diff --git a/CVE-2020/CVE-2020-137xx/CVE-2020-13712.json b/CVE-2020/CVE-2020-137xx/CVE-2020-13712.json index 1ca5d8eddde..8e512f3a59a 100644 --- a/CVE-2020/CVE-2020-137xx/CVE-2020-13712.json +++ b/CVE-2020/CVE-2020-137xx/CVE-2020-13712.json @@ -2,16 +2,43 @@ "id": "CVE-2020-13712", "sourceIdentifier": "security@sierrawireless.com", "published": "2024-12-20T22:15:23.327", - "lastModified": "2024-12-20T22:15:23.327", - "vulnStatus": "Received", + "lastModified": "2024-12-26T20:15:19.377", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A command injection is possible through the user interface, allowing arbitrary command execution as \nthe root user. oMG2000 running MGOS 3.15.1 or earlier is affected.\u00a0\n\nMG90 running MGOS 4.2.1 or earlier is affected." + }, + { + "lang": "es", + "value": "Es posible inyectar comandos a trav\u00e9s de la interfaz de usuario, lo que permite la ejecuci\u00f3n de comandos arbitrarios como superusuario. oMG2000 que ejecuta MGOS 3.15.1 o anterior se ve afectado. MG90 que ejecuta MGOS 4.2.1 o anterior se ve afectado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@sierrawireless.com", @@ -22,6 +49,16 @@ "value": "CWE-78" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] } ], "references": [ diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47266.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47266.json index 15c03c9f13a..fe1b360fded 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47266.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47266.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47266", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:15.213", - "lastModified": "2024-11-21T06:35:45.477", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:41:25.273", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,170 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/ipoib: Correcci\u00f3n de advertencia causada por la destrucci\u00f3n de redes no iniciales. Despu\u00e9s de la confirmaci\u00f3n 5ce2dced8e95 (\"RDMA/ipoib: Establecer rtnl_link_ops para interfaces ipoib\"), si el dispositivo IPoIB se mueve a redes no iniciales, destruir esas redes permite que el dispositivo desaparezca en lugar de moverlo nuevamente a las redes iniciales. Esto sucede porque default_device_exit() omite las interfaces debido a que tiene rtnl_link_ops configurado. Pasos para reproducir: ip netns agregar foo ip link set mlx5_ib0 netns foo ip netns eliminar foo ADVERTENCIA: CPU: 1 PID: 704 en net/core/dev.c:11435 netdev_exit+0x3f/0x50 M\u00f3dulos vinculados en: xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ip v4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink tun d fuse CPU: 1 PID: 704 Comm: kworker/u64:3 Contaminado: GSW 5.13.0-rc1+ #1 Nombre de hardware: Dell Inc. PowerEdge R6 30/02C2CP, BIOS 2.1.5 11/04/2016 Cola de trabajo: netns cleanup_net RIP: 0010:netdev_exit+0x3f/0x50 C\u00f3digo: 48 8b bb 30 01 00 00 e8 ef 81 b1 ff 48 81 fb c0 3a 54 a1 74 13 48 8b 83 90 00 00 00 48 81 c3 90 00 00 00 48 39 d8 75 02 5b c3 <0f> 0b 5b c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1f 44 00 RSP: 0018:ffffb297079d7e08 : 00010206 RAX: ffff8eb542c00040 RBX: ffff8eb541333150 RCX : 000000008010000d RDX: 000000008010000e RSI: 000000008010000d RDI: ffff8eb440042c00 RBP: ffffb297079d7e48 R08: 0000000000000001 R09: ff9fdeac00 R10: ffff8eb5003be000 R11: 0000000000000001 R12: ffffffffa1545620 R13: ffffffffa1545628 R14: 00000000000000000 R15: ffffffffa1543b20 FS: 0000000000(0000) GS:ffff8ed37fa00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005601b5f4c2e8 CR3: 0000001fc8c10002 CR4: 00000000003706e0 0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ops_exit _list.isra.9 +0x36/0x70 cleanup_net+0x234/0x390 Process_one_work+0x1cb/0x360 ? Process_one_work+0x360/0x360 worker_thread+0x30/0x370 ? Process_one_work+0x360/0x360 kthread+0x116/0x130 ? kthread_park+0x80/0x80 ret_from_fork+0x22/0x30 Para evitar la advertencia anterior y m\u00e1s adelante el p\u00e1nico del kernel que podr\u00eda ocurrir al cerrar debido a una desreferencia del puntero NULL, aseg\u00farese de configurar el indicador netns_refund que fue introducido por la confirmaci\u00f3n 3a5ca857079e (\"can: dev: Mueva el dispositivo nuevamente a init netns al poseer netns eliminar\") para restaurar correctamente las interfaces IPoIB a las netns iniciales." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.73", + "versionEndExcluding": "5.4.126", + "matchCriteriaId": "0132C972-8600-48DD-BDE1-9F0711DFBA17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8.17", + "versionEndExcluding": "5.9", + "matchCriteriaId": "BEFC3ACE-365D-48E7-9C0A-019C74CC0725" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9.2", + "versionEndExcluding": "5.10", + "matchCriteriaId": "A5230CBD-D597-494E-9B1B-91957C8AD0F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.44", + "matchCriteriaId": "C7E14A6C-41D9-41C0-88FA-8959D208A792" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.11", + "matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", + "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0a672f7d89db2da17ae02733ccc08458be72a6f8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/64f1fb6acc2ab95982fc4334f351d7576c26f313", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/67cf4e447b5e5e9e94996cb6812ae2828e0e0e27", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a3e74fb9247cd530dca246699d5eb5a691884d32", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0a672f7d89db2da17ae02733ccc08458be72a6f8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/64f1fb6acc2ab95982fc4334f351d7576c26f313", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/67cf4e447b5e5e9e94996cb6812ae2828e0e0e27", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a3e74fb9247cd530dca246699d5eb5a691884d32", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47268.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47268.json index a249768820b..016257c99b3 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47268.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47268.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47268", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:15.390", - "lastModified": "2024-11-21T06:35:45.800", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:42:00.700", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,135 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: typec: tcpm: cancela vdm y state machine hrtimer cuando se cancela el registro del puerto tcpm. Un hrtimer pendiente puede caducar despu\u00e9s de que se destruya el kthread_worker del puerto tcpm; consulte el siguiente volcado del kernel cuando se descarga el m\u00f3dulo , solucionelo cancelando los 2 temporizadores. [ 111.517018] No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual ffff8000118cb880 [ 111.518786] blk_update_request: error de E/S, dev sda, sector 60061185 op 0x0:(LEER) indicadores 0x0 phys_seg 1 prio clase 0 [ 111.526594] Informaci\u00f3n de cancelaci\u00f3n de memoria: [111.526597 ] ESR = 0x96000047 [ 111.526600] EC = 0x25: DABT (EL actual), IL = 32 bits [ 111.526604] SET = 0, FnV = 0 [ 111.526607] EA = 0, S1PTW = 0 [ 111.526610] Informaci\u00f3n de cancelaci\u00f3n de datos: [ 111. 526612 ] ISV = 0, ISS = 0x00000047 [ 111.526615] CM = 0, WnR = 1 [ 111.526619] tabla de intercambio: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000041d75000 [ 111.526623 [ffff8000118cb] 880] pgd=10000001bffff003, p4d=10000001bffff003, pud\u00edn =10000001bfffe003, pmd=10000001bfffa003, pte=0000000000000000 [111.526642] Error interno: Ups: 96000047 [#1] SMP PREEMPLEO [111.526647] M\u00f3dulos vinculados en: dwc3_imx8mp dwc3 phy_fsl_imx8mq_usb [\u00faltima descarga: tcpci] [111.526663] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc4-00927-gebbe9dbd802c-dirty #36 [111.526670] Nombre del hardware: placa NXP i.MX8MPlus EVK (DT) [111.526674] pstate: 800000c5 (Nzcv daIF -PAN -UAO -TCO BTYPE=--) [ 111.526681] pc : queued_spin_lock_slowpath+0x1a0/0x390 [ 111.526695] lr : _raw_spin_lock_irqsave+0x88/0xb4 [ 111.526703] sp : ffff800010003e20 [ 111.526 706] x29: ffff800010003e20 x28: ffff00017f380180 [111.537156] buffer_io_error: 6 devoluciones de llamada suprimidas [111.537162 ] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 60040704, lectura de p\u00e1gina as\u00edncrona [111.539932] x27: ffff00017f3801c0 [111.539938] x26: ffff800010ba2490 x25: 0000000000000000 x24: 00000000000001 [111.543025] blk_update_request: error de E/S, dev sda, sector 60061186 op 0x0:(LEER) banderas 0x0 phys_seg 7 prio clase 0 [ 111.548304] [ 111.548306] x23: 00000000000000c0 x22: ffff0000c2a9f184 x21: ffff00017f380180 [ 111.551 374] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 60040705, lectura de p\u00e1gina as\u00edncrona [111.554499] [111.554503] x20: ffff0000c5f14210 x19: 00000000000000c0 x18: 0000000000000000 [111.557391] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 60040706, lectura de p\u00e1gina as\u00edncrona [111. 561218] [ 111.561222] x17: 0000000000000000 x16: 0000000000000000 x15: 00000000000000000 [ 111.564205] B\u00fafer Error de E/S en dev sda1, bloque l\u00f3gico 60040707, lectura de p\u00e1gina as\u00edncrona [111.570887] x14: 00000000000000f5 x13: 00000000000000001 x12: 0000000000000040 [111.570902] x11: ff0000c05ac6d8 [111.583420] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 60040708, as\u00edncrono lectura de p\u00e1gina [111.588978] x10: 0000000000000000 x9: 0000000000040000 [111.588988] x8: 0000000000000000 [111.597173] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 6004 0709, lectura de p\u00e1gina as\u00edncrona [111.605766] x7: ffff00017f384880 x6: ffff8000118cb880 [111.605777] x5: ffff00017f384880 [111.611094] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 60040710, lectura de p\u00e1gina as\u00edncrona [111.617086] x4: 0000000000000000 x3: ffff0000c2a9f184 [111.617096] 2: ffff8000118cb880 [111.622242] Error de E/S del b\u00fafer en dev sda1, bloque l\u00f3gico 60040711 , lectura de p\u00e1gina as\u00edncrona [111.626927] x1: ffff8000118cb880 x0: ffff00017f384888 [111.626938] Seguimiento de llamadas: [111.626942] queued_spin_lock_slowpath+0x1a0/0x390 [111.795809] _queue_work+0x30/0xc0 [ 111.799828] state_machine_timer_handler+0x20/0x30 [ 111.804624] __hrtimer_run_queues+0x140/ 0x1e0 [ 111.808990] hrtimer_interrupt+0xec/0x2c0 [ 111.813004] arch_timer_handler_phys+0x38/0x50 [ 111.817456] handle_percpu_devid_irq+0x88/0x150 [ 111.821991] main_irq+0x80/0xe0 [ 111.826093] gic_handle_irq+0x ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.44", + "matchCriteriaId": "C7E14A6C-41D9-41C0-88FA-8959D208A792" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.11", + "matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", + "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/18eaf0de50eadeeb395b83310b259b21ad8ed0a6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3a13ff7ef4349d70d1d18378d661117dd5af8efe", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0a06696a8a4d99f649240b6f9b8a2e55452ecf5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/18eaf0de50eadeeb395b83310b259b21ad8ed0a6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3a13ff7ef4349d70d1d18378d661117dd5af8efe", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0a06696a8a4d99f649240b6f9b8a2e55452ecf5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47273.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47273.json index 16c1c089fc9..8eb5c218606 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47273.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47273.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47273", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:15.760", - "lastModified": "2024-11-21T06:35:46.423", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:48:47.207", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,135 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: dwc3-meson-g12a: repara el init de glue PHY de usb2 cuando phy0 est\u00e1 deshabilitado. Cuando solo se usa PHY1 (por ejemplo, en Odroid-HC4), el c\u00f3digo de inicio de regmap usa usb2 puertos cuando no inicializa la entrada del mapa de registro PHY1. Esto soluciona: No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000020... pc: regmap_update_bits_base+0x40/0xa0 lr: dwc3_meson_g12a_usb2_init_phy+0x4c/0xf8... Seguimiento de llamadas: regmap_update_bits_base+0x40/0xa0 g12a_usb2_init_phy+0x4c/0xf8 dwc3_meson_g12a_usb2_init+0x7c /0xc8 dwc3_meson_g12a_usb_init+0x28/0x48 dwc3_meson_g12a_probe+0x298/0x540 platform_probe+0x70/0xe0 Actually_probe+0xf0/0x4d8 driver_probe_device+0xfc/0x168 ..." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8", + "versionEndExcluding": "5.10.44", + "matchCriteriaId": "C097E54D-5EA2-48CE-BB76-E798964FBBE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.11", + "matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", + "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4d2aa178d2ad2fb156711113790dde13e9aa2376", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/750a0d75564293be3ed50f13ef7f38ab75106421", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d8dd3754e707104a34f8ec595034d503ea8871a2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4d2aa178d2ad2fb156711113790dde13e9aa2376", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/750a0d75564293be3ed50f13ef7f38ab75106421", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d8dd3754e707104a34f8ec595034d503ea8871a2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47278.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47278.json index a00adebf75f..64783ee426a 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47278.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47278.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47278", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:16.143", - "lastModified": "2024-11-21T06:35:47.120", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:48:56.327", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,114 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bus: mhi: pci_generic: corrige posible use after free en mhi_pci_remove(). La ruta de eliminaci\u00f3n de este controlador llama a del_timer(). Sin embargo, esa funci\u00f3n no espera hasta que finalice el controlador del temporizador. Esto significa que es posible que el controlador del temporizador a\u00fan est\u00e9 ejecut\u00e1ndose despu\u00e9s de que haya finalizado la funci\u00f3n de eliminaci\u00f3n del controlador, lo que dar\u00eda como resultado un use after free. Para solucionarlo, llame a del_timer_sync(), lo que garantiza que el controlador del temporizador haya finalizado y no pueda reprogramarse." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.11", + "matchCriteriaId": "1D627DFB-1E6A-4B08-B68C-D123B4C3D04C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", + "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0b67808ade8893a1b3608ddd74fac7854786c919", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c597d5c59c7a6417dba06590f59b922e01188e8d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0b67808ade8893a1b3608ddd74fac7854786c919", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c597d5c59c7a6417dba06590f59b922e01188e8d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47279.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47279.json index f7662b2ec6c..2b150aa9be2 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47279.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47279.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47279", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:16.210", - "lastModified": "2024-11-21T06:35:47.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:49:05.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,114 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: misc: brcmstb-usb-pinmap: verifique el valor de retorno despu\u00e9s de llamar a platform_get_resource() Causar\u00e1 un null-ptr-deref si platform_get_resource() devuelve NULL, necesitamos verificar el retorno valor." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.11", + "matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", + "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2147684be1ebdaf845783139b9bc4eba3fecd9e4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fbf649cd6d64d40c03c5397ecd6b1ae922ba7afc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2147684be1ebdaf845783139b9bc4eba3fecd9e4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fbf649cd6d64d40c03c5397ecd6b1ae922ba7afc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47283.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47283.json index 5b7c8da4bb8..77342b15e30 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47283.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47283.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47283", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:16.503", - "lastModified": "2024-11-21T06:35:47.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:49:20.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,134 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net:sfc: corrige irq no liberado en modo irq heredado. El controlador SFC se puede configurar mediante modparam para que funcione usando interrupciones MSI-X, MSI o IRQ heredadas. En el \u00faltimo, la interrupci\u00f3n no se liber\u00f3 correctamente al eliminar el m\u00f3dulo. No se liber\u00f3 porque el indicador irqs_hooked no se estableci\u00f3 durante la inicializaci\u00f3n en el caso de utilizar IRQ heredado. Ejemplo de seguimiento (recortado) durante la eliminaci\u00f3n del m\u00f3dulo sin esta soluci\u00f3n: remove_proc_entry: eliminando el directorio no vac\u00edo 'irq/125', filtrando al menos '0000:3b:00.1' ADVERTENCIA: CPU: 39 PID: 3658 en fs/proc/generic .c:715 remove_proc_entry+0x15c/0x170 ...recortado... Seguimiento de llamadas: unregister_irq_proc+0xe3/0x100 free_desc+0x29/0x70 irq_free_descs+0x47/0x70 mp_unmap_irq+0x58/0x60 acpi_unregister_gsi_ioapic+0x2a/0x 40 acpi_pci_irq_disable+0x78/0xb0 pci_disable_device +0xd1/0x100 efx_pci_remove+0xa1/0x1e0 [sfc] pci_device_remove+0x38/0xa0 __device_release_driver+0x177/0x230 driver_detach+0xcb/0x110 bus_remove_driver+0x58/0xd0 pci_unregister_driver+0x2a/0 xb0 efx_exit_module+0x24/0xf40 [sfc] __do_sys_delete_module.constprop.0 +0x171/0x280 ? exit_to_user_mode_prepare+0x83/0x1d0 do_syscall_64+0x3d/0x80 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f9f9385800b ...recortado..." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-772" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.44", + "matchCriteriaId": "021FCB31-DA9C-4E32-BAE6-E72DDA486D8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.11", + "matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", + "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/81c4d1d83f88e15b26f4522a35cba6ffd8c5dfdd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d717c9135a3340ae62d1699484850bfb4112b0c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f03eeb6e0a0a0b8d617ee0a4bce729e47130036", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/81c4d1d83f88e15b26f4522a35cba6ffd8c5dfdd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d717c9135a3340ae62d1699484850bfb4112b0c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f03eeb6e0a0a0b8d617ee0a4bce729e47130036", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47299.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47299.json index 1cd3d614929..b0c55741310 100644 --- a/CVE-2021/CVE-2021-472xx/CVE-2021-47299.json +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47299.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47299", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:17.743", - "lastModified": "2024-11-21T06:35:49.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:43:42.353", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,120 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: xdp, net: corrige use-after-free en bpf_xdp_link_release. El problema ocurre entre dev_get_by_index() y dev_xdp_attach_link(). En este punto, se llama a dev_xdp_uninstall(). Entonces el enlace xdp no se desconectar\u00e1 autom\u00e1ticamente cuando se libere el desarrollador. Pero link->dev ya apunta a dev, cuando se libera el enlace xdp, se seguir\u00e1 accediendo a dev, pero se ha liberado. dev_get_by_index() | enlace->dev = dev | | rtnl_lock() | unregister_netdevice_many() | dev_xdp_uninstall() | rtnl_unlock() rtnl_lock(); | dev_xdp_attach_link() | rtnl_unlock(); | | netdev_run_todo() // desarrollador liberado bpf_xdp_link_release() | /* accede al desarrollador. | use after free */ | [45.966867] BUG: KASAN: use after free en bpf_xdp_link_release+0x3b8/0x3d0 [45.967619] Lectura del tama\u00f1o 8 en la direcci\u00f3n ffff00000f9980c8 por tarea a.out/732 [45.968297] [45.968502] CPU: 1 PID: Comunicaciones 732: un .out No contaminado 5.13.0+ #22 [ 45.969222] Nombre de hardware: linux,dummy-virt (DT) [ 45.969795] Seguimiento de llamadas: [ 45.970106] dump_backtrace+0x0/0x4c8 [ 45.970564] show_stack+0x30/0x40 [ 45.970981 ] dump_stack_lvl +0x120/0x18c [ 45.971470] print_address_description.constprop.0+0x74/0x30c [ 45.972182] kasan_report+0x1e8/0x200 [ 45.972659] __asan_report_load8_noabort+0x2c/0x50 [ 45.97327 3] bpf_xdp_link_release+0x3b8/0x3d0 [ 45.973834] bpf_link_free+0xd0/0x188 [ 45.974315 ] bpf_link_put+0x1d0/0x218 [ 45.974790] bpf_link_release+0x3c/0x58 [ 45.975291] __fput+0x20c/0x7e8 [ 45.975706] ____fput+0x24/0x30 [ 45.976117] 104/0x258 [ 45.976609] do_notify_resume+0x894/0xaf8 [ 45.977121] work_pending +0xc/0x328 [ 45.977575] [ 45.977775] La direcci\u00f3n del error pertenece a la p\u00e1gina: [ 45.978369] p\u00e1gina:fffffc00003e6600 refcount:0 mapcount:0 mapeo:00000000000000000 index:0x0 pfn:0x4f998 [ 45.97952 2] banderas: 0x7fffe0000000000(nodo=0| zona=0|lastcpupid=0x3ffff) [ 45.980349] raw: 07fffe0000000000 ffffc00003e6708 ffff0000dac3c010 0000000000000000 [ 45.981309] raw: 0000000000000000 000000000000000 00000000ffffffff 0000000000000000 [ 45.982259] p\u00e1gina volcada porque: kasan: mal acceso detectado [ 45.982948] [ 45.983153] Estado de la memoria alrededor de la direcci\u00f3n con errores : [ 45.983753] ffff00000f997f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.984645] ffff00000f998000: ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.985533] >ffff00000f998080:ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.986419] ^ [ 45.987112] ffff00000f998100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.988006] f998180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.988895] ===================================== ============================== [ 45.989773] Deshabilitar la depuraci\u00f3n de bloqueo debido a corrupci\u00f3n del kernel [ 45.990552] P\u00e1nico del kernel - no sincronizar: panic_on_warn establecido... [ 45.991166] CPU: 1 PID: 732 Comm: a.out Contaminado: GB 5.13.0+ #22 [ 45.991929] Nombre de hardware: linux,dummy-virt (DT) [ 45.992448] Seguimiento de llamadas: [ 45.992753] dump_backtrace+0x0/0x4c8 [ 45.993208] show_stack+0x30/0x40 [ 45.993627] dump_stack_lvl+0x120/0x18c [ 45.994113] dump_stack+0x1c/0x34 [ 45.994530 panic+0x3a4/0x7d 8 [ 45.994930] end_report+0x194/0x198 [ 45.995380] kasan_report+ 0x134/0x200 [ 45.995850] __asan_report_load8_noabort+0x2c/0x50 [ 45.996453] bpf_xdp_link_release+0x3b8/0x3d0 [ 45.997007] bpf_link_free+0xd0/0x188 [ 45.99747 4] bpf_link_put+0x1d0/0x218 [ 45.997942] bpf_link_release+0x3c/0x58 [ 45.998429] __fput+0x20c/ 0x7e8 [ 45.998833] ____fput+0x24/0x30 [ 45.999247] task_work_run+0x104/0x258 [ 45.999731] do_notify_resume+0x894/0xaf8 [ 46.000236] work_pending ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "5.10.54", + "matchCriteriaId": "4A97ECD5-9A3B-4EE9-A36C-902077EAD62D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.6", + "matchCriteriaId": "512C22FC-1524-4E6F-9E62-4F4B7B6E0576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*", + "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*", + "matchCriteriaId": "23B9E5C6-FAB5-4A02-9E39-27C8787B0991" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5acc7d3e8d342858405fbbc671221f676b547ce7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7537dc73e69ad9c0b67ad24ad3ebee954ed0af6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca9ba1de8f09976b45ccc8e655c51c6201992139", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5acc7d3e8d342858405fbbc671221f676b547ce7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7537dc73e69ad9c0b67ad24ad3ebee954ed0af6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca9ba1de8f09976b45ccc8e655c51c6201992139", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47300.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47300.json index 3ca0a369de7..1eabc7d8b15 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47300.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47300.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47300", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:17.820", - "lastModified": "2024-11-21T06:35:49.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:44:16.713", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,120 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf: corrige el rechazo de tail_call_reachable para el int\u00e9rprete cuando falla jit. Durante las pruebas de f263a81451c1 (\"bpf: rastrea correctamente los descriptores de inserci\u00f3n del subprog y corrige el use after free\") bajo varias condiciones de fallo, por Por ejemplo, cuando jit_subprogs() falla e intenta limpiar el programa que se ejecutar\u00e1 bajo el int\u00e9rprete, nos encontramos con el siguiente congelamiento: [...] #127/8 tailcall_bpf2bpf_3:FAIL [...] [ 92.041251] ERROR: KASAN: slab fuera de los l\u00edmites en ___bpf_prog_run+0x1b9d/0x2e20 [92.042408] Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88800da67f68 por tarea test_progs/682 [92.043707] [92.044030] CPU: 1 PID: 682 Comm: _progs Contaminado: GO 5.13. 0-53301-ge6c08cb33a30-dirty #87 [92.045542] Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 01/04/2014 [92.046785] Seguimiento de llamadas: [92.047171] ? __bpf_prog_run_args64+0xc0/0xc0 [92.047773]? __bpf_prog_run_args32+0x8b/0xb0 [92.048389]? __bpf_prog_run_args64+0xc0/0xc0 [92.049019]? ktime_get+0x117/0x130 [...] // \u00bfunos cientos de l\u00edneas [similares] m\u00e1s [92.659025]? ktime_get+0x117/0x130 [92.659845]? __bpf_prog_run_args64+0xc0/0xc0 [92.660738]? __bpf_prog_run_args32+0x8b/0xb0 [92.661528]? __bpf_prog_run_args64+0xc0/0xc0 [92.662378]? print_usage_bug+0x50/0x50 [92.663221]? print_usage_bug+0x50/0x50 [92.664077]? bpf_ksym_find+0x9c/0xe0 [92.664887]? ktime_get+0x117/0x130 [92.665624]? kernel_text_address+0xf5/0x100 [92.666529]? __kernel_text_address+0xe/0x30 [ 92.667725] ? unwind_get_return_address+0x2f/0x50 [92.668854]? ___bpf_prog_run+0x15d4/0x2e20 [ 92.670185] ? ktime_get+0x117/0x130 [92.671130]? __bpf_prog_run_args64+0xc0/0xc0 [92.672020]? __bpf_prog_run_args32+0x8b/0xb0 [92.672860]? __bpf_prog_run_args64+0xc0/0xc0 [92.675159]? ktime_get+0x117/0x130 [92.677074]? lock_is_held_type+0xd5/0x130 [92.678662]? ___bpf_prog_run+0x15d4/0x2e20 [ 92.680046] ? ktime_get+0x117/0x130 [92.681285]? __bpf_prog_run32+0x6b/0x90 [92.682601]? __bpf_prog_run64+0x90/0x90 [92.683636]? lock_downgrade+0x370/0x370 [92.684647]? mark_held_locks+0x44/0x90 [92.685652]? ktime_get+0x117/0x130 [92.686752]? lockdep_hardirqs_on+0x79/0x100 [92.688004]? ktime_get+0x117/0x130 [92.688573]? __cant_migrate+0x2b/0x80 [ 92.689192] ? bpf_test_run+0x2f4/0x510 [92.689869]? bpf_test_timer_continue+0x1c0/0x1c0 [92.690856]? rcu_read_lock_bh_held+0x90/0x90 [92.691506]? __kasan_slab_alloc+0x61/0x80 [92.692128]? eth_type_trans+0x128/0x240 [92.692737]? __build_skb+0x46/0x50 [92.693252]? bpf_prog_test_run_skb+0x65e/0xc50 [92.693954]? bpf_prog_test_run_raw_tp+0x2d0/0x2d0 [92.694639]? __fget_light+0xa1/0x100 [ 92.695162] ? bpf_prog_inc+0x23/0x30 [92.695685]? __sys_bpf+0xb40/0x2c80 [92.696324]? bpf_link_get_from_fd+0x90/0x90 [92.697150]? mark_held_locks+0x24/0x90 [92.698007]? lockdep_hardirqs_on_prepare+0x124/0x220 [92.699045]? finish_task_switch+0xe6/0x370 [92.700072]? lockdep_hardirqs_on+0x79/0x100 [92.701233]? finish_task_switch+0x11d/0x370 [92.702264]? __switch_to+0x2c0/0x740 [ 92.703148] ? mark_held_locks+0x24/0x90 [92.704155]? __x64_sys_bpf+0x45/0x50 [92.705146]? do_syscall_64+0x35/0x80 [92.706953]? Entry_SYSCALL_64_after_hwframe+0x44/0xae [...] Resulta que el rechazo del programa de e411901c0b77 (\"bpf: permitir tailcalls en subprogramas BPF para x64 JIT\") tiene errores ya que env->prog->aux->tail_call_reachable nunca es cierto. La confirmaci\u00f3n ebf7d1f508a7 (\"bpf, x64: reelaboraci\u00f3n de pro/ep\u00edlogo y manejo de tailcall en JIT\") agreg\u00f3 un rastreador en check_max_stack_ Depth() que propaga la condici\u00f3n tail_call_reachable a trav\u00e9s de los subprogramas. Esta informaci\u00f3n luego se asigna al ---truncado--- del subprograma." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.54", + "matchCriteriaId": "C9B526EA-4055-43C8-9B30-7E7067C9E43C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.6", + "matchCriteriaId": "512C22FC-1524-4E6F-9E62-4F4B7B6E0576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*", + "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*", + "matchCriteriaId": "23B9E5C6-FAB5-4A02-9E39-27C8787B0991" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/39f1735c8107ef43a53c4daf82f330d880488d8f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5dd0a6b8582ffbfa88351949d50eccd5b6694ade", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cbb086074dab631ac43f8645cbac1d7b148e05c4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/39f1735c8107ef43a53c4daf82f330d880488d8f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5dd0a6b8582ffbfa88351949d50eccd5b6694ade", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cbb086074dab631ac43f8645cbac1d7b148e05c4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47301.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47301.json index 5a592704ecf..ebf6b2d0e9b 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47301.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47301.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47301", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:17.890", - "lastModified": "2024-11-21T06:35:49.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:44:31.930", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,55 +15,178 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igb: corrige el error de use after free durante el reinicio. Limpia el siguiente descriptor a observar (next_to_watch) al limpiar el anillo TX. De lo contrario, se pueden producir accesos a la memoria no v\u00e1lidos. Si igb_poll() se ejecuta mientras se reinicia el controlador, esto puede hacer que el controlador intente liberar un skb que ya estaba liberado. (El fallo es m\u00e1s dif\u00edcil de reproducir con el controlador igb, pero existe el mismo problema potencial ya que el c\u00f3digo es id\u00e9ntico al de igc)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.12", + "versionEndExcluding": "4.14.241", + "matchCriteriaId": "2277B7F3-F386-49FF-AEB1-8ABEA81BE952" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.199", + "matchCriteriaId": "D1C5B0E1-06E7-4615-AA17-02585202D86E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.136", + "matchCriteriaId": "E1FCD98C-8886-4844-B7AF-C42731DF9465" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.54", + "matchCriteriaId": "1BD5A2EE-859F-40FC-BDAC-167AAE37C870" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.6", + "matchCriteriaId": "512C22FC-1524-4E6F-9E62-4F4B7B6E0576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*", + "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47302.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47302.json index 3d0bea86feb..66d911c6a4b 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47302.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47302.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47302", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:17.960", - "lastModified": "2024-11-21T06:35:50.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T20:44:51.377", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,136 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igc: corrige el error de use after free durante el reinicio. Limpia el siguiente descriptor a observar (next_to_watch) al limpiar el anillo TX. De lo contrario, se pueden producir accesos a la memoria no v\u00e1lidos. Si igc_poll() se ejecuta mientras se reinicia el controlador, esto puede hacer que el controlador intente liberar un skb que ya estaba liberado. Mensaje de registro: [101.525242] refcount_t: desbordamiento insuficiente; use after free. [101.525251] ADVERTENCIA: CPU: 1 PID: 646 AT LIB/REFCOUNT.C: 28 RefCount_warn_saturate+0xab/0xf0 [101.525259] M\u00f3dulos vinculados en: Sch_etf (E) Sch_Mqprio (E) RFKILL (E) INTEL_RAPL_MSR (E) INTER ) x86_pkg_temp_thermal(E) intel_powerclamp(E) coretemp(E) binfmt_misc(E) kvm_intel(E) kvm(E) irqbypass(E) crc32_pclmul(E) ghash_clmulni_intel(E) aesni_intel(E) mei_wdt(E) libaes(E) crypto_simd (E) cryptd(E) pegamento_helper(E) snd_hda_codec_hdmi(E) rapl(E) intel_cstate(E) snd_hda_intel(E) snd_intel_dspcfg(E) sg(E) soundwire_intel(E) intel_uncore(E) at24(E) soundwire_generic_allocation(E) ) iTCO_wdt(E) soundwire_cadence(E) intel_pmc_bxt(E) serio_raw(E) snd_hda_codec(E) iTCO_vendor_support(E) watchdog(E) snd_hda_core(E) snd_hwdep(E) snd_soc_core(E) snd_compress(E) snd_pcsp(E) soundwire_bus (E) snd_pcm(E) evdev(E) snd_timer(E) mei_me(E) snd(E) soundcore(E) mei(E) configfs(E) ip_tables(E) x_tables(E) autofs4(E) text4(E ) crc32c_generic(E) crc16(E) mbcache(E) jbd2(E) sd_mod(E) t10_pi(E) crc_t10dif(E) crct10dif_generic(E) i915(E) ahci(E) libahci(E) ehci_pci(E) igb (E) xhci_pci(E) ehci_hcd(E) [ 101.525303] drm_kms_helper(E) dca(E) xhci_hcd(E) libata(E) crct10dif_pclmul(E) cec(E) crct10dif_common(E) tsn(E) igc(E) e1000e(E) ptp(E) i2c_i801(E) crc32c_intel(E) psmouse(E) i2c_algo_bit(E) i2c_smbus(E) scsi_mod(E) lpc_ich(E) pps_core(E) usbcore(E) drm(E) button( E) video(E) [ 101.525318] CPU: 1 PID: 646 Comm: irq/37-enp7s0-T Contaminado: GE 5.10.30-rt37-tsn1-rt-ipipe #ipipe [ 101.525320] Nombre de hardware: SIEMENS AG SIMATIC IPC427D /A5E31233588, BIOS V17.02.09 31/03/2017 [ 101.525322] RIP: 0010:refcount_warn_saturate+0xab/0xf0 [ 101.525325] C\u00f3digo: 05 31 48 44 01 01 e8 f0 c6 42 00 0b c3 80 3d 1f 48 44 01 00 75 90 48 c7 c7 78 a8 f3 a6 c6 05 0f 48 44 01 01 e8 d1 c6 42 00 <0f> 0b c3 80 3d fe 47 44 01 00 0f 85 6d ff ff 48 c7 c7 d0 a8 f3 [ 101.525327] RSP: 0018:ffffbdedc0917cb8 EFLAGS: 00010286 [ 101.525329] RAX: 0000000000000000 RBX: ffff98fd6becbf40 RCX: 0000000000000001 [ 101.525330] RDX: 000000000001 RSI: ffffffffa6f2700c RDI: 00000000ffffffff [ 101.525332] RBP: ffff98fd6becc14c R08: ffffffffa7463d00 R09: ffffbdedc0917c50 [ 101.525333] fffffa74c3578 R11: 0000000000000034 R12: 00000000ffffff00 [ 101.525335] R13: ffff98fd6b0b1000 R14: 00000000000000039 R15: ffff98fd6be35c40 [ 101.525337] FS: 0000000000000000(0000) GS:ffff98fd6e240000(0000) knlGS:0000000000000000 [ 101.525339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.525341] CR2: 00007f34135a3a70 CR3: 0000000150210003 CR4: 00000000001706e0 [ 101.525343] Seguimiento de llamadas: [ 101.525346] sock_wfree+0x9c/0xa0 [ 101.52 5353] unix_destruct_scm+0x7b/0xa0 [ 101.525358] skb_release_head_state+0x40/0x90 [ 101.525362] skb_release_all+0xe/0x30 [ 101.525364] napi_consume_skb+0x57/0x160 [ 101.525367] igc_poll+0xb7/0xc80 [igc] [ 101.525376] ? sched_clock+0x5/0x10 [101.525381]? sched_clock_cpu+0xe/0x100 [ 101.525385] net_rx_action+0x14c/0x410 [ 101.525388] __do_softirq+0xe9/0x2f4 [ 101.525391] __local_bh_enable_ip+0xe3/0x110 [ 5395] ? irq_finalize_oneshot.part.47+0xe0/0xe0 [ 101.525398] irq_forced_thread_fn+0x6a/0x80 [ 101.525401] irq_thread+0xe8/0x180 [ 101.525403] ? wake_threads_waitq+0x30/0x30 [101.525406]? irq_thread_check_affinity+0xd0/0xd0 [ 101.525408] kthread+0x183/0x1a0 [ 101.525412] ? kthread_park+0x80/0x80 [ 101.525415] ret_from_fork+0x22/0x30" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.136", + "matchCriteriaId": "E1FCD98C-8886-4844-B7AF-C42731DF9465" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.54", + "matchCriteriaId": "1BD5A2EE-859F-40FC-BDAC-167AAE37C870" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.6", + "matchCriteriaId": "512C22FC-1524-4E6F-9E62-4F4B7B6E0576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*", + "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/56ea7ed103b46970e171eb1c95916f393d64eeff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9508e0edfe369ac95d0825bcdca976436ce780f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e15f629036bac005fc758b4ad17896cf2312add4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ea5e36b7367ea0a36ef73a163768f16d2977bd83", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/56ea7ed103b46970e171eb1c95916f393d64eeff", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9508e0edfe369ac95d0825bcdca976436ce780f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e15f629036bac005fc758b4ad17896cf2312add4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ea5e36b7367ea0a36ef73a163768f16d2977bd83", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47310.