diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47617.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47617.json new file mode 100644 index 00000000000..7ab92f4930b --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47617.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2021-47617", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.317", + "lastModified": "2024-06-20T11:15:54.317", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp's power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47618.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47618.json new file mode 100644 index 00000000000..cfb0adb3a6a --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47618.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-47618", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.477", + "lastModified": "2024-06-20T11:15:54.477", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9170/1: fix panic when kasan and kprobe are enabled\n\narm32 uses software to simulate the instruction replaced\nby kprobe. some instructions may be simulated by constructing\nassembly functions. therefore, before executing instruction\nsimulation, it is necessary to construct assembly function\nexecution environment in C language through binding registers.\nafter kasan is enabled, the register binding relationship will\nbe destroyed, resulting in instruction simulation errors and\ncausing kernel panic.\n\nthe kprobe emulate instruction function is distributed in three\nfiles: actions-common.c actions-arm.c actions-thumb.c, so disable\nKASAN when compiling these files.\n\nfor example, use kprobe insert on cap_capable+20 after kasan\nenabled, the cap_capable assembly code is as follows:\n:\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne1a05000\tmov\tr5, r0\ne280006c\tadd\tr0, r0, #108 ; 0x6c\ne1a04001\tmov\tr4, r1\ne1a06002\tmov\tr6, r2\ne59fa090\tldr\tsl, [pc, #144] ;\nebfc7bf8\tbl\tc03aa4b4 <__asan_load4>\ne595706c\tldr\tr7, [r5, #108] ; 0x6c\ne2859014\tadd\tr9, r5, #20\n......\nThe emulate_ldr assembly code after enabling kasan is as follows:\nc06f1384 :\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne282803c\tadd\tr8, r2, #60 ; 0x3c\ne1a05000\tmov\tr5, r0\ne7e37855\tubfx\tr7, r5, #16, #4\ne1a00008\tmov\tr0, r8\ne1a09001\tmov\tr9, r1\ne1a04002\tmov\tr4, r2\nebf35462\tbl\tc03c6530 <__asan_load4>\ne357000f\tcmp\tr7, #15\ne7e36655\tubfx\tr6, r5, #12, #4\ne205a00f\tand\tsl, r5, #15\n0a000001\tbeq\tc06f13bc \ne0840107\tadd\tr0, r4, r7, lsl #2\nebf3545c\tbl\tc03c6530 <__asan_load4>\ne084010a\tadd\tr0, r4, sl, lsl #2\nebf3545a\tbl\tc03c6530 <__asan_load4>\ne2890010\tadd\tr0, r9, #16\nebf35458\tbl\tc03c6530 <__asan_load4>\ne5990010\tldr\tr0, [r9, #16]\ne12fff30\tblx\tr0\ne356000f\tcm\tr6, #15\n1a000014\tbne\tc06f1430 \ne1a06000\tmov\tr6, r0\ne2840040\tadd\tr0, r4, #64 ; 0x40\n......\n\nwhen running in emulate_ldr to simulate the ldr instruction, panic\noccurred, and the log is as follows:\nUnable to handle kernel NULL pointer dereference at virtual address\n00000090\npgd = ecb46400\n[00000090] *pgd=2e0fa003, *pmd=00000000\nInternal error: Oops: 206 [#1] SMP ARM\nPC is at cap_capable+0x14/0xb0\nLR is at emulate_ldr+0x50/0xc0\npsr: 600d0293 sp : ecd63af8 ip : 00000004 fp : c0a7c30c\nr10: 00000000 r9 : c30897f4 r8 : ecd63cd4\nr7 : 0000000f r6 : 0000000a r5 : e59fa090 r4 : ecd63c98\nr3 : c06ae294 r2 : 00000000 r1 : b7611300 r0 : bf4ec008\nFlags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user\nControl: 32c5387d Table: 2d546400 DAC: 55555555\nProcess bash (pid: 1643, stack limit = 0xecd60190)\n(cap_capable) from (kprobe_handler+0x218/0x340)\n(kprobe_handler) from (kprobe_trap_handler+0x24/0x48)\n(kprobe_trap_handler) from (do_undefinstr+0x13c/0x364)\n(do_undefinstr) from (__und_svc_finish+0x0/0x30)\n(__und_svc_finish) from (cap_capable+0x18/0xb0)\n(cap_capable) from (cap_vm_enough_memory+0x38/0x48)\n(cap_vm_enough_memory) from\n(security_vm_enough_memory_mm+0x48/0x6c)\n(security_vm_enough_memory_mm) from\n(copy_process.constprop.5+0x16b4/0x25c8)\n(copy_process.constprop.5) from (_do_fork+0xe8/0x55c)\n(_do_fork) from (SyS_clone+0x1c/0x24)\n(SyS_clone) from (__sys_trace_return+0x0/0x10)\nCode: 0050a0e1 6c0080e2 0140a0e1 0260a0e1 (f801f0e7)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1515e72aae803fc6b466adf918e71c4e4c9d5b3d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b59b0a53c840921b625378f137e88adfa87647e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ba1863be105b06e10d0e2f6b1b8a0570801cfc71", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47619.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47619.json new file mode 100644 index 00000000000..d0de37ff523 --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47619.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2021-47619", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.560", + "lastModified": "2024-06-20T11:15:54.560", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix queues reservation for XDP\n\nWhen XDP was configured on a system with large number of CPUs\nand X722 NIC there was a call trace with NULL pointer dereference.\n\ni40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12\ni40e 0000:87:00.0: setup of MAIN VSI failed\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]\nCall Trace:\n? i40e_reconfig_rss_queues+0x130/0x130 [i40e]\ndev_xdp_install+0x61/0xe0\ndev_xdp_attach+0x18a/0x4c0\ndev_change_xdp_fd+0x1e6/0x220\ndo_setlink+0x616/0x1030\n? ahci_port_stop+0x80/0x80\n? ata_qc_issue+0x107/0x1e0\n? lock_timer_base+0x61/0x80\n? __mod_timer+0x202/0x380\nrtnl_setlink+0xe5/0x170\n? bpf_lsm_binder_transaction+0x10/0x10\n? security_capable+0x36/0x50\nrtnetlink_rcv_msg+0x121/0x350\n? rtnl_calcit.isra.0+0x100/0x100\nnetlink_rcv_skb+0x50/0xf0\nnetlink_unicast+0x1d3/0x2a0\nnetlink_sendmsg+0x22a/0x440\nsock_sendmsg+0x5e/0x60\n__sys_sendto+0xf0/0x160\n? __sys_getsockname+0x7e/0xc0\n? _copy_from_user+0x3c/0x80\n? __sys_setsockopt+0xc8/0x1a0\n__x64_sys_sendto+0x20/0x30\ndo_syscall_64+0x33/0x40\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f83fa7a39e0\n\nThis was caused by PF queue pile fragmentation due to\nflow director VSI queue being placed right after main VSI.\nBecause of this main VSI was not able to resize its\nqueue allocation for XDP resulting in no queues allocated\nfor main VSI when XDP was turned on.\n\nFix this by always allocating last queue in PF queue pile\nfor a flow director VSI." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00eddb0e4ea115154581d1049507a996acfc2d3e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4b3aa858268b7b9aeef02e5f9c4cd8f8fac101c8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/768eb705e6381f0c70ca29d4e66f19790d5d19a1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/92947844b8beee988c0ce17082b705c2f75f0742", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/be6998f232b8e4ca8225029e305b8329d89bfd59", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d46fa4ea9756ef6cbcf9752d0832cc66e2d7121b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47620.