admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-05-24T02:00:30.136139+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-05-24 02:03:21 +00:00
parent 5b88b22b07
commit 2614022cf5
165 changed files with 2308 additions and 617 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2023/CVE-2023-468xx/CVE-2023-46806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46806",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:08.050",
"lastModified": "2024-05-22T23:15:08.050",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-468xx/CVE-2023-46807.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46807",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:08.340",
"lastModified": "2024-05-22T23:15:08.340",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-516xx/CVE-2023-51636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51636",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-22T20:15:08.407",
"lastModified": "2024-05-22T20:15:08.407",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-516xx/CVE-2023-51637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51637",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-22T20:15:08.713",
"lastModified": "2024-05-22T20:15:08.713",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

97
CVE-2023/CVE-2023-527xx/CVE-2023-52752.json
View File

@ -2,31 +2,114 @@
"id": "CVE-2023-52752",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:14.833",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:12:36.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] <TASK>\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige el error de use after free en cifs_debug_data_proc_show(). Omitir sesiones SMB que se est\u00e1n eliminando (por ejemplo, @ses-&gt;ses_status == SES_EXITING) en cifs_debug_data_proc_show() para evitar el use after free en @ses. Esto corrige el siguiente GPF al leer desde /proc/fs/cifs/DebugData mientras se monta y desmonta [816.251274] falla de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI... [816.260138] Llamada Seguimiento: [816.260329] [816.260499] ? die_addr+0x36/0x90 [816.260762]? exc_general_protection+0x1b3/0x410 [816.261126]? asm_exc_general_protection+0x26/0x30 [816.261502]? cifs_debug_tcon+0xbd/0x240 [cifs] [816.261878]? cifs_debug_tcon+0xab/0x240 [cifs] [816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs] [816.262689]? seq_read_iter+0x379/0x470 [816.262995] seq_read_iter+0x118/0x470 [816.263291] proc_reg_read_iter+0x53/0x90 [816.263596] ? srso_alias_return_thunk+0x5/0x7f [ 816.263945] vfs_read+0x201/0x350 [ 816.264211] ksys_read+0x75/0x100 [ 816.264472] do_syscall_64+0x3f/0x90 [ 816.2647 50] entrada_SYSCALL_64_after_hwframe+0x6e/0xd8 [816.265135] RIP: 0033:0x7fd5e669d381"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "B8093658-5835-493E-9047-EEC6269C0BB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

145
CVE-2023/CVE-2023-527xx/CVE-2023-52753.json
View File

@ -2,47 +2,170 @@
"id": "CVE-2023-52753",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:14.900",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:12:46.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why & How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference."
},
{
"lang": "es",
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: Evite la desreferencia NULL del generador de temporizaci\u00f3n [Por qu\u00e9 y c\u00f3mo] Verifique si el generador de temporizaci\u00f3n asignado es NULL o no antes de acceder a sus funciones para evitar la desreferencia NULL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.300",
"matchCriteriaId": "E866C4FD-43D5-4D3E-98E7-16218BE92F3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.262",
"matchCriteriaId": "28B0AAED-45BA-4928-9A85-66A429B9F038"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.202",
"matchCriteriaId": "39D508B4-58C7-40C2-BE05-44E41110EB98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4e497f1acd99075b13605b2e7fa0cba721a2cfd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d8653b1a7a8dc938b566ae8c4f373b36e792c68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79b6a90f4f2433312154cd68452b0ba501fa74db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8a06894666e0b462c9316b26ab615cefdd0d676c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/df8bc953eed72371e43ca407bd063507f760cf89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eac3e4760aa12159f7f5475d55a67b7933abc195",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

73
CVE-2023/CVE-2023-527xx/CVE-2023-52760.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-52760",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:15.410",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:12:54.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix slab-use-after-free in gfs2_qd_dealloc\n\nIn gfs2_put_super(), whether withdrawn or not, the quota should\nbe cleaned up by gfs2_quota_cleanup().\n\nOtherwise, struct gfs2_sbd will be freed before gfs2_qd_dealloc (rcu\ncallback) has run for all gfs2_quota_data objects, resulting in\nuse-after-free.\n\nAlso, gfs2_destroy_threads() and gfs2_quota_cleanup() is already called\nby gfs2_make_fs_ro(), so in gfs2_put_super(), after calling\ngfs2_make_fs_ro(), there is no need to call them again."
},
{
"lang": "es",
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gfs2: corrige slab-use-after-free en gfs2_qd_dealloc. En gfs2_put_super(), ya sea retirada o no, gfs2_quota_cleanup() debe limpiar la cuota. De lo contrario, la estructura gfs2_sbd se liberar\u00e1 antes de que se ejecute gfs2_qd_dealloc (devoluci\u00f3n de llamada de rcu) para todos los objetos gfs2_quota_data, lo que dar\u00e1 como resultado un use after free. Adem\u00e1s, gfs2_destroy_threads() y gfs2_quota_cleanup() ya son llamados por gfs2_make_fs_ro(), por lo que en gfs2_put_super(), despu\u00e9s de llamar a gfs2_make_fs_ro(), no es necesario volver a llamarlos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "24DFB8C6-5FA0-4F09-BFF5-391E59AE9F03"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2023/CVE-2023-527xx/CVE-2023-52769.json
View File

@ -2,27 +2,101 @@
"id": "CVE-2023-52769",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:16.140",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:13:20.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix htt mlo-offset event locking\n\nThe ath12k active pdevs are protected by RCU but the htt mlo-offset\nevent handling code calling ath12k_mac_get_ar_by_pdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: ath12k: corrige el bloqueo de eventos htt mlo-offset Los pdevs activos de ath12k est\u00e1n protegidos por RCU, pero el c\u00f3digo de manejo de eventos htt mlo-offset que llama a ath12k_mac_get_ar_by_pdev_id() no se marc\u00f3 como read-side de Secci\u00f3n cr\u00edtica. Marque el c\u00f3digo en cuesti\u00f3n como una secci\u00f3n cr\u00edtica del lado de lectura de RCU para evitar posibles problemas de use after free. Compilaci\u00f3n probada \u00fanicamente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "81D6709B-8CD5-4054-8AC5-D8C32228FA43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2023/CVE-2023-527xx/CVE-2023-52772.json
View File

