1ef61a3baa5c195d66ae59f1158b386,2024-10-25T15:54:47.737000 CVE-2024-49905,0,0,f4631ee47058363e32e11b4aea202efa20a8c8c9448ca3ac5797ac4437398718,2024-10-24T03:43:35.477000 CVE-2024-49906,0,0,91af29781076ace205124cb2e2712db1c968b1334d64667cfc3afb832aba98a7,2024-10-24T03:43:55.397000 CVE-2024-49907,0,0,b89d56fb72aebc43378e0219ffbfea754ad0b03b512db3e35c2523267519507f,2024-10-24T03:42:38.270000 @@ -263210,32 +263215,32 @@ CVE-2024-49915,0,0,20ed63f989ef6a3325be01e3eba38436924669d497ab74a555eed1da2d1f8 CVE-2024-49916,0,0,2edac145765d8fc598aad9ff910680f77ffbb99e6c11576aa209b5351f4c9fea,2024-10-24T17:03:19.457000 CVE-2024-49917,0,0,569d41b05afb4d90d6e33110de7bd2003835815a26ed05b7e280217516be7449,2024-10-24T16:54:05.930000 CVE-2024-49918,0,0,5eae7ff331f8de48785ff962f1f32a8b776d3cdb2b236155202d9dbd16926f4f,2024-10-24T16:49:57.453000 -CVE-2024-49919,0,0,b8220512b2f54a750ee311dbfda4f6730f8465019395efefcd7cd5e904006c7e,2024-10-23T15:13:25.583000 +CVE-2024-49919,0,1,6d02ad8c0190574f92e249fe7b9f0e422d5a33453dc5a05d96835abbf375e04f,2024-10-25T14:55:47.027000 CVE-2024-4992,0,0,e061228a83f2d41e21e64f404fd50aefb3a354b638438e4cf4870e41885d01e3,2024-05-16T13:03:05.353000 -CVE-2024-49920,0,0,1be42ef77ee9fc1c65ad81ab0dcd66fba1641a6fdde817094ddeecfb3f06d5d0,2024-10-23T15:13:25.583000 -CVE-2024-49921,0,0,6967ef728c2f67d4bb212d10da40edb6fbaf0fe7acdb581bbe0d307f401b8b13,2024-10-23T15:13:25.583000 -CVE-2024-49922,0,0,ca91ba7162cc32dc4e2cf14fb163208d854cd671aa75638cf4d3976a29621ea0,2024-10-23T15:13:25.583000 +CVE-2024-49920,0,1,88bcc864c6e3784f6c0f5adcdacb9992c94c692ea7f226985fdc229936979b19,2024-10-25T14:56:32.303000 +CVE-2024-49921,0,1,bb51ef53024220ee2e44a825027a51bf6c5ca654c7f83eb27ef904e27babde55,2024-10-25T15:01:21.077000 +CVE-2024-49922,0,1,f7dbe3bddb75bb3ea2b5380d42f021bcf9f8034ec34fcdbbeecea2d0b58e774d,2024-10-25T14:56:06.057000 CVE-2024-49923,0,0,09ac36e1842b66b81133b68e0fa1454145946558f64c3262440b063666a332ca,2024-10-24T19:43:27.327000 -CVE-2024-49924,0,0,e3e9d77dac8e6a933e59737e42ece4edc4793234e163acb67d340babaa85575b,2024-10-23T15:13:25.583000 +CVE-2024-49924,0,1,a10707e355d814a05371bb2b400c5423dcf6365018716ac455fc54dabf6654c0,2024-10-25T15:21:40.623000 CVE-2024-49925,0,0,6717452f4abf1a8f70ff5a0320447c3ada5e06f5537ce54743f004253e0476ee,2024-10-23T15:13:25.583000 CVE-2024-49926,0,0,c340907a54f3f82bc1267ccf326bdc9da10ebc5c7cb46a2ab73c0d413d3ff7bf,2024-10-23T15:13:25.583000 CVE-2024-49927,0,0,80092bd69a60e7db046e7721161bd2b361d15ecd0245c57dbfc59dd407a5dd94,2024-10-23T15:13:25.583000 -CVE-2024-49928,0,0,544457369adc751d5efb140eeaeee10b79f7211aecea480971d43213fefd498a,2024-10-23T15:13:25.583000 -CVE-2024-49929,0,0,9b521152d38f4615a7b12d9d048aaaff3ebdad923ec3ab76ad4d1026438745e1,2024-10-23T15:13:25.583000 +CVE-2024-49928,0,1,8e84a2aa26c14268cca8858510196348b8604528002bd2f6ac4bef54b852d76f,2024-10-25T15:22:31.013000 +CVE-2024-49929,0,1,409fff6f1c13ae1c406792ee7f9444fe8bf4ea113f439e03b8d1297690597cfc,2024-10-25T15:22:53.763000 CVE-2024-4993,0,0,e0839a9575413089a3f10a1147258f2a987a3e24cb291a41fcab67561670893d,2024-05-16T13:03:05.353000 -CVE-2024-49930,0,0,e33a0f89b739a01814f632ae6fd71a4506b382062bc41fa4ca5b8f786929c03f,2024-10-23T15:13:25.583000 -CVE-2024-49931,0,0,0bf7cec4bcf233bcc5e67b03d626cf21e54f2688e5aa67100f6fa5b5cc24583e,2024-10-23T15:13:25.583000 +CVE-2024-49930,0,1,4f6d566d38e98cfef81aa3c468e55508e5ddacca4ab92a3aa3e190b5b39ab22e,2024-10-25T15:23:14.283000 +CVE-2024-49931,0,1,c64e6a507a81e93e0a0fbd52f6d868b83dce69bbf375c0c8265267d61314b728,2024-10-25T15:16:07.980000 CVE-2024-49932,0,0,e5188c7ee1c1972b05d3687d2846a4c04fb0ddad3d4fdc696a14fd6fd5b3f9da,2024-10-23T15:13:25.583000 CVE-2024-49933,0,0,19c189adea2c51f30368218900eaf8147078b0b49ef8fa469c43040d096ea648,2024-10-23T15:13:25.583000 CVE-2024-49934,0,0,e37c6ce2db6489d7950418452ae8950ea036544ab18fb721f3040d7c2ecacadd,2024-10-23T15:13:25.583000 CVE-2024-49935,0,0,47ec8d85e946423f2b5a7d6f760f5940e7dec7c60deca4cdde6ceadd824a68c0,2024-10-23T15:13:25.583000 -CVE-2024-49936,0,0,d7807b7818c4bb2d8ce0ec04aabb1f3544d5a8d9419132d6f08684cc8424e45d,2024-10-23T15:13:25.583000 +CVE-2024-49936,0,1,53b60eee50934e6330711ceaf5c84de680cbe1bc85ba946b907431818ed4e720,2024-10-25T15:16:22.713000 CVE-2024-49937,0,0,fbe6451c8c5411e80e94bbe8a5b20cc7de2c60b897db9c68851607b7663313dd,2024-10-23T15:13:25.583000 CVE-2024-49938,0,0,b09fdb8ffc6d5bd9de59db6069511d5913a2762d8b413226026de2322576dd21,2024-10-23T15:13:25.583000 CVE-2024-49939,0,0,402d43d358a15010064d110767edefebd01db49ff6b25ef8d93e0a2b850281ad,2024-10-23T15:13:25.583000 CVE-2024-49940,0,0,2e190a7774264c10f5b4bfb57ed4ea08bed9643d1920281d3d935207593158d9,2024-10-23T15:13:25.583000 -CVE-2024-49941,0,0,c50bd07219a1423cc59298255706fb1962f26493f4a2a3e0fd35cb9777b6459b,2024-10-23T15:13:25.583000 -CVE-2024-49942,0,0,b98fb0b0c98b42d695c4c1ad854b813801232df1e1dddfded32eb0450b2fe18a,2024-10-23T15:13:25.583000 +CVE-2024-49941,0,1,b3da1a021545935ffaca2b9847684775ba3cc9b8435719cbf248706bcb1aa694,2024-10-25T15:17:30.543000 +CVE-2024-49942,0,1,29368c54b2560ed8564591b764785ef1f8b272b1a5154512293cafb7aaf5bb26,2024-10-25T14:56:59.397000 CVE-2024-49943,0,0,c3614511322770c16ab293e578f901ae8604118536f12a561f6871b2e4e64082,2024-10-23T15:13:25.583000 CVE-2024-49944,0,0,a5c39556d594e40e637b5d4bce6dabeb8fc6b6740ae1330c7d32ed8079defca7,2024-10-23T15:13:25.583000 CVE-2024-49945,0,0,8830ebf94239bc1c89548ddf5790035646bb82b6726d019b6557ea104bc21136,2024-10-23T15:13:25.583000 @@ -263276,8 +263281,8 @@ CVE-2024-49978,0,0,d1d022627966490e425b664f8063a108568b0f5033ee2065467ad5efe1a2a CVE-2024-49979,0,0,af031dedc92de72c54d427a92e62fc2853294f38d0fdf026f9d854688a1c6e3a,2024-10-23T15:13:25.583000 CVE-2024-4998,0,0,fe1bc994ac10ee97dd90e00ffa3b2211d68ef77cdb160f8aaa68bd1eee2d92b4,2024-05-17T16:15:08.160000 CVE-2024-49980,0,0,1b7f876e1e74006c4cbc36f26a364fbc1043d115c2b25809299afdde070e9fbd,2024-10-23T15:13:25.583000 -CVE-2024-49981,0,0,abf3d30af0b7da12daa86f749619a258de3be687f035ffbcb225c27748b23822,2024-10-23T15:13:25.583000 -CVE-2024-49982,0,0,9677db1ad3aaa145e208c49ddeb7ec3d7018fb102c140cc722b06c22f2e07fa8,2024-10-23T15:13:25.583000 +CVE-2024-49981,0,1,be8906564b57b0b9a043fe42c3d38b8548c4c2cbb0858120a7fa2fad8e2b8ee7,2024-10-25T14:56:40.073000 +CVE-2024-49982,0,1,1ae51728dfad6dc77da9a9af15e226c1ee61eeb30c84012b23419f82a91617a3,2024-10-25T15:08:03.790000 CVE-2024-49983,0,0,a8ab82f4196f5cdde113b23acc0e392f7ce69758223b37afd8356b634ec56e89,2024-10-23T15:13:25.583000 CVE-2024-49984,0,0,52132884d98254bcf3670a6c5035fab9415ac6c1e9ca87fbf0878fa15bfb5d0a,2024-10-23T15:13:25.583000 CVE-2024-49985,0,0,6505f687f4eb9245242570ba51d30471acb035977a44ab969f22173c754f5a44,2024-10-23T15:13:25.583000 @@ -263288,9 +263293,9 @@ CVE-2024-49989,0,0,b0266992e9e68cde51259a4c15d0630c79796c1acece427b6a30c5a2dc4e9 CVE-2024-4999,0,0,aeea1ad154336e8cbd739fb19642e978908300b067641ea9bc4ea587cb0b31ba,2024-05-16T15:44:44.683000 CVE-2024-49990,0,0,e1d70beb5c3ac0c9d76d00adce179924ec0e97ef68d2e89f39fbefb01b11d6b7,2024-10-23T15:13:25.583000 CVE-2024-49991,0,0,2fb930d0a7a3c2773f0499a4ac914a761eade3a99dfddc4271f3a9d058939c0f,2024-10-23T15:13:25.583000 -CVE-2024-49992,0,0,f0614aa14cd4a2b6ccac57cac86d4616d97c178a368e730c80c96253894fc745,2024-10-23T15:13:25.583000 -CVE-2024-49993,0,0,431e09872aad235bfcce9475c34ad382bc8db37c02902a317629c2ff678fa4dc,2024-10-23T15:13:25.583000 -CVE-2024-49994,0,0,0ec99d0f3759788296e81b13c827a29b7ece490ae9136187cd8cbf4199412c39,2024-10-23T15:13:25.583000 +CVE-2024-49992,0,1,552b9e8ee31b9d2986b015547bb9a5ad1516a945b66e9c2d1491a0c82371c9bc,2024-10-25T14:52:00.273000 +CVE-2024-49993,0,1,173745e8fc0b2f51f6583b765f43b75fc7379f37eeab514e19093d1e0bbc2187,2024-10-25T14:52:19.167000 +CVE-2024-49994,0,1,b259470c6938b01fe0b06a9ea53deb1f1b59fb7f77762cb60813754903d6329f,2024-10-25T14:52:32.877000 CVE-2024-49995,0,0,b14274080bc6cde5e18285c4271101e0fd75dd4ad1b68ac92642bd34920a24f9,2024-10-23T15:13:25.583000 CVE-2024-49996,0,0,09919f5bd92b6ffa4ceeb00f48af54ba697342e221271cbab43696a2c7a40ce0,2024-10-23T15:13:25.583000 CVE-2024-49997,0,0,4f0d5cbc938668da4cca12e8619053d4fe51e93b90646e0ffb3c7559200d809e,2024-10-23T15:13:25.583000 @@ -263317,31 +263322,31 @@ CVE-2024-50015,0,0,6d4bf18cde3e91eef710a5b6ca23cc98ba4179d8758cab4bc07f83164bcd0 CVE-2024-50016,0,0,150cc155a5101207172a6ab21de9b50c216ceecbad4a50f73bb2b1561ac16362,2024-10-23T15:13:25.583000 CVE-2024-50017,0,0,4fcef121f58bca52e096970b6b422944c415a23596af63574c5ac44a02eb4de0,2024-10-23T15:13:25.583000 CVE-2024-50018,0,0,0ab552b7de0854c620630fdbc4c5dd46fd08e7915ae706c165d1b10fd64bea68,2024-10-23T15:13:25.583000 -CVE-2024-50019,0,0,99e77dd699dbe9a522853392f88ef6266dc3d0a01734496b75cba5bdb8aef72f,2024-10-23T15:12:34.673000 +CVE-2024-50019,0,1,d8994edc51fb202404bc99651a5a3068f2ced8d7ea559aa9a79a920af775bb92,2024-10-25T14:45:56.190000 CVE-2024-5002,0,0,28b740bd033d1abfd76c98a370fcc8a1a0efc6df8c7198f0eedf875190207207,2024-08-01T13:59:37.720000 -CVE-2024-50020,0,0,411f12f61c92a528485eff6d7c3ae3c74ad69154b48f54563f0b8203992999de,2024-10-23T15:12:34.673000 -CVE-2024-50021,0,0,ff4b3176fa12cf909811c80c853a89d71c3fe0bbbbefcbf82bbfff4512213e7e,2024-10-23T15:12:34.673000 -CVE-2024-50022,0,0,ea418e48f6505f27f5db2025c81734733949c8de5ba46fcbcb6d0ffa98a3cc17,2024-10-23T15:12:34.673000 -CVE-2024-50023,0,0,439a0fe98f12f9d7d705bbe6bc5fced5ee3b2f50f863bc6f6833062fce3be5c0,2024-10-23T15:12:34.673000 -CVE-2024-50024,0,0,48c5c81407c92e4819c5004b2f1a0f924c1171ce728f5887bef940da75b05309,2024-10-23T15:12:34.673000 -CVE-2024-50025,0,0,c18eec9799463d58747187173a379279804fb3bd44cdd70ace4fc4c67cf8994a,2024-10-23T15:12:34.673000 -CVE-2024-50026,0,0,8c359b43a83ed1f500f190e5655944e29d49cfecebb7baaf0d603b29102f3148,2024-10-23T15:12:34.673000 -CVE-2024-50027,0,0,f3793817d49adb3d8a1f6f18c6ee3a297e09900f04a0e68dca6150f747a239d3,2024-10-23T15:12:34.673000 -CVE-2024-50028,0,0,4dca9dda6427e2b77ea004dac42687b499391510225f390364dba3406e2be0a1,2024-10-23T15:12:34.673000 -CVE-2024-50029,0,0,5f6107d7d4831614ddc9053b9e55e8540424e84fb4dc9d79b8ce0bbe1b1d84d6,2024-10-23T15:12:34.673000 +CVE-2024-50020,0,1,6661d43351c3469f03e20f3e76c98c07a0ed5f6d6c8216674628fc4e4b1c99b7,2024-10-25T14:50:42.230000 +CVE-2024-50021,0,1,57898aec5b1884b47d938a7c111f0959d068fd1db827ee35c06871b16a31f2f4,2024-10-25T14:52:13.890000 +CVE-2024-50022,0,1,d347f317ab0388be7e02e3c067a725743f4f4a2ec5fe9c3616767a56611772d5,2024-10-25T15:05:57.403000 +CVE-2024-50023,0,1,67f390b3621c869ad7858ff2cf441444955c6d93a2b1b8f79163356225513f54,2024-10-25T15:07:10.487000 +CVE-2024-50024,0,1,60b10f77c40cd33e6bb0c36c232abbcb5b954e0ca64e6e3e63daeff17d1f716d,2024-10-25T15:08:58.293000 +CVE-2024-50025,0,1,996c9003bb36be85d02a1f00c0b7117f395f6400ba523ac2e3036745eb98fc43,2024-10-25T15:12:00.453000 +CVE-2024-50026,0,1,2ea88617c927e9b4efea5125e99e0520462e67a640d28198604f210d9ecb47e7,2024-10-25T15:13:04.783000 +CVE-2024-50027,0,1,911e9c91ef791dfbec8fa7d37f12e0e3766dc424c106bb3bfff768993b582c21,2024-10-25T15:19:07.347000 +CVE-2024-50028,0,1,0c515280c45f3dd7f31bd68af88438fbc3171240e30f91b92e80aff6248b67e3,2024-10-25T15:21:23.237000 +CVE-2024-50029,0,1,c0c360b215c9e9abcd71b930acf9abae8a71f87537f3ed68d96671a274f6cdc8,2024-10-25T15:27:06.047000 CVE-2024-5003,0,0,657f01af6ae4ffebd5508957e0a4ee664437c9c42d64fc0c4eaff54aefed6593,2024-07-18T16:18:33.020000 -CVE-2024-50030,0,0,0347086f25dca26915e1436dcfd2de7f4b8fab3635e9fbe7eb8d2175af5dab95,2024-10-23T15:12:34.673000 -CVE-2024-50031,0,0,cc20af791cbec3a7c1c3bd59071b20e2915a6a03702994dd9f9650b8797df511,2024-10-23T15:12:34.673000 -CVE-2024-50032,0,0,9431344800434d7ee15e18d71c026f970a422c249ecc1b3c7c4159bc2d6ab597,2024-10-23T15:12:34.673000 +CVE-2024-50030,0,1,03dbd5d823688fd0af763e471a3b418e54005c1e956fa6537490ce9e6a34ff8e,2024-10-25T14:06:40.707000 +CVE-2024-50031,0,1,0b57c92713e63d7fe3c7a4dd4a9f3e5628c6fd6668da6ddb5ed55a8e13878ed1,2024-10-25T15:30:15.727000 +CVE-2024-50032,0,1,637e150873829d1b7c3d3a118914d460721e34274ed685e063d54b031f3cb675,2024-10-25T15:34:22.353000 CVE-2024-50033,0,0,31b01ea83bcca81918c070b63b5485c88672f34d727199970bc597721f06bb09,2024-10-24T19:56:04.097000 CVE-2024-50034,0,0,ef0ee6c054fa6d95d82a1cc5e3a063aef10790efa19e561bb55f1a0df403b297,2024-10-24T19:56:29.170000 CVE-2024-50035,0,0,9397571eb914efebc6686d6fee86d3765ca656654c3527a13621032f6dad372b,2024-10-24T19:54:01.987000 -CVE-2024-50036,0,0,28901e0166f56dd1988eca00f958e5283f611146fde3cc7b000114e6ee533ed9,2024-10-23T15:12:34.673000 -CVE-2024-50037,0,0,4ee031bfddc4e8f99ddb949f282f6ad1a356c779ae1c3537126fd37e56dbeca8,2024-10-23T15:12:34.673000 -CVE-2024-50038,0,0,13f261ea139b7c77c532175eab38c9e4be7c3afe3db507ae1ed5105376d28292,2024-10-23T15:12:34.673000 -CVE-2024-50039,0,0,75801edb89c7be222bf7c69a5ad76563c04d4f50df342fe887cbc18b83b75ff9,2024-10-23T15:12:34.673000 +CVE-2024-50036,0,1,60a1a4b858213092d68cae7308e6acf0703fdf96f5ea416b5148c342d060a7b6,2024-10-25T15:41:31.273000 +CVE-2024-50037,0,1,7b8bd0ced0d5a92e759859fc7f266b7f65512be91ea2b7830f75e01b13b64dae,2024-10-25T15:43:07.520000 +CVE-2024-50038,0,1,5139188422bfac2a9578e368c33cca37aad41d76348b8b556e0dc9e15f35e6c4,2024-10-25T15:45:51.340000 +CVE-2024-50039,0,1,7079ea2b935dafa93e7976f635f7aad3260c3b73e52698f049796deadf4fedf6,2024-10-25T15:47:04.950000 CVE-2024-5004,0,0,dbb46916d3eaa00ba190ac36848b4f73f0fcf9ebf3415c8f81f52119cf8e2d54,2024-08-01T13:59:37.913000 -CVE-2024-50040,0,0,981131558689eff63e7408bc26260009c579c8ae379b09b9fc858d45385e4ec1,2024-10-23T15:12:34.673000 +CVE-2024-50040,0,1,c600397ed5db675b91dfd477397420650cbf03346591e3d007a9232ee3d97f1e,2024-10-25T15:49:33.317000 CVE-2024-50041,0,0,d48ad1d9e36b6ac3d6d954212f935345fcc28a78e693e8da5498dd1085259517,2024-10-24T19:31:39.373000 CVE-2024-50042,0,0,47d7a84ed9d469b00f4e210ab7562f73a18e6669a1c07a4576676ffef293e83f,2024-10-23T15:12:34.673000 CVE-2024-50043,0,0,2972cb53a30dd078fc2eb8fda442a65781870d0dbaebb36d8be92565bfd7f051,2024-10-24T19:32:21.480000 @@ -263394,8 +263399,8 @@ CVE-2024-5035,0,0,592ce94ebba91d65c9cac29085dbc465d14be23d13ac08f1e0101f9ce552a8 CVE-2024-5036,0,0,e97b40bd40cf208c311323e6564cb1ded96d8cc433059436a8705289f1e02a66,2024-06-20T12:43:25.663000 CVE-2024-5037,0,0,46d4a5c4b83922b1ee19bcb8bbc97a0a290a2086fb5a073395bdb9a5e03441e0,2024-08-19T17:15:09.807000 CVE-2024-5038,0,0,99b942f340bd77179350025250d1eccbd97ee2b6f6339af49bfd1a72be63cbf5,2024-06-11T17:41:37.883000 -CVE-2024-50382,0,1,f0709ea17e5f95032091a174ec66193a9596281fe9af192634610c6cbe74c173,2024-10-25T12:56:36.827000 -CVE-2024-50383,0,1,e2190fcc52d7d22ac332b0c05a25a337fdc4e67265af4d4eac38727251637b62,2024-10-25T12:56:36.827000 +CVE-2024-50382,0,0,f0709ea17e5f95032091a174ec66193a9596281fe9af192634610c6cbe74c173,2024-10-25T12:56:36.827000 +CVE-2024-50383,0,0,e2190fcc52d7d22ac332b0c05a25a337fdc4e67265af4d4eac38727251637b62,2024-10-25T12:56:36.827000 CVE-2024-5039,0,0,d4eca04aa1b7f16d8be388592f13108d7bb098b959dcbbbcd1cb04ce7429f2b9,2024-05-29T15:18:26.427000 CVE-2024-5040,0,0,28e80b4d31908c888f58e8aabf481f59f60dc445c02b92b96b8990cba6ed3432,2024-05-22T12:46:53.887000 