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47310.json index 9721f57a67d..4371ce151ad 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47310.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47310.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47310", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:18.520", - "lastModified": "2024-11-21T06:35:51.107", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:50:22.370", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,71 +15,220 @@ "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: ti: corrige UAF en tlan_remove_one priv son datos privados de netdev y no se pueden usar despu\u00e9s de la llamada free_netdev(). Usar priv despu\u00e9s de free_netdev() puede causar un error en UAF. Solucionarlo moviendo free_netdev() al final de la funci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10", + "versionEndExcluding": "4.4.277", + "matchCriteriaId": "77707599-85D3-4A7C-86F4-AA4C23F81602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.277", + "matchCriteriaId": "B543C082-5612-489A-A957-B7F2B8822025" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.241", + "matchCriteriaId": "6A796929-CDBE-45AF-BD44-F357F64AFFCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.199", + "matchCriteriaId": "D1C5B0E1-06E7-4615-AA17-02585202D86E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.135", + "matchCriteriaId": "3EF7BA79-262D-4A55-A0A1-E0D0BCA7C320" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.53", + "matchCriteriaId": "08E2D438-D50E-43C5-AF10-D62FE49B5815" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.5", + "matchCriteriaId": "808DF8D9-4913-4CC7-B91F-B4146556B7ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*", + "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0336f8ffece62f882ab3012820965a786a983f70", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0538b0ab7d2c396e385694228c7cdcd2d2c514e9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/93efab0ef2a607fff9166d447c4035f98b5db342", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a0a817b2d308fac090a05cbbe80988e073ac5193", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a18a8d9cfbb112ad72e625372849adc3986fd6bf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7e5563f2a7862a9e4796abb9908b092f677e3c1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c263ae8c7e4c482387de5e6c89e213f8173fe8b6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0336f8ffece62f882ab3012820965a786a983f70", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0538b0ab7d2c396e385694228c7cdcd2d2c514e9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/93efab0ef2a607fff9166d447c4035f98b5db342", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a0a817b2d308fac090a05cbbe80988e073ac5193", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a18a8d9cfbb112ad72e625372849adc3986fd6bf", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7e5563f2a7862a9e4796abb9908b092f677e3c1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c263ae8c7e4c482387de5e6c89e213f8173fe8b6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47311.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47311.json index 374c5e2620b..22b8d779e4b 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47311.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47311.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47311", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:18.590", - "lastModified": "2024-11-21T06:35:51.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:50:44.387", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,63 +15,199 @@ "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: qcom/emac: corrige UAF en emac_remove adpt son datos privados de netdev y no se pueden usar despu\u00e9s de la llamada a free_netdev(). Usar adpt despu\u00e9s de free_netdev() puede causar un error en UAF. Solucionadlo moviendo free_netdev() al final de la funci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9", + "versionEndExcluding": "4.9.277", + "matchCriteriaId": "142407A7-68FB-47C1-A785-2A31ECA9EF8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.241", + "matchCriteriaId": "6A796929-CDBE-45AF-BD44-F357F64AFFCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.199", + "matchCriteriaId": "D1C5B0E1-06E7-4615-AA17-02585202D86E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.135", + "matchCriteriaId": "3EF7BA79-262D-4A55-A0A1-E0D0BCA7C320" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.53", + "matchCriteriaId": "08E2D438-D50E-43C5-AF10-D62FE49B5815" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.5", + "matchCriteriaId": "808DF8D9-4913-4CC7-B91F-B4146556B7ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*", + "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/11e9d163d631198bb3eb41a677a61b499516c0f7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2b70ca92847c619d6264c7372ef74fcbfd1e048c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4d04a42b926e682140776e54188f4a44f1f01a81", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a225a6e07a57a1538d53637cb3d82bd3e477839", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad297cd2db8953e2202970e9504cab247b6c7cb4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b1e091331920f8fbfc747dcbd16263fcd71abb2d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b560521eca03d0a2db6093a5a632cbdd0a0cf833", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/11e9d163d631198bb3eb41a677a61b499516c0f7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2b70ca92847c619d6264c7372ef74fcbfd1e048c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4d04a42b926e682140776e54188f4a44f1f01a81", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a225a6e07a57a1538d53637cb3d82bd3e477839", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad297cd2db8953e2202970e9504cab247b6c7cb4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b1e091331920f8fbfc747dcbd16263fcd71abb2d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b560521eca03d0a2db6093a5a632cbdd0a0cf833", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47318.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47318.json index 751ef4ac7be..e1150d7962e 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47318.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47318.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47318", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:19.080", - "lastModified": "2024-11-21T06:35:52.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:51:01.310", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: arch_topology: Evite el use after free para scale_freq_data. Actualmente, topology_scale_freq_tick() (que se llama desde Scheduler_tick()) puede terminar usando un puntero a \"struct scale_freq_data\", que anteriormente era borrado por topology_clear_scale_freq_source(), ya que no existe ninguna protecci\u00f3n aqu\u00ed. Sin embargo, los usuarios de topology_clear_scale_freq_source() necesitan una garant\u00eda de que el scale_freq_data previamente borrado ya no se utiliza, para que puedan liberar los recursos relacionados. Dado que topology_scale_freq_tick() se llama desde el tick del programador, no queremos agregar bloqueo all\u00ed. Utilice en su lugar el mecanismo de actualizaci\u00f3n de RCU (que ya se utiliza en la ruta de actualizaci\u00f3n de utilizaci\u00f3n del programador) para garantizar actualizaciones sin ejecuci\u00f3ns aqu\u00ed. sincronizar_rcu() se asegura de que todas las secciones cr\u00edticas de RCU que comenzaron antes de ser llamada terminen antes de que regrese. Y as\u00ed, las personas que llaman a topology_clear_scale_freq_source() ya no necesitan preocuparse de que se llame a su devoluci\u00f3n de llamada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.13.4", + "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/83150f5d05f065fb5c12c612f119015cabdcc124", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ccdf7e073170886bc370c613e269de610a794c4a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/83150f5d05f065fb5c12c612f119015cabdcc124", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ccdf7e073170886bc370c613e269de610a794c4a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47321.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47321.json index 3b9533e915f..2718af1688a 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47321.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47321.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47321", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:19.297", - "lastModified": "2024-11-21T06:35:52.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:51:29.393", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,235 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: perro guardi\u00e1n: solucione el posible use after free llamando a del_timer_sync(). La ruta de eliminaci\u00f3n de este controlador llama a del_timer(). Sin embargo, esa funci\u00f3n no espera hasta que finalice el controlador del temporizador. Esto significa que es posible que el controlador del temporizador a\u00fan est\u00e9 ejecut\u00e1ndose despu\u00e9s de que haya finalizado la funci\u00f3n de eliminaci\u00f3n del controlador, lo que dar\u00eda como resultado un use after free. Para solucionarlo, llame a del_timer_sync(), lo que garantiza que el controlador del temporizador haya finalizado y no pueda reprogramarse." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.276", + "matchCriteriaId": "10282F37-B17F-4974-967E-FCD5ABC9AB8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.276", + "matchCriteriaId": "C79FFC06-9530-4CD7-B651-01D786CC925E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.240", + "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.198", + "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.134", + "matchCriteriaId": "508D9771-335F-44A6-9F2F-880DF1267A1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.52", + "matchCriteriaId": "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.9", + "matchCriteriaId": "2C8A1D02-81A7-44E5-ACFD-CC6A6694F930" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.13.4", + "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1a053c4d716898a53c2e31c574a70ea0c37044a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4c05dac488a660fe2925c047ecb119e7afaaeb1e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/58606882ad8ec6c39e0f40344b922921ef94ab4d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/66ba9cf929b1c4fabf545bd4c18f6f64e23e46e4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8bec568d7518b1504a602ed5376bb322e4dbb270", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca96b8ea5e74956071154bdb456778cc3027e79f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0212f095ab56672f6f36aabc605bda205e1e0bf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/db222f1477ad5692cd454709b714949807e5d111", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ecd620e0fb1ff7f78fdb593379b2e6938c99707a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1a053c4d716898a53c2e31c574a70ea0c37044a3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4c05dac488a660fe2925c047ecb119e7afaaeb1e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/58606882ad8ec6c39e0f40344b922921ef94ab4d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/66ba9cf929b1c4fabf545bd4c18f6f64e23e46e4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8bec568d7518b1504a602ed5376bb322e4dbb270", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca96b8ea5e74956071154bdb456778cc3027e79f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0212f095ab56672f6f36aabc605bda205e1e0bf", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/db222f1477ad5692cd454709b714949807e5d111", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ecd620e0fb1ff7f78fdb593379b2e6938c99707a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47328.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47328.json index a4535188d87..adb22d43a98 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47328.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47328.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47328", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:19.823", - "lastModified": "2024-11-21T06:35:53.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:52:18.833", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,55 +15,172 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: iscsi: corrige el uso de la conexi\u00f3n despu\u00e9s de liberarla durante los reinicios. Si no hemos realizado una llamada de destino de desvinculaci\u00f3n, podemos correr donde iscsi_conn_teardown activa el subproceso EH y luego libera la conexi\u00f3n mientras esos Los hilos todav\u00eda est\u00e1n accediendo a la conexi\u00f3n ehwait. Solo podemos hacer un TMF por sesi\u00f3n, por lo que esto simplemente mueve los campos TMF de la conexi\u00f3n a la sesi\u00f3n. Luego podemos confiar en la llamada iscsi_session_teardown->iscsi_remove_session->__iscsi_unbind_session para eliminar el objetivo y sus dispositivos, y saber despu\u00e9s de ese punto que no hay ning\u00fan dispositivo o llamada scsi-ml intentando acceder a la sesi\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.19.198", + "matchCriteriaId": "2CB3D1A5-433D-41F0-95A6-97558C0ECCAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.134", + "matchCriteriaId": "508D9771-335F-44A6-9F2F-880DF1267A1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.52", + "matchCriteriaId": "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.19", + "matchCriteriaId": "34C1A2F4-DD44-4CF1-8FD4-751A0D746A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.13.4", + "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47334.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47334.json index 976163d37b6..36132981967 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47334.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47334.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47334", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:20.273", - "lastModified": "2024-11-21T06:35:54.450", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:25:16.993", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,235 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/libmasm/module: corrige dos use after free en ibmasm_init_one. En ibmasm_init_one, llama a ibmasm_init_remote_input_dev(). Dentro de ibmasm_init_remote_input_dev, mouse_dev y keybd_dev son asignados por input_allocate_device() y asignados a sp->remote.mouse_dev y sp->remote.keybd_dev respectivamente. En la rama de error err_free_devices de ibmasm_init_one, mouse_dev y keybd_dev se liberan mediante input_free_device() y devuelven un error. Luego, la ejecuci\u00f3n se ejecuta en la rama de error error_send_message de ibmasm_init_one, donde se llama a ibmasm_free_remote_input_dev(sp) para cancelar el registro de sp->remote.mouse_dev y sp->remote.keybd_dev liberados. Mi parche agrega una etiqueta \"error_init_remote\" para manejar el error de ibmasm_init_remote_input_dev(), para evitar los errores de uaf." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.276", + "matchCriteriaId": "10282F37-B17F-4974-967E-FCD5ABC9AB8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.276", + "matchCriteriaId": "C79FFC06-9530-4CD7-B651-01D786CC925E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.240", + "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.198", + "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.134", + "matchCriteriaId": "508D9771-335F-44A6-9F2F-880DF1267A1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.52", + "matchCriteriaId": "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.19", + "matchCriteriaId": "34C1A2F4-DD44-4CF1-8FD4-751A0D746A9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.13.4", + "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29ba8e2ba89ee2862a26d91204dd5fe77ceee25a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/38660031e80eaa6cc9370b031c180612f414b00d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/481a76d4749ee3a27f902ba213fdcbb4bb39720e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5b06ca113bf197aab2ab61288f42506e0049fbab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7272b591c4cb9327c43443f67b8fbae7657dd9ae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7268e8a227d5a4f0bd1584f556246b0224ab274", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b9c87ce3bc6331f82811a8cf8e930423c22523a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ef1067d2baa847d53c9988510d99fb494de4d12c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29ba8e2ba89ee2862a26d91204dd5fe77ceee25a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/38660031e80eaa6cc9370b031c180612f414b00d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/481a76d4749ee3a27f902ba213fdcbb4bb39720e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5b06ca113bf197aab2ab61288f42506e0049fbab", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7272b591c4cb9327c43443f67b8fbae7657dd9ae", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7268e8a227d5a4f0bd1584f556246b0224ab274", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b9c87ce3bc6331f82811a8cf8e930423c22523a3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ef1067d2baa847d53c9988510d99fb494de4d12c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47342.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47342.json index 26d3a27154d..efdc71188c1 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47342.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47342.