@ -2,35 +2,129 @@
"id": "CVE-2023-52772",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:16.390",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:13:24.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix use-after-free in unix_stream_read_actor()\n\nsyzbot reported the following crash [1]\n\nAfter releasing unix socket lock, u->oob_skb can be changed\nby another thread. We must temporarily increase skb refcount\nto make sure this other thread will not free the skb under us.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nRead of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297\n\nCPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nCall Trace:\n<TASK>\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:364 [inline]\nprint_report+0xc4/0x620 mm/kasan/report.c:475\nkasan_report+0xda/0x110 mm/kasan/report.c:588\nunix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nunix_stream_recv_urg net/unix/af_unix.c:2587 [inline]\nunix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666\nunix_stream_recvmsg+0x189/0x1b0 net/unix/af_unix.c:2903\nsock_recvmsg_nosec net/socket.c:1044 [inline]\nsock_recvmsg+0xe2/0x170 net/socket.c:1066\n____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803\n___sys_recvmsg+0x115/0x1a0 net/socket.c:2845\n__sys_recvmsg+0x114/0x1e0 net/socket.c:2875\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fc67492c559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559\nRDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340\nR13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388\n</TASK>\n\nAllocated by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n__kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328\nkasan_slab_alloc include/linux/kasan.h:188 [inline]\nslab_post_alloc_hook mm/slab.h:763 [inline]\nslab_alloc_node mm/slub.c:3478 [inline]\nkmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523\n__alloc_skb+0x287/0x330 net/core/skbuff.c:641\nalloc_skb include/linux/skbuff.h:1286 [inline]\nalloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331\nsock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780\nsock_alloc_send_skb include/net/sock.h:1884 [inline]\nqueue_oob net/unix/af_unix.c:2147 [inline]\nunix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n__sys_sendmsg+0x117/0x1e0 net/socket.c:2667\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200\nkasan_slab_free include/linux/kasan.h:164 [inline]\nslab_free_hook mm/slub.c:1800 [inline]\nslab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826\nslab_free mm/slub.c:3809 [inline]\nkmem_cache_free+0xf8/0x340 mm/slub.c:3831\nkfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015\n__kfree_skb net/core/skbuff.c:1073 [inline]\nconsume_skb net/core/skbuff.c:1288 [inline]\nconsume_skb+0xdf/0x170 net/core/skbuff.c:1282\nqueue_oob net/unix/af_unix.c:2178 [inline]\nu\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: af_unix: corrige use-after-free en unix_stream_read_actor() syzbot inform\u00f3 el siguiente bloqueo [1] Despu\u00e9s de liberar el bloqueo del socket Unix, otro subproceso puede cambiar u-&gt;oob_skb. Debemos aumentar temporalmente el recuento de skb para asegurarnos de que este otro hilo no libere el skb que est\u00e1 debajo de nosotros. [1] ERROR: KASAN: slab-use-after-free en unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866 Lectura de tama\u00f1o 4 en la direcci\u00f3n ffff88801f3b9cc4 por tarea syz-executor107/5297 CPU: 1 PID: 5297 Comm : syz-executor107 No contaminado 6.6.0-syzkaller-15910-gb8e3a87a627b #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/10/2023 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:364 [en l\u00ednea] print_report+0xc4/0x620 mm/kasan/report.c:475 kasan_report+0xda/0x110 mm/kasan /report.c:588 unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866 unix_stream_recv_urg net/unix/af_unix.c:2587 [en l\u00ednea] unix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666 +0x189 /0x1b0 net/unix/af_unix.c:2903 sock_recvmsg_nosec net/socket.c:1044 [en l\u00ednea] sock_recvmsg+0xe2/0x170 net/socket.c:1066 ____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803 ___sys_recv mensaje+0x115/ 0x1a0 net/socket.c:2845 __sys_recvmsg+0x114/0x1e0 net/socket.c:2875 do_syscall_x64 arch/x86/entry/common.c:51 [en l\u00ednea] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c: 82 Entry_SYSCALL_64_after_hwframe+0x63/0x6b RIP: 0033:0x7fc67492c559 C\u00f3digo: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d 6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 &lt;48&gt; 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 0000002f RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559 RDX : 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004 RBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340 R13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388 tarea 5295: kasan_save_stack+0x33/0x50 mm /kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 __kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328 kasan_slab_alloc include/linux/kasan.h:188 [en l\u00ednea] slab_post_alloc_hook mm/slab.h:763 [en l\u00ednea] slab_alloc_node mm/slub.c:3478 [en l\u00ednea] kmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523 __alloc_skb+0x287/0x330 net/core/skbuff.c:641 alloc_skb include/ linux/skbuff.h:1286 [en l\u00ednea] alloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331 sock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780 sock_alloc_send_skb include/net/sock.h:1884 [en l\u00ednea ] queue_oob net/unix/af_unix.c:2147 [en l\u00ednea] unix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0xd5/0x180 net/socket.c: 745 ____sys_sendmsg+0x6ac/0x940 net/socket.c:2584 ___sys_sendmsg+0x135/0x1d0 net/socket.c:2638 __sys_sendmsg+0x117/0x1e0 net/socket.c:2667 do_syscall_x64 arch/x86/entry/ common.c:51 [ Inline] do_syscall_64+0x3f/0x110 Arch/x86/entry/Common.c: 82 entry_syscall_64_after_hwframe+0x63/0x6b liberado por tarea 5295: kasan_save_stack+0x33/0x50 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 [en l\u00ednea] ____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200 kasan_slab_free include/ linux/kasan.h:164 [en l\u00ednea] slab_free_hook mm/slub.c:1800 [en l\u00ednea] slab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826 slab_free mm/slub.c:3809 [en l\u00ednea] kmem_cache_free+0xf8/0x340 mm /slub.c:3831 kfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015 __kfree_skb net/core/skbuff.c:1073 [en l\u00ednea] consume_skb net/core/skbuff.c:1288 [en l\u00ednea] consume_skb+0xdf/ 0x170 net/core/skbuff.c:1282 queue_oob net/unix/af_unix.c:2178 [en l\u00ednea] u ---truncado---"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "8A5D0FDE-F72D-44B7-B376-4D382F5A5AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/069a3ec329ff43e7869a3d94c62cd03203016bce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4b7b492615cf3017190f55444f7016812b66611d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/75bcfc188abf4fae9c1d5f5dc0a03540be602eef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d179189eec426fe4801e4b91efa1889faed12700",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eae0b295ce16d8c8b4114c3037993191b4bb92f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