CVE-2024-5041,0,0,50ceb705fe91e3598f01bb8363d7099f99df3d44a38bb258c5294ff805069b46,2024-05-31T13:01:46.727000 @@ -263415,7 +263420,7 @@ CVE-2024-5055,0,0,346404cc585681a2fe5319ad3cd387f2171e7718710adaf135152ad352635e CVE-2024-5056,0,0,b09a6a74de5b053675f9afc4f104e067ee8a59f791091ecbf85080c4327f1e74,2024-08-23T16:04:14.643000 CVE-2024-5057,0,0,6ac23c507e757b24b72de98245da87576f9a2b62e0f8d57278541740a6070ccf,2024-09-20T19:31:39.437000 CVE-2024-5058,0,0,d66647bea5b47dc02b284e54d31404fc6795bd8a11a408fc146959769533c076,2024-06-24T19:18:35.517000 -CVE-2024-50583,0,1,33844ee6f70d1904cf415aeef3ae5427d33b82005ac29860bbe96ab9f0ec2058,2024-10-25T12:56:07.750000 +CVE-2024-50583,0,0,33844ee6f70d1904cf415aeef3ae5427d33b82005ac29860bbe96ab9f0ec2058,2024-10-25T12:56:07.750000 CVE-2024-5059,0,0,b0901ef33b8b4d50fbd07542bb49b954ef3e45e5d8bea77c76cb9c3c21bd9422,2024-06-24T18:49:29.467000 CVE-2024-5060,0,0,70a4b23a22f78db2884c1ce0fa906b767ee25d155e7de23427bff751940319e4,2024-05-24T13:03:05.093000 CVE-2024-5061,0,0,acb15fde0f7701ee7d55862ecbc276a299a2eba41aa60a0bce397763155cd902,2024-09-03T15:11:56.787000 @@ -263911,7 +263916,7 @@ CVE-2024-5604,0,0,027d101e3d13ee1355c5d00a90e628c742a0d98d010571ef0346cd7c4d8886 CVE-2024-5605,0,0,e4ab13f44aee681834db0b09d11c486a794d1d811bed7db97810cd3bad2b3e86,2024-07-17T14:02:16.537000 CVE-2024-5606,0,0,954b2855130670426569975aef75e63a345bb5d86a76ecc86734db71e762262f,2024-07-08T14:19:15.450000 CVE-2024-5607,0,0,ae3ce9023a2ae1c6b37a7951db185bd6eb638714bf41f7bd2c0952a16523527d,2024-06-07T14:56:05.647000 -CVE-2024-5608,0,1,91d3b8760217c3d2e17ddc8bd099d48bf3bda4341e3d053182f418df616ce552,2024-10-25T12:56:07.750000 +CVE-2024-5608,0,0,91d3b8760217c3d2e17ddc8bd099d48bf3bda4341e3d053182f418df616ce552,2024-10-25T12:56:07.750000 CVE-2024-5609,0,0,4c03a855f07c8ea18d8e7a70e1e2d3467f32254daea5abf62f130fb919fa93d1,2024-06-06T19:16:09.920000 CVE-2024-5611,0,0,257f707c49e1adeab5f30937de3668453c65dc87c2e8ac71cda38f1fe1bbc4e5,2024-06-17T12:42:04.623000 CVE-2024-5612,0,0,c48d9d85ab6fb6f375c9bae41bb41f013f62cc7d97e523d92c986f223f9ac364,2024-06-07T14:56:05.647000 @@ -264044,7 +264049,7 @@ CVE-2024-5760,0,0,84cde3c23d2d2e368735b1ee1e1e7d1f39f88e3f7859decf6fc372d134ed6f CVE-2024-5761,0,0,1fdad964c86313b412878f67fac5999c9a1ea015b844614bc58b000414661a53,2024-06-07T19:15:24.467000 CVE-2024-5762,0,0,d5bc2d8a653cdaa83874769146506405c53a3f453aeae45d89ba66c89c40de90,2024-08-23T16:43:19.497000 CVE-2024-5763,0,0,d5febd3ba0b5169f42bc622129fe03814ec411b220c3b4a777b37231365ea7a6,2024-09-03T20:31:30.480000 -CVE-2024-5764,0,1,ae7d42ec8c542e192a5e13dbbed7c535c1e19f9e7ee34e62afcb5859d15bdd95,2024-10-25T12:56:36.827000 +CVE-2024-5764,0,0,ae7d42ec8c542e192a5e13dbbed7c535c1e19f9e7ee34e62afcb5859d15bdd95,2024-10-25T12:56:36.827000 CVE-2024-5765,0,0,79117abfade54ce3ab13d72bbbbedb2fc58ed3797b29d0ebf953e2abb4b24073,2024-08-01T13:59:59.193000 CVE-2024-5766,0,0,1263d0917882c36f131e194bb6b44630da06ab1a17b9faa93d76c1b934e8029c,2024-06-10T02:52:08.267000 CVE-2024-5767,0,0,8d9d357fa8f1e1cae5533e88ea0736375963b6a4fbe13fa9a151a36ba280f19a,2024-07-09T16:23:07.280000 @@ -264290,7 +264295,7 @@ CVE-2024-6045,0,0,efe3be755dfb936847ff2e63b0d55993a7f058e00e5d0482b37d4da99ee942 CVE-2024-6046,0,0,7dad2a883b5a6da9c2e106a85fbceea037db3e317153d640ef723443f1cc0680,2024-06-18T11:15:52.513000 CVE-2024-6047,0,0,85682382a3873811b400f354140b032b3237064163e98177d5be59d88a26c9c1,2024-08-01T22:15:39.020000 CVE-2024-6048,0,0,c67416098261daba4fbb7cd933140c3939f890be764cfd8ea2022f29e8208654,2024-06-17T12:42:04.623000 -CVE-2024-6049,0,1,2bb4170888e2702f59c57a0b46fdd07ea2fc30010d118dfe4b57e848b7ee8a40,2024-10-25T12:56:07.750000 +CVE-2024-6049,0,0,2bb4170888e2702f59c57a0b46fdd07ea2fc30010d118dfe4b57e848b7ee8a40,2024-10-25T12:56:07.750000 CVE-2024-6050,0,0,977e3c1d954bb2d407afb4f807be75a02157bd9cd72111a32e132ff13e7f9262,2024-08-15T17:21:21.920000 CVE-2024-6051,0,0,9740107b5da610f5b7276dc508ceaf0014cb04cfa38f8de362bc7a6604390684,2024-10-04T13:51:25.567000 CVE-2024-6052,0,0,32d564c18d4d17b199f574c28ffe31c1fb3d7a1b6f6859f56e252f37a5a22c28,2024-09-16T14:15:13.410000 @@ -264953,7 +264958,7 @@ CVE-2024-6813,0,0,288fb5f3b41e930aaeda182bc54b653e53d0161372a0e3799ecbdc40b9084d CVE-2024-6814,0,0,de17dadc03a3a7b793b54f2a6cb99adf9aac2d3ddb1fae1587e0c4f510c1fc2e,2024-08-27T15:03:09.817000 CVE-2024-6823,0,0,1e2d1c8757819689d6550f5aeeb754dc03b20b4dd91487b47d8b2bbdb01a8e63,2024-08-13T12:58:25.437000 CVE-2024-6824,0,0,2b5b10cc415939a34f32e5b37be54f877a179f9144de8a5e8476b884ab80faa8,2024-08-08T13:04:18.753000 -CVE-2024-6826,0,1,abddedb129e27da630545079500556677df6390a29a7544ea32b991f1e68fa19,2024-10-25T12:56:07.750000 +CVE-2024-6826,0,0,abddedb129e27da630545079500556677df6390a29a7544ea32b991f1e68fa19,2024-10-25T12:56:07.750000 CVE-2024-6828,0,0,5e3bce0050be5ef41f841daf735b80af46e729368278d26d6a7ddc5bbbdee66f,2024-07-24T12:55:13.223000 CVE-2024-6830,0,0,aebb528fa5990f215bf59ed6adf1eccff7b523ab0519e4c99385be78311dcd92,2024-10-17T13:33:40.750000 