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47620.json new file mode 100644 index 00000000000..846bf6f26b8 --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47620.json @@ -0,0 +1,52 @@ +{ + "id": "CVE-2021-47620", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.653", + "lastModified": "2024-06-20T11:15:54.653", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: refactor malicious adv data check\n\nCheck for out-of-bound read was being performed at the end of while\nnum_reports loop, and would fill journal with false positives. Added\ncheck to beginning of loop processing so that it doesn't get checked\nafter ptr has been advanced." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/305e92f525450f3e1b5f5c9dc7eadb152d66a082", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5a539c08d743d9910631448da78af5e961664c0e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5c968affa804ba98c3c603f37ffea6fba618025e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7889b38a7f21ed19314f83194622b195d328465c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/835d3706852537bf92eb23eb8635b8dee0c0aa67", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/83d5196b65d1b29e27d7dd16a3b9b439fb1d2dba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8819f93cd4a443dfe547aa622b21f723757df3fb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/899663be5e75dc0174dc8bda0b5e6826edf0b29a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bcea886771c3f22a590c8c8b9139a107bd7f1e1c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48711.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48711.json new file mode 100644 index 00000000000..ca0d2ffc685 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48711.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2022-48711", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.793", + "lastModified": "2024-06-20T11:15:54.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: improve size validations for received domain records\n\nThe function tipc_mon_rcv() allows a node to receive and process\ndomain_record structs from peer nodes to track their views of the\nnetwork topology.\n\nThis patch verifies that the number of members in a received domain\nrecord does not exceed the limit defined by MAX_MON_DOMAIN, something\nthat may otherwise lead to a stack overflow.\n\ntipc_mon_rcv() is called from the function tipc_link_proto_rcv(), where\nwe are reading a 32 bit message data length field into a uint16. To\navert any risk of bit overflow, we add an extra sanity check for this in\nthat function. We cannot see that happen with the current code, but\nfuture designers being unaware of this risk, may introduce it by\nallowing delivery of very large (> 64k) sk buffers from the bearer\nlayer. This potential problem was identified by Eric Dumazet.\n\nThis fixes CVE-2022-0435" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/175db196e45d6f0e6047eccd09c8ba55465eb131", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1f1788616157b0222b0c2153828b475d95e374a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3c7e5943553594f68bbc070683db6bb6f6e9e78e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/59ff7514f8c56f166aadca49bcecfa028e0ad50f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9aa422ad326634b76309e8ff342c246800621216", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d692e3406e052dbf9f6d9da0cba36cb763272529", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f1af11edd08dd8376f7a84487cbb0ea8203e3a1d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fde4ddeadd099bf9fbb9ccbee8e1b5c20d530a2d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48712.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48712.json new file mode 100644 index 00000000000..bf53b79def7 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48712.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-48712", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.880", + "lastModified": "2024-06-20T11:15:54.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix error handling in ext4_fc_record_modified_inode()\n\nCurrent code does not fully takes care of krealloc() error case, which\ncould lead to silent memory corruption or a kernel bug. This patch\nfixes that.\n\nAlso it cleans up some duplicated error handling logic from various\nfunctions in fast_commit.c file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/14aa3f49c7fc6424763f4323bfbc3a807b0727dc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1b6762ecdf3cf12113772427c904aa3c420a1802", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/62e46e0ffc02daa8fcfc02f7a932cc8a19601b19", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cdce59a1549190b66f8e3fe465c2b2f714b98a94", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48713.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48713.json new file mode 100644 index 00000000000..77a5338a475 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48713.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-48713", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:54.960", + "lastModified": "2024-06-20T11:15:54.960", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/pt: Fix crash with stop filters in single-range mode\n\nAdd a check for !buf->single before calling pt_buffer_region_size in a\nplace where a missing check can cause a kernel crash.\n\nFixes a bug introduced by commit 670638477aed (\"perf/x86/intel/pt:\nOpportunistically use single range output mode\"), which added a\nsupport for PT single-range output mode. Since that commit if a PT\nstop filter range is hit while tracing, the kernel will crash because\nof a null pointer dereference in pt_handle_status due to calling\npt_buffer_region_size without a ToPA configured.\n\nThe commit which introduced single-range mode guarded almost all uses of\nthe ToPA buffer variables with checks of the buf->single variable, but\nmissed the case where tracing was stopped by the PT hardware, which\nhappens when execution hits a configured stop filter.\n\nTested that hitting a stop filter while PT recording successfully\nrecords a trace with this patch but crashes without this patch." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1d9093457b243061a9bba23543c38726e864a643", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/456f041e035913fcedb275aff6f8a71dfebcd394", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e83d941fd3445f660d2f43647c580a320cc384f6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/feffb6ae2c80b9a8206450cdef90f5943baced99", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48714.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48714.json new file mode 100644 index 00000000000..fc976185984 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48714.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-48714", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.033", + "lastModified": "2024-06-20T11:15:55.033", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Use VM_MAP instead of VM_ALLOC for ringbuf\n\nAfter commit 2fd3fb0be1d1 (\"kasan, vmalloc: unpoison VM_ALLOC pages\nafter mapping\"), non-VM_ALLOC mappings will be marked as accessible\nin __get_vm_area_node() when KASAN is enabled. But now the flag for\nringbuf area is VM_ALLOC, so KASAN will complain out-of-bound access\nafter vmap() returns. Because the ringbuf area is created by mapping\nallocated pages, so use VM_MAP instead.