98
CVE-2023/CVE-2023-527xx/CVE-2023-52773.json
View File

@ -2,31 +2,115 @@
"id": "CVE-2023-52773",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:16.467",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:13:34.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()\n\nWhen ddc_service_construct() is called, it explicitly checks both the\nlink type and whether there is something on the link which will\ndictate whether the pin is marked as hw_supported.\n\nIf the pin isn't set or the link is not set (such as from\nunloading/reloading amdgpu in an IGT test) then fail the\namdgpu_dm_i2c_xfer() call."
},
{
"lang": "es",
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: corrige una desreferencia de puntero NULL en amdgpu_dm_i2c_xfer(). Cuando se llama a ddc_service_construct(), comprueba expl\u00edcitamente tanto el tipo de enlace como si hay algo en el enlace que dictar\u00e1 si el pin est\u00e1 marcado como hw_supported. Si el pin no est\u00e1 configurado o el enlace no est\u00e1 configurado (por ejemplo, al descargar/recargar amdgpu en una prueba de IGT), falle la llamada amdgpu_dm_i2c_xfer()."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "06B6ACCF-31F1-4421-964C-7F3C54F0E3E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

74
CVE-2023/CVE-2023-527xx/CVE-2023-52783.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-52783",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:17.167",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:14.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wangxun: fix kernel panic due to null pointer\n\nWhen the device uses a custom subsystem vendor ID, the function\nwx_sw_init() returns before the memory of 'wx->mac_table' is allocated.\nThe null pointer will causes the kernel panic."
},
{
"lang": "es",
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: wangxun: corrige el p\u00e1nico del kernel debido a un puntero null. Cuando el dispositivo utiliza un ID de proveedor de subsistema personalizado, la funci\u00f3n wx_sw_init() regresa antes de que se agote la memoria de 'wx-&gt;mac_table'. asignado. El puntero null provocar\u00e1 el p\u00e1nico en el kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.6.4",
"matchCriteriaId": "F107AFD2-2CE5-4F1E-B1D9-05484839DC41"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

97
CVE-2023/CVE-2023-528xx/CVE-2023-52802.json
View File

@ -2,31 +2,114 @@
"id": "CVE-2023-52802",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:18.680",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:17.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()\n\nof_match_device() may fail and returns a NULL pointer.\n\nIn practice there is no known reasonable way to trigger this, but\nin case one is added in future, harden the code by adding the check"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: adc: stm32-adc: endurece contra puntero NULL deref en stm32_adc_probe() of_match_device() puede fallar y devuelve un puntero NULL. En la pr\u00e1ctica, no se conoce una forma razonable de activar esto, pero en caso de que se agregue una en el futuro, endurezca el c\u00f3digo agregando la verificaci\u00f3n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "B8093658-5835-493E-9047-EEC6269C0BB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a23b384e7e3d64d5587ad10729a34d4f761517e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b82e4240533bcd4691e50b64ec86d0d7fbd21b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b028f89c56e964a22d3ddb8eab1a0e7e980841b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b80aaff5f7817d50798ac61ed75973f004dd5202",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

157
CVE-2023/CVE-2023-528xx/CVE-2023-52806.json
View File

@ -2,51 +2,184 @@
"id": "CVE-2023-52806",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:18.963",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:20.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix possible null-ptr-deref when assigning a stream\n\nWhile AudioDSP drivers assign streams exclusively of HOST or LINK type,\nnothing blocks a user to attempt to assign a COUPLED stream. As\nsupplied substream instance may be a stub, what is the case when\ncode-loading, such scenario ends with null-ptr-deref."
},
{
"lang": "es",
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ALSA: hda: Corrige posible null-ptr-deref al asignar un flujo. Si bien los controladores AudioDSP asignan flujos exclusivamente de tipo HOST o LINK, nada impide que un usuario intente asignar un flujo ACOPLADO. Como la instancia de subsecuencia proporcionada puede ser un c\u00f3digo auxiliar, cu\u00e1l es el caso cuando se carga el c\u00f3digo, dicho escenario termina con null-ptr-deref."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.331",
"matchCriteriaId": "6F120ED7-3012-4856-9F08-B433BC310335"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.300",
"matchCriteriaId": "C99DDB75-1CAC-40D0-A14D-67A2A55D6005"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.262",
"matchCriteriaId": "28B0AAED-45BA-4928-9A85-66A429B9F038"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.202",
"matchCriteriaId": "39D508B4-58C7-40C2-BE05-44E41110EB98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

157
CVE-2023/CVE-2023-528xx/CVE-2023-52809.json
View File

@ -2,51 +2,184 @@
"id": "CVE-2023-52809",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:19.197",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:23.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed."
},
{
"lang": "es",
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: scsi: libfc: corrigi\u00f3 la posible desreferencia del puntero NULL en fc_lport_ptp_setup() fc_lport_ptp_setup() no verific\u00f3 el valor de retorno de fc_rport_create() que puede devolver NULL y causar\u00eda una desreferencia del puntero NULL. Solucione este problema verificando el valor de retorno de fc_rport_create() y el mensaje de error de registro en fc_rport_create() fall\u00f3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.331",
"matchCriteriaId": "6F120ED7-3012-4856-9F08-B433BC310335"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.300",
"matchCriteriaId": "C99DDB75-1CAC-40D0-A14D-67A2A55D6005"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.262",
"matchCriteriaId": "28B0AAED-45BA-4928-9A85-66A429B9F038"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.202",
"matchCriteriaId": "39D508B4-58C7-40C2-BE05-44E41110EB98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

121
CVE-2023/CVE-2023-528xx/CVE-2023-52814.json
View File

@ -2,39 +2,142 @@
"id": "CVE-2023-52814",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:19.547",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:26.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential null pointer derefernce\n\nThe amdgpu_ras_get_context may return NULL if device\nnot support ras feature, so add check before using."
},
{
"lang": "es",
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amdgpu: soluciona una posible desreferencia del puntero null. Amdgpu_ras_get_context puede devolver NULL si el dispositivo no admite la funci\u00f3n ras, as\u00ed que agregue la verificaci\u00f3n antes de usarlo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.202",
"matchCriteriaId": "FF5E31E1-4DDB-480A-966E-3470C98B932E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/80285ae1ec8717b597b20de38866c29d84d321a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b70fc7d70e8ef7c4a65034c9487f58609e708a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0702ee4d811708251cdf54d4a1d3e888d365111",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c11cf5e117f50f5a767054600885acd981449afe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/da46e63482fdc5e35c008865c22ac64027f6f0c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