CVE-2024-6833,0,0,b0ea48d29166f6347ac218b4f9f93d3f7fc599fd932b64c35cfa55e5a1a94672,2024-07-18T12:28:43.707000 @@ -265706,7 +265711,7 @@ CVE-2024-7754,0,0,aa642088260d14c06ef027c5ebe72633a842f86ac8e6448a2c0c42d526be8f CVE-2024-7755,0,0,ef971a5ecbec92118875058fb4e190fc41fb035586060e0897fad69139da7909,2024-10-18T12:52:33.507000 CVE-2024-7756,0,0,1b8e4c66c7bf8f5bb87e6dc0c53f1d7bb597ab897e7e923ca54d526835e888de,2024-09-14T11:47:14.677000 CVE-2024-7757,0,0,ca7d079474a8e4f4b2f55e1721105da3a15a9e1d63f2bd4356eaaa03e8d55f39,2024-08-21T09:15:04.973000 -CVE-2024-7763,0,1,5d291ab0f3abe69aaa5cb8b4e2fe2341213a548e109030bc89fadbabcbfad598,2024-10-25T12:56:07.750000 +CVE-2024-7763,0,0,5d291ab0f3abe69aaa5cb8b4e2fe2341213a548e109030bc89fadbabcbfad598,2024-10-25T12:56:07.750000 CVE-2024-7766,0,0,4e35bee576a6abfaafa62da3f1b54e408714e45f4e43f63a810722c69e36afe2,2024-09-26T20:37:18.900000 CVE-2024-7770,0,0,c7cdbe9f10cd7fded45408e87450036bd23da653083b9d55869a5992b7da25b8,2024-09-26T17:49:17.457000 CVE-2024-7772,0,0,10ae3b8ddfb97cd1facaede4399b22bddced2619c3d70ce3a321e07353f3ff86,2024-10-02T16:10:49.387000 @@ -266100,7 +266105,7 @@ CVE-2024-8305,0,0,d66b035463acddb1c93013687fce349938f4d85da7d81154c45e44366bbf21 CVE-2024-8306,0,0,8e0a05cb4cc1d2892722cafe041f9325413c92ba2fea525dcf4a3adbe1e3e801,2024-09-18T19:51:14.850000 CVE-2024-8310,0,0,7c8549a7a64d3579b34aa56e199885805550ab7f5a2102b636629253bc8a75c3,2024-09-30T12:45:57.823000 CVE-2024-8311,0,0,5b6832ab4de9e09983d490e9b9cfb24e40403bdf974bac09340ae2b77983823b,2024-09-18T19:12:52.810000 -CVE-2024-8312,0,1,0efa58c9a3b7df8f2c5bdfd09c1052f11675ef50d9e2c1eaba18c214a796103b,2024-10-25T12:56:07.750000 +CVE-2024-8312,0,0,0efa58c9a3b7df8f2c5bdfd09c1052f11675ef50d9e2c1eaba18c214a796103b,2024-10-25T12:56:07.750000 CVE-2024-8316,0,0,3b475263f4e092896f126b94bae35b22c4bf5a5b5af6a3f22b6258e0c397de01,2024-10-03T01:01:37.380000 CVE-2024-8317,0,0,75ca94f8a803caa3f0996235375e7a6ab4757d251a8a35a9b32dc3ad55213ecc,2024-09-11T17:46:03.753000 CVE-2024-8318,0,0,1b5c2a7dc9b75888f87897ddfaf12f7c73553720d33dcd65ceff4420ae5bb680,2024-10-05T02:10:34.703000 @@ -266350,8 +266355,8 @@ CVE-2024-8662,0,0,bdaf5d9d59461992195adcbbf3e9aa44ce17d187816fee0d428bb839e927e0 CVE-2024-8663,0,0,64dc4dfe7e82f016d11c98a8fc5ae4162275012db52dec79b5dc2be6641db4d4,2024-09-27T16:35:46.740000 CVE-2024-8664,0,0,3997b577f06fd6ade8df9705bd2720712ffc514d2a2a019b4c9d40380c5ebba1,2024-09-27T13:48:58.270000 CVE-2024-8665,0,0,f6c99a5ec710565eecc74e7ed4fc9df52dc9e331e2cca577b8f47d511b3aa870,2024-09-27T16:59:28.437000 -CVE-2024-8666,0,1,30a24c1bbf9460c924432e6cd5ca8c12a051c074167deed610c8ef98e65316bc,2024-10-25T12:56:07.750000 -CVE-2024-8667,0,1,7a3b19d0bf0d1fd1a7cae46e1fcf7d6eaf00a43e65e5504b8195d4a48801a6f7,2024-10-25T12:56:07.750000 +CVE-2024-8666,0,0,30a24c1bbf9460c924432e6cd5ca8c12a051c074167deed610c8ef98e65316bc,2024-10-25T12:56:07.750000 +CVE-2024-8667,0,0,7a3b19d0bf0d1fd1a7cae46e1fcf7d6eaf00a43e65e5504b8195d4a48801a6f7,2024-10-25T12:56:07.750000 CVE-2024-8668,0,0,90710183c7816e44ddec8f6349762659d94ce20b0ef640d6ca49967da8f41533,2024-10-07T17:28:08.987000 CVE-2024-8669,0,0,a540528fa4f0bbb5defe17259c589787942e6df5d18ff3bf79d91bf53c9aac43,2024-09-27T16:08:15.487000 CVE-2024-8671,0,0,44eb9fc4ae83bda74c805da6c8f69132f0b0ddef607b7afc290779058022b5c0,2024-09-26T16:38:24.447000 @@ -266384,7 +266389,7 @@ CVE-2024-8713,0,0,83e5cc73079f308b101a704f144a5b41b482803341d183db1c76abb1d6f85d CVE-2024-8714,0,0,2bf1d2039d26904f97b1e8fc522abe5916905f0e0d26ed18e01afb2d802fce13,2024-09-26T20:06:46.330000 CVE-2024-8715,0,0,f0a4fb777a1271394a60c2f9ce37f6ba7325c02d49be07fd888bdf4eaa659dd6,2024-10-01T14:37:08.807000 CVE-2024-8716,0,0,1bb41aeeebe4e896420adf3cdaff53e3d88a64a7e4d1f07d25f8bcb2da122bf8,2024-09-26T17:03:05.487000 -CVE-2024-8717,0,1,368dffda24fa4a0e7c65cdab46adb36b4f8919566e24ccc3243a1b287bc85aac,2024-10-25T12:56:07.750000 +CVE-2024-8717,0,0,368dffda24fa4a0e7c65cdab46adb36b4f8919566e24ccc3243a1b287bc85aac,2024-10-25T12:56:07.750000 CVE-2024-8718,0,0,c97741d12130ad5ba2ed82c528ec11a1af21fad86435451da12c39cec028d14f,2024-10-04T13:51:25.567000 CVE-2024-8719,0,0,744fcf7d72ab5bacabdfb2f8067ccc8eaf21212ff78af93f44b80439bd89826e,2024-10-18T12:53:04.627000 CVE-2024-8720,0,0,2f0e821428fb20df24eeb1115d6165ec35266f54d9cfaa09a98cadbec3449fde,2024-10-04T13:51:25.567000 @@ -266517,7 +266522,7 @@ CVE-2024-8949,0,0,94f40160361f975c890254d75f4744160f14879e40b4ff8ccedc3965bc21b6 CVE-2024-8951,0,0,888c97aa442d5e8c89ae77387b914cd3981839dfe932748e6b429d09cccb70f1,2024-09-23T18:12:37.380000 CVE-2024-8956,0,0,67fe3d1874df790c4fe403e5b4da2c61ceb691a22ee76441757b9e4b9f428f5d,2024-10-01T16:01:30.063000 CVE-2024-8957,0,0,7754fe7edeaccf469b1d2d0d834f9e662d3691f603f526c2d85ee83a7186072b,2024-10-01T17:49:25.573000 -CVE-2024-8959,0,1,0dc3502ed244ae66bafd80efba15dddd0bb76667e6d8b2d3ee7e3d6fc71e6baf,2024-10-25T12:56:07.750000 +CVE-2024-8959,0,0,0dc3502ed244ae66bafd80efba15dddd0bb76667e6d8b2d3ee7e3d6fc71e6baf,2024-10-25T12:56:07.750000 