admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-13T08:00:18.772733+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-13 08:03:18 +00:00
parent 2bf7ceca5c
commit 26f2132e59
65 changed files with 2322 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
CVE-2024/CVE-2024-388xx/CVE-2024-38816.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-38816",
"sourceIdentifier": "security@vmware.com",
"published": "2024-09-13T06:15:11.190",
"lastModified": "2024-09-13T06:15:11.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.\n\nSpecifically, an application is vulnerable when both of the following are true:\n\n * the web application uses RouterFunctions\u00a0to serve static resources\n * resource handling is explicitly configured with a FileSystemResource\u00a0location\n\n\nHowever, malicious requests are blocked and rejected when any of the following is true:\n\n * the Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html \u00a0is in use\n * the application runs on Tomcat or Jetty"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://spring.io/security/cve-2024-38816",
"source": "security@vmware.com"
}
]
}

56
CVE-2024/CVE-2024-393xx/CVE-2024-39377.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-39377",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T07:15:02.390",
"lastModified": "2024-09-13T07:15:02.390",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-418xx/CVE-2024-41870.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-41870",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T07:15:03.750",
"lastModified": "2024-09-13T07:15:03.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-418xx/CVE-2024-41871.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-41871",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T07:15:04.097",
"lastModified": "2024-09-13T07:15:04.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-418xx/CVE-2024-41872.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-41872",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T07:15:04.440",
"lastModified": "2024-09-13T07:15:04.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-418xx/CVE-2024-41873.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-41873",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T07:15:04.790",
"lastModified": "2024-09-13T07:15:04.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html",
"source": "psirt@adobe.com"
}
]
}

49
CVE-2024/CVE-2024-466xx/CVE-2024-46673.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46673",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:11.917",
"lastModified": "2024-09-13T06:15:11.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: aacraid: Fix double-free on probe failure\n\naac_probe_one() calls hardware-specific init functions through the\naac_driver_ident::init pointer, all of which eventually call down to\naac_init_adapter().\n\nIf aac_init_adapter() fails after allocating memory for aac_dev::queues,\nit frees the memory but does not clear that member.\n\nAfter the hardware-specific init function returns an error,\naac_probe_one() goes down an error path that frees the memory pointed to\nby aac_dev::queues, resulting.in a double-free."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b540ec7c0045c2d01c4e479f34bbc8f147afa4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/564e1986b00c5f05d75342f8407f75f0a17b94df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/60962c3d8e18e5d8dfa16df788974dd7f35bd87a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/85449b28ff6a89c4513115e43ddcad949b5890c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8a3995a3ffeca280a961b59f5c99843d81b15929",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/919ddf8336f0b84c0453bac583808c9f165a85c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e96dea7eff6f2bbcd0b42a098012fc66af9eb69",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d237c7d06ffddcdb5d36948c527dc01284388218",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-466xx/CVE-2024-46674.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46674",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.017",
"lastModified": "2024-09-13T06:15:12.017",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: st: fix probed platform device ref count on probe error path\n\nThe probe function never performs any paltform device allocation, thus\nerror path \"undo_platform_dev_alloc\" is entirely bogus. It drops the\nreference count from the platform device being probed. If error path is\ntriggered, this will lead to unbalanced device reference counts and\npremature release of device resources, thus possible use-after-free when\nreleasing remaining devm-managed resources."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/060f41243ad7f6f5249fa7290dda0c01f723d12d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1de989668708ce5875efc9d669d227212aeb9a90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4c6735299540f3c82a5033d35be76a5c42e0fb18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6aee4c5635d81f4809c3b9f0c198a65adfbb2ada",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b0979a885b9d4df2a25b88e9d444ccaa5f9f495c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ddfcfeba891064b88bb844208b43bef2ef970f0c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e1e5e8ea2731150d5ba7c707f9e02fafebcfeb49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f3498650df0805c75b4e1c94d07423c46cbf4ce1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-466xx/CVE-2024-46675.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46675",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.117",
"lastModified": "2024-09-13T06:15:12.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: Prevent USB core invalid event buffer address access\n\nThis commit addresses an issue where the USB core could access an\ninvalid event buffer address during runtime suspend, potentially causing\nSMMU faults and other memory issues in Exynos platforms. The problem\narises from the following sequence.\n 1. In dwc3_gadget_suspend, there is a chance of a timeout when\n moving the USB core to the halt state after clearing the\n run/stop bit by software.\n 2. In dwc3_core_exit, the event buffer is cleared regardless of\n the USB core's status, which may lead to an SMMU faults and\n other memory issues. if the USB core tries to access the event\n buffer address.\n\nTo prevent this hardware quirk on Exynos platforms, this commit ensures\nthat the event buffer address is not cleared by software when the USB\ncore is active during runtime suspend by checking its status before\nclearing the buffer address."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/111277b881def3153335acfe0d1f43e6cd83ac93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/14e497183df28c006603cc67fd3797a537eef7b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2189fd13c577d7881f94affc09c950a795064c4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7bb11a75dd4d3612378b90e2a4aa49bdccea28ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b72da4d89b97da71e056cc4d1429b2bc426a9c2f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2afc2bffec77316b90d530b07695e3f534df914",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e23f6ad8d110bf632f7471482e10b43dc174fb72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eca3f543f817da87c00d1a5697b473efb548204f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-466xx/CVE-2024-46676.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46676",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.223",