109
CVE-2023/CVE-2023-528xx/CVE-2023-52815.json
View File

@ -2,35 +2,128 @@
"id": "CVE-2023-52815",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:19.620",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:29.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vkms: fix a possible null pointer dereference\n\nIn amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_cvt_mode(). Add a check to avoid null pointer\ndereference."
},
{
"lang": "es",
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu/vkms: soluciona una posible desreferencia del puntero null. En amdgpu_vkms_conn_get_modes(), el valor de retorno de drm_cvt_mode() se asigna al modo, lo que provocar\u00e1 una desreferencia del puntero NULL en falla de drm_cvt_mode(). Agregue una marca para evitar la desreferencia del puntero null."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "946A5BB4-D1C5-4C8D-962C-9C300A2CAA80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

145
CVE-2023/CVE-2023-528xx/CVE-2023-52817.json
View File

@ -2,47 +2,170 @@
"id": "CVE-2023-52817",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:19.763",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:32.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL\n\nIn certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:\n\n1. Navigate to the directory: /sys/kernel/debug/dri/0\n2. Execute command: cat amdgpu_regs_smc\n3. Exception Log::\n[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[4005007.702562] #PF: supervisor instruction fetch in kernel mode\n[4005007.702567] #PF: error_code(0x0010) - not-present page\n[4005007.702570] PGD 0 P4D 0\n[4005007.702576] Oops: 0010 [#1] SMP NOPTI\n[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G OE 5.15.0-43-generic #46-Ubunt u\n[4005007.702590] RIP: 0010:0x0\n[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206\n[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68\n[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000\n[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980\n[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000\n[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000\n[4005007.702622] FS: 00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000\n[4005007.702626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0\n[4005007.702633] Call Trace:\n[4005007.702636] <TASK>\n[4005007.702640] amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]\n[4005007.703002] full_proxy_read+0x5c/0x80\n[4005007.703011] vfs_read+0x9f/0x1a0\n[4005007.703019] ksys_read+0x67/0xe0\n[4005007.703023] __x64_sys_read+0x19/0x20\n[4005007.703028] do_syscall_64+0x5c/0xc0\n[4005007.703034] ? do_user_addr_fault+0x1e3/0x670\n[4005007.703040] ? exit_to_user_mode_prepare+0x37/0xb0\n[4005007.703047] ? irqentry_exit_to_user_mode+0x9/0x20\n[4005007.703052] ? irqentry_exit+0x19/0x30\n[4005007.703057] ? exc_page_fault+0x89/0x160\n[4005007.703062] ? asm_exc_page_fault+0x8/0x30\n[4005007.703068] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[4005007.703075] RIP: 0033:0x7f5e07672992\n[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e c 28 48 89 54 24\n[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992\n[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003\n[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010\n[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000\n[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000\n[4005007.703105] </TASK>\n[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_ iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v 2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca\n[4005007.703184] CR2: 0000000000000000\n[4005007.703188] ---[ en\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: corrige un acceso de puntero null cuando el puntero smc_rreg es NULL. En ciertos tipos de chips, como VEGA20, la lectura del archivo amdgpu_regs_smc podr\u00eda resultar en un acceso anormal de puntero null cuando el puntero smc_rreg es NULL. A continuaci\u00f3n se detallan los pasos para reproducir este problema y el registro de excepciones correspondiente: 1. Navegue hasta el directorio: /sys/kernel/debug/dri/0 2. Ejecute el comando: cat amdgpu_regs_smc 3. Registro de excepciones:: [4005007.702554] BUG: kernel Desreferencia de puntero NULL, direcci\u00f3n: 0000000000000000 [4005007.702562] #PF: b\u00fasqueda de instrucciones del supervisor en modo kernel [4005007.702567] #PF: c\u00f3digo_error(0x0010) - p\u00e1gina no presente [4005007.702570] PGD 0 P4D 0 [4005007. 702576] Ups: 0010 [#1 ] SMP NOPTI [4005007.702581] CPU: 4 PID: 62563 Comm: Cat Tainted: G Oe 5.15.0-43-Generic #46-Ubunt U [4005007.702590] RIP: 0010: 0x0 [4005007.702598] C\u00f3digo: Incedente de acceso a acceso a acceso a acceso a acceso a acceso a acceso a acceso a acceso a acceso a acceso a la operaci\u00f3n. QEPD 0xffffffffffffffd6. [4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206 [4005007.702605] RAX: 00000000000000000 RBX: 0000000000000000 RCX: e68 [4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000 [4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000 R09: ffff994060c07980 [4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000 [4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 007f5e06753000 [4005007.702622] FS: 00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000 [4005007.702626] CS: 0010 DS: 0000ES: 0000 CR0: 0000000080050033 [4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0 [4005007.702633] Seguimiento de llamadas: [4005007.7 02636] [4005007.702640] amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu] [4005007.703002] full_proxy_read+0x5c/0x80 [4005007.703011] vfs_read+0x9f/0x1a0 [4005007.703019] ksys_read+0x67/0xe0 [4005007.703023] __x64_sys_read+0x19/0x20 [4005007.703028] do_syscall_64+0x5c/0xc0 [40 05007.703034] ? do_user_addr_fault+0x1e3/0x670 [4005007.703040] ? exit_to_user_mode_prepare+0x37/0xb0 [4005007.703047] ? irqentry_exit_to_user_mode+0x9/0x20 [4005007.703052] ? irqentry_exit+0x19/0x30 [4005007.703057] ? exc_page_fault+0x89/0x160 [4005007.703062] ? asm_exc_page_fault+0x8/0x30 [4005007.703068] Entry_SYSCALL_64_after_hwframe+0x44/0xae [4005007.703075] RIP: 0033:0x7f5e07672992 [4005007.703079] C\u00f3digo: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 &lt;48&gt; 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24 [4005007.70 3083]RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992 [4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003 [4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 007f5e06752010 [4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000 [4005007.703099] R13: 000000000000003 R14: 0000000000020000 R15: 0000000000020000 [40050 07.703105] [4005007.703107] M\u00f3dulos vinculados en: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_ iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) _helper(OE) amdttm(OE) iommu_v 2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca [4005007.703184] CR2: 0000000000000000 [4005007.703188] ---[ es ---truncado---"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.300",
"matchCriteriaId": "E866C4FD-43D5-4D3E-98E7-16218BE92F3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.262",
"matchCriteriaId": "28B0AAED-45BA-4928-9A85-66A429B9F038"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.202",
"matchCriteriaId": "39D508B4-58C7-40C2-BE05-44E41110EB98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