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47342", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:20.923", - "lastModified": "2024-11-21T06:35:55.473", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:29:20.557", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,109 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: corrige posible UAF al remontar el sistema de archivos protegido por r/oa mmp. Despu\u00e9s del commit 618f003199c6 (\"ext4: corrige la p\u00e9rdida de memoria en ext4_fill_super\"), despu\u00e9s de que se vuelve a montar el sistema de archivos solo que hay una ejecuci\u00f3n donde el hilo kmmpd puede salir, causando que sbi->s_mmp_tsk apunte a la memoria liberada, con la que la llamada a ext4_stop_mmpd() puede tropezar. Solucione este problema permitiendo que kmmpd() salga solo cuando se detiene a trav\u00e9s de ext4_stop_mmpd(). Enlace de informe de error: <20210629143603.2166962-1-yebin10@huawei.com>" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.77", + "matchCriteriaId": "DF93F2A0-1BCC-4EC3-AF79-F186B97DF86D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.13.3", + "matchCriteriaId": "AEF57B20-E396-45AE-9BB3-AE6B11D9AC43" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47355.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47355.json index 8a7fe74c319..5fe9ff6f697 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47355.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47355.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47355", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:21.840", - "lastModified": "2024-11-21T06:35:57.370", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:29:36.887", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,235 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: atm: nicstar: corrige el posible use after free en nicstar_cleanup(). La ruta de eliminaci\u00f3n de este m\u00f3dulo llama a del_timer(). Sin embargo, esa funci\u00f3n no espera hasta que finalice el controlador del temporizador. Esto significa que es posible que el controlador del temporizador a\u00fan est\u00e9 ejecut\u00e1ndose despu\u00e9s de que haya finalizado la funci\u00f3n de eliminaci\u00f3n del controlador, lo que dar\u00eda como resultado un use after free. Para solucionarlo, llame a del_timer_sync(), lo que garantiza que el controlador del temporizador haya finalizado y no pueda reprogramarse." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.276", + "matchCriteriaId": "10282F37-B17F-4974-967E-FCD5ABC9AB8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.276", + "matchCriteriaId": "C79FFC06-9530-4CD7-B651-01D786CC925E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.240", + "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.198", + "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.133", + "matchCriteriaId": "65A8F1FF-5639-455A-8BF4-9FF529240505" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.51", + "matchCriteriaId": "93289127-DFB3-4515-89DD-50521FF8B7FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.18", + "matchCriteriaId": "79D13C82-E06F-4A70-A3D1-C09494FBC94D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.13.3", + "matchCriteriaId": "853187F6-707A-487B-95C0-621B5211B43C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2f958b6f6ba0854b39be748d21dfe71e0fe6580f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34e7434ba4e97f4b85c1423a59b2922ba7dff2ea", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4e2a0848ea2cab0716d46f85a8ccd5fa9a493e51", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5b991df8881088448cb223e769e37cab8dd40706", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99779c9d9ffc7775da6f7fd8a7c93ac61657bed5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7a7b2848312cc4c3a42b6e42a8ab2e441857aba", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7f7c42e31157d1f0871d6a8e1a0b73a6b4ea785", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bdf5334250c69fabf555b7322c75249ea7d5f148", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c471569632654e57c83512e0fc1ba0dbb4544ad6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f958b6f6ba0854b39be748d21dfe71e0fe6580f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34e7434ba4e97f4b85c1423a59b2922ba7dff2ea", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4e2a0848ea2cab0716d46f85a8ccd5fa9a493e51", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5b991df8881088448cb223e769e37cab8dd40706", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99779c9d9ffc7775da6f7fd8a7c93ac61657bed5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7a7b2848312cc4c3a42b6e42a8ab2e441857aba", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7f7c42e31157d1f0871d6a8e1a0b73a6b4ea785", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bdf5334250c69fabf555b7322c75249ea7d5f148", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c471569632654e57c83512e0fc1ba0dbb4544ad6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47357.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47357.json index 0ec2ba42336..3f7eca3b8fe 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47357.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47357.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47357", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:22.000", - "lastModified": "2024-11-21T06:35:57.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:30:01.220", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,235 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: atm: iphase: corrige posible use after free en ia_module_exit(). La ruta de eliminaci\u00f3n de este m\u00f3dulo llama a del_timer(). Sin embargo, esa funci\u00f3n no espera hasta que finalice el controlador del temporizador. Esto significa que es posible que el controlador del temporizador a\u00fan est\u00e9 ejecut\u00e1ndose despu\u00e9s de que haya finalizado la funci\u00f3n de eliminaci\u00f3n del controlador, lo que dar\u00eda como resultado un use after free. Para solucionarlo, llame a del_timer_sync(), lo que garantiza que el controlador del temporizador haya finalizado y no pueda reprogramarse." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.276", + "matchCriteriaId": "10282F37-B17F-4974-967E-FCD5ABC9AB8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.276", + "matchCriteriaId": "C79FFC06-9530-4CD7-B651-01D786CC925E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.240", + "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.198", + "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.133", + "matchCriteriaId": "65A8F1FF-5639-455A-8BF4-9FF529240505" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.51", + "matchCriteriaId": "93289127-DFB3-4515-89DD-50521FF8B7FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.18", + "matchCriteriaId": "79D13C82-E06F-4A70-A3D1-C09494FBC94D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.13.3", + "matchCriteriaId": "853187F6-707A-487B-95C0-621B5211B43C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1c72e6ab66b9598cac741ed397438a52065a8f1f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/89ce0b0747f319eb70f85bc820dcc43cebbd5417", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9e161687855175334ca93c6c3ccb221731194479", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a832ee2f2145f57443b2d565f8cb5490e8339f42", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b58d246a058ae88484758cd4ab27b3180fd5ecf8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bcdd2be48edd8c6867fb44112cb8d18086beae29", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c9172498d4d62c9b64e5fb37c1ee0343e65fe51b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1fb12412874c94ad037e11d0ecdd1140a439297", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e759ff76ebbbfcdcf83b6634c54dc47828573d8b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1c72e6ab66b9598cac741ed397438a52065a8f1f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/89ce0b0747f319eb70f85bc820dcc43cebbd5417", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9e161687855175334ca93c6c3ccb221731194479", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a832ee2f2145f57443b2d565f8cb5490e8339f42", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b58d246a058ae88484758cd4ab27b3180fd5ecf8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bcdd2be48edd8c6867fb44112cb8d18086beae29", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c9172498d4d62c9b64e5fb37c1ee0343e65fe51b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1fb12412874c94ad037e11d0ecdd1140a439297", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e759ff76ebbbfcdcf83b6634c54dc47828573d8b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47358.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47358.json index eb91b384a42..8c48f2977d6 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47358.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47358.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47358", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:22.073", - "lastModified": "2024-11-21T06:35:57.820", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:31:16.863", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,63 +15,204 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: staging: greybus: uart: corrige el use after free de tty. El espacio de usuario puede mantener un tty abierto indefinidamente y los controladores de tty no deben liberar las estructuras subyacentes hasta que el \u00faltimo usuario se haya ido. Cambie al uso del contador de referencia del puerto tty para administrar la vida \u00fatil del estado tty de greybus para evitar su uso despu\u00e9s de una desconexi\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9", + "versionEndExcluding": "4.9.285", + "matchCriteriaId": "BF8D6AC2-2AE7-4DD2-8D70-DAFAE0CDB6DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.249", + "matchCriteriaId": "9DFC8239-9F26-43B2-A340-8EFC6BC6BDA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.209", + "matchCriteriaId": "21C23429-F802-4256-B3C2-9EEA76AC11FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.150", + "matchCriteriaId": "87771E47-210D-48FA-95BC-48A86225B30F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.70", + "matchCriteriaId": "A2A50090-4483-4F44-9147-BF0B012FBF7E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.14.9", + "matchCriteriaId": "1B31D6C1-A751-438D-906B-0C56B789D498" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4dc56951a8d9d61d364d346c61a5f1d70b4f5e14", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/64062fcaca8872f063ec9da011e7bf30470be33f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92b67aaafb7c449db9f0c3dcabc0ff967cb3a42d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92dc0b1f46e12cfabd28d709bb34f7a39431b44f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9872ff6fdce8b229f01993b611b5d1719cb70ff1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5cfd51f6348e8fd7531461366946039c29c7e69", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b9e697e60ce9890e9258a73eb061288e7d68e5e6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4dc56951a8d9d61d364d346c61a5f1d70b4f5e14", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/64062fcaca8872f063ec9da011e7bf30470be33f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92b67aaafb7c449db9f0c3dcabc0ff967cb3a42d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92dc0b1f46e12cfabd28d709bb34f7a39431b44f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9872ff6fdce8b229f01993b611b5d1719cb70ff1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5cfd51f6348e8fd7531461366946039c29c7e69", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b9e697e60ce9890e9258a73eb061288e7d68e5e6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47361.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47361.json index 8c91f659da9..e5a837220d0 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47361.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47361.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47361", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:22.283", - "lastModified": "2024-11-21T06:35:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-26T19:45:51.123", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,63 +15,204 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mcb: corrige el manejo de errores en mcb_alloc_bus() Hay dos errores: 1) Si ida_simple_get() falla, entonces este c\u00f3digo llama a put_device(carrier) pero a\u00fan no hemos llamado a get_device( transportista) y probablemente eso conduzca a un uso posterior gratuito. 2) Despu\u00e9s de device_initialize() entonces necesitamos usar put_device() para liberar el bus. Esto liberar\u00e1 los recursos internos vinculados al dispositivo y llamar\u00e1 a mcb_free_bus() que liberar\u00e1 el resto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.7", + "versionEndExcluding": "4.9.285", + "matchCriteriaId": "71D61395-0228-4BB6-9B08-38F445F83B82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.249", + "matchCriteriaId": "9DFC8239-9F26-43B2-A340-8EFC6BC6BDA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.209", + "matchCriteriaId": "21C23429-F802-4256-B3C2-9EEA76AC11FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.150", + "matchCriteriaId": "87771E47-210D-48FA-95BC-48A86225B30F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.70", + "matchCriteriaId": "A2A50090-4483-4F44-9147-BF0B012FBF7E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.14.9", + "matchCriteriaId": "1B31D6C1-A751-438D-906B-0C56B789D498" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/115b07d9f47e3996430b8f2007edd9768e1f807f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/25a1433216489de4abc889910f744e952cb6dbae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/66f74ba9be9daf9c47fface6af3677f602774f6b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7751f609eadf36b1f53712bae430019c53a16eb0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a558261fa57a6deefb0925ab1829f698b194aea", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/91e4ad05bf18322b5921d1a6c9b603f6eb1694f0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9fc198f415dee070a1de957bb5bf5921d8df3499", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/115b07d9f47e3996430b8f2007edd9768e1f807f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/25a1433216489de4abc889910f744e952cb6dbae", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/66f74ba9be9daf9c47fface6af3677f602774f6b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7751f609eadf36b1f53712bae430019c53a16eb0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a558261fa57a6deefb0925ab1829f698b194aea", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/91e4ad05bf18322b5921d1a6c9b603f6eb1694f0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9fc198f415dee070a1de957bb5bf5921d8df3499", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48500.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48500.json index 25d7ad8a582..1a78e1156bb 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48500.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48500.json @@ -2,7 +2,7 @@ "id": "CVE-2022-48500", "sourceIdentifier": "psirt@huawei.com", "published": "2023-06-19T17:15:11.920", - "lastModified": "2024-11-21T07:33:26.857", + "lastModified": "2024-12-26T19:15:07.023", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48501.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48501.json index 0075e182e95..94110d08baf 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48501.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48501.json @@ -2,7 +2,7 @@ "id": "CVE-2022-48501", "sourceIdentifier": "psirt@huawei.com", "published": "2023-06-19T17:15:11.960", - "lastModified": "2024-11-21T07:33:26.957", + "lastModified": "2024-12-26T19:15:07.243", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-486xx/CVE-2022-48695.json b/CVE-2022/CVE-2022-486xx/CVE-2022-48695.json index 1ce71ead0cb..33fda441781 100644 --- a/CVE-2022/CVE-2022-486xx/CVE-2022-48695.json +++ b/CVE-2022/CVE-2022-486xx/CVE-2022-48695.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48695", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-03T18:15:08.247", - "lastModified": "2024-11-21T07:33:48.257", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-26T20:38:14.673", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,71 +15,234 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: mpt3sas: Corrija la advertencia de use-after-free. Corrija la siguiente advertencia de use-after-free que se observa durante el reinicio del controlador: refcount_t: underflow; use-after-free. ADVERTENCIA: CPU: 23 PID: 5399 en lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.9.328", + "matchCriteriaId": "82C9EA22-96BE-488C-A979-0A1FBD90A0AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.293", + "matchCriteriaId": "5D9B742D-912D-4E0C-A42F-367086FDEA88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.258", + "matchCriteriaId": "253D30F5-3734-4663-883A-288786D3B66E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.213", + "matchCriteriaId": "4C373116-9E23-44BA-A6B7-87C8BF5C3B85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.143", + "matchCriteriaId": "E77EECF5-C31E-4342-8014-AA844BB83A76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.168", + "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.19.9", + "matchCriteriaId": "B4895A99-6E1B-4C76-A510-FDED00AD7D29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*", + "matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json index 3ad88c2fa85..d8a55d58646 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35082.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35082", "sourceIdentifier": "support@hackerone.com", "published": "2023-08-15T16:15:11.633", - "lastModified": "2024-11-21T08:07:56.430", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-26T20:48:22.997", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -87,8 +87,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*", - "versionEndIncluding": "11.10.0", - "matchCriteriaId": "6B41E29D-8E92-4DEC-B2B9-375BFF248A13" + "versionEndExcluding": "11.11.0", + "matchCriteriaId": "AADAED7D-CD58-482D-B419-8146852F0387" } ] } diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0101.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0101.json index a3190f77993..ff91be2e123 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0101.