"lastModified": "2024-09-13T06:15:12.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: pn533: Add poll mod list filling check\n\nIn case of im_protocols value is 1 and tm_protocols value is 0 this\ncombination successfully passes the check\n'if (!im_protocols && !tm_protocols)' in the nfc_start_poll().\nBut then after pn533_poll_create_mod_list() call in pn533_start_poll()\npoll mod list will remain empty and dev->poll_mod_count will remain 0\nwhich lead to division by zero.\n\nNormally no im protocol has value 1 in the mask, so this combination is\nnot expected by driver. But these protocol values actually come from\nuserspace via Netlink interface (NFC_CMD_START_POLL operation). So a\nbroken or malicious program may pass a message containing a \"bad\"\ncombination of protocol parameter values so that dev->poll_mod_count\nis not incremented inside pn533_poll_create_mod_list(), thus leading\nto division by zero.\nCall trace looks like:\nnfc_genl_start_poll()\n nfc_start_poll()\n ->start_poll()\n pn533_start_poll()\n\nAdd poll mod list filling check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/56ad559cf6d87f250a8d203b555dfc3716afa946",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64513d0e546a1f19e390f7e5eba3872bfcbdacf5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7535db0624a2dede374c42040808ad9a9101d723",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ecd3dd4f8eecd3309432156ccfe24768e009ec4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8ddaea033de051ed61b39f6b69ad54a411172b33",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c5e05237444f32f6cfe5d907603a232c77a08b31",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/febccb39255f9df35527b88c953b2e0deae50e53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-466xx/CVE-2024-46677.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46677",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.360",
"lastModified": "2024-09-13T06:15:12.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix a potential NULL pointer dereference\n\nWhen sockfd_lookup() fails, gtp_encap_enable_socket() returns a\nNULL pointer, but its callers only check for error pointers thus miss\nthe NULL pointer case.\n\nFix it by returning an error pointer with the error code carried from\nsockfd_lookup().\n\n(I found this bug during code inspection.)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-466xx/CVE-2024-46678.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46678",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.450",
"lastModified": "2024-09-13T06:15:12.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: change ipsec_lock from spin lock to mutex\n\nIn the cited commit, bond->ipsec_lock is added to protect ipsec_list,\nhence xdo_dev_state_add and xdo_dev_state_delete are called inside\nthis lock. As ipsec_lock is a spin lock and such xfrmdev ops may sleep,\n\"scheduling while atomic\" will be triggered when changing bond's\nactive slave.\n\n[ 101.055189] BUG: scheduling while atomic: bash/902/0x00000200\n[ 101.055726] Modules linked in:\n[ 101.058211] CPU: 3 PID: 902 Comm: bash Not tainted 6.9.0-rc4+ #1\n[ 101.058760] Hardware name:\n[ 101.059434] Call Trace:\n[ 101.059436] <TASK>\n[ 101.060873] dump_stack_lvl+0x51/0x60\n[ 101.061275] __schedule_bug+0x4e/0x60\n[ 101.061682] __schedule+0x612/0x7c0\n[ 101.062078] ? __mod_timer+0x25c/0x370\n[ 101.062486] schedule+0x25/0xd0\n[ 101.062845] schedule_timeout+0x77/0xf0\n[ 101.063265] ? asm_common_interrupt+0x22/0x40\n[ 101.063724] ? __bpf_trace_itimer_state+0x10/0x10\n[ 101.064215] __wait_for_common+0x87/0x190\n[ 101.064648] ? usleep_range_state+0x90/0x90\n[ 101.065091] cmd_exec+0x437/0xb20 [mlx5_core]\n[ 101.065569] mlx5_cmd_do+0x1e/0x40 [mlx5_core]\n[ 101.066051] mlx5_cmd_exec+0x18/0x30 [mlx5_core]\n[ 101.066552] mlx5_crypto_create_dek_key+0xea/0x120 [mlx5_core]\n[ 101.067163] ? bonding_sysfs_store_option+0x4d/0x80 [bonding]\n[ 101.067738] ? kmalloc_trace+0x4d/0x350\n[ 101.068156] mlx5_ipsec_create_sa_ctx+0x33/0x100 [mlx5_core]\n[ 101.068747] mlx5e_xfrm_add_state+0x47b/0xaa0 [mlx5_core]\n[ 101.069312] bond_change_active_slave+0x392/0x900 [bonding]\n[ 101.069868] bond_option_active_slave_set+0x1c2/0x240 [bonding]\n[ 101.070454] __bond_opt_set+0xa6/0x430 [bonding]\n[ 101.070935] __bond_opt_set_notify+0x2f/0x90 [bonding]\n[ 101.071453] bond_opt_tryset_rtnl+0x72/0xb0 [bonding]\n[ 101.071965] bonding_sysfs_store_option+0x4d/0x80 [bonding]\n[ 101.072567] kernfs_fop_write_iter+0x10c/0x1a0\n[ 101.073033] vfs_write+0x2d8/0x400\n[ 101.073416] ? alloc_fd+0x48/0x180\n[ 101.073798] ksys_write+0x5f/0xe0\n[ 101.074175] do_syscall_64+0x52/0x110\n[ 101.074576] entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nAs bond_ipsec_add_sa_all and bond_ipsec_del_sa_all are only called\nfrom bond_change_active_slave, which requires holding the RTNL lock.\nAnd bond_ipsec_add_sa and bond_ipsec_del_sa are xfrm state\nxdo_dev_state_add and xdo_dev_state_delete APIs, which are in user\ncontext. So ipsec_lock doesn't have to be spin lock, change it to\nmutex, and thus the above issue can be resolved."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2aeeef906d5a526dc60cf4af92eda69836c39b1f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/56354b0a2c24a7828eeed7de4b4dc9652d9affa3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6b598069164ac1bb60996d6ff94e7f9169dbd2d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-466xx/CVE-2024-46679.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46679",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.530",
"lastModified": "2024-09-13T06:15:12.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: check device is present when getting link settings\n\nA sysfs reader can race with a device reset or removal, attempting to\nread device state when the device is not actually present. eg:\n\n [exception RIP: qed_get_current_link+17]\n #8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]\n #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3\n #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4\n #11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300\n #12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c\n #13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b\n #14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3\n #15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1\n #16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f\n #17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb\n\n crash> struct net_device.state ffff9a9d21336000\n state = 5,\n\nstate 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100).\nThe device is not present, note lack of __LINK_STATE_PRESENT (0b10).\n\nThis is the same sort of panic as observed in commit 4224cfd7fb65\n(\"net-sysfs: add check for netdevice being present to speed_show\").\n\nThere are many other callers of __ethtool_get_link_ksettings() which\ndon't have a device presence check.\n\nMove this check into ethtool to protect all callers."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1d6d9b5b1b95bfeccb84386a51b7e6c510ec13b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7a8d98b6d6484d3ad358510366022da080c37cbc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/842a40c7273ba1c1cb30dda50405b328de1d860e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/94ab317024ba373d37340893d1c0358638935fbb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9bba5955eed160102114d4cc00c3d399be9bdae4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a699781c79ecf6cfe67fb00a0331b4088c7c8466",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ec7b4f7f644018ac293cb1b02528a40a32917e62",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-466xx/CVE-2024-46680.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46680",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.617",
"lastModified": "2024-09-13T06:15:12.617",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix random crash seen while removing driver\n\nThis fixes the random kernel crash seen while removing the driver, when\nrunning the load/unload test over multiple iterations.\n\n1) modprobe btnxpuart\n2) hciconfig hci0 reset\n3) hciconfig (check hci0 interface up with valid BD address)\n4) modprobe -r btnxpuart\nRepeat steps 1 to 4\n\nThe ps_wakeup() call in btnxpuart_close() schedules the psdata->work(),\nwhich gets scheduled after module is removed, causing a kernel crash.\n\nThis hidden issue got highlighted after enabling Power Save by default\nin 4183a7be7700 (Bluetooth: btnxpuart: Enable Power Save feature on\nstartup)\n\nThe new ps_cleanup() deasserts UART break immediately while closing\nserdev device, cancels any scheduled ps_work and destroys the ps_lock\nmutex.