121
CVE-2023/CVE-2023-528xx/CVE-2023-52821.json
View File

@ -2,39 +2,142 @@
"id": "CVE-2023-52821",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:20.047",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:35.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panel: corrige una posible desreferencia del puntero null. En versatile_panel_get_modes(), el valor de retorno de drm_mode_duplicate() se asigna al modo, lo que conducir\u00e1 a una desreferencia del puntero NULL en caso de falla de drm_mode_duplicate(). Agregue una marca para evitar npd."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.202",
"matchCriteriaId": "FF5E31E1-4DDB-480A-966E-3470C98B932E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2381f6b628b3214f07375e0adf5ce17093c31190",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4fa930ba046d20fc1899770396ee11e905fa96e4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79813cd59398015867d51e6d7dcc14d287d4c402",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8a9dd36fcb4f3906982b82593393578db4479992",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/924e5814d1f84e6fa5cb19c6eceb69f066225229",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

85
CVE-2023/CVE-2023-528xx/CVE-2023-52827.json
View File

@ -2,27 +2,100 @@
"id": "CVE-2023-52827",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:20.463",
"lastModified": "2024-05-21T16:53:56.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:14:46.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()\n\nlen is extracted from HTT message and could be an unexpected value in\ncase errors happen, so add validation before using to avoid possible\nout-of-bound read in the following message iteration and parsing.\n\nThe same issue also applies to ppdu_info->ppdu_stats.common.num_users,\nso validate it before using too.\n\nThese are found during code review.\n\nCompile test only."
},
{
"lang": "es",
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: ath12k: corrige una posible lectura fuera de los l\u00edmites en ath12k_htt_pull_ppdu_stats(). len se extrae del mensaje HTT y podr\u00eda ser un valor inesperado en caso de que ocurran errores, as\u00ed que agregue validaci\u00f3n antes de usarlo para evitar una posible lectura fuera de los l\u00edmites en la siguiente iteraci\u00f3n y an\u00e1lisis del mensaje. El mismo problema tambi\u00e9n se aplica a ppdu_info-&gt;ppdu_stats.common.num_users, as\u00ed que val\u00eddelo antes de usarlo tambi\u00e9n. Estos se encuentran durante la revisi\u00f3n del c\u00f3digo. Compilar prueba \u00fanicamente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "8037DB00-CF94-499F-A19D-763AB1141887"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

4
CVE-2023/CVE-2023-63xx/CVE-2023-6325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6325",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T05:15:48.773",
"lastModified": "2024-05-23T05:15:48.773",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-65xx/CVE-2023-6502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6502",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-05-23T11:15:22.913",
"lastModified": "2024-05-23T11:15:22.913",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-68xx/CVE-2023-6844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6844",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T02:15:08.040",
"lastModified": "2024-05-23T02:15:08.040",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-70xx/CVE-2023-7045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7045",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-05-23T11:15:23.153",
"lastModified": "2024-05-23T11:15:23.153",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2024/CVE-2024-17xx/CVE-2024-1753.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1753",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-18T15:15:41.170",
"lastModified": "2024-05-22T17:16:12.620",
"lastModified": "2024-05-24T00:15:08.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -111,6 +111,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:2784",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:2877",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3254",
"source": "secalert@redhat.com"

4
CVE-2024/CVE-2024-18xx/CVE-2024-1803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1803",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T13:15:08.887",
"lastModified": "2024-05-23T13:15:08.887",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-18xx/CVE-2024-1814.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1814",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T11:15:23.383",
"lastModified": "2024-05-23T11:15:23.383",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-18xx/CVE-2024-1815.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1815",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T11:15:23.610",
"lastModified": "2024-05-23T11:15:23.610",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-18xx/CVE-2024-1855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1855",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T02:15:08.277",
"lastModified": "2024-05-23T02:15:08.277",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-19xx/CVE-2024-1947.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1947",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-05-23T11:15:23.817",
"lastModified": "2024-05-23T11:15:23.817",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-20xx/CVE-2024-2038.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2038",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T07:15:08.013",
"lastModified": "2024-05-23T07:15:08.013",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-22xx/CVE-2024-2220.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2220",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-23T06:15:08.730",
"lastModified": "2024-05-23T06:15:08.730",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-23xx/CVE-2024-2301.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2301",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2024-05-23T17:15:28.810",
"lastModified": "2024-05-23T17:15:28.810",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-257xx/CVE-2024-25737.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25737",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T19:15:08.657",
"lastModified": "2024-05-22T19:15:08.657",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-257xx/CVE-2024-25738.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25738",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T19:15:08.807",
"lastModified": "2024-05-22T19:15:08.807",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-261xx/CVE-2024-26139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26139",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T12:15:09.530",
"lastModified": "2024-05-23T12:15:09.530",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-272xx/CVE-2024-27264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27264",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T20:15:09.047",
"lastModified": "2024-05-22T20:15:09.047",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-281xx/CVE-2024-28188.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28188",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T12:15:10.167",
"lastModified": "2024-05-23T14:15:09.403",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-28xx/CVE-2024-2861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2861",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T10:15:09.090",
"lastModified": "2024-05-23T10:15:09.090",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-28xx/CVE-2024-2874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2874",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-05-23T07:15:08.463",
"lastModified": "2024-05-23T07:15:08.463",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-298xx/CVE-2024-29849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29849",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:08.683",
"lastModified": "2024-05-22T23:15:08.683",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-298xx/CVE-2024-29850.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29850",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:08.857",
"lastModified": "2024-05-22T23:15:08.857",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-298xx/CVE-2024-29851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29851",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:09.027",
"lastModified": "2024-05-22T23:15:09.027",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-298xx/CVE-2024-29852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29852",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:09.193",
"lastModified": "2024-05-22T23:15:09.193",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-298xx/CVE-2024-29853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29853",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-22T23:15:09.367",
"lastModified": "2024-05-22T23:15:09.367",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-302xx/CVE-2024-30279.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30279",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-23T09:15:08.813",
"lastModified": "2024-05-23T09:15:08.813",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-302xx/CVE-2024-30280.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30280",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-23T09:15:09.103",
"lastModified": "2024-05-23T09:15:09.103",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-30xx/CVE-2024-3065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3065",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T02:15:08.480",
"lastModified": "2024-05-23T02:15:08.480",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2024/CVE-2024-310xx/CVE-2024-31080.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31080",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-04T14:15:10.330",
"lastModified": "2024-05-22T17:16:14.877",
"lastModified": "2024-05-24T00:15:08.633",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -107,6 +107,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3261",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3343",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-31080",
"source": "secalert@redhat.com"