\n\nAfter the change, info in /proc/vmallocinfo also changes from\n [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmalloc user\nto\n [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmap user" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5e457aeab52a5947619e1f18047f4d2f3212b3eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6304a613a97d6dcd49b93fbad31e9f39d1e138d6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b293dcc473d22a62dc6d78de2b15e4f49515db56", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d578933f6226d5419af9306746efa1c693cbaf9c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48715.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48715.json new file mode 100644 index 00000000000..fd2b54571b9 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48715.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2022-48715", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.110", + "lastModified": "2024-06-20T11:15:55.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Make bnx2fc_recv_frame() mp safe\n\nRunning tests with a debug kernel shows that bnx2fc_recv_frame() is\nmodifying the per_cpu lport stats counters in a non-mpsafe way. Just boot\na debug kernel and run the bnx2fc driver with the hardware enabled.\n\n[ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_\n[ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B\n[ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n[ 1391.699183] Call Trace:\n[ 1391.699188] dump_stack_lvl+0x57/0x7d\n[ 1391.699198] check_preemption_disabled+0xc8/0xd0\n[ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180\n[ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc]\n[ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc]\n[ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc]\n[ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc]\n[ 1391.699258] kthread+0x364/0x420\n[ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50\n[ 1391.699268] ? set_kthread_struct+0x100/0x100\n[ 1391.699273] ret_from_fork+0x22/0x30\n\nRestore the old get_cpu/put_cpu code with some modifications to reduce the\nsize of the critical section." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ec4334152dae175dbd8fd5bde1d2139bbe7b42d0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48716.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48716.json new file mode 100644 index 00000000000..a8624084305 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48716.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-48716", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.207", + "lastModified": "2024-06-20T11:15:55.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd938x: fix incorrect used of portid\n\nMixer controls have the channel id in mixer->reg, which is not same\nas port id. port id should be derived from chan_info array.\nSo fix this. Without this, its possible that we could corrupt\nstruct wcd938x_sdw_priv by accessing port_map array out of range\nwith channel id instead of port id." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9167f2712dc8c24964840a4d1e2ebf130e846b95", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48717.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48717.json new file mode 100644 index 00000000000..84d056c60a8 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48717.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2022-48717", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.287", + "lastModified": "2024-06-20T11:15:55.287", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: max9759: fix underflow in speaker_gain_control_put()\n\nCheck for negative values of \"priv->gain\" to prevent an out of bounds\naccess. The concern is that these might come from the user via:\n -> snd_ctl_elem_write_user()\n -> snd_ctl_elem_write()\n -> kctl->put()" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4c907bcd9dcd233da6707059d777ab389dcbd964", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5a45448ac95b715173edb1cd090ff24b6586d921", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/71e60c170105d153e34d01766c1e4db26a4b24cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a0f49d12547d45ea8b0f356a96632dd503941c1e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/baead410e5db49e962a67fffc17ac30e44b50b7c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f114fd6165dfb52520755cc4d1c1dfbd447b88b6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48718.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48718.json new file mode 100644 index 00000000000..6a2c2d60269 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48718.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-48718", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.373", + "lastModified": "2024-06-20T11:15:55.373", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: mxsfb: Fix NULL pointer dereference\n\nmxsfb should not ever dereference the NULL pointer which\ndrm_atomic_get_new_bridge_state is allowed to return.\nAssume a fixed format instead." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/622c9a3a7868e1eeca39c55305ca3ebec4742b64", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6f9267e01cca749137349d8ffb0d0ebbadf567f4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/86a337bb803040e4401b87c974a7fb92efe3d0e1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48719.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48719.json new file mode 100644 index 00000000000..e4b6062bb95 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48719.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-48719", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.470", + "lastModified": "2024-06-20T11:15:55.470", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work\n\nsyzkaller was able to trigger a deadlock for NTF_MANAGED entries [0]:\n\n kworker/0:16/14617 is trying to acquire lock:\n ffffffff8d4dd370 (&tbl->lock){++-.}-{2:2}, at: ___neigh_create+0x9e1/0x2990 net/core/neighbour.c:652\n [...]\n but task is already holding lock:\n ffffffff8d4dd370 (&tbl->lock){++-.}-{2:2}, at: neigh_managed_work+0x35/0x250 net/core/neighbour.c:1572\n\nThe neighbor entry turned to NUD_FAILED state, where __neigh_event_send()\ntriggered an immediate probe as per commit cd28ca0a3dd1 (\"neigh: reduce\narp latency\") via neigh_probe() given table lock was held.\n\nOne option to fix this situation is to defer the neigh_probe() back to\nthe neigh_timer_handler() similarly as pre cd28ca0a3dd1. For the case\nof NTF_MANAGED, this deferral is acceptable given this only happens on\nactual failure state and regular / expected state is NUD_VALID with the\nentry already present.\n\nThe fix adds a parameter to __neigh_event_send() in order to communicate\nwhether immediate probe is allowed or disallowed. Existing call-sites\nof neigh_event_send() default as-is to immediate probe. However, the\nneigh_managed_work() disables it via use of neigh_event_send_probe().