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0101.json @@ -2,7 +2,7 @@ "id": "CVE-2024-0101", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-08-08T17:15:17.560", - "lastModified": "2024-09-16T19:24:31.457", + "lastModified": "2024-12-26T19:44:17.690", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -103,8 +103,13 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:nvidia:metrox-2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CBE1921-C790-488B-8B8B-228C4DBC2D7E" + "criteria": "cpe:2.3:h:nvidia:tq8100-hs2f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FBAE0EE-CEC8-47B6-80A6-7057432CB808" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:tq8200-hs2f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2CFC8AF7-0173-4C62-BCF0-47D8A14F057B" } ] } @@ -137,8 +142,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:nvidia:skyway:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59E40D6B-8182-4448-A57C-E300F9750A7A" + "criteria": "cpe:2.3:h:nvidia:mga100-hs2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "06EFCB4A-1688-4C0A-80C8-D1B50BDF5D82" } ] } @@ -181,8 +186,24 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:nvidia:metrox-3_xc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5440361F-B691-419C-94F1-B457873463B2" + "criteria": "cpe:2.3:h:nvidia:mtq8400-hs2r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A48D107C-6629-4954-BE12-F62F6987D45D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:*", + "versionEndExcluding": "3.11.2002", + "matchCriteriaId": "D34C04D4-8472-4497-8976-A1336CA1730E" } ] } diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0104.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0104.json index df7c79c73e7..8b51a2e12f0 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0104.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0104.json @@ -2,7 +2,7 @@ "id": "CVE-2024-0104", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-08-08T18:15:09.800", - "lastModified": "2024-09-11T17:40:35.430", + "lastModified": "2024-12-26T19:44:22.577", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -82,6 +82,22 @@ } ], "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nvidia:onyx:*:*:*:*:lts:*:*:*", + "versionEndExcluding": "3.10.4402", + "matchCriteriaId": "26CF254C-1556-4D77-9423-C4DD973B8CE5" + } + ] + } + ] + }, { "operator": "AND", "nodes": [ @@ -94,12 +110,6 @@ "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:*", "versionEndExcluding": "3.11.2002", "matchCriteriaId": "D34C04D4-8472-4497-8976-A1336CA1730E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:lts:*:*:*", - "versionEndExcluding": "3.11.2202", - "matchCriteriaId": "24D950AF-5F1E-4C64-AE31-C0974D2D0593" } ] }, @@ -109,8 +119,13 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:nvidia:metrox-2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CBE1921-C790-488B-8B8B-228C4DBC2D7E" + "criteria": "cpe:2.3:h:nvidia:tq8100-hs2f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FBAE0EE-CEC8-47B6-80A6-7057432CB808" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:tq8200-hs2f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2CFC8AF7-0173-4C62-BCF0-47D8A14F057B" } ] } @@ -126,8 +141,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:-:*:*:*", - "versionEndExcluding": "8.2.2202", - "matchCriteriaId": "836B17DB-2E03-4D33-B3D0-87C4F989A861" + "versionEndExcluding": "8.2.2000", + "matchCriteriaId": "353A9872-AFB8-4242-9942-0E7C4383DD7D" } ] }, @@ -137,24 +152,8 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:nvidia:skyway:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59E40D6B-8182-4448-A57C-E300F9750A7A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:nvidia:onyx:*:*:*:*:lts:*:*:*", - "versionEndExcluding": "3.10.4402", - "matchCriteriaId": "26CF254C-1556-4D77-9423-C4DD973B8CE5" + "criteria": "cpe:2.3:h:nvidia:mga100-hs2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "06EFCB4A-1688-4C0A-80C8-D1B50BDF5D82" } ] } @@ -181,8 +180,24 @@ "cpeMatch": [ { "vulnerable": false, - "criteria": "cpe:2.3:h:nvidia:metrox-3_xc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5440361F-B691-419C-94F1-B457873463B2" + "criteria": "cpe:2.3:h:nvidia:mtq8400-hs2r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A48D107C-6629-4954-BE12-F62F6987D45D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:*", + "versionEndExcluding": "3.11.2202", + "matchCriteriaId": "8748C387-D070-4E5D-931D-5EEE92E793F4" } ] } diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0113.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0113.json index 42eb221c410..292eefd84a6 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0113.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0113.json @@ -2,7 +2,7 @@ "id": "CVE-2024-0113", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-08-12T13:38:12.693", - "lastModified": "2024-09-11T17:34:37.667", + "lastModified": "2024-12-26T19:21:52.380", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -90,22 +90,22 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:nvidia:mellanox_os:*:*:*:*:*:mellanox_os_lts:*:*", + "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:lts:*:*:*", "versionEndExcluding": "3.10.4500", - "matchCriteriaId": "E4D632AA-754C-4160-86D6-CB1CE337405C" + "matchCriteriaId": "A4E85C90-C504-4F1C-B147-9246C5F45A52" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:nvidia:mellanox_os:*:*:*:*:*:mellanox_os:*:*", + "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:*", "versionEndExcluding": "3.12.1002", - "matchCriteriaId": "A0761130-9A9E-43EE-B426-03AD461743AC" + "matchCriteriaId": "CF3DBA9B-E254-4720-80DE-BAE1E6C87D39" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:nvidia:mellanox_os:*:*:*:*:*:mellanox_os_lts:*:*", - "versionStartExcluding": "3.11.0000", - "versionEndIncluding": "3.11.2302", - "matchCriteriaId": "5886AC86-BB6B-4627-91D7-9A6F256500A3" + "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:lts:*:*:*", + "versionStartIncluding": "3.11.0000", + "versionEndExcluding": "3.11.2302", + "matchCriteriaId": "77AA870D-4162-4F51-B792-D1963E57D18F" } ] } @@ -119,15 +119,16 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:nvidia:onyx:*:*:*:*:onyx_lts:*:*:*", + "criteria": "cpe:2.3:o:nvidia:onyx:*:*:*:*:lts:*:*:*", "versionEndExcluding": "3.10.4504", - "matchCriteriaId": "1D9AD737-499F-4926-AB18-D34D75EFA169" + "matchCriteriaId": "ACA84659-5961-46E4-9307-1A6CAA6EF315" } ] } ] }, { + "operator": "AND", "nodes": [ { "operator": "OR", @@ -135,21 +136,33 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:h:nvidia:skyway:*:*:*:*:*:skyway_lts:*:*", + "criteria": "cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:lts:*:*:*", "versionEndExcluding": "8.1.4500", - "matchCriteriaId": "629A139D-C222-48B2-BCE9-323BD1595698" + "matchCriteriaId": "6D5BCB2C-535F-444A-BC92-35724A806A7A" }, { "vulnerable": true, - "criteria": "cpe:2.3:h:nvidia:skyway:*:*:*:*:*:skyway:*:*", + "criteria": "cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:-:*:*:*", "versionEndExcluding": "8.2.2300", - "matchCriteriaId": "EF4FB15E-A443-402B-AB78-87F047FAA16C" + "matchCriteriaId": "50063E3A-0932-4BF5-8461-6985BD624328" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:mga100-hs2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "06EFCB4A-1688-4C0A-80C8-D1B50BDF5D82" } ] } ] }, { + "operator": "AND", "nodes": [ { "operator": "OR", @@ -157,15 +170,27 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:h:nvidia:metrox-3_xc:*:*:*:*:*:metrox:*:*", - "versionEndExcluding": "18.2.2300", - "matchCriteriaId": "0EAD9D32-C07A-4763-ADF6-CCD72A580125" + "criteria": "cpe:2.3:o:nvidia:nvda-os_xc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.2.2200", + "matchCriteriaId": "3503FC22-FDB7-4588-8451-3F601F1C4F88" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:mtq8400-hs2r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A48D107C-6629-4954-BE12-F62F6987D45D" } ] } ] }, { + "operator": "AND", "nodes": [ { "operator": "OR", @@ -173,9 +198,25 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:h:nvidia:metrox-2:*:*:*:*:*:metrox:*:*", + "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:*", "versionEndExcluding": "3.12.1002", - "matchCriteriaId": "F069237E-F6C7-4D57-9AB6-DAF4E75D7561" + "matchCriteriaId": "CF3DBA9B-E254-4720-80DE-BAE1E6C87D39" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:tq8100-hs2f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FBAE0EE-CEC8-47B6-80A6-7057432CB808" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:tq8200-hs2f:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2CFC8AF7-0173-4C62-BCF0-47D8A14F057B" } ] } diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0115.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0115.json index 4a2d0bd456e..7d39574cd4f 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0115.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0115.json @@ -2,7 +2,7 @@ "id": "CVE-2024-0115", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-08-12T13:38:12.943", - "lastModified": "2024-09-11T17:24:27.393", + "lastModified": "2024-12-26T19:21:45.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -83,6 +83,7 @@ ], "configurations": [ { + "operator": "AND", "nodes": [ { "operator": "OR", @@ -90,24 +91,79 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:nvidia:cv-cuda:*:*:*:*:*:jetpack:*:*", - "versionStartIncluding": "0.1.0", - "versionEndIncluding": "0.10.0", - "matchCriteriaId": "C46E7E53-7D0C-4D53-A3FC-3E195E817386" + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.1.0:prealpha:*:*:*:*:*:*", + "matchCriteriaId": "B1799F50-62F3-4E38-80F4-A5E8991AD945" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:nvidia:cv-cuda:*:*:*:*:*:ubuntu_20.04:*:*", - "versionStartIncluding": "0.1.0", - "versionEndIncluding": "0.10.0", - "matchCriteriaId": "38D1DC42-30AD-423B-91FA-8EC7929F936D" + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.2.0:alpha:*:*:*:*:*:*", + "matchCriteriaId": "ADC7DACB-A6D5-4C2F-B222-1409FAE3D669" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:nvidia:cv-cuda:*:*:*:*:*:ubuntu_22.04:*:*", - "versionStartIncluding": "0.1.0", - "versionEndIncluding": "0.10.0", - "matchCriteriaId": "44B5F90C-CD1C-4F11-BB45-717CA0C8DEED" + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.2.1:alpha:*:*:*:*:*:*", + "matchCriteriaId": "6A452C07-2073-4BB3-AC27-0D085E33602C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.3.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "FADC39DA-E1EA-469F-9252-9B7623E4751C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.3.1:beta:*:*:*:*:*:*", + "matchCriteriaId": "BE1D5C25-23E3-48E2-8327-7DB5853D1B18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.4.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "60F7EA28-6914-47C0-B2AB-8098F90B5565" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.5.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "44F77894-6314-41AE-B0AE-3AAFF9136D8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.6.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "F330EE75-02EC-46D1-B9DE-C960ACD2F260" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.7.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "898D3460-EEB8-47AD-9386-FF005DF3F48C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.8.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "FE6B69A1-18DC-49C0-87DC-3A81453361E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.9.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "14704CB7-BE26-4233-BC7A-0EC4CB99F388" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:a:nvidia:jetpack_software_development_kit:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1118D1E-AC16-4B3E-9F8A-23ED964FD806" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", + "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", + "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE" } ] } diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10858.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10858.json index 27702e854f4..ab20dd29a20 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10858.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10858.json @@ -2,7 +2,7 @@ "id": "CVE-2024-10858", "sourceIdentifier": "contact@wpscan.com", "published": "2024-12-25T06:15:23.407", - "lastModified": "2024-12-25T06:15:23.407", + "lastModified": "2024-12-26T20:15:20.080", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,11 +11,38 @@ "value": "The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/7fecba37-d718-4dd4-89f3-285fb36a4165/", "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/7fecba37-d718-4dd4-89f3-285fb36a4165/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12961.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12961.json index 2dba161a969..fe831c56871 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12961.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12961.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12961", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T18:15:23.463", - "lastModified": "2024-12-26T18:15:23.463", + "lastModified": "2024-12-26T19:15:07.563", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://vuldb.com/?submit.468805", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/dawatermelon/CVE/blob/main/Portfolio%20Management%20System%20MCA%20Project/README9.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12962.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12962.json new file mode 100644 index 00000000000..db77f7c7be6 --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12962.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-12962", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-26T19:15:07.710", + "lastModified": "2024-12-26T19:15:07.710", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /_parse/_all_edits.php. The manipulation of the argument skillset leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/UnrealdDei/cve/blob/main/sql5.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289327", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289327", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.468921", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12963.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12963.json new file mode 100644 index 00000000000..b95a485b9ba --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12963.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-12963", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-26T20:15:20.853", + "lastModified": "2024-12-26T20:15:20.853", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this issue is the function add_xp of the file /_parse/_all_edits.php. The manipulation of the argument job_company leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/UnrealdDei/cve/blob/main/sql6.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289328", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289328", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.468922", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12964.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12964.json new file mode 100644 index 00000000000..13c34d66edb --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12964.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-12964", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-26T20:15:21.110", + "lastModified": "2024-12-26T20:15:21.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://1000projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/alc9700jmo/CVE/issues/4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289329", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289329", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.468976", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27070.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27070.json index 4df77fbfd63..79be89f5a74 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27070.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27070.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27070", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:51.037", - "lastModified": "2024-11-21T09:03:47.847", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-26T20:25:12.927", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,89 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: f2fs: soluci\u00f3n para evitar el problema de use-after-free en f2fs_filemap_fault syzbot informa un error de f2fs como se muestra a continuaci\u00f3n: ERROR: KASAN: slab-use-after-free en f2fs_filemap_fault+0xd1/0x2c0 fs/f2fs/file.c:49 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88807bb22680 por tarea syz-executor184/5058 CPU: 0 PID: 5058 Comm: syz-executor184 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 17/11/2023 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 print_address_description mm/kasan/ report.c:377 [en l\u00ednea] print_report+0x163/0x540 mm/kasan/report.c:488 kasan_report+0x142/0x170 mm/kasan/report.c:601 f2fs_filemap_fault+0xd1/0x2c0 fs/f2fs/file.c:49 __do_fault+0x131/0x450 mm/memory.c:4376 do_shared_fault mm/memory.c:4798 [en l\u00ednea] do_fault mm/memory.c:4872 [en l\u00ednea] do_pte_missing mm/memory.c:3745 [en l\u00ednea] handle_pte_fault mm/memory. c:5144 [en l\u00ednea] __handle_mm_fault+0x23b7/0x72b0 mm/memory.c:5285 handle_mm_fault+0x27e/0x770 mm/memory.c:5450 do_user_addr_fault arch/x86/mm/fault.c:1364 [en l\u00ednea] handle_page_fault arch/x86/ mm/fault.c:1507 [en l\u00ednea] exc_page_fault+0x456/0x870 arch/x86/mm/fault.c:1563 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570 La causa ra\u00edz es: en f2fs_filemap_fault(), es posible que vmf->vma no est\u00e9 activo despu\u00e9s de filemap_fault(), por lo que puede causar un problema de use-after-free al acceder a vmf->vma->vm_flags en trace_f2fs_filemap_fault(). Por lo tanto, debe mantener vm_flags en una variable temporal separada para su uso en puntos de seguimiento." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/8186e16a766d709a08f188d2f4e84098f364bea1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8186e16a766d709a08f188d2f4e84098f364bea1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27392.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27392.json index 5c01332a564..d1ff38d3e6e 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27392.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27392.