6
CVE-2024/CVE-2024-310xx/CVE-2024-31081.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31081",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-04T14:15:10.593",
"lastModified": "2024-05-22T17:16:15.070",
"lastModified": "2024-05-24T00:15:08.847",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -107,6 +107,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3261",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3343",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-31081",
"source": "secalert@redhat.com"

6
CVE-2024/CVE-2024-310xx/CVE-2024-31083.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31083",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-05T12:15:37.577",
"lastModified": "2024-05-22T17:16:15.223",
"lastModified": "2024-05-24T00:15:09.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -107,6 +107,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3261",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3343",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-31083",
"source": "secalert@redhat.com"

4
CVE-2024/CVE-2024-318xx/CVE-2024-31843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31843",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T19:16:01.210",
"lastModified": "2024-05-23T19:16:01.210",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-318xx/CVE-2024-31893.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31893",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T19:15:08.893",
"lastModified": "2024-05-22T19:15:08.893",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-318xx/CVE-2024-31894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31894",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T20:15:09.260",
"lastModified": "2024-05-22T20:15:09.260",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-318xx/CVE-2024-31895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31895",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T20:15:09.480",
"lastModified": "2024-05-22T20:15:09.480",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-319xx/CVE-2024-31904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31904",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-22T19:15:09.153",
"lastModified": "2024-05-22T19:15:09.153",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-329xx/CVE-2024-32969.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32969",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T09:15:09.350",
"lastModified": "2024-05-23T09:15:09.350",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-32xx/CVE-2024-3201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3201",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T02:15:08.673",
"lastModified": "2024-05-23T02:15:08.673",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-340xx/CVE-2024-34060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34060",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T12:15:10.807",
"lastModified": "2024-05-23T12:15:10.807",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34927",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:29.373",
"lastModified": "2024-05-23T17:15:29.373",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34928.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34928",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:29.460",
"lastModified": "2024-05-23T17:15:29.460",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34929.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34929",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:29.550",
"lastModified": "2024-05-23T17:15:29.550",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34930.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34930",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:29.830",
"lastModified": "2024-05-23T17:15:29.830",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34931.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34931",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:29.930",
"lastModified": "2024-05-23T17:15:29.930",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34932.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34932",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.017",
"lastModified": "2024-05-23T17:15:30.017",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34933",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.107",
"lastModified": "2024-05-23T17:15:30.107",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34934.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34934",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.197",
"lastModified": "2024-05-23T17:15:30.197",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34935.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34935",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.280",
"lastModified": "2024-05-23T17:15:30.280",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-349xx/CVE-2024-34936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34936",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.363",
"lastModified": "2024-05-23T17:15:30.363",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35079.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35079",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T19:16:01.357",
"lastModified": "2024-05-23T19:16:01.357",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35080.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35080",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T19:16:01.470",
"lastModified": "2024-05-23T19:16:01.470",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35081.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35081",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.457",
"lastModified": "2024-05-23T17:15:30.457",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35082",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.547",
"lastModified": "2024-05-23T17:15:30.547",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35083.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35083",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.637",
"lastModified": "2024-05-23T17:15:30.637",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35084",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.733",
"lastModified": "2024-05-23T17:15:30.733",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35085",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.820",
"lastModified": "2024-05-23T17:15:30.820",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35086",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.943",
"lastModified": "2024-05-23T17:15:30.943",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35090",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:31.033",
"lastModified": "2024-05-23T17:15:31.033",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-350xx/CVE-2024-35091.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35091",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:31.127",
"lastModified": "2024-05-23T17:15:31.127",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-351xx/CVE-2024-35186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35186",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T09:15:09.620",
"lastModified": "2024-05-23T09:15:09.620",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-351xx/CVE-2024-35197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35197",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T13:15:09.153",
"lastModified": "2024-05-23T13:15:09.153",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-352xx/CVE-2024-35222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35222",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T14:15:09.603",
"lastModified": "2024-05-23T14:15:09.603",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-352xx/CVE-2024-35223.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35223",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T09:15:09.890",
"lastModified": "2024-05-23T09:15:09.890",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-352xx/CVE-2024-35224.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35224",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-23T13:15:09.380",
"lastModified": "2024-05-23T13:15:09.380",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-353xx/CVE-2024-35375.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35375",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T19:16:01.627",
"lastModified": "2024-05-23T19:16:01.627",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-355xx/CVE-2024-35570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35570",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T19:16:01.747",
"lastModified": "2024-05-23T19:16:01.747",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-356xx/CVE-2024-35627.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35627",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T19:15:09.453",
"lastModified": "2024-05-22T19:15:09.453",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

146
CVE-2024/CVE-2024-359xx/CVE-2024-35997.json
View File

@ -2,47 +2,171 @@
"id": "CVE-2024-35997",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-20T10:15:13.960",
"lastModified": "2024-05-20T13:00:04.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:15:04.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag."
},
{
"lang": "es",
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: i2c-hid: elimine el indicador I2C_HID_READ_PENDING para evitar el bloqueo. El indicador I2C_HID_READ_PENDING se utiliza para serializar operaciones I2C. Sin embargo, esto no es necesario, porque el n\u00facleo I2C ya tiene su propio bloqueo para ello. M\u00e1s importante a\u00fan, este indicador puede causar un bloqueo: si el indicador est\u00e1 configurado en i2c_hid_xfer() y ocurre una interrupci\u00f3n, el controlador de interrupciones (i2c_hid_irq) verificar\u00e1 este indicador y regresar\u00e1 inmediatamente sin hacer nada, entonces se invocar\u00e1 el controlador de interrupciones. nuevamente en un bucle infinito. Dado que el controlador de interrupciones es una tarea RT, se hace cargo de la CPU y la tarea de limpieza de banderas nunca se programa, por lo que tenemos un bloqueo. Elimine esta bandera innecesaria."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8",
"versionEndExcluding": "4.19.313",
"matchCriteriaId": "4FE032DD-45DE-45DB-86F3-04D82172342D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.275",
"matchCriteriaId": "5FF6D8DE-C559-4586-86C8-2C6B4420A2C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0561b65fbd53d3e788c5b0222d9112ca016fd6a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/21bfca822cfc1e71796124e93b46e0d9fa584401",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/29e94f295bad5be59cf4271a93e22cdcf5536722",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/418c5575d56410c6e186ab727bf32ae32447d497",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5095b93021b899f54c9355bebf36d78854c33a22",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b65fb50e04a95eec34a9d1bc138454a98a5578d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c448a9fd50f77e8fb9156ff64848aa4295eb3003",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