CVE-2024-8963,0,0,67fe8ea90f3163df4929d6782956d377bcadef461d17352cf475deabaa8fd4ad,2024-09-20T16:32:02.563000 CVE-2024-8964,0,0,c8fc4fc0d8f6e4149ea3cd0239ed4708c78c8d6f77eb0df4938d6649d94bf7d7,2024-10-10T12:56:30.817000 CVE-2024-8965,0,0,fcd9a7faf9aba17ebbc93d83d1389f5891b9c0797caaf85615a1a91da1ce5a78,2024-10-04T19:04:03.157000 @@ -266616,7 +266621,7 @@ CVE-2024-9104,0,0,f385a86c4e79d8e7c230b3abab8efa50d3fc3e822b1c69d01886fe4dbcd67c CVE-2024-9105,0,0,0cdbd87fc1daf91e234d9d55d0a069fe1f153017fe382631f31d8e30d345615f,2024-10-16T16:38:14.557000 CVE-2024-9106,0,0,e27db71c396a4ccaf2c72a333395893b81bc19abafa7c4f380f448da576e2d26,2024-10-04T13:51:25.567000 CVE-2024-9108,0,0,a5bd0d20b10740e2633e894f79cde5eedf60bb1d894cbb8ab0abf2750035a6b9,2024-10-04T13:51:25.567000 -CVE-2024-9109,0,1,92ffc81317d04a5f58ae681583509b482d53f08c836f7e996194793f616d35bb,2024-10-25T12:56:07.750000 +CVE-2024-9109,0,0,92ffc81317d04a5f58ae681583509b482d53f08c836f7e996194793f616d35bb,2024-10-25T12:56:07.750000 CVE-2024-9115,0,0,1c4e70138ee9590ca65c2e328b29e5a87d064a3f49c7286913d14c3952d00fc4,2024-10-01T13:47:25.403000 CVE-2024-9117,0,0,77f0703e7ba19b3d087cb3250573807a507cc3ac6f6e62f26867d41b190dba74,2024-10-01T13:56:55.893000 CVE-2024-9118,0,0,e4b7000599bfd6bcfc27b5841170337689b823abc233b7c4e2b79d17c730d1a4,2024-10-04T13:51:25.567000 @@ -266671,7 +266676,7 @@ CVE-2024-9209,0,0,02f8d10156b55c480185cf79dd6fdc61c3ca58517fd3619bf848f85895c40b CVE-2024-9210,0,0,3a96d77d31ae9d7d03fb36944bbc08403b6a23f29847ff9570c75435783fa55d,2024-10-08T15:34:42.060000 CVE-2024-9211,0,0,2701fea91f9be8cf1cd1e5693145c9b46f27f6fcdb96052a4b980af632a066a4,2024-10-15T12:58:51.050000 CVE-2024-9213,0,0,31f33319f9359990d4006b16b291c444261bcf993a594e4963d2f42975eaaf14,2024-10-18T12:52:33.507000 -CVE-2024-9214,0,1,9ab1debe05be54e04252edea616f172937fe643c8550b25c9ee5b014e9631966,2024-10-25T12:56:07.750000 +CVE-2024-9214,0,0,9ab1debe05be54e04252edea616f172937fe643c8550b25c9ee5b014e9631966,2024-10-25T12:56:07.750000 CVE-2024-9215,0,0,a2b4a7b85cc10e131d947f9ea57761eb1ffd891ccc6b3de8f68e6c912c75a7eb,2024-10-18T12:53:04.627000 CVE-2024-9218,0,0,1fe5a0dc5cbc5663db71bfb2b02fdc2baeca2012618f21fc2618b5a68d78cab6,2024-10-08T15:33:58.617000 CVE-2024-9219,0,0,3fb4b1b0c7097a00793e0d6302e53c6669eb1da87cc370b9efc41cda4d03081f,2024-10-21T17:10:22.857000 @@ -266684,7 +266689,7 @@ CVE-2024-9228,0,0,cb0dad29f14eeb8fed9baf1de8b4ba619c5e35c4fffb0932ef40f0c6748e19 CVE-2024-9231,0,0,d9b97ab1a46e2ec8ce00428658a043128c841292d1f959cb3918d04f7f0f3dde,2024-10-23T15:12:34.673000 CVE-2024-9232,0,0,a07f526496bb68b184ee001c7d6cd9744d3cb563b91260e8d60bd9b70cac4bda,2024-10-15T12:58:51.050000 CVE-2024-9234,0,0,304bee6ceb91eca0cdc00d7cdc49b4c339c82fe3a2287348525c06a570d629da,2024-10-15T12:58:51.050000 -CVE-2024-9235,0,1,c0d2fcd4071fbbf94cf89580c6ac68eab724cd673d3397917c29c65c8b62b4df,2024-10-25T12:56:07.750000 +CVE-2024-9235,0,0,c0d2fcd4071fbbf94cf89580c6ac68eab724cd673d3397917c29c65c8b62b4df,2024-10-25T12:56:07.750000 CVE-2024-9237,0,0,fb69e6f6fcfba2cfafb660a24001833586540d01b0ed897e2ee22df678729e15,2024-10-16T15:10:08.390000 CVE-2024-9240,0,0,64e490409dd599c74da5a2492515b43ccd4793b118bdb242162550231e348320,2024-10-18T12:53:04.627000 CVE-2024-9241,0,0,6c5cc70c23164aeead7a2ffa985d7e69869a7cd0428a8503a9e9f624c0c87b24,2024-10-07T18:51:20.950000 @@ -266724,7 +266729,7 @@ CVE-2024-9298,0,0,e179dc30316d3f51823976ae1e224e806200bc4ae331001c4ddb8b975ec606 CVE-2024-9299,0,0,0e06149ad72b9bceed8023fce5d46e4c2d87e230ca1e26b3a70118742de53dd5,2024-10-01T13:36:06.977000 CVE-2024-9300,0,0,8cf4fd8be1a68079d9b09593a267df47fb69eec7140ede32d9eeb623680961c8,2024-10-01T13:34:58.760000 CVE-2024-9301,0,0,8bd5a6d252ad4356c723578db918b42e690d26a3308bebd8024d27b2807bcd16,2024-10-07T13:12:48.953000 -CVE-2024-9302,0,1,04d1ed804f0e7c1a5068330edba335fd94c81cc7545ec8b12a3620da2ddf8d2f,2024-10-25T12:56:07.750000 +CVE-2024-9302,0,0,04d1ed804f0e7c1a5068330edba335fd94c81cc7545ec8b12a3620da2ddf8d2f,2024-10-25T12:56:07.750000 CVE-2024-9304,0,0,f4e2b697051bb54ba85260a74446cf2ab04e7ed5a9a99551a585b1547839152d,2024-10-04T13:51:25.567000 CVE-2024-9305,0,0,9356de917540d014bb0920dd5c70c4a746534e64b108e65259378d7cd6bc9209,2024-10-16T16:38:14.557000 CVE-2024-9306,0,0,ac26ad903bb36889edec0c6ea9a2822945801fec7c4fdd4634c75606f4fc1bfd,2024-10-08T16:25:29.877000 @@ -266768,7 +266773,7 @@ CVE-2024-9366,0,0,407cafef9b2d9532a719e3ec12a763493be7d8b50723eedc7ded3a298c185d CVE-2024-9368,0,0,9f09034d1cef896f0488110242b0920a28a4e3f8f0b6f56c7b8ec3c63941f7cb,2024-10-10T20:30:51.240000 CVE-2024-9372,0,0,8dacc1340b523e83cb4764d42eea980a95a68aef0cadf900c3f45471ba3dc7ad,2024-10-10T20:36:28.020000 CVE-2024-9373,0,0,aeb5e5e7812ae1c911161fbc197cd9777cff81e8221d22b7660e89f11b598b88,2024-10-22T15:07:23.907000 -CVE-2024-9374,0,1,71b6734f379ef9a804fdc66eda125efbaf96377b76395ed89ad6eee48b26d41e,2024-10-25T12:56:07.750000 +CVE-2024-9374,0,0,71b6734f379ef9a804fdc66eda125efbaf96377b76395ed89ad6eee48b26d41e,2024-10-25T12:56:07.750000 