\n\n[ 85.884604] Unable to handle kernel paging request at virtual address ffffd4a61638f258\n[ 85.884624] Mem abort info:\n[ 85.884625] ESR = 0x0000000086000007\n[ 85.884628] EC = 0x21: IABT (current EL), IL = 32 bits\n[ 85.884633] SET = 0, FnV = 0\n[ 85.884636] EA = 0, S1PTW = 0\n[ 85.884638] FSC = 0x07: level 3 translation fault\n[ 85.884642] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000041dd0000\n[ 85.884646] [ffffd4a61638f258] pgd=1000000095fff003, p4d=1000000095fff003, pud=100000004823d003, pmd=100000004823e003, pte=0000000000000000\n[ 85.884662] Internal error: Oops: 0000000086000007 [#1] PREEMPT SMP\n[ 85.890932] Modules linked in: algif_hash algif_skcipher af_alg overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic snd_soc_imx_spdif snd_soc_imx_card snd_soc_ak5558 snd_soc_ak4458 caam secvio error snd_soc_fsl_spdif snd_soc_fsl_micfil snd_soc_fsl_sai snd_soc_fsl_utils gpio_ir_recv rc_core fuse [last unloaded: btnxpuart(O)]\n[ 85.927297] CPU: 1 PID: 67 Comm: kworker/1:3 Tainted: G O 6.1.36+g937b1be4345a #1\n[ 85.936176] Hardware name: FSL i.MX8MM EVK board (DT)\n[ 85.936182] Workqueue: events 0xffffd4a61638f380\n[ 85.936198] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 85.952817] pc : 0xffffd4a61638f258\n[ 85.952823] lr : 0xffffd4a61638f258\n[ 85.952827] sp : ffff8000084fbd70\n[ 85.952829] x29: ffff8000084fbd70 x28: 0000000000000000 x27: 0000000000000000\n[ 85.963112] x26: ffffd4a69133f000 x25: ffff4bf1c8540990 x24: ffff4bf215b87305\n[ 85.963119] x23: ffff4bf215b87300 x22: ffff4bf1c85409d0 x21: ffff4bf1c8540970\n[ 85.977382] x20: 0000000000000000 x19: ffff4bf1c8540880 x18: 0000000000000000\n[ 85.977391] x17: 0000000000000000 x16: 0000000000000133 x15: 0000ffffe2217090\n[ 85.977399] x14: 0000000000000001 x13: 0000000000000133 x12: 0000000000000139\n[ 85.977407] x11: 0000000000000001 x10: 0000000000000a60 x9 : ffff8000084fbc50\n[ 85.977417] x8 : ffff4bf215b7d000 x7 : ffff4bf215b83b40 x6 : 00000000000003e8\n[ 85.977424] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000000\n[ 85.977432] x2 : 0000000000000000 x1 : ffff4bf1c4265880 x0 : 0000000000000000\n[ 85.977443] Call trace:\n[ 85.977446] 0xffffd4a61638f258\n[ 85.977451] 0xffffd4a61638f3e8\n[ 85.977455] process_one_work+0x1d4/0x330\n[ 85.977464] worker_thread+0x6c/0x430\n[ 85.977471] kthread+0x108/0x10c\n[ 85.977476] ret_from_fork+0x10/0x20\n[ 85.977488] Code: bad PC value\n[ 85.977491] ---[ end trace 0000000000000000 ]---\n\nPreset since v6.9.11"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/29a1d9971e38f92c84b363ff50379dd434ddfe1c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35237475384ab3622f63c3c09bdf6af6dacfe9c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/662a55986b88807da4d112d838c8aaa05810e938",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46681.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46681",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.710",
"lastModified": "2024-09-13T06:15:12.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: use cpus_read_lock() in pg_net_init()\n\nI have seen the WARN_ON(smp_processor_id() != cpu) firing\nin pktgen_thread_worker() during tests.\n\nWe must use cpus_read_lock()/cpus_read_unlock()\naround the for_each_online_cpu(cpu) loop.\n\nWhile we are at it use WARN_ON_ONCE() to avoid a possible syslog flood."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5f5f7366dda8ae870e8305d6e7b3c0c2686cd2cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/979b581e4c69257acab1af415ddad6b2d78a2fa5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46682.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46682",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.793",
"lastModified": "2024-09-13T06:15:12.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: prevent panic for nfsv4.0 closed files in nfs4_show_open\n\nPrior to commit 3f29cc82a84c (\"nfsd: split sc_status out of\nsc_type\") states_show() relied on sc_type field to be of valid\ntype before calling into a subfunction to show content of a\nparticular stateid. From that commit, we split the validity of\nthe stateid into sc_status and no longer changed sc_type to 0\nwhile unhashing the stateid. This resulted in kernel oopsing\nfor nfsv4.0 opens that stay around and in nfs4_show_open()\nwould derefence sc_file which was NULL.\n\nInstead, for closed open stateids forgo displaying information\nthat relies of having a valid sc_file.\n\nTo reproduce: mount the server with 4.0, read and close\na file and then on the server cat /proc/fs/nfsd/clients/2/states\n\n[ 513.590804] Call trace:\n[ 513.590925] _raw_spin_lock+0xcc/0x160\n[ 513.591119] nfs4_show_open+0x78/0x2c0 [nfsd]\n[ 513.591412] states_show+0x44c/0x488 [nfsd]\n[ 513.591681] seq_read_iter+0x5d8/0x760\n[ 513.591896] seq_read+0x188/0x208\n[ 513.592075] vfs_read+0x148/0x470\n[ 513.592241] ksys_read+0xcc/0x178"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/a204501e1743d695ca2930ed25a2be9f8ced96d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ba0b697de298285301c71c258598226e06494236",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46683.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46683",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.993",
"lastModified": "2024-09-13T06:15:12.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: prevent UAF around preempt fence\n\nThe fence lock is part of the queue, therefore in the current design\nanything locking the fence should then also hold a ref to the queue to\nprevent the queue from being freed.\n\nHowever, currently it looks like we signal the fence and then drop the\nqueue ref, but if something is waiting on the fence, the waiter is\nkicked to wake up at some later point, where upon waking up it first\ngrabs the lock before checking the fence state. But if we have already\ndropped the queue ref, then the lock might already be freed as part of\nthe queue, leading to uaf.\n\nTo prevent this, move the fence lock into the fence itself so we don't\nrun into lifetime issues. Alternative might be to have device level\nlock, or only release the queue in the fence release callback, however\nthat might require pushing to another worker to avoid locking issues.\n\nReferences: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2454\nReferences: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2342\nReferences: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2020\n(cherry picked from commit 7116c35aacedc38be6d15bd21b2fc936eed0008b)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/10081b0b0ed201f53e24bd92deb2e0f3c3e713d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/730b72480e29f63fd644f5fa57c9d46109428953",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46684.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46684",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.103",
"lastModified": "2024-09-13T06:15:13.103",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined\n\ncreate_elf_fdpic_tables() does not correctly account the space for the\nAUX vector when an architecture has ELF_HWCAP2 defined. Prior to the\ncommit 10e29251be0e (\"binfmt_elf_fdpic: fix /proc/<pid>/auxv\") it\nresulted in the last entry of the AUX vector being set to zero, but with\nthat change it results in a kernel BUG.\n\nFix that by adding one to the number of AUXV entries (nitems) when\nELF_HWCAP2 is defined."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/c507da85e4f80c630deb9e98222ccf4118cbe6f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c6a09e342f8e6d3cac7f7c5c14085236aca284b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-466xx/CVE-2024-46685.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46685",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.200",
"lastModified": "2024-09-13T06:15:13.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference in pcs_get_function()\n\npinmux_generic_get_function() can return NULL and the pointer 'function'\nwas dereferenced without checking against NULL. Add checking of pointer\n'function' in pcs_get_function().\n\nFound by code review."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a2bab5ed161318f57134716accba0a30f3af191",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1c38a62f15e595346a1106025722869e87ffe044",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/292151af6add3e5ab11b2e9916cffa5f52859a1f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2cea369a5c2e85ab14ae716da1d1cc6d25c85e11",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4e9436375fcc9bd2a60ee96aba6ed53f7a377d10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4ed45fe99ec9e3c9478bd634624cd05a57d002f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6341c2856785dca7006820b127278058a180c075",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8f0bd526921b6867c2f10a83cd4fd14139adcd92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-466xx/CVE-2024-46686.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46686",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.280",