\n\n[0] \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_deadlock_bug kernel/locking/lockdep.c:2956 [inline]\n check_deadlock kernel/locking/lockdep.c:2999 [inline]\n validate_chain kernel/locking/lockdep.c:3788 [inline]\n __lock_acquire.cold+0x149/0x3ab kernel/locking/lockdep.c:5027\n lock_acquire kernel/locking/lockdep.c:5639 [inline]\n lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5604\n __raw_write_lock_bh include/linux/rwlock_api_smp.h:202 [inline]\n _raw_write_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:334\n ___neigh_create+0x9e1/0x2990 net/core/neighbour.c:652\n ip6_finish_output2+0x1070/0x14f0 net/ipv6/ip6_output.c:123\n __ip6_finish_output net/ipv6/ip6_output.c:191 [inline]\n __ip6_finish_output+0x61e/0xe90 net/ipv6/ip6_output.c:170\n ip6_finish_output+0x32/0x200 net/ipv6/ip6_output.c:201\n NF_HOOK_COND include/linux/netfilter.h:296 [inline]\n ip6_output+0x1e4/0x530 net/ipv6/ip6_output.c:224\n dst_output include/net/dst.h:451 [inline]\n NF_HOOK include/linux/netfilter.h:307 [inline]\n ndisc_send_skb+0xa99/0x17f0 net/ipv6/ndisc.c:508\n ndisc_send_ns+0x3a9/0x840 net/ipv6/ndisc.c:650\n ndisc_solicit+0x2cd/0x4f0 net/ipv6/ndisc.c:742\n neigh_probe+0xc2/0x110 net/core/neighbour.c:1040\n __neigh_event_send+0x37d/0x1570 net/core/neighbour.c:1201\n neigh_event_send include/net/neighbour.h:470 [inline]\n neigh_managed_work+0x162/0x250 net/core/neighbour.c:1574\n process_one_work+0x9ac/0x1650 kernel/workqueue.c:2307\n worker_thread+0x657/0x1110 kernel/workqueue.c:2454\n kthread+0x2e9/0x3a0 kernel/kthread.c:377\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/203a35ebb49cdce377416b0690215d3ce090d364", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4a81f6da9cb2d1ef911131a6fd8bd15cb61fc772", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48720.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48720.json new file mode 100644 index 00000000000..c70e5b8b26a --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48720.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-48720", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.547", + "lastModified": "2024-06-20T11:15:55.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macsec: Fix offload support for NETDEV_UNREGISTER event\n\nCurrent macsec netdev notify handler handles NETDEV_UNREGISTER event by\nreleasing relevant SW resources only, this causes resources leak in case\nof macsec HW offload, as the underlay driver was not notified to clean\nit's macsec offload resources.\n\nFix by calling the underlay driver to clean it's relevant resources\nby moving offload handling from macsec_dellink() to macsec_common_dellink()\nwhen handling NETDEV_UNREGISTER event." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2e7f5b6ee1a7a2c628253a95b0a95b582901ef1b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8299be160aad8548071d080518712dec0df92bd5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9cef24c8b76c1f6effe499d2f131807c90f7ce9a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e7a0b3a0806dae3cc81931f0e83055ca2ac6f455", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48721.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48721.json new file mode 100644 index 00000000000..6f780c554f1 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48721.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-48721", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.620", + "lastModified": "2024-06-20T11:15:55.620", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Forward wakeup to smc socket waitqueue after fallback\n\nWhen we replace TCP with SMC and a fallback occurs, there may be\nsome socket waitqueue entries remaining in smc socket->wq, such\nas eppoll_entries inserted by userspace applications.\n\nAfter the fallback, data flows over TCP/IP and only clcsocket->wq\nwill be woken up. Applications can't be notified by the entries\nwhich were inserted in smc socket->wq before fallback. So we need\na mechanism to wake up smc socket->wq at the same time if some\nentries remaining in it.\n\nThe current workaround is to transfer the entries from smc socket->wq\nto clcsock->wq during the fallback. But this may cause a crash\nlike this:\n\n general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP PTI\n CPU: 3 PID: 0 Comm: swapper/3 Kdump: loaded Tainted: G E 5.16.0+ #107\n RIP: 0010:__wake_up_common+0x65/0x170\n Call Trace:\n \n __wake_up_common_lock+0x7a/0xc0\n sock_def_readable+0x3c/0x70\n tcp_data_queue+0x4a7/0xc40\n tcp_rcv_established+0x32f/0x660\n ? sk_filter_trim_cap+0xcb/0x2e0\n tcp_v4_do_rcv+0x10b/0x260\n tcp_v4_rcv+0xd2a/0xde0\n ip_protocol_deliver_rcu+0x3b/0x1d0\n ip_local_deliver_finish+0x54/0x60\n ip_local_deliver+0x6a/0x110\n ? tcp_v4_early_demux+0xa2/0x140\n ? tcp_v4_early_demux+0x10d/0x140\n ip_sublist_rcv_finish+0x49/0x60\n ip_sublist_rcv+0x19d/0x230\n ip_list_rcv+0x13e/0x170\n __netif_receive_skb_list_core+0x1c2/0x240\n netif_receive_skb_list_internal+0x1e6/0x320\n napi_complete_done+0x11d/0x190\n mlx5e_napi_poll+0x163/0x6b0 [mlx5_core]\n __napi_poll+0x3c/0x1b0\n net_rx_action+0x27c/0x300\n __do_softirq+0x114/0x2d2\n irq_exit_rcu+0xb4/0xe0\n common_interrupt+0xba/0xe0\n \n \n\nThe crash is caused by privately transferring waitqueue entries from\nsmc socket->wq to clcsock->wq. The owners of these entries, such as\nepoll, have no idea that the entries have been transferred to a\ndifferent socket wait queue and still use original waitqueue spinlock\n(smc socket->wq.wait.lock) to make the entries operation exclusive,\nbut it doesn't work. The operations to the entries, such as removing\nfrom the waitqueue (now is clcsock->wq after fallback), may cause a\ncrash when clcsock waitqueue is being iterated over at the moment.\n\nThis patch tries to fix this by no longer transferring wait queue\nentries privately, but introducing own implementations of clcsock's\ncallback functions in fallback situation. The callback functions will\nforward the wakeup to smc socket->wq if clcsock->wq is actually woken\nup and smc socket->wq has remaining entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ef6049f664941bc0f75828b3a61877635048b27", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/341adeec9adad0874f29a0a1af35638207352a39", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/504078fbe9dd570d685361b57784a6050bc40aaa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48722.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48722.json new file mode 100644 index 00000000000..e6ec0fba645 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48722.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2022-48722", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.733", + "lastModified": "2024-06-20T11:15:55.733", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/21feb6df3967541931242c427fe0958276af81cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/621b24b09eb61c63f262da0c9c5f0e93348897e5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6f38d3a6ec11c2733b1c641a46a2a2ecec57be08", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/78b3f20c17cbcb7645bfa63f2ca0e11b53c09d56", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/94cd597e20ed4acedb8f15f029d92998b011cb1a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a1c277b0ed2a13e7de923b5f03bc23586eceb851", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d6a44feb2f28d71a7e725f72d09c97c81561cd9a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48723.