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27392", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:51.793", - "lastModified": "2024-11-21T09:04:31.040", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-26T20:32:43.923", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,89 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: nvme: host: corrige la doble liberaci\u00f3n de la estructura nvme_id_ns en ns_update_nuse() Cuando nvme_identify_ns() falla, libera el puntero a la estructura nvme_id_ns antes de que regrese. Sin embargo, ns_update_nuse() llama a kfree() para el puntero incluso cuando nvme_identify_ns() falla. Esto da como resultado KASAN double-free, que se observ\u00f3 con blktests nvme/045 con parches propuestos [1] en el kernel v6.8-rc7. Corrija el doble libre omitiendo kfree() cuando falla nvme_identify_ns()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/534f9dc7fe495b3f9cc84363898ac50c5a25fccb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d0d2447394b13fb22a069f0330f9c49b7fff9d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/534f9dc7fe495b3f9cc84363898ac50c5a25fccb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d0d2447394b13fb22a069f0330f9c49b7fff9d3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-549xx/CVE-2024-54907.json b/CVE-2024/CVE-2024-549xx/CVE-2024-54907.json new file mode 100644 index 00000000000..97fdec6b098 --- /dev/null +++ b/CVE-2024/CVE-2024-549xx/CVE-2024-54907.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54907", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-26T19:15:08.153", + "lastModified": "2024-12-26T20:15:21.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MnrikSrins/totolink_A3002R_RCE", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-552xx/CVE-2024-55231.json b/CVE-2024/CVE-2024-552xx/CVE-2024-55231.json index 9bb15155aa5..54036c40a4b 100644 --- a/CVE-2024/CVE-2024-552xx/CVE-2024-55231.json +++ b/CVE-2024/CVE-2024-552xx/CVE-2024-55231.json @@ -2,8 +2,8 @@ "id": "CVE-2024-55231", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T22:15:07.127", - "lastModified": "2024-12-18T22:15:07.127", - "vulnStatus": "Received", + "lastModified": "2024-12-26T20:15:22.363", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -15,11 +15,50 @@ "value": "Una vulnerabilidad de IDOR en edit-notes.php module de PHPGurukul Online Notes Sharing Management System v1.0 permite que usuarios no autorizados modifiquen notas pertenecientes a otras cuentas debido a la falta de comprobaciones de autorizaci\u00f3n. Esta falla expone datos confidenciales y permite a los atacantes alterar la informaci\u00f3n de otro usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], "references": [ { "url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55231.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55231.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-552xx/CVE-2024-55232.json b/CVE-2024/CVE-2024-552xx/CVE-2024-55232.json index 198d98e5b04..e8a278876e0 100644 --- a/CVE-2024/CVE-2024-552xx/CVE-2024-55232.json +++ b/CVE-2024/CVE-2024-552xx/CVE-2024-55232.json @@ -2,8 +2,8 @@ "id": "CVE-2024-55232", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T22:15:07.297", - "lastModified": "2024-12-18T22:15:07.297", - "vulnStatus": "Received", + "lastModified": "2024-12-26T20:15:22.673", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -15,7 +15,42 @@ "value": "Una vulnerabilidad de IDOR en manage-notes.php module en PHPGurukul Online Notes Sharing Management System v1.0 permite que usuarios no autorizados eliminen notas pertenecientes a otras cuentas debido a la falta de comprobaciones de autorizaci\u00f3n. Esta falla permite a los atacantes eliminar la informaci\u00f3n de otro usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-290" + } + ] + } + ], "references": [ { "url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55232.md", diff --git a/CVE-2024/CVE-2024-555xx/CVE-2024-55506.json b/CVE-2024/CVE-2024-555xx/CVE-2024-55506.json index fde43376000..0fc9bf77a3e 100644 --- a/CVE-2024/CVE-2024-555xx/CVE-2024-55506.json +++ b/CVE-2024/CVE-2024-555xx/CVE-2024-55506.json @@ -2,8 +2,8 @@ "id": "CVE-2024-55506", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:17.523", - "lastModified": "2024-12-18T23:15:17.523", - "vulnStatus": "Received", + "lastModified": "2024-12-26T20:15:22.867", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -15,11 +15,50 @@ "value": "Una vulnerabilidad IDOR en CodeAstro's Complaint Management System v1.0 (versi\u00f3n con 0 actualizaciones) de CodeAstro permite a un atacante ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del archivo delete.php y modificando el par\u00e1metro id." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], "references": [ { "url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55506.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55506.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-555xx/CVE-2024-55509.json b/CVE-2024/CVE-2024-555xx/CVE-2024-55509.json index 1c504b8d072..57515d0c905 100644 --- a/CVE-2024/CVE-2024-555xx/CVE-2024-55509.json +++ b/CVE-2024/CVE-2024-555xx/CVE-2024-55509.json @@ -2,20 +2,63 @@ "id": "CVE-2024-55509", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-20T21:15:09.413", - "lastModified": "2024-12-20T21:15:09.413", - "vulnStatus": "Received", + "lastModified": "2024-12-26T20:15:23.067", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de inyecci\u00f3n SQL en CodeAstro Complaint Management System v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario y escalar privilegios a trav\u00e9s del par\u00e1metro id del componente delete.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/prithivilakshmanan/CSV/blob/main/CVE-2024-55509.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/prithivilakshmanan/CSV/blob/main/CVE-2024-55509.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-561xx/CVE-2024-56170.json b/CVE-2024/CVE-2024-561xx/CVE-2024-56170.json index fb0ca859ee4..22a56dd2efb 100644 --- a/CVE-2024/CVE-2024-561xx/CVE-2024-56170.json +++ b/CVE-2024/CVE-2024-561xx/CVE-2024-56170.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56170", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T05:15:09.093", - "lastModified": "2024-12-18T05:15:09.093", + "lastModified": "2024-12-26T19:15:08.283", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 un problema de integridad de validaci\u00f3n en Fort hasta 1.6.4 antes de 2.0.0. Los manifiestos RPKI son listas de archivos relevantes que los clientes deben verificar. Suponiendo que todo lo dem\u00e1s sea correcto, se debe priorizar la versi\u00f3n m\u00e1s reciente de un manifiesto sobre otras versiones, para evitar repeticiones, accidentales o de otro tipo. Los manifiestos contienen los campos manifestNumber y thisUpdate, que se pueden usar para medir la relevancia de un manifiesto determinado, en comparaci\u00f3n con otros manifiestos. El primero es un n\u00famero secuencial de tipo serial y el segundo es la fecha en la que se cre\u00f3 el manifiesto. Sin embargo, el producto no compara la actualidad del manifiesto obtenido m\u00e1s recientemente con el manifiesto almacenado en cach\u00e9. Como tal, es propenso a una reversi\u00f3n a una versi\u00f3n anterior si se entreg\u00f3 un manifiesto desactualizado v\u00e1lido. Esto conduce a una validaci\u00f3n de origen de ruta desactualizada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-346" + } + ] + } + ], "references": [ { "url": "https://nicmx.github.io/FORT-validator/CVE.html", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56378.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56378.json index 5d163d9390f..21d123d7d86 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56378.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56378.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56378", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-23T00:15:05.133", - "lastModified": "2024-12-23T00:15:05.133", - "vulnStatus": "Received", + "lastModified": "2024-12-26T20:15:23.270", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc." + }, + { + "lang": "es", + "value": "libpoppler.so en Poppler hasta 24.12.0 tiene una vulnerabilidad de lectura fuera de los l\u00edmites dentro de la funci\u00f3n JBIG2Bitmap::combine en JBIG2Stream.cc." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621", diff --git a/CVE-2024/CVE-2024-564xx/CVE-2024-56430.json b/CVE-2024/CVE-2024-564xx/CVE-2024-56430.json index 23294e92bd6..68859782488 100644 --- a/CVE-2024/CVE-2024-564xx/CVE-2024-56430.json +++ b/CVE-2024/CVE-2024-564xx/CVE-2024-56430.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56430", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-25T18:15:22.487", - "lastModified": "2024-12-25T18:15:22.487", + "lastModified": "2024-12-26T20:15:23.447", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "OpenFHE through 1.2.3 has a NULL pointer dereference in BinFHEContext::EvalFloor in lib/binfhe-base-scheme.cpp." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", @@ -22,6 +45,16 @@ "value": "CWE-476" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] } ], "references": [ @@ -36,6 +69,10 @@ { "url": "https://github.com/openfheorg/openfhe-development/releases/tag/v1.2.3", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/UnionTech-Software/openfhe-PoC", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/README.md b/README.md index f57afb518de..766859832d7 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-26T19:00:20.361976+00:00 +2024-12-26T21:00:19.951886+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-26T18:47:14.357000+00:00 +2024-12-26T20:49:20.487000+00:00 ``` ### Last Data Feed Release @@ -33,46 +33,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -274725 +274729 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `4` -- [CVE-2024-12960](CVE-2024/CVE-2024-129xx/CVE-2024-12960.json) (`2024-12-26T18:15:21.027`) -- [CVE-2024-12961](CVE-2024/CVE-2024-129xx/CVE-2024-12961.json) (`2024-12-26T18:15:23.463`) +- [CVE-2024-12962](CVE-2024/CVE-2024-129xx/CVE-2024-12962.json) (`2024-12-26T19:15:07.710`) +- [CVE-2024-12963](CVE-2024/CVE-2024-129xx/CVE-2024-12963.json) (`2024-12-26T20:15:20.853`) +- [CVE-2024-12964](CVE-2024/CVE-2024-129xx/CVE-2024-12964.json) (`2024-12-26T20:15:21.110`) +- [CVE-2024-54907](CVE-2024/CVE-2024-549xx/CVE-2024-54907.json) (`2024-12-26T19:15:08.153`) ### CVEs modified in the last Commit -Recently modified CVEs: `29` +Recently modified CVEs: `41` -- [CVE-2021-47362](CVE-2021/CVE-2021-473xx/CVE-2021-47362.json) (`2024-12-26T18:47:14.357`) -- [CVE-2021-47363](CVE-2021/CVE-2021-473xx/CVE-2021-47363.json) (`2024-12-26T17:56:27.117`) -- [CVE-2021-47364](CVE-2021/CVE-2021-473xx/CVE-2021-47364.json) (`2024-12-26T17:56:47.957`) -- [CVE-2021-47372](CVE-2021/CVE-2021-473xx/CVE-2021-47372.json) (`2024-12-26T17:57:10.690`) -- [CVE-2021-47373](CVE-2021/CVE-2021-473xx/CVE-2021-47373.json) (`2024-12-26T17:57:35.547`) -- [CVE-2024-12931](CVE-2024/CVE-2024-129xx/CVE-2024-12931.json) (`2024-12-26T18:15:06.663`) -- [CVE-2024-12932](CVE-2024/CVE-2024-129xx/CVE-2024-12932.json) (`2024-12-26T18:15:09.233`) -- [CVE-2024-12933](CVE-2024/CVE-2024-129xx/CVE-2024-12933.json) (`2024-12-26T18:15:11.783`) -- [CVE-2024-12934](CVE-2024/CVE-2024-129xx/CVE-2024-12934.json) (`2024-12-26T18:15:14.550`) -- [CVE-2024-12935](CVE-2024/CVE-2024-129xx/CVE-2024-12935.json) (`2024-12-26T18:15:17.483`) -- [CVE-2024-12936](CVE-2024/CVE-2024-129xx/CVE-2024-12936.json) (`2024-12-26T17:15:06.487`) -- [CVE-2024-12937](CVE-2024/CVE-2024-129xx/CVE-2024-12937.json) (`2024-12-26T17:15:06.873`) -- [CVE-2024-12945](CVE-2024/CVE-2024-129xx/CVE-2024-12945.json) (`2024-12-26T17:15:07.017`) -- [CVE-2024-12946](CVE-2024/CVE-2024-129xx/CVE-2024-12946.json) (`2024-12-26T17:15:07.153`) -- [CVE-2024-12947](CVE-2024/CVE-2024-129xx/CVE-2024-12947.json) (`2024-12-26T17:15:07.293`) -- [CVE-2024-12948](CVE-2024/CVE-2024-129xx/CVE-2024-12948.json) (`2024-12-26T17:15:07.427`) -- [CVE-2024-12950](CVE-2024/CVE-2024-129xx/CVE-2024-12950.json) (`2024-12-26T17:15:07.553`) -- [CVE-2024-47148](CVE-2024/CVE-2024-471xx/CVE-2024-47148.json) (`2024-12-26T17:15:07.687`) -- [CVE-2024-47149](CVE-2024/CVE-2024-471xx/CVE-2024-47149.json) (`2024-12-26T17:15:07.810`) -- [CVE-2024-47150](CVE-2024/CVE-2024-471xx/CVE-2024-47150.json) (`2024-12-26T17:15:07.923`) -- [CVE-2024-47151](CVE-2024/CVE-2024-471xx/CVE-2024-47151.json) (`2024-12-26T17:15:08.037`) -- [CVE-2024-47156](CVE-2024/CVE-2024-471xx/CVE-2024-47156.json) (`2024-12-26T17:15:08.150`) -- [CVE-2024-8992](CVE-2024/CVE-2024-89xx/CVE-2024-8992.json) (`2024-12-26T17:15:08.267`) -- [CVE-2024-8993](CVE-2024/CVE-2024-89xx/CVE-2024-8993.json) (`2024-12-26T17:15:08.387`) -- [CVE-2024-8994](CVE-2024/CVE-2024-89xx/CVE-2024-8994.json) (`2024-12-26T17:15:08.500`) +- [CVE-2021-47334](CVE-2021/CVE-2021-473xx/CVE-2021-47334.json) (`2024-12-26T19:25:16.993`) +- [CVE-2021-47342](CVE-2021/CVE-2021-473xx/CVE-2021-47342.json) (`2024-12-26T19:29:20.557`) +- [CVE-2021-47355](CVE-2021/CVE-2021-473xx/CVE-2021-47355.json) (`2024-12-26T19:29:36.887`) +- [CVE-2021-47357](CVE-2021/CVE-2021-473xx/CVE-2021-47357.json) (`2024-12-26T19:30:01.220`) +- [CVE-2021-47358](CVE-2021/CVE-2021-473xx/CVE-2021-47358.json) (`2024-12-26T19:31:16.863`) +- [CVE-2021-47361](CVE-2021/CVE-2021-473xx/CVE-2021-47361.json) (`2024-12-26T19:45:51.123`) +- [CVE-2022-48500](CVE-2022/CVE-2022-485xx/CVE-2022-48500.json) (`2024-12-26T19:15:07.023`) +- [CVE-2022-48501](CVE-2022/CVE-2022-485xx/CVE-2022-48501.json) (`2024-12-26T19:15:07.243`) +- [CVE-2022-48695](CVE-2022/CVE-2022-486xx/CVE-2022-48695.json) (`2024-12-26T20:38:14.673`) +- [CVE-2023-35082](CVE-2023/CVE-2023-350xx/CVE-2023-35082.json) (`2024-12-26T20:48:22.997`) +- [CVE-2024-0101](CVE-2024/CVE-2024-01xx/CVE-2024-0101.json) (`2024-12-26T19:44:17.690`) +- [CVE-2024-0104](CVE-2024/CVE-2024-01xx/CVE-2024-0104.json) (`2024-12-26T19:44:22.577`) +- [CVE-2024-0113](CVE-2024/CVE-2024-01xx/CVE-2024-0113.json) (`2024-12-26T19:21:52.380`) +- [CVE-2024-0115](CVE-2024/CVE-2024-01xx/CVE-2024-0115.json) (`2024-12-26T19:21:45.613`) +- [CVE-2024-10858](CVE-2024/CVE-2024-108xx/CVE-2024-10858.json) (`2024-12-26T20:15:20.080`) +- [CVE-2024-12961](CVE-2024/CVE-2024-129xx/CVE-2024-12961.json) (`2024-12-26T19:15:07.563`) +- [CVE-2024-27070](CVE-2024/CVE-2024-270xx/CVE-2024-27070.json) (`2024-12-26T20:25:12.927`) +- [CVE-2024-27392](CVE-2024/CVE-2024-273xx/CVE-2024-27392.json) (`2024-12-26T20:32:43.923`) +- [CVE-2024-55231](CVE-2024/CVE-2024-552xx/CVE-2024-55231.json) (`2024-12-26T20:15:22.363`) +- [CVE-2024-55232](CVE-2024/CVE-2024-552xx/CVE-2024-55232.json) (`2024-12-26T20:15:22.673`) +- [CVE-2024-55506](CVE-2024/CVE-2024-555xx/CVE-2024-55506.json) (`2024-12-26T20:15:22.867`) +- [CVE-2024-55509](CVE-2024/CVE-2024-555xx/CVE-2024-55509.json) (`2024-12-26T20:15:23.067`) +- [CVE-2024-56170](CVE-2024/CVE-2024-561xx/CVE-2024-56170.json) (`2024-12-26T19:15:08.283`) +- [CVE-2024-56378](CVE-2024/CVE-2024-563xx/CVE-2024-56378.json) (`2024-12-26T20:15:23.270`) +- [CVE-2024-56430](CVE-2024/CVE-2024-564xx/CVE-2024-56430.json) (`2024-12-26T20:15:23.447`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 8bd58ec462f..74d8ed30648 100644 --- a/_state.csv +++ b/_state.csv @@ -148682,7 +148682,7 @@ CVE-2020-1370,0,0,591b16ec8f4f0ae5e9bfc9764d790980f0b8e496af20e9b5d8aa48fbf81d74 CVE-2020-13700,0,0,3c1a07741016b4eb735d6b3f93f1d0b53d686b1ab55517970191f502276f3387,2024-11-21T05:01:46.017000 CVE-2020-13702,0,0,fb9d9c32cea4b8eed9a095bb8b87efbd259a84d00f3eb8a3d9bfec4836f7d468,2024-11-21T05:01:46.160000 CVE-2020-1371,0,0,df64c23919d4672f0a2e0bed77e04ebeb6b6138890a3874b80735274593e7351,2024-11-21T05:10:21.147000 -CVE-2020-13712,0,0,d92c00e14b08267ded22aa615d83a84b7cd15685433faae0972ae1c837bbd9a3,2024-12-20T22:15:23.327000 +CVE-2020-13712,0,1,6d3de8042f3191232bb6f9fd11fc351c989841e5309583df9695f7c0b544144d,2024-12-26T20:15:19.377000 CVE-2020-13713,0,0,f46289f227345384631db36a773e1697a3a688092924976822e45a727dbc6397,2023-11-07T03:16:47.813000 CVE-2020-13714,0,0,6b747f644510f2f0d78ce40ad61be7b8f1fe9be127d84e7cad37b6f30b57fe56,2023-11-07T03:16:48.067000 CVE-2020-13715,0,0,48e7f07ba30f852f3ca20628661ea499d89f8d29672b944f3ce2363b7c7ccf3d,2023-11-07T03:16:48.323000 @@ -187432,24 +187432,24 @@ CVE-2021-47262,0,0,461d2312c88f5c3d90b68aeac4255bd5721c21df1555b4eaef5e703311044 CVE-2021-47263,0,0,dcefe631c466b35e0f40540ba2b98e1ec31fbbaf55744f2fa7ba06315fc7b1d2,2024-11-21T06:35:45.180000 CVE-2021-47264,0,0,ca0befb3f2cfeab4dd46a812016c35d2cc4743784a96a99ddec4e72f3ad432ae,2024-12-24T16:34:16.977000 CVE-2021-47265,0,0,30e7ca1b9773cb91789e3a60b13ecb7cec823e9a9924c6b30e3f34f498c2886d,2024-11-21T06:35:45.380000 -CVE-2021-47266,0,0,906e75f98d720176acf86d7640bcd9f0b347ee6bd0dd0527d03724e396a1921d,2024-11-21T06:35:45.477000 +CVE-2021-47266,0,1,8fe22556c970090a48c2d282192a952d7718c0b55583c4da380c25ceaddf3afa,2024-12-26T20:41:25.273000 CVE-2021-47267,0,0,f4027374d1054817c82182e8941f4cb30bbbf31f909e1f83a3e5e014be399dbb,2024-11-21T06:35:45.593000 -CVE-2021-47268,0,0,45214aa797574913856dd718c35b35d7078740374510d32db705215d1ec1eeda,2024-11-21T06:35:45.800000 +CVE-2021-47268,0,1,c96a764ea61abe21b4dca87e4ec7590da2cd04480f8a40417548714fc05c32e9,2024-12-26T20:42:00.700000 CVE-2021-47269,0,0,4f34e7fdaf8069233f091ee4d570e2e19ca836c2f25897723ed1ff765446df2c,2024-12-24T16:33:36.863000 CVE-2021-47270,0,0,c225feecb56e43fc5dbc2007585ca168570d4e33bb3e9e3172076816604c85fc,2024-12-24T16:32:36.987000 CVE-2021-47271,0,0,8b45f3b51b5efafe6ecfeee684b6d2ad11b9b177811db539ed455892be9f5b45,2024-11-21T06:35:46.113000 CVE-2021-47272,0,0,c69eb2be8fce6d6565e5cc4d65c854c3be154d237268aa1e8cd3b803b2dfb1db,2024-11-21T06:35:46.283000 -CVE-2021-47273,0,0,5f37541365d53e02e2775e54c266e774c0ec6630c116f0d472b2e423dadfe695,2024-11-21T06:35:46.423000 +CVE-2021-47273,0,1,62aeef2b5f4a04d548c1cdb3808d0b3c755fbb7fdeec2f7d272fe5851d81110d,2024-12-26T20:48:47.207000 CVE-2021-47274,0,0,4584f912c5b14c6ddc472234c810b9a7aba1a7857d68de39081964c1014c4e97,2024-11-21T06:35:46.540000 CVE-2021-47275,0,0,ba8f23f46e5f9c8a8196ced2309dd609ba17bbed5666b23650763bf7e676fd4d,2024-11-21T06:35:46.750000 CVE-2021-47276,0,0,4ac47ce93ef1167f4ed4314455eee89eff59b1a95f594d66693d87bab1dd295c,2024-11-21T06:35:46.860000 CVE-2021-47277,0,0,8690d7a30f6cb1d12af1b6c72d1e9e505e72994dacdc75c1965f64f8c7cb82a2,2024-11-21T06:35:46.993000 -CVE-2021-47278,0,0,81fe512d93c15d243cbdb630886736c459c6f4b7d2f336c233f1ec6562f0355d,2024-11-21T06:35:47.120000 -CVE-2021-47279,0,0,a07bfa2ceead911b03923957f3b9f88dcf29a6fe508197242524e41d6508a6b3,2024-11-21T06:35:47.237000 +CVE-2021-47278,0,1,747ad576b9cf026fa4d2706df0f8ba2704f34f731a6ceeff9bf67b66527f2bbc,2024-12-26T20:48:56.327000 +CVE-2021-47279,0,1,79987a828c416c7e0f52b64f3120ac5d6c6abea85d94078b31c22aec813ad765,2024-12-26T20:49:05.890000 CVE-2021-47280,0,0,fa99d562ed370ef88c7a6108c724dc45b3f7a6ac4775aca24ab929a5be7fc204,2024-12-24T16:31:41.267000 CVE-2021-47281,0,0,445edac3985fca4436c6fe2478adb4d7551697c7289c147f32e873b96f53b9ed,2024-12-24T16:30:22.490000 CVE-2021-47282,0,0,6483193e9b3445a7b4bf4be780076723f767023b65b10374e78c42c375e2ffff,2024-11-21T06:35:47.563000 -CVE-2021-47283,0,0,6526683f0de462b02cef39d15ebfd2084b1d424dd635da6faaeca42e0f5610e7,2024-11-21T06:35:47.680000 +CVE-2021-47283,0,1,13bb485404bfc9e6736f19647a055b33f25828dba6024202a054eb1f61e535f6,2024-12-26T20:49:20.487000 CVE-2021-47284,0,0,8975c2621028e7284219731a1a907773ed9554f378866a44a158dcbaccb386f2,2024-11-21T06:35:47.793000 CVE-2021-47285,0,0,996ea18361ebd04fd45b1694fe1d9404484a2740395fd8ca2c06e472a7098e5f,2024-07-02T20:15:04.637000 CVE-2021-47286,0,0,8a9dda2b710d3f7c5ee0e5600f2738fe2dadd04ede6bd48b4fdd8ee5eef986b1,2024-11-21T06:35:48.023000 @@ -187465,42 +187465,42 @@ CVE-2021-47295,0,0,dcf2c14dcd7c1eebf237f1f13910c2f3167704ad0491962cfa3f90a199e66 CVE-2021-47296,0,0,46f1928e47fbe57f126476cdaadd1ae2fed1587f0442574e52a316f59fb9994c,2024-11-21T06:35:49.233000 CVE-2021-47297,0,0,515441ee2784eaff13d18903014004f3060f9f43302819c125fe3d14c44cddf7,2024-11-21T06:35:49.360000 CVE-2021-47298,0,0,3272555661916384da5707a33dc94b4ff91a4406d7ac2d83ddfd785978dc68b9,2024-12-23T16:39:18.313000 -CVE-2021-47299,0,0,8c9619e9adff7374b5157f37beb700722799f12f37a412397c40d10b3cae71fc,2024-11-21T06:35:49.663000 -CVE-2021-47300,0,0,ce5136fdfafce412191edc3356c42ceda417369fd2e43819f434170b6a1ec715,2024-11-21T06:35:49.787000 -CVE-2021-47301,0,0,c7fd3245a39638e65ab5fa6f63f1b0150a0c9abf53cda771d9a8300b5fab22e2,2024-11-21T06:35:49.917000 -CVE-2021-47302,0,0,177ecedec4d5c4d981654c9f9302651e4e931d960c1a81661a572ebb8f8f31d0,2024-11-21T06:35:50.047000 -CVE-2021-47303,0,1,33d269b1bf454cdcb5fcabcdf05cf44438dc5f0306829f1b3c6c9404c6c9efa1,2024-12-26T18:42:15.977000 +CVE-2021-47299,0,1,fb16a710b43f683ac7970e038a6766b6c976930e64c22cdec8931bf62556229d,2024-12-26T20:43:42.353000 +CVE-2021-47300,0,1,64765e2653620a4a775ca8c63d1ae5f69f49cb2082d94aa7d77d0396e4bf228a,2024-12-26T20:44:16.713000 +CVE-2021-47301,0,1,9e1f9e40013d75a7a2d0d0056f715d9b7ccf065be0660039c918a174f6cdbfc6,2024-12-26T20:44:31.930000 +CVE-2021-47302,0,1,0981c89478b26b79f6f4a17d1cef65409abf7eccb6d1cfbfe83bddb002db92fd,2024-12-26T20:44:51.377000 +CVE-2021-47303,0,0,33d269b1bf454cdcb5fcabcdf05cf44438dc5f0306829f1b3c6c9404c6c9efa1,2024-12-26T18:42:15.977000 CVE-2021-47304,0,0,620a586e9d1a589123fcf3a9177f942d33c036d5a8782c0f708b9f486f2517ae,2024-11-21T06:35:50.293000 CVE-2021-47305,0,0,1c65a92c62fed48ba7c1c402a8f2a2238757a9a90648c82e68ca9f3d847b1837,2024-11-21T06:35:50.407000 -CVE-2021-47306,0,1,bb438d172dc2f30c8b997ded9e10636ca48a0d8b4294a15375456ecfdb0f010e,2024-12-26T18:43:39.927000 -CVE-2021-47307,0,1,6d3f1e22663071a79dcd22f014d0bec38bc02ba2108c7bb1b94cd5ac9e451cbf,2024-12-26T18:44:19.590000 +CVE-2021-47306,0,0,bb438d172dc2f30c8b997ded9e10636ca48a0d8b4294a15375456ecfdb0f010e,2024-12-26T18:43:39.927000 +CVE-2021-47307,0,0,6d3f1e22663071a79dcd22f014d0bec38bc02ba2108c7bb1b94cd5ac9e451cbf,2024-12-26T18:44:19.590000 CVE-2021-47308,0,0,35935370c28d2898c9878fd683d15cb883788da4704ea822cda7ca44e54143f1,2024-11-21T06:35:50.800000 -CVE-2021-47309,0,1,e23eb4c6b7b7423f185e3c780fa9bf811012de9ad34596296ab8912b37eba81b,2024-12-26T18:44:48.667000 -CVE-2021-47310,0,0,3ae749fda9ec456310fc4e7a2f1189042525415e69757e229d99417c58244fc5,2024-11-21T06:35:51.107000 -CVE-2021-47311,0,0,78d42a252462dda1640eb7365fe87e80305daeb702c553a4457fbbbce3e6f75d,2024-11-21T06:35:51.230000 +CVE-2021-47309,0,0,e23eb4c6b7b7423f185e3c780fa9bf811012de9ad34596296ab8912b37eba81b,2024-12-26T18:44:48.667000 +CVE-2021-47310,0,1,719bccef31914da03afe15e6ccc5ffc2016af29418a60b917372fca3493058df,2024-12-26T19:50:22.370000 +CVE-2021-47311,0,1,98e1520633064ae9e3dacbc844be85413b874bf2f2fbe22abe4dd107f5906e8d,2024-12-26T19:50:44.387000 CVE-2021-47312,0,0,ff86c9dd2d16a622215b4ad8e9480ff3358e2ff4844e931b7513ca3679660ed3,2024-11-21T06:35:51.343000 CVE-2021-47313,0,0,174ef32811d7098b5db5ef1f2809acfcc4a86790f0c1c80b5ea6f0036d215f8d,2024-11-21T06:35:51.557000 CVE-2021-47314,0,0,ff82d7f5d9d8e8b670019e9e1121b7bc84e2a204794ea492ea0b9951850e98c8,2024-12-24T16:38:21.477000 CVE-2021-47315,0,0,5bcaf9c32079e82b705d6ab9332b28d8f144631fd89fee0889f389a7ecac4b28,2024-11-21T06:35:51.877000 CVE-2021-47316,0,0,84a8b71459e2724b9fd56eaaaa584f59f6bab28499815fcf33aa4c939541d9ec,2024-12-24T16:28:58.957000 CVE-2021-47317,0,0,3838e2614ac7ab009e6914ad0a37d76ff9764506da6fe77773a0c7cb8f8c3855,2024-11-21T06:35:52.117000 -CVE-2021-47318,0,0,481b3d1a56e886d5ea56b583f9c2cb2e1ad0192e671013838cdb4e95bcb53108,2024-11-21T06:35:52.230000 +CVE-2021-47318,0,1,97c8b27b6e49c8073856d58fa89216b8809f5362835ffff068977fd7df7f93b8,2024-12-26T19:51:01.310000 CVE-2021-47319,0,0,f9dc96f5a41edc9dfcef5e3a3a1da6df48f7fc3a113fb355238933f47b85cb69,2024-12-24T16:28:05.677000 CVE-2021-47320,0,0,e2077708c26c96ef692ca991f56540cb7792b8f72595b9d82919d480c47ed57c,2024-12-24T16:27:02.330000 -CVE-2021-47321,0,0,bded64f1ef1d1787703930ace3884bed0ee22a64a9ec55afe952da3cf20ca156,2024-11-21T06:35:52.617000 +CVE-2021-47321,0,1,921fcc8af7f12123744be42b3a2ba4dd930ac9b98608c2f83dd489392b963447,2024-12-26T19:51:29.393000 CVE-2021-47322,0,0,3dc7ee4ad2dde4ebc21d7b010403a3fa85239a9262926c7207190f4fa9c5a8f7,2024-11-21T06:35:52.733000 CVE-2021-47323,0,0,633211c6bfdb9dfd1c61a272a06bff1bc021219b77a259623ed56d42817f6c9b,2024-11-21T06:35:52.843000 CVE-2021-47324,0,0,a2ec2dc326c9ec8fc89d4f6bb66519434844384f429a73aeedf7049903a0a0d8,2024-11-21T06:35:53.070000 CVE-2021-47325,0,0,a56adb27b96cd5f78537024f03fefa8460d3b0b03a903a1db0a5de100805ff34,2024-11-21T06:35:53.273000 CVE-2021-47326,0,0,b7ba3c55754026190b941538095c847ce61badf3c8de85aaf74b716b0ad04037,2024-05-23T14:15:09.033000 CVE-2021-47327,0,0,94fa64a5ce947d155501b62feb0b7f033c99b992efebda5cfad453b0cfed060d,2024-11-21T06:35:53.417000 -CVE-2021-47328,0,0,66ae52fe4cea114e5e86d3d4485d80c1e9b52e3b77c574e073e5fbbff387408d,2024-11-21T06:35:53.613000 +CVE-2021-47328,0,1,9f3318e77cb63d19039ba11dde4b887a5fd2c747ffb765f73587e9aeb25b9e1e,2024-12-26T19:52:18.833000 CVE-2021-47329,0,0,8222de0731b85ff3031c956a52c80ae240eef445f7768112677b25136a2e1ec8,2024-11-21T06:35:53.730000 CVE-2021-47330,0,0,d9f3b843b170b0294ac545c697d8ba6579b1d6b9d995ed8f8babe8f83efd2191,2024-12-24T16:17:26.313000 CVE-2021-47331,0,0,3ce88fb29ceba132a5d41e08f5e07fb11b07b263eafa064a62a97e4f630efc1d,2024-12-24T16:16:33.940000 CVE-2021-47332,0,0,2a1831b394ec98300e42894a00f7e4c98cc7f6e9fce933a7d2e2712dcacf6775,2024-12-24T16:15:56.680000 CVE-2021-47333,0,0,bdb5deaea57d22655f110a8e0d67022567d0afdbab52e308004f39cc19993152,2024-11-21T06:35:54.267000 -CVE-2021-47334,0,0,3b48c3fb0fb205708f9032bfd63455ab1005eb8ff7cd5defef05c7bfad5f517a,2024-11-21T06:35:54.450000 +CVE-2021-47334,0,1,e3c7949a73da83ddc456d1f8aa74b7f21512896cadda0d318964e0c851890490,2024-12-26T19:25:16.993000 CVE-2021-47335,0,0,328eb3645a18c5f29c918b49774ba62cf65897a9bf118eba16623aa0b88c0cc0,2024-11-21T06:35:54.583000 CVE-2021-47336,0,0,574b511187a20b144e1a41e424bb252a26bf57fd2f2c258012116c53068fbcd0,2024-11-21T06:35:54.710000 CVE-2021-47337,0,0,8ec2c16fbd2d59b62517775d6a115d978a1c780bdbe272cf5580ca5a86d19041,2024-12-24T16:15:04.180000 @@ -187508,7 +187508,7 @@ CVE-2021-47338,0,0,425f97b29f6fd84c1870c95018e168e8eda67e84848abca9e2dfac701dc5c CVE-2021-47339,0,0,63b9388e39658beafde59035eb1ff3db7cc9adf87b46e1928c207b238898cde7,2024-11-21T06:35:55.093000 CVE-2021-47340,0,0,4800185c819526cfdd83b27045687b91c60e90a3e12af11337074c136ce8ddde,2024-11-21T06:35:55.207000 CVE-2021-47341,0,0,3c56be93889c9031de34d846ba219a9d43c0e65a95b6d7ca5af5e5a8890138b8,2024-11-21T06:35:55.343000 -CVE-2021-47342,0,0,0e87554b5846bcf09c45d50205daab057f20e5c4eda33e86bc7bf7744c7b5855,2024-11-21T06:35:55.473000 +CVE-2021-47342,0,1,87691d96ad1a4689fc95ec83dde8f8407d98a729b3e3a4eff31c1bce3aa3fc7d,2024-12-26T19:29:20.557000 CVE-2021-47343,0,0,05baa50e8f01703dbae3936b2595f3acbc4f37225bdead1e4b8828946131a960,2024-11-21T06:35:55.597000 CVE-2021-47344,0,0,0287c421eaf460be9da303f1ed618d93b1e3b5047e6ae4b098d9a2bb4b53f405,2024-12-24T16:13:44.487000 CVE-2021-47345,0,0,e7fced2d39bb01ac3aa638228f3d111fb4e7a3b155cc0145bd8963569fdff796,2024-12-24T16:12:42.907000 @@ -187521,16 +187521,16 @@ CVE-2021-47351,0,0,fcfc14160d8a3b6eddacd63fb06456d3ee86896eb32f6b88c5655127b7899 CVE-2021-47352,0,0,8a511fecad7e2772c02e65a06d032010ca0b3bef5108c1b1e7b3eb531664405a,2024-11-21T06:35:56.973000 CVE-2021-47353,0,0,a724c8f6cd8472b443329ad03d2854098d93f37ca37cc9702dc1d1690281b092,2024-12-24T16:11:59.943000 CVE-2021-47354,0,0,d5ef8c84b9db88bbfc816382ef81b62a166c649ad48b62621dc38976f4dec14e,2024-11-21T06:35:57.200000 -CVE-2021-47355,0,0,9930d7122d5a942cbabd358260cb9abf9e4d93c8777a011fc0d49ef1ea1d9c7b,2024-11-21T06:35:57.370000 +CVE-2021-47355,0,1,b8dc01579efb513387cc05d7ae83430c6681e53b0359f45c3668a6f517c7811c,2024-12-26T19:29:36.887000 CVE-2021-47356,0,0,548d3a0c0fe8b4836bc03b00e7b22d227432d44488ecdb6eecdc35961d6801d9,2024-11-21T06:35:57.493000 -CVE-2021-47357,0,0,67a25d43db1234272eec4518230d484ddf78fb15af98659ec374cb92d14541c7,2024-11-21T06:35:57.693000 -CVE-2021-47358,0,0,7250c3dc75c0a0a285f37a2d8100fbf3e8878a3828ac60bdbb0d5ad4ff602413,2024-11-21T06:35:57.820000 +CVE-2021-47357,0,1,41bb290ec4fa1068f1250989dd3a3ba9ad388d20fc2f27d53cae1c7ebe370c5e,2024-12-26T19:30:01.220000 +CVE-2021-47358,0,1,ccbed36332d13e402cec0b3efb56735cccbb1028c05ab9c82bcda5bbc7fa30ee,2024-12-26T19:31:16.863000 CVE-2021-47359,0,0,a8c3865355adf01802d101a119abd31bae543d6b22d119f810adee65d5b14521,2024-12-24T16:10:44.130000 CVE-2021-47360,0,0,a3aa7c12dbf442e168ae03d62d9e61f529b43482d63c231e1211c6b40ef61f85,2024-11-21T06:35:58.053000 -CVE-2021-47361,0,0,d763e86c7ca549ff2cb304adc7a4bbef4bc48cd16f32467bb5c635695be9ca25,2024-11-21T06:35:58.173000 -CVE-2021-47362,0,1,50cbb0258c5b85bcefedd80bcc9790ca88e42e66641ca62e91207b1863d9ce50,2024-12-26T18:47:14.357000 -CVE-2021-47363,0,1,e85f65072bbb894a2be83914e1a1127db3b8e9b992973b095df4477e0b02639c,2024-12-26T17:56:27.117000 -CVE-2021-47364,0,1,f5b3ad69e5ab5594bb333fdbcdc887413286e8842574519360707e033b549df4,2024-12-26T17:56:47.957000 +CVE-2021-47361,0,1,5d0a3b264fac0142ef333ba711875e808348d42eea2fb4ccf4103e5d29ba3023,2024-12-26T19:45:51.123000 +CVE-2021-47362,0,0,50cbb0258c5b85bcefedd80bcc9790ca88e42e66641ca62e91207b1863d9ce50,2024-12-26T18:47:14.357000 +CVE-2021-47363,0,0,e85f65072bbb894a2be83914e1a1127db3b8e9b992973b095df4477e0b02639c,2024-12-26T17:56:27.117000 +CVE-2021-47364,0,0,f5b3ad69e5ab5594bb333fdbcdc887413286e8842574519360707e033b549df4,2024-12-26T17:56:47.957000 CVE-2021-47365,0,0,4f2e5348e5d6a41d5b4ddabf134d3ea3a29f98f3167e0d41eeac1b9aebc2fc8e,2024-11-21T06:35:59.227000 CVE-2021-47366,0,0,0166025d356afe5282a1e86a537474c1847d92c0c9124d71ca21f209be59ae16,2024-11-21T06:35:59.473000 CVE-2021-47367,0,0,77d1c6c1c90528adec6ba171d9063ea94b0138b95e16a6efc04ebb17f91a4136,2024-11-21T06:35:59.577000 @@ -187538,8 +187538,8 @@ CVE-2021-47368,0,0,d76a0dfcf3c0ab9d3fd63c0d2c7b91860c63a4be2672597c9ff9bfe51037c CVE-2021-47369,0,0,bf6b55a9e0ae358e260ebbf6944faaa15d7b8ff8391bd0d47d54ddc2f893fbc0,2024-11-21T06:35:59.913000 CVE-2021-47370,0,0,fc6d07621192b8b655730f81c4c95176eb2de08eb83061cab0fb5f8143ee4df9,2024-11-21T06:36:00.093000 CVE-2021-47371,0,0,4d8314647e403cc4fd45f4ccfeeefc0e24e491605541d4fdb703ea684db80d56,2024-11-21T06:36:00.197000 -CVE-2021-47372,0,1,0ce4f68d2ef5ee1532898222948501be7d3a88241a391a98a79a0bfd35d568b9,2024-12-26T17:57:10.690000 -CVE-2021-47373,0,1,e8950542d9e9b736cb4f33eeb6e6f914784149ee2bc33f0cf40eac5de5491073,2024-12-26T17:57:35.547000 +CVE-2021-47372,0,0,0ce4f68d2ef5ee1532898222948501be7d3a88241a391a98a79a0bfd35d568b9,2024-12-26T17:57:10.690000 +CVE-2021-47373,0,0,e8950542d9e9b736cb4f33eeb6e6f914784149ee2bc33f0cf40eac5de5491073,2024-12-26T17:57:35.547000 CVE-2021-47374,0,0,f7248771c8bea57ed87c3d7b6a32a299b4123595c1e116eab4d99253e2d63bd3,2024-11-21T06:36:00.700000 CVE-2021-47375,0,0,daa5fe7e4d3964a12e2bcd9af03cc7eb715f55d9fdd17eb4077e638abf8acbe0,2024-11-21T06:36:00.920000 CVE-2021-47376,0,0,e4e2e91a48ccc0e7be03f9d0eb65fe1705fa52f5bac1244bd9675e31930ce773,2024-11-21T06:36:01.090000 @@ -212470,8 +212470,8 @@ CVE-2022-48497,0,0,b9a80e8af28fdcd00a228cc11efc4c9593a8b4c5dd367af14a9c712cd657e CVE-2022-48498,0,0,15d9d8110061493fd5fdb3094dbf089f7e21083b5812e5ce94744c0dd02cf21c,2024-12-12T21:15:05.437000 CVE-2022-48499,0,0,bb1c347bf240fdece9c39b9504dd71d8241a5add7ba2858a5127cb1a55c70365,2024-12-24T17:15:06 CVE-2022-4850,0,0,c9b22dfbe69ddcd775fe8bf5e46305e8356db636b4274a9d88aae562f5f3cb3f,2024-11-21T07:36:04.260000 -CVE-2022-48500,0,0,f05b96a7496386175228b33634a3aa795d425b2ff80ffb019a9daf03a04b45fd,2024-11-21T07:33:26.857000 -CVE-2022-48501,0,0,a068d4ab0b49e366b997ac4bbcdf6963322410bde273e1f79ac505085de49455,2024-11-21T07:33:26.957000 +CVE-2022-48500,0,1,69dda84e4c49a7f4a8dcb8a033cffe25d600a2ea21b60c8a549097dd5315fcd4,2024-12-26T19:15:07.023000 +CVE-2022-48501,0,1,7a6bfea8acd8b163989ce0d461e7930b99b885c9efe2c8469e200dfc8ee09438,2024-12-26T19:15:07.243000 CVE-2022-48502,0,0,2adfaa33b4930a948be53d3289ccf59a8e279ba01a027a20fdd402eac46f646a,2024-11-21T07:33:27.053000 CVE-2022-48503,0,0,7ca5e4a2ecf7d57cc7963ec1506f0ba99bc2307a20ec10df332428b97de7a46b,2024-11-21T07:33:27.223000 CVE-2022-48504,0,0,1e653928f1612ade3b215a0fd94b2dfcb65ea165ebeedba29e2e638ad426fdbc,2024-11-21T07:33:27.350000 @@ -212631,7 +212631,7 @@ CVE-2022-48691,0,0,8d6341fb160fdbc7f2d6d8b5fa33a8268bbc5f5ffff05b7528c638994bc9d CVE-2022-48692,0,0,9888804f4f14553a5388d5f8c7c31b0858633c6eb19feb117f85e2aace3ddfb9,2024-11-21T07:33:47.867000 CVE-2022-48693,0,0,a5cb23bc8dbe30b42ce8b5450d769c31a3c351129d9b6f4a2a5684e927a3d2f5,2024-11-21T07:33:47.997000 CVE-2022-48694,0,0,6109007c3549971f73d63f60b4cf54a412c2e2f3e92a6523eb10a76b885dc916,2024-11-21T07:33:48.130000 -CVE-2022-48695,0,0,69e489f4b37f042c961e6018aad703f8437256b4ebb3f0e017757634faae1e84,2024-11-21T07:33:48.257000 +CVE-2022-48695,0,1,7eaf630bd87d7a6400d51678bcc821e9dc1e5454976b70a020ecc4628a3da64e,2024-12-26T20:38:14.673000 CVE-2022-48696,0,0,d858185089622def0168a323f0bce6dc97a08149cc66905f9377cd4036c28131,2024-11-21T07:33:48.377000 CVE-2022-48697,0,0,929abd519afd2d70713936962bbdba23f04f5766bcb86e4b1c902e9047e46188,2024-11-21T07:33:48.557000 CVE-2022-48698,0,0,02c1690bff6c336e6ab17c3750cee520d0e856986dee5e0e93b475ff30ff2d27,2024-11-21T07:33:48.747000 @@ -227166,7 +227166,7 @@ CVE-2023-35078,0,0,69d2e841e784de3c352f697667efb6f6e32442f0e8ec9915f09caa28ab2c2 CVE-2023-3508,0,0,395b7f87ebc096b9954e0550c1d2fe07fbb8e45e4a9326e080b172d48d631a2f,2024-11-21T08:17:25.110000 CVE-2023-35080,0,0,6a6e892a44ab82355b0a0d2a7b8c1b659f457b02b6dbfe75c067e5b09fb17c02,2024-11-21T08:07:56.180000 CVE-2023-35081,0,0,5186df070fbae81b33a245da3945d68ed20ffe05aa7c697d3133c74dca6a0832,2024-12-20T19:13:39.710000 -CVE-2023-35082,0,0,64c73f638e1ea99aacc9e05831393e5321e046dd5fe66c9b148b62b40084d1dd,2024-11-21T08:07:56.430000 +CVE-2023-35082,0,1,d7b1b6ea9b9084f37a439f164bf96e51fac8bcb613dd61012a9fb18c4474a287,2024-12-26T20:48:22.997000 CVE-2023-35083,0,0,1cd4bcca5b9cfa70eed0cf37488fa381a5e331ebd127c18204dc83e903d1af15,2024-11-21T08:07:56.550000 CVE-2023-35084,0,0,b2efe09996f07357bc7d819aec8a5a2598d18e9237d1c1340d928f47c5b4eb07,2024-11-21T08:07:56.673000 CVE-2023-35085,0,0,0852fdbf358c8cd3470e770305c4ad0bc63c867cb732df97ce7d4b5d3102b5af,2024-11-21T08:07:56.790000 @@ -242243,10 +242243,10 @@ CVE-2024-0097,0,0,1565705c5f754bbc0eaee1cfa347f8ac82490b6d6becad8bd73f8442323a4f CVE-2024-0098,0,0,087d01106940dd8b15d34c267d2934655dc1cec5e4c47abe6cf0bf662ed929e0,2024-11-21T08:45:53.513000 CVE-2024-0099,0,0,0e0604c7db752aa009d79269901af0dbccaa017e810cf397279a64924ac32341,2024-11-21T08:45:53.637000 CVE-2024-0100,0,0,a4304e4e30df250ca168a7b23a25500e6b4f79c4911e1861945f354038838931,2024-11-21T08:45:53.767000 -CVE-2024-0101,0,0,16e351f67cac2acb76158d6187e2b65885bb75391884a4cd4b8b92cd8540ce92,2024-09-16T19:24:31.457000 +CVE-2024-0101,0,1,3d1612219fc78b297913df3e1a9e32143fce7e5dc1a2370277dd43ec0cfc5508,2024-12-26T19:44:17.690000 CVE-2024-0102,0,0,8511ff257901afb56e8ebd0aab7c07a1dba854bd6d4f2c4a6085b63c3e8e1731,2024-09-16T19:37:37.487000 CVE-2024-0103,0,0,084864e29743e691727cef25b053a010dc0ef1712f800b5a331b05c0330f8168,2024-11-21T08:45:54.137000 -CVE-2024-0104,0,0,df911a11f912efa58189126688e115eb6013700f46aeeddaf4262e969ab54cda,2024-09-11T17:40:35.430000 +CVE-2024-0104,0,1,88c874211e1bce15842c16affb7663bb33415c084a5ba1eecc5602a03b76e881,2024-12-26T19:44:22.577000 CVE-2024-0105,0,0,7b86dba9f6257d26eee0f261000970487c97d2b3749cec0e0b51b6ba109c3c3d,2024-11-01T12:57:03.417000 CVE-2024-0106,0,0,7b91d9632b639da72bdcf15d372eed0e8152f7c061aa4c5734c7e45c52ea7297,2024-11-01T12:57:03.417000 CVE-2024-0107,0,0,e2d2ceb711e1e59f1be4e7dee22bb12e1fb70b6acf180c9de81cf3b5789d3b13,2024-09-17T12:10:22.063000 @@ -242254,8 +242254,8 @@ CVE-2024-0108,0,0,6439b357fa8fa1da14854e67071d1b4030b146adfc75863fd5dbfa76b8b638 CVE-2024-0109,0,0,4e3c7f891f30f73ffea8812d68ca13e592b4af5ffbdce626b768e60669e5b0c4,2024-09-18T15:18:06.117000 CVE-2024-0110,0,0,f27210557f0c26fcfbedc193e4d0a41f340a75f32164d31e726fe652317f285c,2024-09-18T15:16:37.990000 CVE-2024-0111,0,0,bdef68470cbe972dbf78a48ee8c036044ad45c278e474af19b34bfbde7237a38,2024-09-18T15:22:14.727000 -CVE-2024-0113,0,0,30f55ff21bcd534310e199714a6e963546ab1543b9b6646ff92362193ae60473,2024-09-11T17:34:37.667000 -CVE-2024-0115,0,0,01ed4bb0b28497d76ef91f64e1a162b84c7e3b531a5a128f827c9703d9d2035a,2024-09-11T17:24:27.393000 +CVE-2024-0113,0,1,ddc72489479f075436bf2bede7a3c83b1b0eed041894108c913ed6a4245e286a,2024-12-26T19:21:52.380000 +CVE-2024-0115,0,1,04fb8f6e5724a3bbcfb8807084f7db88a3df8dcc171391e4ae1eeafce22d77c1,2024-12-26T19:21:45.613000 CVE-2024-0116,0,0,7e098634cd96469f401e47ab7ff401cb9f2ab3f597905b45f057f27f5d24a16b,2024-10-04T13:51:25.567000 CVE-2024-0117,0,0,84b7d2152c61433ae8112e32e5f606da7b00d4d29b6701eb589483940b681c6f,2024-11-21T08:45:55.250000 CVE-2024-0118,0,0,d8e854a19c3d96626c5766872b1aba6982d5b74f29ad7c0901758cc66321fdd7,2024-11-21T08:45:55.387000 @@ -243773,7 +243773,7 @@ CVE-2024-10854,0,0,afc7bc69a1b6288540bb663e3abfd7c0b6a784132b70b7f35e98f7b2cc506 CVE-2024-10855,0,0,ae24b9251832889f0ab5093466f5bbce4d7ad6d8dd4bf7a8321d2155c2606591,2024-11-26T20:34:02.857000 CVE-2024-10856,0,0,251c7531c17b6f3b0ed919ef9a67ac2f96c713f0018b87cf93ecb45c7c80519e,2024-12-24T11:15:07.260000 