"lastModified": "2024-09-13T06:15:13.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb/client: avoid dereferencing rdata=NULL in smb2_new_read_req()\n\nThis happens when called from SMB2_read() while using rdma\nand reaching the rdma_readwrite_threshold."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6df57c63c200cd05e085c3b695128260e21959b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a01859dd6aebf826576513850a3b05992809e9d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b902fb78ab21299e4dd1775e7e8d251d5c0735bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c724b2ab6a46435b4e7d58ad2fbbdb7a318823cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-466xx/CVE-2024-46687.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46687",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.377",
"lastModified": "2024-09-13T06:15:13.377",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()\n\n[BUG]\nThere is an internal report that KASAN is reporting use-after-free, with\nthe following backtrace:\n\n BUG: KASAN: slab-use-after-free in btrfs_check_read_bio+0xa68/0xb70 [btrfs]\n Read of size 4 at addr ffff8881117cec28 by task kworker/u16:2/45\n CPU: 1 UID: 0 PID: 45 Comm: kworker/u16:2 Not tainted 6.11.0-rc2-next-20240805-default+ #76\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n Call Trace:\n dump_stack_lvl+0x61/0x80\n print_address_description.constprop.0+0x5e/0x2f0\n print_report+0x118/0x216\n kasan_report+0x11d/0x1f0\n btrfs_check_read_bio+0xa68/0xb70 [btrfs]\n process_one_work+0xce0/0x12a0\n worker_thread+0x717/0x1250\n kthread+0x2e3/0x3c0\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x11/0x20\n\n Allocated by task 20917:\n kasan_save_stack+0x37/0x60\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x7d/0x80\n kmem_cache_alloc_noprof+0x16e/0x3e0\n mempool_alloc_noprof+0x12e/0x310\n bio_alloc_bioset+0x3f0/0x7a0\n btrfs_bio_alloc+0x2e/0x50 [btrfs]\n submit_extent_page+0x4d1/0xdb0 [btrfs]\n btrfs_do_readpage+0x8b4/0x12a0 [btrfs]\n btrfs_readahead+0x29a/0x430 [btrfs]\n read_pages+0x1a7/0xc60\n page_cache_ra_unbounded+0x2ad/0x560\n filemap_get_pages+0x629/0xa20\n filemap_read+0x335/0xbf0\n vfs_read+0x790/0xcb0\n ksys_read+0xfd/0x1d0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n Freed by task 20917:\n kasan_save_stack+0x37/0x60\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x50\n __kasan_slab_free+0x4b/0x60\n kmem_cache_free+0x214/0x5d0\n bio_free+0xed/0x180\n end_bbio_data_read+0x1cc/0x580 [btrfs]\n btrfs_submit_chunk+0x98d/0x1880 [btrfs]\n btrfs_submit_bio+0x33/0x70 [btrfs]\n submit_one_bio+0xd4/0x130 [btrfs]\n submit_extent_page+0x3ea/0xdb0 [btrfs]\n btrfs_do_readpage+0x8b4/0x12a0 [btrfs]\n btrfs_readahead+0x29a/0x430 [btrfs]\n read_pages+0x1a7/0xc60\n page_cache_ra_unbounded+0x2ad/0x560\n filemap_get_pages+0x629/0xa20\n filemap_read+0x335/0xbf0\n vfs_read+0x790/0xcb0\n ksys_read+0xfd/0x1d0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n[CAUSE]\nAlthough I cannot reproduce the error, the report itself is good enough\nto pin down the cause.\n\nThe call trace is the regular endio workqueue context, but the\nfree-by-task trace is showing that during btrfs_submit_chunk() we\nalready hit a critical error, and is calling btrfs_bio_end_io() to error\nout. And the original endio function called bio_put() to free the whole\nbio.\n\nThis means a double freeing thus causing use-after-free, e.g.:\n\n1. Enter btrfs_submit_bio() with a read bio\n The read bio length is 128K, crossing two 64K stripes.\n\n2. The first run of btrfs_submit_chunk()\n\n2.1 Call btrfs_map_block(), which returns 64K\n2.2 Call btrfs_split_bio()\n Now there are two bios, one referring to the first 64K, the other\n referring to the second 64K.\n2.3 The first half is submitted.\n\n3. The second run of btrfs_submit_chunk()\n\n3.1 Call btrfs_map_block(), which by somehow failed\n Now we call btrfs_bio_end_io() to handle the error\n\n3.2 btrfs_bio_end_io() calls the original endio function\n Which is end_bbio_data_read(), and it calls bio_put() for the\n original bio.\n\n Now the original bio is freed.\n\n4. The submitted first 64K bio finished\n Now we call into btrfs_check_read_bio() and tries to advance the bio\n iter.\n But since the original bio (thus its iter) is already freed, we\n trigger the above use-after free.\n\n And even if the memory is not poisoned/corrupted, we will later call\n the original endio function, causing a double freeing.\n\n[FIX]\nInstead of calling btrfs_bio_end_io(), call btrfs_orig_bbio_end_io(),\nwhich has the extra check on split bios and do the pr\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/10d9d8c3512f16cad47b2ff81ec6fc4b27d8ee10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4a3b9e1a8e6cd1a8d427a905e159de58d38941cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/51722b99f41f5e722ffa10b8f61e802a0e70b331",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46688.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46688",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.547",
"lastModified": "2024-09-13T06:15:13.547",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails\n\nIf z_erofs_gbuf_growsize() partially fails on a global buffer due to\nmemory allocation failure or fault injection (as reported by syzbot [1]),\nnew pages need to be freed by comparing to the existing pages to avoid\nmemory leaks.\n\nHowever, the old gbuf->pages[] array may not be large enough, which can\nlead to null-ptr-deref or out-of-bound access.\n\nFix this by checking against gbuf->nrpages in advance.\n\n[1] https://lore.kernel.org/r/000000000000f7b96e062018c6e3@google.com"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0005e01e1e875c5e27130c5e2ed0189749d1e08a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/49c0e081998008cde0c872c0ff9affa1ece4b878",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-466xx/CVE-2024-46689.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46689",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.653",
"lastModified": "2024-09-13T06:15:13.653",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: cmd-db: Map shared memory as WC, not WB\n\nLinux does not write into cmd-db region. This region of memory is write\nprotected by XPU. XPU may sometime falsely detect clean cache eviction\nas \"write\" into the write protected region leading to secure interrupt\nwhich causes an endless loop somewhere in Trust Zone.\n\nThe only reason it is working right now is because Qualcomm Hypervisor\nmaps the same region as Non-Cacheable memory in Stage 2 translation\ntables. The issue manifests if we want to use another hypervisor (like\nXen or KVM), which does not know anything about those specific mappings.\n\nChanging the mapping of cmd-db memory from MEMREMAP_WB to MEMREMAP_WT/WC\nremoves dependency on correct mappings in Stage 2 tables. This patch\nfixes the issue by updating the mapping to MEMREMAP_WC.\n\nI tested this on SA8155P with Xen."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ee9594c974368a17e85a431e9fe1c14fb65c278",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/62c2d63605ca25b5db78a347ed303c0a0a77d5b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d9d48d70e922b272875cda60d2ada89291c840cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eaff392c1e34fb77cc61505a31b0191e5e46e271",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef80520be0ff78ae5ed44cb6eee1525e65bebe70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5a5a5a0e95f36e2792d48e6e4b64e665eb01374",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f9bb896eab221618927ae6a2f1d566567999839d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46690.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46690",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.753",
"lastModified": "2024-09-13T06:15:13.753",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix nfsd4_deleg_getattr_conflict in presence of third party lease\n\nIt is not safe to dereference fl->c.flc_owner without first confirming\nfl->fl_lmops is the expected manager. nfsd4_deleg_getattr_conflict()\ntests fl_lmops but largely ignores the result and assumes that flc_owner\nis an nfs4_delegation anyway. This is wrong.\n\nWith this patch we restore the \"!= &nfsd_lease_mng_ops\" case to behave\nas it did before the change mentioned below. This is the same as the\ncurrent code, but without any reference to a possible delegation."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1b46a871e980e3daa16fd5e77539966492e8910a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/40927f3d0972bf86357a32a5749be71a551241b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46691.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46691",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.960",