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48723.json new file mode 100644 index 00000000000..c4c9e829082 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48723.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-48723", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T11:15:55.820", + "lastModified": "2024-06-20T11:15:55.820", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\n\nThe issue happens in several error paths in uniphier_spi_probe().\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\nan error code, the function forgets to decrease the refcount of both\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\n\nFix it by decrementing the reference count of specific objects in\nthose error paths." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-268xx/CVE-2024-26807.json b/CVE-2024/CVE-2024-268xx/CVE-2024-26807.json index 8781903e3f5..690438afe97 100644 --- a/CVE-2024/CVE-2024-268xx/CVE-2024-26807.json +++ b/CVE-2024/CVE-2024-268xx/CVE-2024-26807.json @@ -2,12 +2,12 @@ "id": "CVE-2024-26807", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-04T09:15:09.380", - "lastModified": "2024-04-04T12:48:22.650", + "lastModified": "2024-06-20T10:15:09.303", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: cadence-qspi: fix pointer reference in runtime PM hooks\n\ndev_get_drvdata() gets used to acquire the pointer to cqspi and the SPI\ncontroller. Neither embed the other; this lead to memory corruption.\n\nOn a given platform (Mobileye EyeQ5) the memory corruption is hidden\ninside cqspi->f_pdata. Also, this uninitialised memory is used as a\nmutex (ctlr->bus_lock_mutex) by spi_controller_suspend()." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBoth cadence-quadspi ->runtime_suspend() and ->runtime_resume()\nimplementations start with:\n\n\tstruct cqspi_st *cqspi = dev_get_drvdata(dev);\n\tstruct spi_controller *host = dev_get_drvdata(dev);\n\nThis obviously cannot be correct, unless \"struct cqspi_st\" is the\nfirst member of \" struct spi_controller\", or the other way around, but\nit is not the case. \"struct spi_controller\" is allocated by\ndevm_spi_alloc_host(), which allocates an extra amount of memory for\nprivate data, used to store \"struct cqspi_st\".\n\nThe ->probe() function of the cadence-quadspi driver then sets the\ndevice drvdata to store the address of the \"struct cqspi_st\"\nstructure. Therefore:\n\n\tstruct cqspi_st *cqspi = dev_get_drvdata(dev);\n\nis correct, but:\n\n\tstruct spi_controller *host = dev_get_drvdata(dev);\n\nis not, as it makes \"host\" point not to a \"struct spi_controller\" but\nto the same \"struct cqspi_st\" structure as above.\n\nThis obviously leads to bad things (memory corruption, kernel crashes)\ndirectly during ->probe(), as ->probe() enables the device using PM\nruntime, leading the ->runtime_resume() hook being called, which in\nturns calls spi_controller_resume() with the wrong pointer.\n\nThis has at least been reported [0] to cause a kernel crash, but the\nexact behavior will depend on the memory contents.\n\n[0] https://lore.kernel.org/all/20240226121803.5a7r5wkpbbowcxgx@dhruva/\n\nThis issue potentially affects all platforms that are currently using\nthe cadence-quadspi driver." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28147.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28147.json new file mode 100644 index 00000000000..d6417992137 --- /dev/null +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28147.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-28147", + "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", + "published": "2024-06-20T11:15:55.913", + "lastModified": "2024-06-20T11:15:55.913", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An authenticated user can upload arbitrary files in the upload \nfunction for collection preview images. An attacker may upload an HTML \nfile that includes malicious JavaScript code which will be executed if a\n user visits the direct URL of the collection preview image (Stored \nCross Site Scripting). It is also possible to upload SVG files that \ninclude nested XML entities. Those are parsed when a user visits the \ndirect URL of the collection preview image, which may be utilized for a \nDenial of Service attack.\n\nThis issue affects edu-sharing: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://r.sec-consult.com/metaventis", + "source": "551230f0-3615-47bd-b7cc-93e92e730bbf" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json index f202c530a3b..9013eac72b9 100644 --- a/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json @@ -2,7 +2,7 @@ "id": "CVE-2024-34693", "sourceIdentifier": "security@apache.org", "published": "2024-06-20T09:15:11.683", - "lastModified": "2024-06-20T09:15:11.683", + "lastModified": "2024-06-20T11:15:56.090", "vulnStatus": "Received", "descriptions": [ { @@ -47,6 +47,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/06/20/1", + "source": "security@apache.org" + }, { "url": "https://lists.apache.org/thread/1803x1s34m7r71h1k0q1njol8k6fmyon", "source": "security@apache.org" diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5036.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5036.json new file mode 100644 index 00000000000..f50d25975e2 --- /dev/null +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5036.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-5036", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-06-20T11:15:56.273", + "lastModified": "2024-06-20T11:15:56.273", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter in all versions up to, and including, 3.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/sina-extension-for-elementor/trunk/widgets/basic/sina-counter.php#L687", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3104601/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64f11bc9-88b5-43d5-bc76-129dc5909210?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5886.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5886.json new file mode 100644 index 00000000000..8001004799a --- /dev/null +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5886.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2024-5886", + "sourceIdentifier": "security@huntr.dev", + "published": "2024-06-20T11:15:56.580", + "lastModified": "2024-06-20T11:15:56.580", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6181.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6181.json new file mode 100644 index 00000000000..a68683722bf --- /dev/null +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6181.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-6181", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-06-20T11:15:56.723", + "lastModified": "2024-06-20T11:15:56.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This vulnerability affects unknown code of the file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp&size=32. The manipulation of the argument height/width leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269152. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://gentle-khaan-c53.notion.site/Reflected-XSS-in-Labvantage-LIMS-9531d77dce984d4da2ddcab863962e9c?