4
CVE-2024/CVE-2024-35xx/CVE-2024-3594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3594",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-23T06:15:10.143",
"lastModified": "2024-05-23T06:15:10.143",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

122
CVE-2024/CVE-2024-360xx/CVE-2024-36008.json
View File

@ -2,39 +2,143 @@
"id": "CVE-2024-36008",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-20T10:15:14.703",
"lastModified": "2024-05-20T13:00:04.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-24T01:12:07.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: check for NULL idev in ip_route_use_hint()\n\nsyzbot was able to trigger a NULL deref in fib_validate_source()\nin an old tree [1].\n\nIt appears the bug exists in latest trees.\n\nAll calls to __in_dev_get_rcu() must be checked for a NULL result.\n\n[1]\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 2 PID: 3257 Comm: syz-executor.3 Not tainted 5.10.0-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:fib_validate_source+0xbf/0x15a0 net/ipv4/fib_frontend.c:425\nCode: 18 f2 f2 f2 f2 42 c7 44 20 23 f3 f3 f3 f3 48 89 44 24 78 42 c6 44 20 27 f3 e8 5d 88 48 fc 4c 89 e8 48 c1 e8 03 48 89 44 24 18 <42> 80 3c 20 00 74 08 4c 89 ef e8 d2 15 98 fc 48 89 5c 24 10 41 bf\nRSP: 0018:ffffc900015fee40 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88800f7a4000 RCX: ffff88800f4f90c0\nRDX: 0000000000000000 RSI: 0000000004001eac RDI: ffff8880160c64c0\nRBP: ffffc900015ff060 R08: 0000000000000000 R09: ffff88800f7a4000\nR10: 0000000000000002 R11: ffff88800f4f90c0 R12: dffffc0000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ffff88800f7a4000\nFS: 00007f938acfe6c0(0000) GS:ffff888058c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f938acddd58 CR3: 000000001248e000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ip_route_use_hint+0x410/0x9b0 net/ipv4/route.c:2231\n ip_rcv_finish_core+0x2c4/0x1a30 net/ipv4/ip_input.c:327\n ip_list_rcv_finish net/ipv4/ip_input.c:612 [inline]\n ip_sublist_rcv+0x3ed/0xe50 net/ipv4/ip_input.c:638\n ip_list_rcv+0x422/0x470 net/ipv4/ip_input.c:673\n __netif_receive_skb_list_ptype net/core/dev.c:5572 [inline]\n __netif_receive_skb_list_core+0x6b1/0x890 net/core/dev.c:5620\n __netif_receive_skb_list net/core/dev.c:5672 [inline]\n netif_receive_skb_list_internal+0x9f9/0xdc0 net/core/dev.c:5764\n netif_receive_skb_list+0x55/0x3e0 net/core/dev.c:5816\n xdp_recv_frames net/bpf/test_run.c:257 [inline]\n xdp_test_run_batch net/bpf/test_run.c:335 [inline]\n bpf_test_run_xdp_live+0x1818/0x1d00 net/bpf/test_run.c:363\n bpf_prog_test_run_xdp+0x81f/0x1170 net/bpf/test_run.c:1376\n bpf_prog_test_run+0x349/0x3c0 kernel/bpf/syscall.c:3736\n __sys_bpf+0x45c/0x710 kernel/bpf/syscall.c:5115\n __do_sys_bpf kernel/bpf/syscall.c:5201 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5199 [inline]\n __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5199"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ipv4: verifique NULL idev en ip_route_use_hint() syzbot pudo activar una deref NULL en fib_validate_source() en un \u00e1rbol antiguo [1]. Parece que el error existe en los \u00e1rboles m\u00e1s recientes. Todas las llamadas a __in_dev_get_rcu() deben verificarse para obtener un resultado NULL. [1] Fallo de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdffffc000000000000: 0000 [#1] SMP Kasan Kasan: Null-Ptr-Deref en el rango [0x000000000000000000-0X000000000000000007] CPU: 2 pid: 3257 Comm: Syz-ECUTOR.3 NO NO tainted 5.10.0-syzkaller #0 Nombre del hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 01/04/2014 RIP: 0010:fib_validate_source+0xbf /0x15a0 net/ipv4/fib_frontend.c:425 C\u00f3digo: 18 f2 f2 f2 f2 42 c7 44 20 23 f3 f3 f3 f3 48 89 44 24 78 42 c6 44 20 27 f3 e8 5d 88 48 fc 4c 89 e8 48 c1 e8 03 48 89 44 24 18 &lt;42&gt; 80 3c 20 00 74 08 4c 89 ef e8 d2 15 98 fc 48 89 5c 24 10 41 bf RSP: 0018:ffffc900015fee40 EFLAGS: 00010246 RAX: 0000000000 RBX: ffff88800f7a4000 RCX: ffff88800f4f90c0 RDX: 0000000000000000 RSI : 0000000004001eac RDI: ffff8880160c64c0 RBP: ffffc900015ff060 R08: 0000000000000000 R09: ffff88800f7a4000 R10: 0000000000000002 R11: 00f4f90c0 R12: dffffc0000000000 R13: 0000000000000000 R14: 0000000000000000 R15: ffff88800f7a4000 FS: 00007f938acfe6c0(0000) GS:ffff888058c0 0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f938acddd58 CR3: 000000001248e000 CR4: 0000000000352ef0 DR0: 0000000000000000 DR1: 00000000 DR2: 0000000000000000 DR3: 00000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ip_route_use_hint+0x410/0x9b0 net/ipv4/route. c:2231 ip_rcv_finish_core+0x2c4/0x1a30 net/ipv4/ip_input.c:327 ip_list_rcv_finish net/ipv4/ip_input.c:612 [en l\u00ednea] ip_sublist_rcv+0x3ed/0xe50 net/ipv4/ip_input.c:638 /0x470 neto /ipv4/ip_input.c:673 __netif_receive_skb_list_ptype net/core/dev.c:5572 [en l\u00ednea] __netif_receive_skb_list_core+0x6b1/0x890 net/core/dev.c:5620 __netif_receive_skb_list net/core/dev.c:5672 [en l\u00ednea] ive_skb_list_internal+ 0x9f9/0xdc0 net/core/dev.c:5764 netif_receive_skb_list+0x55/0x3e0 net/core/dev.c:5816 xdp_recv_frames net/bpf/test_run.c:257 [en l\u00ednea] xdp_test_run_batch net/bpf/test_run.c:335 [ en l\u00ednea] bpf_test_run_xdp_live+0x1818/0x1d00 net/bpf/test_run.c:363 bpf_prog_test_run_xdp+0x81f/0x1170 net/bpf/test_run.c:1376 bpf_prog_test_run+0x349/0x3c0 kernel/bpf/syscall.c: 3736 __sys_bpf+0x45c/0x710 n\u00facleo /bpf/syscall.c:5115 __do_sys_bpf kernel/bpf/syscall.c:5201 [en l\u00ednea] __se_sys_bpf kernel/bpf/syscall.c:5199 [en l\u00ednea] __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5199"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/03b5a9b2b526862b21bcc31976e393a6e63785d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58a4c9b1e5a3e53c9148e80b90e1e43897ce77d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7a25bfd12733a8f38f8ca47c581f876c3d481ac0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7da0f91681c4902bc5c210356fdd963b04d5d1d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8240c7308c941db4d9a0a91b54eca843c616a655",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c71ea3534ec0936fc57e6fb271c7cc6a2f68c295",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