"lastModified": "2024-09-13T06:15:13.960",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Move unregister out of atomic section\n\nCommit '9329933699b3 (\"soc: qcom: pmic_glink: Make client-lock\nnon-sleeping\")' moved the pmic_glink client list under a spinlock, as it\nis accessed by the rpmsg/glink callback, which in turn is invoked from\nIRQ context.\n\nThis means that ucsi_unregister() is now called from atomic context,\nwhich isn't feasible as it's expecting a sleepable context. An effort is\nunder way to get GLINK to invoke its callbacks in a sleepable context,\nbut until then lets schedule the unregistration.\n\nA side effect of this is that ucsi_unregister() can now happen\nafter the remote processor, and thereby the communication link with it, is\ngone. pmic_glink_send() is amended with a check to avoid the resulting NULL\npointer dereference.\nThis does however result in the user being informed about this error by\nthe following entry in the kernel log:\n\n ucsi_glink.pmic_glink_ucsi pmic_glink.ucsi.0: failed to send UCSI write request: -5"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/095b0001aefddcd9361097c971b7debc84e72714",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/11bb2ffb679399f99041540cf662409905179e3a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-466xx/CVE-2024-46692.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46692",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.047",
"lastModified": "2024-09-13T06:15:14.047",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: scm: Mark get_wq_ctx() as atomic call\n\nCurrently get_wq_ctx() is wrongly configured as a standard call. When two\nSMC calls are in sleep and one SMC wakes up, it calls get_wq_ctx() to\nresume the corresponding sleeping thread. But if get_wq_ctx() is\ninterrupted, goes to sleep and another SMC call is waiting to be allocated\na waitq context, it leads to a deadlock.\n\nTo avoid this get_wq_ctx() must be an atomic call and can't be a standard\nSMC call. Hence mark get_wq_ctx() as a fast call."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/9960085a3a82c58d3323c1c20b991db6045063b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cdf7efe4b02aa93813db0bf1ca596ad298ab6b06",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e40115c33c0d79c940545b6b12112aace7acd9f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-466xx/CVE-2024-46693.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46693",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.140",
"lastModified": "2024-09-13T06:15:14.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pmic_glink: Fix race during initialization\n\nAs pointed out by Stephen Boyd it is possible that during initialization\nof the pmic_glink child drivers, the protection-domain notifiers fires,\nand the associated work is scheduled, before the client registration\nreturns and as a result the local \"client\" pointer has been initialized.\n\nThe outcome of this is a NULL pointer dereference as the \"client\"\npointer is blindly dereferenced.\n\nTimeline provided by Stephen:\n CPU0 CPU1\n ---- ----\n ucsi->client = NULL;\n devm_pmic_glink_register_client()\n client->pdr_notify(client->priv, pg->client_state)\n pmic_glink_ucsi_pdr_notify()\n schedule_work(&ucsi->register_work)\n <schedule away>\n pmic_glink_ucsi_register()\n ucsi_register()\n pmic_glink_ucsi_read_version()\n pmic_glink_ucsi_read()\n pmic_glink_ucsi_read()\n pmic_glink_send(ucsi->client)\n <client is NULL BAD>\n ucsi->client = client // Too late!\n\nThis code is identical across the altmode, battery manager and usci\nchild drivers.\n\nResolve this by splitting the allocation of the \"client\" object and the\nregistration thereof into two operations.\n\nThis only happens if the protection domain registry is populated at the\ntime of registration, which by the introduction of commit '1ebcde047c54\n(\"soc: qcom: add pd-mapper implementation\")' became much more likely."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1efdbf5323c9360e05066049b97414405e94e087",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3568affcddd68743e25aa3ec1647d9b82797757b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/943b0e7cc646a624bb20a68080f8f1a4a55df41c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-466xx/CVE-2024-46694.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46694",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.240",
"lastModified": "2024-09-13T06:15:14.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid using null object of framebuffer\n\nInstead of using state->fb->obj[0] directly, get object from framebuffer\nby calling drm_gem_fb_get_obj() and return error code when object is\nnull to avoid using null object of framebuffer.\n\n(cherry picked from commit 73dd0ad9e5dad53766ea3e631303430116f834b3)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/093ee72ed35c2338c87c26b6ba6f0b7789c9e14e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3b9a33235c773c7a3768060cf1d2cf8a9153bc37",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/49e1b214f3239b78967c6ddb8f8ec47ae047b051",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f6f5e39a3fe7cbdba190f42b28b40bdff03c8cf0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-466xx/CVE-2024-46695.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46695",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.320",
"lastModified": "2024-09-13T06:15:14.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux,smack: don't bypass permissions check in inode_setsecctx hook\n\nMarek Gresko reports that the root user on an NFS client is able to\nchange the security labels on files on an NFS filesystem that is\nexported with root squashing enabled.\n\nThe end of the kerneldoc comment for __vfs_setxattr_noperm() states:\n\n * This function requires the caller to lock the inode's i_mutex before it\n * is executed. It also assumes that the caller will make the appropriate\n * permission checks.\n\nnfsd_setattr() does do permissions checking via fh_verify() and\nnfsd_permission(), but those don't do all the same permissions checks\nthat are done by security_inode_setxattr() and its related LSM hooks do.\n\nSince nfsd_setattr() is the only consumer of security_inode_setsecctx(),\nsimplest solution appears to be to replace the call to\n__vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This\nfixes the above issue and has the added benefit of causing nfsd to\nrecall conflicting delegations on a file when a client tries to change\nits security label."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/459584258d47ec3cc6245a82e8a49c9d08eb8b57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/76a0e79bc84f466999fa501fce5bf7a07641b8a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f71ec019257ba4f7ab198bd948c5902a207bad96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46696.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46696",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.423",
"lastModified": "2024-09-13T06:15:14.423",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix potential UAF in nfsd4_cb_getattr_release\n\nOnce we drop the delegation reference, the fields embedded in it are no\nlonger safe to access. Do that last."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1116e0e372eb16dd907ec571ce5d4af325c55c10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e0b66698a5ae41078f7490e8b3527013f5fccd6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46697.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46697",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.500",
"lastModified": "2024-09-13T06:15:14.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: ensure that nfsd4_fattr_args.context is zeroed out\n\nIf nfsd4_encode_fattr4 ends up doing a \"goto out\" before we get to\nchecking for the security label, then args.context will be set to\nuninitialized junk on the stack, which we'll then try to free.\nInitialize it early."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/dd65b324174a64558a16ebbf4c3266e5701185d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f58bab6fd4063913bd8321e99874b8239e9ba726",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46698.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46698",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.563",