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.269152", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.269152", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.353709", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6182.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6182.json new file mode 100644 index 00000000000..f9b5489a07b --- /dev/null +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6182.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-6182", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-06-20T11:15:57.117", + "lastModified": "2024-06-20T11:15:57.117", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in LabVantage LIMS 2017. It has been rated as problematic. This issue affects some unknown processing of the file /labvantage/rc?command=page&page=LV_ViewSampleSpec&oosonly=Y&_sdialog=Y. The manipulation of the argument sdcid/keyid1 leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269153 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://gentle-khaan-c53.notion.site/Reflected-XSS-in-Labvantage-LIMS-95e338b6f9ea45db9a6c635c3c1ff3b8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.269153", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.269153", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.354361", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b01bf6dac26..da192a91c66 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-20T10:00:55.194049+00:00 +2024-06-20T12:00:18.799054+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-20T09:15:12.253000+00:00 +2024-06-20T11:15:57.117000+00:00 ``` ### Last Data Feed Release @@ -33,31 +33,43 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -254649 +254671 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `22` -- [CVE-2024-29012](CVE-2024/CVE-2024-290xx/CVE-2024-29012.json) (`2024-06-20T09:15:11.347`) -- [CVE-2024-29013](CVE-2024/CVE-2024-290xx/CVE-2024-29013.json) (`2024-06-20T09:15:11.543`) -- [CVE-2024-34693](CVE-2024/CVE-2024-346xx/CVE-2024-34693.json) (`2024-06-20T09:15:11.683`) -- [CVE-2024-38620](CVE-2024/CVE-2024-386xx/CVE-2024-38620.json) (`2024-06-20T08:15:38.377`) +- [CVE-2021-47617](CVE-2021/CVE-2021-476xx/CVE-2021-47617.json) (`2024-06-20T11:15:54.317`) +- [CVE-2021-47618](CVE-2021/CVE-2021-476xx/CVE-2021-47618.json) (`2024-06-20T11:15:54.477`) +- [CVE-2021-47619](CVE-2021/CVE-2021-476xx/CVE-2021-47619.json) (`2024-06-20T11:15:54.560`) +- [CVE-2021-47620](CVE-2021/CVE-2021-476xx/CVE-2021-47620.json) (`2024-06-20T11:15:54.653`) +- [CVE-2022-48711](CVE-2022/CVE-2022-487xx/CVE-2022-48711.json) (`2024-06-20T11:15:54.793`) +- [CVE-2022-48712](CVE-2022/CVE-2022-487xx/CVE-2022-48712.json) (`2024-06-20T11:15:54.880`) +- [CVE-2022-48713](CVE-2022/CVE-2022-487xx/CVE-2022-48713.json) (`2024-06-20T11:15:54.960`) +- [CVE-2022-48714](CVE-2022/CVE-2022-487xx/CVE-2022-48714.json) (`2024-06-20T11:15:55.033`) +- [CVE-2022-48715](CVE-2022/CVE-2022-487xx/CVE-2022-48715.json) (`2024-06-20T11:15:55.110`) +- [CVE-2022-48716](CVE-2022/CVE-2022-487xx/CVE-2022-48716.json) (`2024-06-20T11:15:55.207`) +- [CVE-2022-48717](CVE-2022/CVE-2022-487xx/CVE-2022-48717.json) (`2024-06-20T11:15:55.287`) +- [CVE-2022-48718](CVE-2022/CVE-2022-487xx/CVE-2022-48718.json) (`2024-06-20T11:15:55.373`) +- [CVE-2022-48719](CVE-2022/CVE-2022-487xx/CVE-2022-48719.json) (`2024-06-20T11:15:55.470`) +- [CVE-2022-48720](CVE-2022/CVE-2022-487xx/CVE-2022-48720.json) (`2024-06-20T11:15:55.547`) +- [CVE-2022-48721](CVE-2022/CVE-2022-487xx/CVE-2022-48721.json) (`2024-06-20T11:15:55.620`) +- [CVE-2022-48722](CVE-2022/CVE-2022-487xx/CVE-2022-48722.json) (`2024-06-20T11:15:55.733`) +- [CVE-2022-48723](CVE-2022/CVE-2022-487xx/CVE-2022-48723.json) (`2024-06-20T11:15:55.820`) +- [CVE-2024-28147](CVE-2024/CVE-2024-281xx/CVE-2024-28147.json) (`2024-06-20T11:15:55.913`) +- [CVE-2024-5036](CVE-2024/CVE-2024-50xx/CVE-2024-5036.json) (`2024-06-20T11:15:56.273`) +- [CVE-2024-5886](CVE-2024/CVE-2024-58xx/CVE-2024-5886.json) (`2024-06-20T11:15:56.580`) +- [CVE-2024-6181](CVE-2024/CVE-2024-61xx/CVE-2024-6181.json) (`2024-06-20T11:15:56.723`) +- [CVE-2024-6182](CVE-2024/CVE-2024-61xx/CVE-2024-6182.json) (`2024-06-20T11:15:57.117`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `2` -- [CVE-2021-47573](CVE-2021/CVE-2021-475xx/CVE-2021-47573.json) (`2024-06-20T09:15:10.660`) -- [CVE-2021-47574](CVE-2021/CVE-2021-475xx/CVE-2021-47574.json) (`2024-06-20T09:15:10.850`) -- [CVE-2021-47575](CVE-2021/CVE-2021-475xx/CVE-2021-47575.json) (`2024-06-20T09:15:10.953`) -- [CVE-2021-47581](CVE-2021/CVE-2021-475xx/CVE-2021-47581.json) (`2024-06-20T09:15:11.057`) -- [CVE-2024-26639](CVE-2024/CVE-2024-266xx/CVE-2024-26639.json) (`2024-06-20T09:15:11.183`) -- [CVE-2024-35241](CVE-2024/CVE-2024-352xx/CVE-2024-35241.json) (`2024-06-20T09:15:11.993`) -- [CVE-2024-35242](CVE-2024/CVE-2024-352xx/CVE-2024-35242.json) (`2024-06-20T09:15:12.140`) -- [CVE-2024-37568](CVE-2024/CVE-2024-375xx/CVE-2024-37568.json) (`2024-06-20T09:15:12.253`) +- [CVE-2024-26807](CVE-2024/CVE-2024-268xx/CVE-2024-26807.json) (`2024-06-20T10:15:09.303`) +- [CVE-2024-34693](CVE-2024/CVE-2024-346xx/CVE-2024-34693.json) (`2024-06-20T11:15:56.090`) ## Download and Usage diff --git a/_state.csv b/_state.csv index b0be2cf8c26..a6c5bf4e82b 100644 --- a/_state.csv +++ b/_state.csv @@ -187371,15 +187371,15 @@ CVE-2021-47569,0,0,7b4ee9969d7b2bdfa51b608129e4a28e25fef0b05a577f53d9e872f37b867 CVE-2021-47570,0,0,8efc024fd057221731b8441eed1f78c2841bddbe1d7646bf65390da9848d7ece,2024-06-10T19:22:46.993000 CVE-2021-47571,0,0,9ae7dfe9cc2ea2b4111c421c046fb07b6c9a1d98489d868de0a813931f6c97cf,2024-06-10T19:22:36.833000 CVE-2021-47572,0,0,55c6e98268ccff9a12ecfcf7346b412b0260b19f4dd297c4a5d7a5ddb50f3eca,2024-06-10T19:22:05.237000 -CVE-2021-47573,0,1,77f17ceffef01ed1235383fa8b9d660bd9e97f9957ddf89f7588fecd6de7f3ee,2024-06-20T09:15:10.660000 -CVE-2021-47574,0,1,391863034eab59403fe143d15df40f1956c3dc69dca88c34541f90e4de440ed8,2024-06-20T09:15:10.850000 -CVE-2021-47575,0,1,722357c96fabd9dcaa94e25f2d6c3827cc0d9ffea8340b657e2489a7b6bb493c,2024-06-20T09:15:10.953000 +CVE-2021-47573,0,0,77f17ceffef01ed1235383fa8b9d660bd9e97f9957ddf89f7588fecd6de7f3ee,2024-06-20T09:15:10.660000 +CVE-2021-47574,0,0,391863034eab59403fe143d15df40f1956c3dc69dca88c34541f90e4de440ed8,2024-06-20T09:15:10.850000 +CVE-2021-47575,0,0,722357c96fabd9dcaa94e25f2d6c3827cc0d9ffea8340b657e2489a7b6bb493c,2024-06-20T09:15:10.953000 CVE-2021-47576,0,0,529ff2838ef76d7619d5bef41c4412385193d0388581dc3389cc34ad5cb3392b,2024-06-19T15:15:52.117000 CVE-2021-47577,0,0,2e716ba915bf347483c8366b86986fd4bc924c2188585127b0346a76083dca64,2024-06-19T15:15:52.223000 CVE-2021-47578,0,0,b6cdd7cb71f065232f349708162f254a0436579d12bb1d2af1930716fd430722,2024-06-19T15:15:52.320000 CVE-2021-47579,0,0,bacd9b18ea2cec453f67aac72823401bb7e8ad56778087942ea94693446c2239,2024-06-19T15:15:52.427000 CVE-2021-47580,0,0,9d0dcf903250aa86955d83dd6f1490d35c7ce8feed681a55869b2ec26c204660,2024-06-19T15:15:52.537000 -CVE-2021-47581,0,1,17ec8f4e133d40e0db5079fe03b869ad7ee16e0e079fffc51fd025ed4a3f9521,2024-06-20T09:15:11.057000 +CVE-2021-47581,0,0,17ec8f4e133d40e0db5079fe03b869ad7ee16e0e079fffc51fd025ed4a3f9521,2024-06-20T09:15:11.057000 CVE-2021-47582,0,0,c9a1f9b44372a9f249b03729be5db788d3c9b94e5e60e99cb74bd75151e295d6,2024-06-19T15:15:52.743000 