4
CVE-2024/CVE-2024-360xx/CVE-2024-36011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36011",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-23T07:15:08.803",
"lastModified": "2024-05-23T07:15:08.803",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-360xx/CVE-2024-36012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36012",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-23T07:15:08.900",
"lastModified": "2024-05-23T07:15:08.900",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2024/CVE-2024-360xx/CVE-2024-36013.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-36013",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-23T07:15:08.987",
"lastModified": "2024-05-23T07:15:08.987",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()\n\nExtend a critical section to prevent chan from early freeing.\nAlso make the l2cap_connect() return type void. Nothing is using the\nreturned value but it is ugly to return a potentially freed pointer.\nMaking it void will help with backports because earlier kernels did use\nthe return value. Now the compile will break for kernels where this\npatch is not a complete fix.\n\nCall stack summary:\n\n[use]\nl2cap_bredr_sig_cmd\n l2cap_connect\n \u250c mutex_lock(&conn->chan_lock);\n \u2502 chan = pchan->ops->new_connection(pchan); <- alloc chan\n \u2502 __l2cap_chan_add(conn, chan);\n \u2502 l2cap_chan_hold(chan);\n \u2502 list_add(&chan->list, &conn->chan_l); ... (1)\n \u2514 mutex_unlock(&conn->chan_lock);\n chan->conf_state ... (4) <- use after free\n\n[free]\nl2cap_conn_del\n\u250c mutex_lock(&conn->chan_lock);\n\u2502 foreach chan in conn->chan_l: ... (2)\n\u2502 l2cap_chan_put(chan);\n\u2502 l2cap_chan_destroy\n\u2502 kfree(chan) ... (3) <- chan freed\n\u2514 mutex_unlock(&conn->chan_lock);\n\n==================================================================\nBUG: KASAN: slab-use-after-free in instrument_atomic_read\ninclude/linux/instrumented.h:68 [inline]\nBUG: KASAN: slab-use-after-free in _test_bit\ninclude/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: slab-use-after-free in l2cap_connect+0xa67/0x11a0\nnet/bluetooth/l2cap_core.c:4260\nRead of size 8 at addr ffff88810bf040a0 by task kworker/u3:1/311"
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()\n\nExtend a critical section to prevent chan from early freeing.\nAlso make the l2cap_connect() return type void. Nothing is using the\nreturned value but it is ugly to return a potentially freed pointer.\nMaking it void will help with backports because earlier kernels did use\nthe return value. Now the compile will break for kernels where this\npatch is not a complete fix.\n\nCall stack summary:\n\n[use]\nl2cap_bredr_sig_cmd\n l2cap_connect\n ? mutex_lock(&conn->chan_lock);\n ? chan = pchan->ops->new_connection(pchan); <- alloc chan\n ? __l2cap_chan_add(conn, chan);\n ? l2cap_chan_hold(chan);\n ? list_add(&chan->list, &conn->chan_l); ... (1)\n ? mutex_unlock(&conn->chan_lock);\n chan->conf_state ... (4) <- use after free\n\n[free]\nl2cap_conn_del\n? mutex_lock(&conn->chan_lock);\n? foreach chan in conn->chan_l: ... (2)\n? l2cap_chan_put(chan);\n? l2cap_chan_destroy\n? kfree(chan) ... (3) <- chan freed\n? mutex_unlock(&conn->chan_lock);\n\n==================================================================\nBUG: KASAN: slab-use-after-free in instrument_atomic_read\ninclude/linux/instrumented.h:68 [inline]\nBUG: KASAN: slab-use-after-free in _test_bit\ninclude/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: slab-use-after-free in l2cap_connect+0xa67/0x11a0\nnet/bluetooth/l2cap_core.c:4260\nRead of size 8 at addr ffff88810bf040a0 by task kworker/u3:1/311"
}
],
"metrics": {},

4
CVE-2024/CVE-2024-36xx/CVE-2024-3626.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3626",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T06:15:10.253",
"lastModified": "2024-05-23T06:15:10.253",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-36xx/CVE-2024-3648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3648",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T07:15:09.077",
"lastModified": "2024-05-23T07:15:09.077",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-37xx/CVE-2024-3708.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3708",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2024-05-23T01:15:47.413",
"lastModified": "2024-05-23T01:15:47.413",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-37xx/CVE-2024-3711.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3711",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T06:15:10.630",
"lastModified": "2024-05-23T06:15:10.630",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-39xx/CVE-2024-3917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3917",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-23T06:15:10.930",
"lastModified": "2024-05-23T06:15:10.930",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-39xx/CVE-2024-3918.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3918",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-23T06:15:11.007",
"lastModified": "2024-05-23T06:15:11.007",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-39xx/CVE-2024-3920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3920",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-23T06:15:11.100",
"lastModified": "2024-05-23T06:15:11.100",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-39xx/CVE-2024-3997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3997",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-23T11:15:24.050",
"lastModified": "2024-05-23T11:15:24.050",
"vulnStatus": "Received",
"lastModified": "2024-05-24T01:15:30.977",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

Some files were not shown because too many files have changed in this diff Show More