"lastModified": "2024-09-13T06:15:14.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo/aperture: optionally match the device in sysfb_disable()\n\nIn aperture_remove_conflicting_pci_devices(), we currently only\ncall sysfb_disable() on vga class devices. This leads to the\nfollowing problem when the pimary device is not VGA compatible:\n\n1. A PCI device with a non-VGA class is the boot display\n2. That device is probed first and it is not a VGA device so\n sysfb_disable() is not called, but the device resources\n are freed by aperture_detach_platform_device()\n3. Non-primary GPU has a VGA class and it ends up calling sysfb_disable()\n4. NULL pointer dereference via sysfb_disable() since the resources\n have already been freed by aperture_detach_platform_device() when\n it was called by the other device.\n\nFix this by passing a device pointer to sysfb_disable() and checking\nthe device to determine if we should execute it or not.\n\nv2: Fix build when CONFIG_SCREEN_INFO is not set\nv3: Move device check into the mutex\n Drop primary variable in aperture_remove_conflicting_pci_devices()\n Drop __init on pci sysfb_pci_dev_is_enabled()"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/17e78f43de0c6da34204cc858b4cc05671ea9acf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b49420d6a1aeb399e5b107fc6eb8584d0860fbd7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-466xx/CVE-2024-46699.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46699",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.643",
"lastModified": "2024-09-13T06:15:14.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Disable preemption while updating GPU stats\n\nWe forgot to disable preemption around the write_seqcount_begin/end() pair\nwhile updating GPU stats:\n\n [ ] WARNING: CPU: 2 PID: 12 at include/linux/seqlock.h:221 __seqprop_assert.isra.0+0x128/0x150 [v3d]\n [ ] Workqueue: v3d_bin drm_sched_run_job_work [gpu_sched]\n <...snip...>\n [ ] Call trace:\n [ ] __seqprop_assert.isra.0+0x128/0x150 [v3d]\n [ ] v3d_job_start_stats.isra.0+0x90/0x218 [v3d]\n [ ] v3d_bin_job_run+0x23c/0x388 [v3d]\n [ ] drm_sched_run_job_work+0x520/0x6d0 [gpu_sched]\n [ ] process_one_work+0x62c/0xb48\n [ ] worker_thread+0x468/0x5b0\n [ ] kthread+0x1c4/0x1e0\n [ ] ret_from_fork+0x10/0x20\n\nFix it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1e93467ef20308da5a94cde548ee17d523e8ba7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d824c7fce58f59982228aa85b0376b113cdfa35",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46700.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46700",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.720",
"lastModified": "2024-09-13T06:15:14.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/mes: fix mes ring buffer overflow\n\nwait memory room until enough before writing mes packets\nto avoid ring buffer overflow.\n\nv2: squash in sched_hw_submission fix\n\n(cherry picked from commit 34e087e8920e635c62e2ed6a758b0cd27f836d13)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/11752c013f562a1124088a35bd314aa0e9f0e88f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ed37550d7c516017c3b0324bdf144e2fa563ffb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46701.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46701",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.127",
"lastModified": "2024-09-13T07:15:05.127",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibfs: fix infinite directory reads for offset dir\n\nAfter we switch tmpfs dir operations from simple_dir_operations to\nsimple_offset_dir_operations, every rename happened will fill new dentry\nto dest dir's maple tree(&SHMEM_I(inode)->dir_offsets->mt) with a free\nkey starting with octx->newx_offset, and then set newx_offset equals to\nfree key + 1. This will lead to infinite readdir combine with rename\nhappened at the same time, which fail generic/736 in xfstests(detail show\nas below).\n\n1. create 5000 files(1 2 3...) under one dir\n2. call readdir(man 3 readdir) once, and get one entry\n3. rename(entry, \"TEMPFILE\"), then rename(\"TEMPFILE\", entry)\n4. loop 2~3, until readdir return nothing or we loop too many\n times(tmpfs break test with the second condition)\n\nWe choose the same logic what commit 9b378f6ad48cf (\"btrfs: fix infinite\ndirectory reads\") to fix it, record the last_index when we open dir, and\ndo not emit the entry which index >= last_index. The file->private_data\nnow used in offset dir can use directly to do this, and we also update\nthe last_index when we llseek the dir file.\n\n[brauner: only update last_index after seek when offset is zero like Jan suggested]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/308b4fc2403b335894592ee9dc212a5e58bb309f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64a7ce76fb901bf9f9c36cf5d681328fc0fd4b5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-467xx/CVE-2024-46702.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-46702",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.217",
"lastModified": "2024-09-13T07:15:05.217",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Mark XDomain as unplugged when router is removed\n\nI noticed that when we do discrete host router NVM upgrade and it gets\nhot-removed from the PCIe side as a result of NVM firmware authentication,\nif there is another host connected with enabled paths we hang in tearing\nthem down. This is due to fact that the Thunderbolt networking driver\nalso tries to cleanup the paths and ends up blocking in\ntb_disconnect_xdomain_paths() waiting for the domain lock.\n\nHowever, at this point we already cleaned the paths in tb_stop() so\nthere is really no need for tb_disconnect_xdomain_paths() to do that\nanymore. Furthermore it already checks if the XDomain is unplugged and\nbails out early so take advantage of that and mark the XDomain as\nunplugged when we remove the parent router."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/18b3ad2a3cc877dd4b16f48d84aa27b78d53bf1d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/23ce6ba3b95488a2b9e9f6d43b340da0c15395dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/747bc154577de6e6af4bc99abfa859b8419bb4d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ca24cf9163c112bb6b580c6fb57c04a1f8b76e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/80ac8d194831eca0c2f4fd862f7925532fda320c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e2006140ad2e01a02ed0aff49cc2ae3ceeb11f8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46703.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46703",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.317",
"lastModified": "2024-09-13T07:15:05.317",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"serial: 8250_omap: Set the console genpd always on if no console suspend\"\n\nThis reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940.\n\nKevin reported that this causes a crash during suspend on platforms that\ndont use PM domains."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0863bffda1131fd2fa9c05b653ad9ee3d8db127e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/321aecb079e9ca8b1af90778068a6fb40f2bf22d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46704.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46704",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.397",