CVE-2021-47583,0,0,6e348f5d1cee71355f4561877aa842e4099a5c563bcd5b01e8d3e5ff3a090cb9,2024-06-19T15:15:52.843000 CVE-2021-47584,0,0,9fb73020197e21e2348918b425a736b526ca64cbfa5f5cb286809e6fb7fff65f,2024-06-19T15:15:52.947000 @@ -187415,6 +187415,10 @@ CVE-2021-47613,0,0,440b155bc5e528cbfc86f311f0754e1fcc83a2837cf27d9be9e9e63280c5e CVE-2021-47614,0,0,57fdd5a971b374efd6ca12ff9eaebc4ae1382cf48de669e8b347571bad23008b,2024-06-19T15:15:55.943000 CVE-2021-47615,0,0,e6972818866c037db26a5c1b369f5391f820afda8212e98d624ae9e2f749949f,2024-06-19T15:15:56.030000 CVE-2021-47616,0,0,613e0fc659a08a1fbd2d33e67d7334b1808c6952236b73a03143db70ef545f3b,2024-06-19T15:15:56.130000 +CVE-2021-47617,1,1,6a4cc525a053ed7724deb39d26fa648531dc0eff60b7caf36150ce513b8655c1,2024-06-20T11:15:54.317000 +CVE-2021-47618,1,1,a92457db77c57329a98818642a3c4c8ae8cec64ad75299e63477d87c5d954e28,2024-06-20T11:15:54.477000 +CVE-2021-47619,1,1,a587964b82f28c3f37c4aed7e2edae5cbf64b8705b16826678522954d17cce89,2024-06-20T11:15:54.560000 +CVE-2021-47620,1,1,66fde7a024dfe345b80aff0598fe94f6ddbf6b5afcdcee7d050eee6605cd5f9e,2024-06-20T11:15:54.653000 CVE-2022-0001,0,0,d8fdf66a3692474461fa30afb4569bb8513a7a0b04c6840c7e2c146df6b5709c,2024-04-09T15:15:26.797000 CVE-2022-0002,0,0,4ba989879ca817729e7cddc36d35dc20834fb13fd71d0cce189890fe2defbd53,2022-08-19T12:28:50.667000 CVE-2022-0004,0,0,49c52ff3575738b86482113493a7c3a40cb78eb0fdff68408b97beece4f065c8,2022-06-10T20:52:37.810000 @@ -212091,7 +212095,20 @@ CVE-2022-48708,0,0,b35378a7467337cab7b1eef08420fd20c82e6434d74596d1198a41e477871 CVE-2022-48709,0,0,6baa1cc0021e923f3b33081043dd7a305091b7d2d8afafa75c06c12c76f323ea,2024-05-21T16:53:56.550000 CVE-2022-4871,0,0,7274992495dd67388b392e338389fdefa8e3ed34b55ba94bae27cb8f3908886f,2024-05-17T02:17:00.160000 CVE-2022-48710,0,0,fe0ec196b9ae5f3f56372f7ec69d70930c0b30ebf7231710388167bc4a2cc6ec,2024-05-21T16:53:56.550000 +CVE-2022-48711,1,1,437bfedf93ccc6707dd66d2a73f2aa01c86f5b3cc60900eb635a56ff1b8fb994,2024-06-20T11:15:54.793000 +CVE-2022-48712,1,1,3b64a6878c99556d2e8e53df3e3fbe560123c9b9235d2d0be81373221ade16df,2024-06-20T11:15:54.880000 +CVE-2022-48713,1,1,fa6c1284746f0ff8d418439a3365df6be246ac2e056745ec75dadf6029a4d3df,2024-06-20T11:15:54.960000 +CVE-2022-48714,1,1,5832f54243f2c8c4414082f2dbd8e585d701954280f2cee014511c0c990981b9,2024-06-20T11:15:55.033000 +CVE-2022-48715,1,1,7fcf7dc38c54f89b9d6be4a75e3e3a0cd868f2fbae230c145239cc82fb11749a,2024-06-20T11:15:55.110000 +CVE-2022-48716,1,1,a314667ccf1ddd96185d9e439ee406446167e8467c58c7c9636a0c88f6814902,2024-06-20T11:15:55.207000 +CVE-2022-48717,1,1,f3c1926626a63f7d8b90d2e8783cdf40a49918a488fafb83e0667538d260dc99,2024-06-20T11:15:55.287000 +CVE-2022-48718,1,1,53dc35066ea404dcf93f0fc63cade45f4682d57233698f55434e98eacfd19e9f,2024-06-20T11:15:55.373000 +CVE-2022-48719,1,1,1c36a8e83830e4e1040d7eee7644b403859159a8bc6f32997b566312ca63c2c1,2024-06-20T11:15:55.470000 CVE-2022-4872,0,0,56b13c17402299c2fa4e0cba1279535195f7b441f30ccd3fba7ade7900a2723a,2023-11-07T03:59:09.100000 +CVE-2022-48720,1,1,5355e4977fe0aabca30364968e4f6773c27b05d2f607d1765071807a2155d700,2024-06-20T11:15:55.547000 +CVE-2022-48721,1,1,affb9a56241bf14c4a2e76d875def26a80d3bf7fe26fd7f7b5962f6dcc1ed0d6,2024-06-20T11:15:55.620000 +CVE-2022-48722,1,1,301c149709267b18d6a69a788abdf48c64545944c994bfb3e7ce5c8a236d2b3d,2024-06-20T11:15:55.733000 +CVE-2022-48723,1,1,402f89299bed574bf0f7166b0c6a56854c8a51670cc02ba25a437096b01cbeb7,2024-06-20T11:15:55.820000 CVE-2022-4873,0,0,563a199763d37b536a31c01788923286fc1b28eed585d04a99495c2e08b4d4db,2023-11-07T03:59:09.310000 CVE-2022-4874,0,0,11bc171fda6fc861e0708d150c2ec522d2356e3420b85bbff8eb41cec9dc83eb,2023-11-07T03:59:09.523000 CVE-2022-4875,0,0,17c44f8ed61133d49317ef236aeaa7add57a954975b984861ea8fa8f275ad9d2,2024-05-17T02:17:00.353000 @@ -246239,7 +246256,7 @@ CVE-2024-26635,0,0,ef0ef4329a3775ea6d25838c212942f9e933ce2108a8101d274cfb6887156 CVE-2024-26636,0,0,760d91a296e0acf8ba41ea5db2ecf406899fc0855e4062b2617f6fe9e15d498d,2024-03-18T12:38:25.490000 CVE-2024-26637,0,0,fc892e24bd1b7e8206ffae07359f5a6f79726dc219d9822d731828992a4ead1a,2024-03-18T12:38:25.490000 CVE-2024-26638,0,0,810693405d991f7ccd7a2a1a0260a34b1a9402f77c9d945d74efd33b7925ef28,2024-03-18T12:38:25.490000 -CVE-2024-26639,0,1,9b6fa0232c66c8cf8fd9bbe39562770943151be50075f97d78497bc85fbca0f5,2024-06-20T09:15:11.183000 +CVE-2024-26639,0,0,9b6fa0232c66c8cf8fd9bbe39562770943151be50075f97d78497bc85fbca0f5,2024-06-20T09:15:11.183000 CVE-2024-2664,0,0,c0b832041353c8a6cfaeb7e198e87ee27cc866ec20501fb216f1e10cc4fe5ced,2024-04-10T13:23:38.787000 CVE-2024-26640,0,0,5cc6b5e042a5b441f74784080591c7d359381cd13aba12bdf63d6c89fc714c33,2024-03-18T12:38:25.490000 CVE-2024-26641,0,0,d0ed2cdfb0ff7417cb869a8d4b0f844e96cb33626fa12ef7a8d145f64e7e59f2,2024-03-18T12:38:25.490000 @@ -246424,7 +246441,7 @@ CVE-2024-26803,0,0,bf4f15eac5d42d9d48acabce36c3d482be8797731b77e5ce1483231d6ff82 CVE-2024-26804,0,0,d8c422436039e8386ad66c3fbd170d47519ecd5b9715a009f99e3fe84af8acd2,2024-04-04T12:48:22.650000 CVE-2024-26805,0,0,b675ea9a7857f11cb50873972316476c87ff8c6cc3e58590a96a92123fc9f992,2024-04-04T12:48:22.650000 CVE-2024-26806,0,0,015091e390b260dd882093bed966879e94cc206771d1bfbc34aebfbaafa6ae89,2024-04-04T12:48:22.650000 -CVE-2024-26807,0,0,dd58971be5b2b7ae4d4d293dc140016766895ff28462656c96a25f4364a4b8be,2024-04-04T12:48:22.650000 +CVE-2024-26807,0,1,66efaa56e935b770d7f99b196cd5f7a3f19f58a0e206f379b919ed6ff2ab6c69,2024-06-20T10:15:09.303000 CVE-2024-26808,0,0,4f31bc304a07232a3baf91061957b820ea1892642e797b2566eb9414b09af675,2024-04-04T12:48:22.650000 CVE-2024-26809,0,0,9fe73261a4fc78e6c4eacdd5a51592c430457963a39614d59847053f3066f6fb,2024-04-04T12:48:22.650000 CVE-2024-2681,0,0,9e6fd5b2f5bd242307a3b06bd8306c1385de8ff11e4127aa515eaf95df4ceb50,2024-05-17T02:38:25.007000 @@ -247462,6 +247479,7 @@ CVE-2024-28135,0,0,96abb3119d7c130b3351ae6e19b7b28266b27d62a615bb8abd63702b97f6d CVE-2024-28136,0,0,f26be5bb0ac176918932bfafcc2f2c6a92b6e2dab79b908804e6e26c391cb054,2024-05-14T19:18:31.490000 CVE-2024-28137,0,0,8b6624ffab52051587006e3eecdec06d044231b46bf2ab3d1e0aef29724296f2,2024-05-14T19:18:31.490000 CVE-2024-2814,0,0,982339f1e31e31b47a86b07569eeaf2f5813f3d3dd621dc9984c4993bd7b494b,2024-05-17T02:38:31.880000 +CVE-2024-28147,1,1,f3827b7b7e265af2adf0f447b9e9e3377810e8e92f7852202d72cda9c13ed838,2024-06-20T11:15:55.913000 CVE-2024-28148,0,0,dae8adaa9a9f352e6ec75654d798899599fff5056d36885fb288ef42e72a3322,2024-05-08T09:15:08.620000 CVE-2024-28149,0,0,41104aad52a41f735bff830317158bdc9ba92207034c216d3619939dc1f50d3c,2024-05-01T18:15:16.697000 CVE-2024-2815,0,0,ae30a9b38d7ddc3e74b46ed02c6cc6dfaac22a9e2f338b709b798eea6b5488d0,2024-05-17T02:38:31.990000 @@ -247913,8 +247931,8 @@ CVE-2024-29009,0,0,64d623a5e5091ece3a08216e60fd84baa7c5e2c60d17197a481a7a00a1fb5 CVE-2024-2901,0,0,df536d591427828a51852a2b88694908334d7c53f764c9038fd3774c5ac19973,2024-05-17T02:38:36.427000 CVE-2024-29010,0,0,1e3d8487ff712a2c650beb70061bccfe6dbcb9db93046ccef5c4aba76b5791d4,2024-05-01T19:50:25.633000 CVE-2024-29011,0,0,87d4656d77d891e8470b880f5feac00db31649e777019df201e1d135e5a0d7dd,2024-05-01T19:50:25.633000 -CVE-2024-29012,1,1,999b9b770baa8dc2cef8f5b8f9692cc2067265ac052b62a4dd1d34ebdf9cff96,2024-06-20T09:15:11.347000 -CVE-2024-29013,1,1,038e0a8a864d3094bd5ac1441f00f2be35b07bed2f90be66b3c0a13dda6e32a2,2024-06-20T09:15:11.543000 +CVE-2024-29012,0,0,999b9b770baa8dc2cef8f5b8f9692cc2067265ac052b62a4dd1d34ebdf9cff96,2024-06-20T09:15:11.347000 +CVE-2024-29013,0,0,038e0a8a864d3094bd5ac1441f00f2be35b07bed2f90be66b3c0a13dda6e32a2,2024-06-20T09:15:11.543000 CVE-2024-29018,0,0,a31ea156ee4a30b6d7535cfe30928ed9f90e655143b9cf9c902aa0e59ea88865,2024-03-21T12:58:51.093000 CVE-2024-29019,0,0,fe2de4afc3940e547c647135fa914dde2bc9fce5b46dec96e6b4c47b6599bdc4,2024-04-11T12:47:44.137000 CVE-2024-2902,0,0,38f24f885a94a37a841618e1d20810a0ee756f93a05006f5b6341ee4af4d3b21,2024-05-17T02:38:36.520000 @@ -251449,7 +251467,7 @@ CVE-2024-34688,0,0,66fff955b629aa6883569d950a703da0f073f684f77574846b0584730e15d CVE-2024-3469,0,0,89a04cf68ae33ee1037c8a13e9431c4d00d2106abb2ae6d7191ba817489a1fcd,2024-06-13T19:36:21.350000 CVE-2024-34690,0,0,823a2e1ae33b55e0d3769be79c59e7f42483b5ff6dba621f60a0402d90d83ba8,2024-06-11T13:54:12.057000 CVE-2024-34691,0,0,827395ff4b0bf99f2642a5cd3134d1fe0effa60012a62490a349f26f4db25abb,2024-06-11T13:54:12.057000 -CVE-2024-34693,1,1,50822730ff419c99ef4d90417e3e09f36dead83ef4280bfa4c2f4b3c064023c2,2024-06-20T09:15:11.683000 +CVE-2024-34693,0,1,73980ddc4f5fa7a9a503f5fb0dc903aae671bf22b5815306056581c355d21186,2024-06-20T11:15:56.090000 CVE-2024-34694,0,0,c52b0ddd7913e7b99d778e62e2419069bd9d8eb90d9108e75c7e8088bb5608e8,2024-06-17T12:42:04.623000 CVE-2024-34695,0,0,d5ed5d99c8f0d08b73ea3cb249327295e787f14594542dd2f27279ab9312830c,2024-05-14T16:12:23.490000 CVE-2024-34697,0,0,95295a45851b4a50f600527e364638272a5d24a08a1ec02edb19abea712755b2,2024-05-14T16:12:23.490000 @@ -251717,8 +251735,8 @@ CVE-2024-35238,0,0,90b2bf17c4613df420698bab76b724ca8e351da1091b572382c658446aa99 CVE-2024-35239,0,0,dc8d7e5945f67552120d785b4ede9965a939fdf2358a18c70e37d67c3011c174,2024-05-29T13:02:09.280000 CVE-2024-3524,0,0,3956193ca7114f5710505c19e3a759f29fdc99e35e3e85d2dfaab62815660be2,2024-05-17T02:39:58.883000 CVE-2024-35240,0,0,acfeed6c530b591057353f6a14e986e7e3beca50f19145cd1d7655529729bf12,2024-05-29T13:02:09.280000 -CVE-2024-35241,0,1,4a6b31c14cd4bc5f7501900c1f56590acd344b1e5ce5ecc61874cf3d14d82318,2024-06-20T09:15:11.993000 -CVE-2024-35242,0,1,2e207f0b714427aca575cae65f49ba50d1e8e36b82c7f71cef6b3cbfa7cbc65d,2024-06-20T09:15:12.140000 +CVE-2024-35241,0,0,4a6b31c14cd4bc5f7501900c1f56590acd344b1e5ce5ecc61874cf3d14d82318,2024-06-20T09:15:11.993000 +CVE-2024-35242,0,0,2e207f0b714427aca575cae65f49ba50d1e8e36b82c7f71cef6b3cbfa7cbc65d,2024-06-20T09:15:12.140000 CVE-2024-35248,0,0,7b24b3b12982d50407db134ff507626124f42d7e835fdd7f27fa9d0ab0e14275,2024-06-13T18:36:09.013000 CVE-2024-35249,0,0,9a167cb503ead93a464686d2899364feb1521f0eeb8918bfedcfea026510dd14,2024-06-13T18:36:09.013000 CVE-2024-3525,0,0,d160b9aacf64da3afa7deea3824b335adab6f10a287b9b570340cfda8c91ffed,2024-05-17T02:39:58.983000 @@ -252907,7 +252925,7 @@ CVE-2024-37535,0,0,07f7d930de9d2427116ed26f9657c7962aa8122c29cd0ba965c2b1ee75b9b CVE-2024-3754,0,0,01f193c84b52f462bda07bbe4a51fb49e63cd8bf2361f6b49c817e3a59b81e5a,2024-06-17T12:42:04.623000 CVE-2024-3755,0,0,255cc63bdc34aca663119fb8f6757a7da5a9acef7ecda034d88dc05babf4b05b,2024-05-06T12:44:56.377000 CVE-2024-3756,0,0,978b8204ea279199334a4c8c549150dc6420f24480b5effb717e8509749d66aa,2024-05-06T12:44:56.377000 -CVE-2024-37568,0,1,e54134c743ff1c9089094584276cdc79416cb675a0fc4a7177e49bc6dbf3bbc8,2024-06-20T09:15:12.253000 +CVE-2024-37568,0,0,e54134c743ff1c9089094584276cdc79416cb675a0fc4a7177e49bc6dbf3bbc8,2024-06-20T09:15:12.253000 CVE-2024-37569,0,0,748406cd7b0e731a2b9037b16c6d1dde7e8c81aa1003e1ce6c82275ceb288683,2024-06-12T16:32:56.203000 CVE-2024-3757,0,0,62301a2775fcbfb9e8b5b1aa90b79aa074cd639699f2863765d338333af4b798,2024-05-07T13:39:32.710000 CVE-2024-37570,0,0,a374041c2622c9ba66d2048315fc9e015af6a8717cce4f8beb5b59800398626a,2024-06-12T16:32:34.513000 @@ -253198,7 +253216,7 @@ CVE-2024-38617,0,0,d2e96d7280323f32ed957d3b647a6c9211c0b9099dfb0dd2366229f84463c CVE-2024-38618,0,0,2355a65d823178dbc67530257af22b7ca0cd2b710a40f5d1c17535efa8ffc772,2024-06-19T14:15:21.567000 CVE-2024-38619,0,0,04916e6841fea2c2384a6e8546cea3a04b4c5fe37f91ff2f098a22d640694557,2024-06-20T07:15:41.830000 CVE-2024-3862,0,0,d892c55e37e2ad71ebd3e4aade996aff767de8739f62e2d71c93704431b2b09c,2024-04-17T12:48:31.863000 -CVE-2024-38620,1,1,2d2b83ae1032a00e82c63edf9ae617b9ef9a62e18f90d060d3b153645c9e6bf1,2024-06-20T08:15:38.377000 +CVE-2024-38620,0,0,2d2b83ae1032a00e82c63edf9ae617b9ef9a62e18f90d060d3b153645c9e6bf1,2024-06-20T08:15:38.377000 CVE-2024-3863,0,0,2bcd7aff2d943e7ab42e23b79c60d375ad9e243a307a827bee502e9df179514c,2024-04-19T17:15:55.333000 CVE-2024-3864,0,0,19d7836c62228b8f626d6423c9bc9a43211c93bf4b17c3a151f2e9e764cbca42,2024-04-24T10:15:07.597000 CVE-2024-3865,0,0,8b230c3d643bf4def0090616d3b729148802c45f8b0915e5522b00babc710a03,2024-04-17T12:48:31.863000 @@ -254066,6 +254084,7 @@ CVE-2024-5023,0,0,974704283893df4cc9d8e0bcce8bb65ebf635268235f75f47c922033893214 CVE-2024-5025,0,0,d287dc9bcba0fba1784ec3f3fe4bf65eea235ed5e6f91d741018beb442d992d7,2024-05-22T12:46:53.887000 CVE-2024-5031,0,0,e598ebc5c9fa457f9bece560d72de6fc8851ac943a5e7908ec776eb9202f17df,2024-05-22T12:46:53.887000 CVE-2024-5035,0,0,04b94f66274e3d3d22c52a6f453c8b285ab22579cfad76ef028d6a110e1aa148,2024-05-29T05:16:08.793000 +CVE-2024-5036,1,1,b6a781315c42c4b8b49e1f2649a8f7674d4e50a4b7588101a14d43dc8e75c278,2024-06-20T11:15:56.273000 CVE-2024-5037,0,0,5a13acce718f507f5063e90d1fbe76947aa8c069dd7062440b3d79f97548841b,2024-06-18T17:04:31.360000 CVE-2024-5038,0,0,06b42bf2f2d8413cc0f40932a00eaaea0786a8ef2cd369c2d799d355c720323a,2024-06-11T17:41:37.883000 CVE-2024-5039,0,0,42959b486bf28971702f84d5d970f64301a550626d1348beb35b7505e0fa75c5,2024-05-29T15:18:26.427000 @@ -254551,6 +254570,7 @@ CVE-2024-5860,0,0,c5c9f1df18adaa1e39e379691a52abd56fb4990c1e90abbe780c7d7d36e073 CVE-2024-5868,0,0,cddb0a1baa550d897574c2505eb276b5cd69c2fd57d27d79dec0dad91553a572,2024-06-17T12:42:04.623000 CVE-2024-5871,0,0,83e6d3ea3d7363cdcbcb485d9161ada2b3d6bba887290fa58ab89820983d4022,2024-06-17T12:42:04.623000 CVE-2024-5873,0,0,4affe4b1f71505ca05298a33c7e23c3ae147869580237755bed2d180fbea1b8e,2024-06-12T08:15:51.550000 +CVE-2024-5886,1,1,0c13c4ee009af0d9946120b2238809bd0a7459b4e90701a2a72b91121b1d711b,2024-06-20T11:15:56.580000 CVE-2024-5891,0,0,da4ba5748ecb097f5befd86d4787f2c76143132bf594110b21f16b774e08e15d,2024-06-13T18:36:09.010000 CVE-2024-5892,0,0,890747e3858b777381fac245c58cda030faeadae1530ec4012d9670fde261a4e,2024-06-13T18:36:09.013000 CVE-2024-5893,0,0,8bbdd4fceee6f55f46acaf4e2e772cd5b071a8548251271838818c6acd356beb,2024-06-13T18:36:09.010000 @@ -254648,3 +254668,5 @@ CVE-2024-6176,0,0,bd660c0cde647fe1bccb04d647014bfeadeca873814685115b39e74c61c8f2 CVE-2024-6177,0,0,e2006bd8c117b361d15d615544253325ed284d266829d0d7c581f459913766c1,2024-06-20T02:15:11.980000 CVE-2024-6178,0,0,b585588c1b5751ce256a7f1d8c6c6c4f50d67eb468665169500a1bbf3e780a64,2024-06-20T02:15:12.123000 CVE-2024-6179,0,0,65c180015474b6671311fe92692345a2f1123e438c5d25ef1d3bb1089c68bc2d,2024-06-20T02:15:12.257000 +CVE-2024-6181,1,1,81641b8b9146260b7f48c485111a885e8d9e1f90d760cc4da98aa2245841c1c6,2024-06-20T11:15:56.723000 +CVE-2024-6182,1,1,07cfc08451dd84c1512a6d840f28fec61137669b55946f78e994e0b1a9b7b62c,2024-06-20T11:15:57.117000