CVE-2024-10857,0,0,957ae8afb2b021b5a39096260dcb79ccdc7e257258c659d883b9a23a31df5c0b,2024-11-26T07:15:05.003000 -CVE-2024-10858,0,0,c3d2dbeef5be79a26f33d51cb92151a2aad8e75fda9541a4a310c56924cd1970,2024-12-25T06:15:23.407000 +CVE-2024-10858,0,1,53f2b6c32976d098df010b961a077f95864a74aeeed40e32989e7c1ddb706172,2024-12-26T20:15:20.080000 CVE-2024-1086,0,0,688e2fb2892801c230e1dfe45afd0a98166e64f80974b1a593d490f3471fc0dd,2024-11-21T08:49:46.013000 CVE-2024-10861,0,0,a0a9ed450f8163c1435b46341b966a17dde352d3f4e975547d6d20959f88110b,2024-11-18T17:11:17.393000 CVE-2024-10862,0,0,47c3525e7600e4dc4aa8796ba01fd2047eb691201667cb5b589f2f6c1a826e5b,2024-12-25T07:15:11.190000 @@ -245133,13 +245133,13 @@ CVE-2024-12928,0,0,000c9232b0026a751fd78ebe571857611c04cc2288300f44734b8380aad9d CVE-2024-12929,0,0,8b4ad9e2d5f7ae6ffc421134389555160c900b397c62b70258ebb0b7477370cb,2024-12-26T00:15:22.300000 CVE-2024-1293,0,0,a122e9ddbaac35fa4b5b33d2b10cf37b4d4e3a3677cea83da66723805eec222b,2024-11-21T08:50:15.167000 CVE-2024-12930,0,0,31e95b7cb48d02fb9532fdd75b88b036b1acacc2654bb60cd04aed6b027ebbbd,2024-12-26T02:15:23.210000 -CVE-2024-12931,0,1,6b882517c2a0aa1351abe5ba78e4ecf4a2af7e368b8073360ec648ee10add50d,2024-12-26T18:15:06.663000 -CVE-2024-12932,0,1,81ec75deb70d1ce3a840264810c61f612efb59eb6151538363851d7e866367b7,2024-12-26T18:15:09.233000 -CVE-2024-12933,0,1,9af20e5f81ecf2f25b3c4dee70c4e1c77e8eddf90d945f16067ea8c441c99619,2024-12-26T18:15:11.783000 -CVE-2024-12934,0,1,bd5f2e373e349cc8c2cefe3ce30887c4ea4d73d0002b6e447502291e30052cc2,2024-12-26T18:15:14.550000 -CVE-2024-12935,0,1,89b785f922bd381d1b4fd661c0a176bfb06dc34e744d6e8e970165a856177bcb,2024-12-26T18:15:17.483000 -CVE-2024-12936,0,1,e0c2882e99bf6bff47f22eeb7c69ee83f0c4b11e4aa9aad5bbd4981dff87cb46,2024-12-26T17:15:06.487000 -CVE-2024-12937,0,1,561720c3cba1bd5bb70a8befa375029c579c78cc7317991a30ddc5d9d2c820d3,2024-12-26T17:15:06.873000 +CVE-2024-12931,0,0,6b882517c2a0aa1351abe5ba78e4ecf4a2af7e368b8073360ec648ee10add50d,2024-12-26T18:15:06.663000 +CVE-2024-12932,0,0,81ec75deb70d1ce3a840264810c61f612efb59eb6151538363851d7e866367b7,2024-12-26T18:15:09.233000 +CVE-2024-12933,0,0,9af20e5f81ecf2f25b3c4dee70c4e1c77e8eddf90d945f16067ea8c441c99619,2024-12-26T18:15:11.783000 +CVE-2024-12934,0,0,bd5f2e373e349cc8c2cefe3ce30887c4ea4d73d0002b6e447502291e30052cc2,2024-12-26T18:15:14.550000 +CVE-2024-12935,0,0,89b785f922bd381d1b4fd661c0a176bfb06dc34e744d6e8e970165a856177bcb,2024-12-26T18:15:17.483000 +CVE-2024-12936,0,0,e0c2882e99bf6bff47f22eeb7c69ee83f0c4b11e4aa9aad5bbd4981dff87cb46,2024-12-26T17:15:06.487000 +CVE-2024-12937,0,0,561720c3cba1bd5bb70a8befa375029c579c78cc7317991a30ddc5d9d2c820d3,2024-12-26T17:15:06.873000 CVE-2024-12938,0,0,241f9cedf0d4f9b9e857e8f6720eec95e3249457c1827feaf469612c63ac35f3,2024-12-26T06:15:05.987000 CVE-2024-12939,0,0,be0dc3a9983c8502fdf3116a33aea4627f46b9807329126b093457c0e502a013,2024-12-26T07:15:10.967000 CVE-2024-1294,0,0,b71ea2285980093702250bdd703066da616a4eac45cb0506e646936d244fcc0f,2024-11-21T08:50:15.277000 @@ -245148,13 +245148,13 @@ CVE-2024-12941,0,0,81d66ceba288cafeac8e4b6f922f500756cbe0105cfa165f8fb1332807b03 CVE-2024-12942,0,0,777d8ad0d37f683335fc4ffee46b00086a2d1edb297e09b262dc4388586a1f65,2024-12-26T08:15:05.540000 CVE-2024-12943,0,0,0e0352c3cdfb6c94c92b061e0c57fc94486d90b8be968f83a37598213c129c83,2024-12-26T09:15:06.747000 CVE-2024-12944,0,0,94ac533f69831e0792eddb5df819ea87ca6f4e8141ed76c926ecab8ac06efc51,2024-12-26T09:15:07.030000 -CVE-2024-12945,0,1,bb203015455df487cf9786180bf2361288934f93cb529565b060259c4a0972e6,2024-12-26T17:15:07.017000 -CVE-2024-12946,0,1,7f66dbd6e787ab963effcb1cee71eadb44b5e7e4446b208eadabbde79a97b50c,2024-12-26T17:15:07.153000 -CVE-2024-12947,0,1,36dfb235c1324fb0ab34ed74a2f1c5cd0a98e6ca9c233605a7bfd37bd66992cd,2024-12-26T17:15:07.293000 -CVE-2024-12948,0,1,1411dc28cc8ad85d0e4600276fbd63c3737adb47866325d019941fd1987754be,2024-12-26T17:15:07.427000 +CVE-2024-12945,0,0,bb203015455df487cf9786180bf2361288934f93cb529565b060259c4a0972e6,2024-12-26T17:15:07.017000 +CVE-2024-12946,0,0,7f66dbd6e787ab963effcb1cee71eadb44b5e7e4446b208eadabbde79a97b50c,2024-12-26T17:15:07.153000 +CVE-2024-12947,0,0,36dfb235c1324fb0ab34ed74a2f1c5cd0a98e6ca9c233605a7bfd37bd66992cd,2024-12-26T17:15:07.293000 +CVE-2024-12948,0,0,1411dc28cc8ad85d0e4600276fbd63c3737adb47866325d019941fd1987754be,2024-12-26T17:15:07.427000 CVE-2024-12949,0,0,86d3ebeba0868e6b562019ec87488552d967c5cd5ccaf8d01f425a8fe584af62,2024-12-26T12:15:05.997000 CVE-2024-1295,0,0,58e65e331ff11f824ceffb79237c2ca705e423c379ee489ababaab58413247e4,2024-11-21T08:50:15.410000 -CVE-2024-12950,0,1,8f7dbac8ca59122eeeb24a115a877f36f5293f5fafac4cf4c861baf46c7b8121,2024-12-26T17:15:07.553000 +CVE-2024-12950,0,0,8f7dbac8ca59122eeeb24a115a877f36f5293f5fafac4cf4c861baf46c7b8121,2024-12-26T17:15:07.553000 CVE-2024-12951,0,0,0a12db8b7c5fc4ae5da0ad4788be58d750d64838f93d7574048d431978efeae4,2024-12-26T16:15:06.730000 CVE-2024-12952,0,0,bebb703b529a136680b3d159fa57c325a3b9aee1ad512e84decac68c414e89ad,2024-12-26T16:15:10.540000 CVE-2024-12953,0,0,b6658fb4c7ce816c34d17982ad9065b1b2273c2711dd83d876543af9deecca01,2024-12-26T16:15:14.487000 @@ -245164,8 +245164,11 @@ CVE-2024-12956,0,0,277dbeee2c836d1ea7f61c74b6cd65abb129ed40587a3a4d389474be19096 CVE-2024-12958,0,0,750f2f464b0d44b3315b5a0380e86b50db9852ce8f322705c4d405807c7053b6,2024-12-26T16:15:25.667000 CVE-2024-12959,0,0,ad9ab3bb035c04c7413feef8cc4008dc338f6f3f3a2985de139ec649d8ab5665,2024-12-26T16:15:27.643000 CVE-2024-1296,0,0,2c8681669a40b4c1355bcd3bfff211c08a874ea1e31940665fa8f736883bd89e,2024-11-21T08:50:15.633000 -CVE-2024-12960,1,1,40350317db5cdb5cbb22695ae55056b69f50a7afc4d85cc53b16ab138e8da154,2024-12-26T18:15:21.027000 -CVE-2024-12961,1,1,a62f93c612a71df17447a1d081f7f4fa52eba74f4383595e0ae3fd6b425b6bfa,2024-12-26T18:15:23.463000 +CVE-2024-12960,0,0,40350317db5cdb5cbb22695ae55056b69f50a7afc4d85cc53b16ab138e8da154,2024-12-26T18:15:21.027000 +CVE-2024-12961,0,1,56627ba8a7c300d29962d17b2ec2c3e0fdc23b2e3eaf6eff996a8b9698b53698,2024-12-26T19:15:07.563000 +CVE-2024-12962,1,1,db94d98baa73a259610fb39752bfb7647efe9cda07ba90b1d27777dcb14446f0,2024-12-26T19:15:07.710000 +CVE-2024-12963,1,1,20b8b7d98e78e1d79ae1b633ff0338b3334072c70d7d9d33177c9803f745694e,2024-12-26T20:15:20.853000 +CVE-2024-12964,1,1,03b74c4211851ea5dd6057480d2f9979613f5e4b10893548b581e3bcabe29fbc,2024-12-26T20:15:21.110000 CVE-2024-1297,0,0,0d9e22e56ecef1715a16e9d7809dba48ba55def0e741f79f7098027ea7ebc7ff,2024-11-21T08:50:15.770000 CVE-2024-1298,0,0,04246e35362f6f4b760051526529d0b042d99f56b78c06a26d303553264d4594,2024-11-21T08:50:15.890000 CVE-2024-1299,0,0,c7f245e662ec35ddd87c48ae29ff03e74531f9ba7973bf15293ed4e82f111599,2024-12-11T20:23:27.497000 @@ -251258,7 +251261,7 @@ CVE-2024-27067,0,0,011ef9cc28ee612fae3fb438c504e6a54ebfe37fbc548135490706f5eadcf CVE-2024-27068,0,0,de2ffac2bc0192e073bb954b48c44ae1a578abd16bd81afbee5e926bfe8484bb,2024-12-23T14:25:40.240000 CVE-2024-27069,0,0,e9743f38f3b0307385f1bf26cbe4e0920b023cc4f5b6078577cef6174c9c2ae7,2024-11-21T09:03:47.723000 CVE-2024-2707,0,0,1c5a60cef474a81d1fab363355d07e4a7ef12a7bda1b4579797c67ff5ecd783a,2024-12-12T17:28:32.270000 -CVE-2024-27070,0,0,b443ec863bbb653716f4503d789da288fda1e778910725cda0d5547bdcc419b6,2024-11-21T09:03:47.847000 +CVE-2024-27070,0,1,22450b1e71cb2adac794b5cbb8e2ca5758570f50b2f3b5e5e4b60759a7b88242,2024-12-26T20:25:12.927000 CVE-2024-27071,0,0,f5c95a4e265b74c4d8d05696d83ac5ecfb071a5a01e7c5104e1365de1e9db89f,2024-12-23T14:27:46.877000 CVE-2024-27072,0,0,dbf4bba440af57458f216ea6e1cce4da447124fd45b4acb93cabbca6afe511c6,2024-11-21T09:03:48.090000 CVE-2024-27073,0,0,68e4926038b809a77ddca4e47a4755a38e9227904c05e5228b0114227f4229a7,2024-11-21T09:03:48.280000 @@ -251578,7 +251581,7 @@ CVE-2024-27389,0,0,c217d6184563415f226e9a80f037b8d7514915a86c3207640b24918bb7cb5 CVE-2024-2739,0,0,f4d65d5336ee215a214a5da90ed0322790b7be3ef272f9615bf61860991305e8,2024-11-21T09:10:24.570000 CVE-2024-27390,0,0,7780428a286bfe2ad84944e0e3c56b2f0984a92e2b031a42317e22e477ac14fc,2024-11-21T09:04:30.793000 CVE-2024-27391,0,0,74e7ba782a652174d6e44269cc22f7e3eae02e2f8b1404503a1469482e17c178,2024-11-21T09:04:30.910000 -CVE-2024-27392,0,0,dc179df376bebeece39867f1ba7243ae491813afd7aac24afa3834d6587dfa96,2024-11-21T09:04:31.040000 +CVE-2024-27392,0,1,51788877a716c0011203ead65a89d91afe3ce071b5d9cd963e34730d678899ad,2024-12-26T20:32:43.923000 CVE-2024-27393,0,0,7acb0ea1cd19fda4e5e2f41152272208ba891fcce16f238ba8adfdf815157c77,2024-11-21T09:04:31.160000 CVE-2024-27394,0,0,b26d808a796a57c43a2737a6a589c18d606c49ce4d9b02ac0d6935ec64645293,2024-11-21T09:04:31.353000 CVE-2024-27395,0,0,382be4ce57e2928f9f423404c862ffb55eb3f199b7e3281c1e7eeeb44425697a,2024-11-21T09:04:31.553000 @@ -265774,15 +265777,15 @@ CVE-2024-4714,0,0,0d524d117aabf03780c7be3f44074976485dfc4d101c0f965f441387c1ce48 CVE-2024-47142,0,0,3b160aeed892b3de0fae2f0bd942190d42286dfc37500bd913fc0a3b0770ad8c,2024-11-22T02:15:21.280000 CVE-2024-47145,0,0,060f9bb9a43b25110359917405fc9bc4bfa91006f8a71471b803c37bd9f0df18,2024-09-26T18:42:33.550000 CVE-2024-47146,0,0,4c1ec2fd77a55fc12a380140e8b75abce8b99c7554038e5bb49a8e56f7893728,2024-12-10T19:45:51.023000 -CVE-2024-47148,0,1,25d529d7048c43e324b1b1bb5246ad8fd0671cb70d9bd1485e019313e02684e3,2024-12-26T17:15:07.687000 -CVE-2024-47149,0,1,5261609e1b3b04bc96a5ac1deae0807182848625a77e72b8f4b1f85416cfa8fc,2024-12-26T17:15:07.810000 +CVE-2024-47148,0,0,25d529d7048c43e324b1b1bb5246ad8fd0671cb70d9bd1485e019313e02684e3,2024-12-26T17:15:07.687000 +CVE-2024-47149,0,0,5261609e1b3b04bc96a5ac1deae0807182848625a77e72b8f4b1f85416cfa8fc,2024-12-26T17:15:07.810000 CVE-2024-4715,0,0,cfdee50dbf680b557a3c5935dd446958982a7767348e746e1514b6a87d45fd32,2024-11-21T09:43:26.243000 -CVE-2024-47150,0,1,80a76ab25794ed4af6b0e0579fc0dab72665d62124264c7819ef61bd2275f848,2024-12-26T17:15:07.923000 -CVE-2024-47151,0,1,a6a7ac643bbd0fc16f84ae7176a31ab79ca5310cba9b802f09343b0fc969b713,2024-12-26T17:15:08.037000 +CVE-2024-47150,0,0,80a76ab25794ed4af6b0e0579fc0dab72665d62124264c7819ef61bd2275f848,2024-12-26T17:15:07.923000 +CVE-2024-47151,0,0,a6a7ac643bbd0fc16f84ae7176a31ab79ca5310cba9b802f09343b0fc969b713,2024-12-26T17:15:08.037000 CVE-2024-47153,0,0,3c9ddb156d4838ab4dd50ad2be03036f905c4748cf151f06b44931abbf5374c8,2024-12-26T12:15:07.183000 CVE-2024-47154,0,0,91109d991ba96e992fa2e33be15597c37ea7cea8c8a483406508c60a9929a172,2024-12-26T12:15:07.303000 CVE-2024-47155,0,0,6e65506a0eb90f835c2c554e3bfb26aa486643f08e76807e5aa35a34c35f9533,2024-12-26T12:15:07.433000 -CVE-2024-47156,0,1,3602194834e974cb1386b0e928ae8c9b1627d25842118fa8a727b8376eac6cbf,2024-12-26T17:15:08.150000 +CVE-2024-47156,0,0,3602194834e974cb1386b0e928ae8c9b1627d25842118fa8a727b8376eac6cbf,2024-12-26T17:15:08.150000 CVE-2024-47157,0,0,ac92958500bb1c8504ede364fb0734e8d324168e5026a932d89c148f0239dca6,2024-12-26T12:15:07.547000 CVE-2024-47158,0,0,b0c240c01999f96b32d54a0c5d41b1284741ebcdb34e1f30df025b02e60124f4,2024-11-06T17:10:03.857000 CVE-2024-47159,0,0,dc6f344db4381cf6189daa37a80d59a488ca43c446da4d79e165921cf750d139,2024-09-24T18:09:50.877000 @@ -270657,6 +270660,7 @@ CVE-2024-5487,0,0,9fbfbc79e6dff8c3b550139a3c2eecf9b7c4bdde8704bc6cfe1f3d5f4415c8 CVE-2024-5488,0,0,703a569b98e6f1a8130cee58df129e22e6ef47912a99f32d5a452e25c6109519,2024-11-21T09:47:46.633000 CVE-2024-5489,0,0,6c00a6a2badf83516471ea1d81b619bbe482cb4a54de89ffa7bd06f7fa1ffabd,2024-11-21T09:47:46.807000 CVE-2024-5490,0,0,7e66a0f19af78ba5ab311e474f6c7a834b406cb5857b42d263e55e1190767452,2024-08-27T14:36:10.033000 +CVE-2024-54907,1,1,b320f7550ec43015c1572c80511d187a4e618b1c81d820249a2e55a6b87cfc12,2024-12-26T20:15:21.800000 CVE-2024-5491,0,0,e331b82e31ebdfe13500034914a1c37ca8ae8114dde41994ac12e59a5b4284ca,2024-11-21T09:47:47.017000 CVE-2024-54918,0,0,8d1c74ed435285d94b09f28fd23f5ea9a7eeb2cd4aab9028349afde0dfc746c6,2024-12-12T18:15:25.790000 CVE-2024-54919,0,0,d240fd7b13ed8b141b8975d3eb4f4e201c9093f582cb0ecbb49a96c5b085f2d9,2024-12-10T18:15:42.770000 @@ -270730,8 +270734,8 @@ CVE-2024-5520,0,0,2719a0027800a6c03c5991cd5e32370933ecb1de4c1c57d912093caa874b1a CVE-2024-5521,0,0,2b6f458ccb1380159b254eccc510c8e2cee9041e86f89c2477b6805e666cde62,2024-11-21T09:47:51.653000 CVE-2024-5522,0,0,df1bc4811acd8877854299da044a99554378b9c2498586ce956f30305786dd34,2024-11-21T09:47:51.770000 CVE-2024-5523,0,0,0b2c43ef384781b0113b9be6f2b000f9de2199a81d337c7e51164ef3b409e6ae,2024-11-21T09:47:51.940000 -CVE-2024-55231,0,0,9b4d96e13b2455de4f7153a0a178979c5c7c43ccbd9321ca719064bd13549e78,2024-12-18T22:15:07.127000 -CVE-2024-55232,0,0,fe663a132b62e845c6412331dfe4c7f0046c6cb02e889b5be4f207dc0ee83ce5,2024-12-18T22:15:07.297000 +CVE-2024-55231,0,1,bc333f6409b44ab3c99000a12bad2fde8a29ce447ecd07b39a700d49ee237739,2024-12-26T20:15:22.363000 +CVE-2024-55232,0,1,1864ac97778845b0c2006d5c17dbf59eb90aad80a835e2f552f3f64f26c6392b,2024-12-26T20:15:22.673000 CVE-2024-55239,0,0,cbfed4e5dffe1c92f805fb83f4f8a51e197e12f93a7416bc9c5ac9864cc8d243,2024-12-25T03:15:19.813000 CVE-2024-5524,0,0,96c1a4bf81cf964718431dd9c92394b3c99d70800d36b6797c2485b5f853cce6,2024-11-21T09:47:52.060000 CVE-2024-5525,0,0,85c272ad425dacde32e9f0580795bbb5b12316ff774e7fabc4e97fd793674bab,2024-11-21T09:47:52.173000 @@ -270768,8 +270772,8 @@ CVE-2024-55496,0,0,c5e38095d75676960b7fbf7f58bdc885b4b159f2f77ece315454c30d8284a CVE-2024-5550,0,0,4077662850b9d5945d5c85ce45904d9c2783b7c7a72633a9665404cf6f9e870c,2024-11-21T09:47:54.640000 CVE-2024-55500,0,0,291bca667f736f806651e2d665be6fd37497249cdecfcaf8ca1e90cca486c57b,2024-12-11T16:15:17.253000 CVE-2024-55505,0,0,ad21de972161195c039bd530e1e9c3c6b41383b94320510cdd1c3ce89c00aa22,2024-12-18T22:15:07.477000 -CVE-2024-55506,0,0,6a9185e4cb1406bb5a213557de91a4e5fba57eb75bfc09db131b37b2d573940a,2024-12-18T23:15:17.523000 -CVE-2024-55509,0,0,b9e27cdb0324b66757b8e2d500d01d42668e04684fff26be86214e9c263d4f06,2024-12-20T21:15:09.413000 +CVE-2024-55506,0,1,d4e1bef5832aef9ebf8db3056c7ea2e3da4b2a2de7821b1387a5fe03b91675cc,2024-12-26T20:15:22.867000 +CVE-2024-55509,0,1,4a5021013466b75dc19dd985fac6f59929ccb3fafbd7ec75f16f4601bde3282f,2024-12-26T20:15:23.067000 CVE-2024-5551,0,0,7ca1b2f3592d8c197217d4f6bb2a217c73a396396bc14275921b16391f97198d,2024-11-21T09:47:54.770000 CVE-2024-55513,0,0,fedcaafc6e85e6bd74dcc7a40ecdf11b2568dda1579c04082d671c5acf74ed00,2024-12-18T16:15:14.720000 CVE-2024-55514,0,0,1ab6d03dbd59f8b12772670ec93c7ec4ae46219483a32dbdb16b58811fc912d3,2024-12-18T16:15:14.900000 @@ -270963,7 +270967,7 @@ CVE-2024-5615,0,0,37856ff1a2df0ee42bdd2faed17aef170393a5807410ba1a41f1c8e8ad65ff CVE-2024-56159,0,0,93778ea5258f6d539b92be8f3df8846ef8906cdb84fa04adce279235890441fa,2024-12-20T21:15:09.940000 CVE-2024-5616,0,0,423edee4a921052dcb3d8ded851b7450a0c7bfa0bf926ae022e11e86747b1818,2024-11-21T09:48:01.540000 CVE-2024-56169,0,0,95fab31481addf9d97ffd88fc86edb8c439e81000f997b7642ccdedcf678b9b8,2024-12-18T05:15:08.853000 -CVE-2024-56170,0,0,fe24f53b69b66e09bce02939c6e065a952ea8a7195b5db56783772f90da6c468,2024-12-18T05:15:09.093000 +CVE-2024-56170,0,1,32611264582c3e86fc6149b20f12d5acbffe58d1028228c5f9baa4ad2faec8d4,2024-12-26T19:15:08.283000 CVE-2024-56173,0,0,5336dffcdc7d9618ebdef949381efb90ee1b3998a2588e22f737fe5a77849f25,2024-12-18T16:15:15.600000 CVE-2024-56174,0,0,3281f470ed49ef5807bf603f02908731fff1047853105938ff5649e5ffd7e97c,2024-12-18T17:15:15.190000 CVE-2024-56175,0,0,22a48fcf93fd39d784b2031be3d0660428d6c59d54d025f00f9098a9f5f6144b,2024-12-18T15:15:13.723000 @@ -271021,13 +271025,13 @@ CVE-2024-56363,0,0,f22bc17bbcbacc3d4c8946803bd76249d4162387d56a582274e363a9547d6 CVE-2024-56364,0,0,b554e0df0a4ad57cd70c0d37933b45401c149826dc27d68ffb15442fe3902ff6,2024-12-23T16:15:07.770000 CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000 CVE-2024-56375,0,0,1aeae50409e14309fb31af7dcf320eae7189e473177b68d63698866c2c62cd0b,2024-12-26T06:15:06.203000 -CVE-2024-56378,0,0,6719f8ca56230694a59bc1f5e75e3ab9feb822f8501e080a6c8cff7081436ef7,2024-12-23T00:15:05.133000 +CVE-2024-56378,0,1,fab67c7f7143f85c88660814de01440f680c12a24f807e1e2e38a3d85020bb03,2024-12-26T20:15:23.270000 CVE-2024-5638,0,0,4a64496852c4ee147220588b5d1940917ce749a1b3dd56d16a77a8cf3ed54b84,2024-11-21T09:48:04.153000 CVE-2024-5639,0,0,78123d59d6ff1062d5cdcc1456c84b89eb240e57bd822aee818d4edc5bb804e5,2024-11-21T09:48:04.290000 CVE-2024-5640,0,0,01c62801966d56f9308a985efd017779bd36dfe950ad675d920936fb65a56c1f,2024-11-21T09:48:04.440000 CVE-2024-5641,0,0,2dd93bc7f72d9dace7fe09cc2f2eb2c7de91223a0269467571863f0c170a0712,2024-11-21T09:48:04.573000 CVE-2024-5642,0,0,272b3c46f017079f5e7a4c3a57dae457f6d7a543b129faf9804cec24715f8735,2024-11-21T09:48:04.713000 -CVE-2024-56430,0,0,a3cf9a0752b406fb0a9fe074fffcff11a0545657375c87f725b5593c72b21c52,2024-12-25T18:15:22.487000 +CVE-2024-56430,0,1,91dd61b23c6849c7b5e310d41d9d849060fd5d0b9de1f5c4997e6d7e1edbc297,2024-12-26T20:15:23.447000 CVE-2024-56431,0,0,49712b8cd450b68932b09a326aba6d7a7b0b7eafff45fa04458a7115974f8de5,2024-12-25T17:15:05.510000 CVE-2024-56433,0,0,97c1a2fab0f61380e91bac384196520d3c468a5301a566aaebda99d1e3984636,2024-12-26T09:15:07.267000 CVE-2024-5644,0,0,160a368b3a7f8d4e53712fad16fb1094662061822d6ba961b4f309a68658057a,2024-11-21T09:48:04.900000 @@ -273924,9 +273928,9 @@ CVE-2024-8987,0,0,79ba228dec5ca0fbae93e303f34dbdd56a4716dc6d9e552cfa2102ec47e7c1 CVE-2024-8989,0,0,357992e2ce66eee3f7c953860741894a33603e2d489573cb57a026d2c2a2d1e9,2024-10-04T13:51:25.567000 CVE-2024-8990,0,0,3370c28f297fd80b172f4e292abaacd02f3a1c4a8cb79acb64f1c13bbbbfa3d6,2024-10-04T13:51:25.567000 CVE-2024-8991,0,0,b6a63b7dc29d31f5a9e8816722bd5be42812012697196ec8caabd5b43893932f,2024-10-04T18:56:30.583000 -CVE-2024-8992,0,1,c2ebb27e6764c9f9fe806153e0f5db62a49a64861bd9d2de918107abc54519ec,2024-12-26T17:15:08.267000 -CVE-2024-8993,0,1,f9efe3e3d1b381eeed436bb3ede3d175e475b66017a35659d54769a9bb290f11,2024-12-26T17:15:08.387000 -CVE-2024-8994,0,1,da30ee4cb6fee41e409a3bfa40e6a0e2851ef1130c15620f9f969fe0adc878a2,2024-12-26T17:15:08.500000 +CVE-2024-8992,0,0,c2ebb27e6764c9f9fe806153e0f5db62a49a64861bd9d2de918107abc54519ec,2024-12-26T17:15:08.267000 +CVE-2024-8993,0,0,f9efe3e3d1b381eeed436bb3ede3d175e475b66017a35659d54769a9bb290f11,2024-12-26T17:15:08.387000 +CVE-2024-8994,0,0,da30ee4cb6fee41e409a3bfa40e6a0e2851ef1130c15620f9f969fe0adc878a2,2024-12-26T17:15:08.500000 CVE-2024-8996,0,0,cd0b990817d2076a00b5e7fddb7f69f718917b5a243671e20171ba3b0c170ebd,2024-10-01T19:16:02.793000 CVE-2024-9001,0,0,0872fd49b5b6a794c95c6b45ab7ebb22635740627417ff87596d735c1ddbcba9,2024-09-24T16:14:30.190000 CVE-2024-9002,0,0,07bab80a5647df4577409503b6679799b5fed9b76f517f2c308405ac5c2a7ffe,2024-10-15T12:58:51.050000