"lastModified": "2024-09-13T07:15:05.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Fix spruious data race in __flush_work()\n\nWhen flushing a work item for cancellation, __flush_work() knows that it\nexclusively owns the work item through its PENDING bit. 134874e2eee9\n(\"workqueue: Allow cancel_work_sync() and disable_work() from atomic\ncontexts on BH work items\") added a read of @work->data to determine whether\nto use busy wait for BH work items that are being canceled. While the read\nis safe when @from_cancel, @work->data was read before testing @from_cancel\nto simplify code structure:\n\n\tdata = *work_data_bits(work);\n\tif (from_cancel &&\n\t !WARN_ON_ONCE(data & WORK_STRUCT_PWQ) && (data & WORK_OFFQ_BH)) {\n\nWhile the read data was never used if !@from_cancel, this could trigger\nKCSAN data race detection spuriously:\n\n ==================================================================\n BUG: KCSAN: data-race in __flush_work / __flush_work\n\n write to 0xffff8881223aa3e8 of 8 bytes by task 3998 on cpu 0:\n instrument_write include/linux/instrumented.h:41 [inline]\n ___set_bit include/asm-generic/bitops/instrumented-non-atomic.h:28 [inline]\n insert_wq_barrier kernel/workqueue.c:3790 [inline]\n start_flush_work kernel/workqueue.c:4142 [inline]\n __flush_work+0x30b/0x570 kernel/workqueue.c:4178\n flush_work kernel/workqueue.c:4229 [inline]\n ...\n\n read to 0xffff8881223aa3e8 of 8 bytes by task 50 on cpu 1:\n __flush_work+0x42a/0x570 kernel/workqueue.c:4188\n flush_work kernel/workqueue.c:4229 [inline]\n flush_delayed_work+0x66/0x70 kernel/workqueue.c:4251\n ...\n\n value changed: 0x0000000000400000 -> 0xffff88810006c00d\n\nReorganize the code so that @from_cancel is tested before @work->data is\naccessed. The only problem is triggering KCSAN detection spuriously. This\nshouldn't need READ_ONCE() or other access qualifiers.\n\nNo functional changes."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/8bc35475ef1a23b0e224f3242eb11c76cab0ea88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/91d09642127a32fde231face2ff489af70eef316",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46705.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46705",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.477",
"lastModified": "2024-09-13T07:15:05.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: reset mmio mappings with devm\n\nSet our various mmio mappings to NULL. This should make it easier to\ncatch something rogue trying to mess with mmio after device removal. For\nexample, we might unmap everything and then start hitting some mmio\naddress which has already been unmamped by us and then remapped by\nsomething else, causing all kinds of carnage."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/b1c9fbed3884d3883021d699c7cdf5253a65543a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c7117419784f612d59ee565145f722e8b5541fe6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46706.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46706",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.560",
"lastModified": "2024-09-13T07:15:05.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: fsl_lpuart: mark last busy before uart_add_one_port\n\nWith \"earlycon initcall_debug=1 loglevel=8\" in bootargs, kernel\nsometimes boot hang. It is because normal console still is not ready,\nbut runtime suspend is called, so early console putchar will hang\nin waiting TRDE set in UARTSTAT.\n\nThe lpuart driver has auto suspend delay set to 3000ms, but during\nuart_add_one_port, a child device serial ctrl will added and probed with\nits pm runtime enabled(see serial_ctrl.c).\nThe runtime suspend call path is:\ndevice_add\n |-> bus_probe_device\n |->device_initial_probe\n\t |->__device_attach\n |-> pm_runtime_get_sync(dev->parent);\n\t\t\t |-> pm_request_idle(dev);\n\t\t\t |-> pm_runtime_put(dev->parent);\n\nSo in the end, before normal console ready, the lpuart get runtime\nsuspended. And earlycon putchar will hang.\n\nTo address the issue, mark last busy just after pm_runtime_enable,\nthree seconds is long enough to switch from bootconsole to normal\nconsole."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ecf625d4acb71d726bc0b49403cf68388b3d58d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8eb92cfca6c2c5a15ab1773f3d18ab8d8f7dbb68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dc98d76a15bc29a9a4e76f2f65f39f3e590fb15c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-467xx/CVE-2024-46707.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-46707",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.643",
"lastModified": "2024-09-13T07:15:05.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3\n\nOn a system with a GICv3, if a guest hasn't been configured with\nGICv3 and that the host is not capable of GICv2 emulation,\na write to any of the ICC_*SGI*_EL1 registers is trapped to EL2.\n\nWe therefore try to emulate the SGI access, only to hit a NULL\npointer as no private interrupt is allocated (no GIC, remember?).\n\nThe obvious fix is to give the guest what it deserves, in the\nshape of a UNDEF exception."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/15818af2f7aa55eff375333cb7689df15d3f24ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2073132f6ed3079369e857a8deb33d11bdd983bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3e6245ebe7ef341639e9a7e402b3ade8ad45a19f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/94d4fbad01b19ec5eab3d6b50aaec4f9db8b2d8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/96b076e8ee5bc3a1126848c8add0f74bd30dc9d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d7629bec5c3f80bd0e3bf8103c06a2f7046bd92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46708.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46708",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.717",
"lastModified": "2024-09-13T07:15:05.717",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: x1e80100: Fix special pin offsets\n\nRemove the erroneus 0x100000 offset to prevent the boards from crashing\non pin state setting, as well as for the intended state changes to take\neffect."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0197bf772f657fbdea5e9bdec5eea6e67d82cbde",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3692d95cc4d88114b070ee63cffc976f00f207f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46709.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46709",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.793",
"lastModified": "2024-09-13T07:15:05.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix prime with external buffers\n\nMake sure that for external buffers mapping goes through the dma_buf\ninterface instead of trying to access pages directly.\n\nExternal buffers might not provide direct access to readable/writable\npages so to make sure the bo's created from external dma_bufs can be\nread dma_buf interface has to be used.\n\nFixes crashes in IGT's kms_prime with vgem. Regular desktop usage won't\ntrigger this due to the fact that virtual machines will not have\nmultiple GPUs but it enables better test coverage in IGT."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/50f1199250912568606b3778dc56646c10cb7b04",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46710.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46710",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.880",
"lastModified": "2024-09-13T07:15:05.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Prevent unmapping active read buffers\n\nThe kms paths keep a persistent map active to read and compare the cursor\nbuffer. These maps can race with each other in simple scenario where:\na) buffer \"a\" mapped for update\nb) buffer \"a\" mapped for compare\nc) do the compare\nd) unmap \"a\" for compare\ne) update the cursor\nf) unmap \"a\" for update\nAt step \"e\" the buffer has been unmapped and the read contents is bogus.\n\nPrevent unmapping of active read buffers by simply keeping a count of\nhow many paths have currently active maps and unmap only when the count\nreaches 0."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/aba07b9a0587f50e5d3346eaa19019cf3f86c0ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d5228d158e4c0b1663b3983044913c15c3d0135e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-467xx/CVE-2024-46711.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46711",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:05.953",
"lastModified": "2024-09-13T07:15:05.953",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix ID 0 endp usage after multiple re-creations\n\n'local_addr_used' and 'add_addr_accepted' are decremented for addresses\nnot related to the initial subflow (ID0), because the source and\ndestination addresses of the initial subflows are known from the\nbeginning: they don't count as \"additional local address being used\" or\n\"ADD_ADDR being accepted\".\n\nIt is then required not to increment them when the entrypoint used by\nthe initial subflow is removed and re-added during a connection. Without\nthis modification, this entrypoint cannot be removed and re-added more\nthan once."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/119806ae4e46cf239db8e6ad92bc2fd3daae86dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/53e2173172d26c0617b29dd83618b71664bed1fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9366922adc6a71378ca01f898c41be295309f044",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c9c744666f7308a4daba520191e29d395260bcfe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46712.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46712",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T07:15:06.030",