CVE-2024-9375,0,0,232ace92ca49be5c1a33c93abd9a6f17ed5ee21ca74aacf34cd6b513a369ea2a,2024-10-10T20:44:02.900000 CVE-2024-9377,0,0,3c01b2152e67b0ec56dfdcb67187215bc3a0a790ca5dfe0c8b3edfb9194a5eaf,2024-10-15T14:18:12.483000 CVE-2024-9378,0,0,ced37e1766b174eaa8afe905f70c6bc3776421764713e21471018e4984150c99,2024-10-07T20:15:08.697000 @@ -266831,7 +266836,7 @@ CVE-2024-9483,0,0,6a9a1cfe421d679c621a2969a64278be9b39bdca7774e9b4a3235c5640b635 CVE-2024-9484,0,0,3f1e4bdc376cc95b97b5c0150a8d7b1a17051d92adc32b058eb06edb62f443eb,2024-10-04T13:50:43.727000 CVE-2024-9486,0,0,1369350ab2629110ffa188dbd15b41ead2245f88a49115aa36147be3bd87c74e,2024-10-16T16:38:14.557000 CVE-2024-9487,0,0,e3a385658c66fc500363f16f3c27f6fce25e7b265fffe42414ebb85b7cd7e9a7,2024-10-15T12:58:51.050000 -CVE-2024-9488,0,1,3154f25401247f46098357ebd2d84fe95bb2164e861af1c275743e022d6c3976,2024-10-25T12:56:07.750000 +CVE-2024-9488,0,0,3154f25401247f46098357ebd2d84fe95bb2164e861af1c275743e022d6c3976,2024-10-25T12:56:07.750000 CVE-2024-9506,0,0,fc042b04aa147d17b390b33fa64fff12c26897968128764931f8bf3b1a3e0722,2024-10-16T16:38:43.170000 CVE-2024-9507,0,0,9477ee329318032ff294d196e1a50966e1c5d89bdb9b9dc24092f58cf1f5f346,2024-10-15T12:58:51.050000 CVE-2024-9513,0,0,8bf69fcd896ef2c6d740d4e3fb7359c13bcd3037f3f5c5ca172d72ee575fdaa7,2024-10-07T21:15:19.450000 @@ -266844,7 +266849,7 @@ CVE-2024-9521,0,0,09a594ea849fc5009e458f6cc46742d3176f440810ef4457104bfe2103f1d0 CVE-2024-9522,0,0,884c9004d667a145fae3b3526c4cb56c9d9a1365bd2a57b2af580c0e3b9c19a1,2024-10-15T14:27:41.553000 CVE-2024-9528,0,0,ad76266403ba94311c1f58d7258b765d914c39ddcd1148706c2e05f82ca92e87,2024-10-07T17:48:28.117000 CVE-2024-9530,0,0,c8501e0bb039e166d52c4ac8c3106fb221a4406a702b0c3915afb70bff44dc96,2024-10-23T15:12:34.673000 -CVE-2024-9531,0,1,2d32cff16aa07ef9767a12c3b335b7a483cb4a13b1ba87080414d4508df82841,2024-10-25T12:56:07.750000 +CVE-2024-9531,0,0,2d32cff16aa07ef9767a12c3b335b7a483cb4a13b1ba87080414d4508df82841,2024-10-25T12:56:07.750000 CVE-2024-9532,0,0,b7f2aba05edad35ecf41f43ec9640effe332d3189a3ed38d97f2bf49866ac50d,2024-10-09T11:18:49.027000 CVE-2024-9533,0,0,483ea201fb3f13623de51b6a803ec3c9d4b4a9f8d222ab5b1546c8a9a88ca771,2024-10-09T11:18:34.560000 CVE-2024-9534,0,0,c826e79c155e2dcea2a83d95fd56ee360f3177c126ff744e515a5e5c9099e0fc,2024-10-09T11:18:23.607000 @@ -266900,10 +266905,10 @@ CVE-2024-9593,0,0,cce5b3ee491d6630c052fcb33edfbddbd5dba3d44ec1ac1a1bc92ad9d40ee3 CVE-2024-9594,0,0,76152af657dea527c4e562a1c5799c4834f4bf18cf4ca885159373bfd78ad4ca,2024-10-16T16:38:14.557000 CVE-2024-9595,0,0,6e91591cc8fc6f8664de9cf116e0c3ff35185abd26eee85b7100e07838bd2f63,2024-10-15T12:57:46.880000 CVE-2024-9596,0,0,b127f83f2b318ff048db80701b5c7105ea78e0681a89ee2fdf37846a5fa10d86,2024-10-16T17:00:19.787000 -CVE-2024-9598,0,1,dd6abd1d8094ef836910b53aefec035745da73e794770d7e620055613b33359f,2024-10-25T12:56:07.750000 +CVE-2024-9598,0,0,dd6abd1d8094ef836910b53aefec035745da73e794770d7e620055613b33359f,2024-10-25T12:56:07.750000 CVE-2024-9602,0,0,296483daa0f02222bb5f79446d51c7890118dbb294ec1c3853abb9b3dfc7ffb2,2024-10-10T12:51:56.987000 CVE-2024-9603,0,0,f06afeee14d2c3a95b2fa9bd06bec0b0c1ce9ce3a2d2cc5d2614c0b7bfd8287c,2024-10-10T12:51:56.987000 -CVE-2024-9607,0,1,b846b1b0f34ad661389b6851c49ecba940c7ba4cbd7da8346900cba72a0a74f2,2024-10-25T12:56:07.750000 +CVE-2024-9607,0,0,b846b1b0f34ad661389b6851c49ecba940c7ba4cbd7da8346900cba72a0a74f2,2024-10-25T12:56:07.750000 CVE-2024-9610,0,0,c2ae8ad13a32a2ecc4cf7a3cb852077ce2d6eff8b7bb2625c3e46911eeeead24,2024-10-15T12:58:51.050000 CVE-2024-9611,0,0,f16a109b2beda9ef97e16997885b40d38db6eba42b8291e32288f7a269b19f0c,2024-10-15T12:58:51.050000 CVE-2024-9616,0,0,7955b22811f75fe98c8bca32dc5925d116cea5c2846865e9f0c5f52b96467c10,2024-10-15T12:58:51.050000 @@ -266912,12 +266917,12 @@ CVE-2024-9621,0,0,9e376b0f3dfa34027ae088e771a22694180917eee238e690ac2f4896caf46a CVE-2024-9622,0,0,616f2c897f0ea8915fa743288697302d927eccd4a4b981ffaaf2224bd032869d,2024-10-10T12:56:30.817000 CVE-2024-9623,0,0,86dd85464498f6d194e548538328537f5fc627208085718de66c1a06e69de686,2024-10-16T16:59:36.817000 CVE-2024-9627,0,0,ab5726be759a332c53fc28be3ad1e688481f8077248af16a587354d8ff7a5b98,2024-10-23T15:12:34.673000 -CVE-2024-9628,0,1,9a289d2b093f7ad1104b08b5588bde6d0b616dc229221247a006aeb46e0a265f,2024-10-25T12:56:07.750000 -CVE-2024-9630,0,1,95cf42fc9d833aab63558caaeb38c94fd9570f2d1a1e45300ec7feb07db9cd04,2024-10-25T12:56:07.750000 +CVE-2024-9628,0,0,9a289d2b093f7ad1104b08b5588bde6d0b616dc229221247a006aeb46e0a265f,2024-10-25T12:56:07.750000 +CVE-2024-9630,0,0,95cf42fc9d833aab63558caaeb38c94fd9570f2d1a1e45300ec7feb07db9cd04,2024-10-25T12:56:07.750000 CVE-2024-9634,0,0,d64c376a2cd176bba19f7a8121026bf8ac88c7cb95243ab4e56bfc5d5fa1c1d3,2024-10-16T16:38:14.557000 CVE-2024-9647,0,0,6da0b5c2c888d90e6f29cb1f98cdc0c7a4315eaaa058e1c781c3c46d5b8615f9,2024-10-16T16:38:14.557000 CVE-2024-9649,0,0,f2ab83afff02bfae827ac0ac8958125c0d2707e9b7d72806aa0e09daf73ca0d7,2024-10-16T16:38:14.557000 -CVE-2024-9650,0,1,c785e5c8b40ec3a7d0b9a0e25f6978363c5dcc2fc6507b9c6a2c03a208ac34e9,2024-10-25T12:56:07.750000 +CVE-2024-9650,0,0,c785e5c8b40ec3a7d0b9a0e25f6978363c5dcc2fc6507b9c6a2c03a208ac34e9,2024-10-25T12:56:07.750000 CVE-2024-9652,0,0,096af9c07df6f24ff5a9459bed95d6ce45b4a430b6f907d5bc85c0d2be3b93b5,2024-10-16T16:38:14.557000 CVE-2024-9656,0,0,0baa2843f7043c4ebd829d23f2741f972b762b755442a0f0f83539eb7761035b,2024-10-15T12:57:46.880000 CVE-2024-9670,0,0,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000 @@ -266929,9 +266934,9 @@ CVE-2024-9677,0,0,944e049c847e061867c66e6b586a0cd99260b04bc2e2059d736567bf47cae0 CVE-2024-9680,0,0,db0e4e19e09673238ffe3dfbb8e95974e9346a75b4fd6d9319c03e5970bb644e,2024-10-16T15:07:36.123000 CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f185407,2024-10-18T12:52:33.507000 CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000 -CVE-2024-9686,0,1,04f98af9d8ec4af01a3d35842aedc3b86f9dda8a517693baa9ea958d5317966d,2024-10-25T12:56:07.750000 +CVE-2024-9686,0,0,04f98af9d8ec4af01a3d35842aedc3b86f9dda8a517693baa9ea958d5317966d,2024-10-25T12:56:07.750000 CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79ff2,2024-10-17T21:11:14.197000 -CVE-2024-9692,0,1,6637a78c6a5a322d069f0f0384d674a49925fbfbbf719ba95a3af042d35fdc19,2024-10-25T12:56:07.750000 +CVE-2024-9692,0,0,6637a78c6a5a322d069f0f0384d674a49925fbfbbf719ba95a3af042d35fdc19,2024-10-25T12:56:07.750000 CVE-2024-9696,0,0,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000 CVE-2024-9703,0,0,dd5db55cccdddcc3b58f6b494a8ef777447f72688cd0a2c60dac8e42fee7b6a9,2024-10-22T15:25:27.887000 CVE-2024-9704,0,0,44ebf677ae69495b92126e2eb8d9d17c07544c8235e40f4412f83b24b48e2f3a,2024-10-15T12:57:46.880000 @@ -266990,8 +266995,8 @@ CVE-2024-9860,0,0,5146b7a0224d680f933516d3f319e5a1a7abd782ae32358fb855e1c62c4df5 CVE-2024-9861,0,0,ea3da873230376cd14799b0d170e8e876683f20c285aa64f3bb5d67920c38493,2024-10-18T12:53:04.627000 CVE-2024-9862,0,0,a125c015e3b00c8735ed8c9687686a16a9d40d9b6f2ce90b19ff292bf536d9b9,2024-10-18T12:53:04.627000 CVE-2024-9863,0,0,5a2779f928f03a35905e31f60158c72d5505c6aaa35173f98063e46d2c1389f4,2024-10-18T12:53:04.627000 -CVE-2024-9864,0,1,ecd679b570a8abacc1db8d694db02ae1ea10c97942981b05302fe359da1cbf9c,2024-10-25T12:56:07.750000 -CVE-2024-9865,0,1,767ca346f0a1ff11496989a87fd401620d0792dff4b8ce54d6dd2bc8cbb6f984,2024-10-25T12:56:07.750000 +CVE-2024-9864,0,0,ecd679b570a8abacc1db8d694db02ae1ea10c97942981b05302fe359da1cbf9c,2024-10-25T12:56:07.750000 +CVE-2024-9865,0,0,767ca346f0a1ff11496989a87fd401620d0792dff4b8ce54d6dd2bc8cbb6f984,2024-10-25T12:56:07.750000 CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000 CVE-2024-9873,0,0,54e1b937a83aa8c512a9ce3ab381594073150b73716fb01cf60c5f6e4db0c415,2024-10-16T16:38:14.557000 CVE-2024-9888,0,0,de5de1e3177c72ea1d0a5d19aa48b1693390bd1baf1f85524c962ffa2c18433f,2024-10-16T16:38:14.557000 @@ -267029,10 +267034,10 @@ CVE-2024-9927,0,0,96920f248127734453deaf748492c280118aa5ea5b9c599a9138ad17f83910 CVE-2024-9936,0,0,9b9410743fe1ca2f5a844c24ad20043ec989ced54414fa626e93bdc74b6425ff,2024-10-15T12:57:46.880000 CVE-2024-9937,0,0,4e7ae54d6a9c5099857ac0a66ba44c96220fc2ab3e1844c918c371d4dbb6d38d,2024-10-16T16:38:14.557000 CVE-2024-9940,0,0,0591f213f2bec6924fef18017d23419024c9c5bdc4c598c1e0fd80a492ebb13b,2024-10-18T12:53:04.627000 -CVE-2024-9943,0,1,2b1bd0bf17ad8265b1c648445115c5e7c1a49eb398158e5a8ef4b45ea9c6d38b,2024-10-25T12:56:07.750000 +CVE-2024-9943,0,0,2b1bd0bf17ad8265b1c648445115c5e7c1a49eb398158e5a8ef4b45ea9c6d38b,2024-10-25T12:56:07.750000 CVE-2024-9944,0,0,0b8e9f26d6b78f71e8a64eb7650f72f57e1c6a31a17ce0fafe5b6b8377b71371,2024-10-17T20:47:35.817000 CVE-2024-9947,0,0,6d7ad994cc9a7fac36825c8cc7c424fb9dcf9e1f8fd3a9311a9b488ef62fd2d0,2024-10-23T15:12:34.673000 -CVE-2024-9949,0,1,7baff7b9a9118e82abe3afe4a5ae476b8e56ff4f2cbd456d4ba563053750f9b6,2024-10-25T12:56:07.750000 +CVE-2024-9949,0,0,7baff7b9a9118e82abe3afe4a5ae476b8e56ff4f2cbd456d4ba563053750f9b6,2024-10-25T12:56:07.750000 CVE-2024-9951,0,0,5d941c75af8c4072e469beaa1d6ae2855b0ca23ecdce87314ecd326f6a54014a,2024-10-18T12:52:33.507000 CVE-2024-9952,0,0,d5c643eb1b76a39b13753ce231704557bf9fa9c82efce6d96f1e313e65eab479,2024-10-16T15:05:13.467000 CVE-2024-9953,0,0,d45e8bc6b31e34e84fbff0a12af100dea5cf3de9adda836e3ebc3a7410262455,2024-10-17T20:59:01.940000 @@ -267068,4 +267073,4 @@ CVE-2024-9984,0,0,8e8b1dff68b77e14ce417f91873fee227d0458654a790688014355062c7539 CVE-2024-9985,0,0,35f031595deb3bfd21882874fada51cff590c3c6a37f03f4259fa4136f5b9157,2024-10-16T22:02:08.117000 CVE-2024-9986,0,0,f83b3609bd670a0cfc3a1c687a45465cc896c6d69e9f1c37efb33a43ca882e79,2024-10-21T13:07:47.700000 CVE-2024-9987,0,0,2fc9d3fa3d6f4a94d8c02299e2f4be1487dde9c0790750bfc65dc5695ac94c18,2024-10-23T15:12:34.673000 -CVE-2024-9991,1,1,135856d748c7daa954bd600476aafa57f64f806d190f4c4bca162ba71620ec7a,2024-10-25T13:15:18.250000 +CVE-2024-9991,0,0,135856d748c7daa954bd600476aafa57f64f806d190f4c4bca162ba71620ec7a,2024-10-25T13:15:18.250000