"lastModified": "2024-09-13T07:15:06.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Disable coherent dumb buffers without 3d\n\nCoherent surfaces make only sense if the host renders to them using\naccelerated apis. Without 3d the entire content of dumb buffers stays\nin the guest making all of the extra work they're doing to synchronize\nbetween guest and host useless.\n\nConfigurations without 3d also tend to run with very low graphics\nmemory limits. The pinned console fb, mob cursors and graphical login\nmanager tend to run out of 16MB graphics memory that those guests use.\n\nFix it by making sure the coherent dumb buffers are only used on\nconfigs with 3d enabled."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/c45558414b8f2e0b9dc34eb8f9d4e8359b887681",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e9fd436bb8fb9b9d31fdf07bbcdba6d30290c5e4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

64
CVE-2024/CVE-2024-55xx/CVE-2024-5567.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-5567",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T07:15:06.113",
"lastModified": "2024-09-13T07:15:06.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 27.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.muffingroup.com/changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://themeforest.net/item/betheme-responsive-multipurpose-wordpress-theme/7758048#item-description__changelog",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5dfaa23f-05df-423c-a5f6-02f2b714b5b6?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-56xx/CVE-2024-5628.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-5628",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T06:15:14.793",
"lastModified": "2024-09-13T06:15:14.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Avada | Website Builder For WordPress & eCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fusion_button shortcode in all versions up to, and including, 3.11.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was partially fixed in 3.11.9. Additional hardening for alternate attack vectors was added to version 3.11.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://avada.com/blog/version-7-11-9-security-update/",
"source": "security@wordfence.com"
},
{
"url": "https://avada.com/documentation/avada-changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c23bd29-ba02-4c90-a631-5ce6294d7760?source=cve",
"source": "security@wordfence.com"
}
]
}

21
CVE-2024/CVE-2024-64xx/CVE-2024-6493.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6493",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.200",
"lastModified": "2024-09-13T06:15:15.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/0e3128ef-901a-42aa-9d74-c69d3241dc07/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-66xx/CVE-2024-6617.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6617",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.290",
"lastModified": "2024-09-13T06:15:15.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/9c5efe3c-95a8-4647-86c0-20aa7dd92b66/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-67xx/CVE-2024-6723.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6723",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.353",
"lastModified": "2024-09-13T06:15:15.353",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/fbd2152e-0aa1-4b56-a6a3-2e6ec78e08a5/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-68xx/CVE-2024-6850.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6850",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.437",
"lastModified": "2024-09-13T06:15:15.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/c06995cb-1685-4751-811f-aead52a597a7/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-71xx/CVE-2024-7129.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-7129",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.507",
"lastModified": "2024-09-13T06:15:15.507",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injection which further exploited can result to remote code Execution by high privilege such as admins"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/00ad9b1a-97a5-425f-841e-ea48f72ecda4/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-71xx/CVE-2024-7133.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-7133",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.580",
"lastModified": "2024-09-13T06:15:15.580",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any WordPress plugin before 2.7.3 does not validate and escape some of its settings before outputting them back in the page, which could allow users with a high role to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/c81c1622-33d1-41f2-ba63-f06bd4c125ab/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-78xx/CVE-2024-7863.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-7863",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.650",
"lastModified": "2024-09-13T06:15:15.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/5e814b02-3870-4742-905d-ec03b0d31add/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-78xx/CVE-2024-7864.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-7864",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.720",
"lastModified": "2024-09-13T06:15:15.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not have CSRF and path validation in the output_sub_admin_page_0() function, allowing attackers to make logged in admins delete arbitrary files on the server"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/6ce62e78-04a4-46b2-b97f-c4ef8f3258c3/",
"source": "contact@wpscan.com"
}
]
}

64
CVE-2024/CVE-2024-78xx/CVE-2024-7888.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-7888",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T07:15:06.500",
"lastModified": "2024-09-13T07:15:06.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions like export_forms(), import_forms(), update_fb_options(), and many more in all versions up to, and including, 3.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify forms and various other settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.6/app/Controllers/Ajax/FormBuilderAdminAjax.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3150743/classified-listing/trunk/app/Controllers/Ajax/FormBuilderAdminAjax.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/494d2e69-0759-419a-a603-e8870c157e49?source=cve",
"source": "security@wordfence.com"
}
]
}

6
CVE-2024/CVE-2024-79xx/CVE-2024-7932.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-7932",
"sourceIdentifier": "3DS.Information-Security@3ds.com",
"published": "2024-09-02T12:15:20.130",
"lastModified": "2024-09-04T14:52:06.830",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T07:15:06.800",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session."
"value": "A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session."
},
{
"lang": "es",

6
CVE-2024/CVE-2024-79xx/CVE-2024-7939.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-7939",
"sourceIdentifier": "3DS.Information-Security@3ds.com",
"published": "2024-09-02T12:15:20.530",
"lastModified": "2024-09-04T14:54:22.290",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T07:15:06.990",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session."
"value": "A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session."
},
{
"lang": "es",

68
CVE-2024/CVE-2024-86xx/CVE-2024-8663.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-8663",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T07:15:07.113",
"lastModified": "2024-09-13T07:15:07.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-simple-booking-calendar/tags/2.0.10/includes/base/admin/calendar/views/view-edit-calendar.php#L155",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-simple-booking-calendar/tags/2.0.10/includes/modules/update-checker/views/view-register-website.php#L21",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150474%40wp-simple-booking-calendar&new=3150474%40wp-simple-booking-calendar&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cad4300f-02f9-4c9f-9bb3-1c9da8b78ac9?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-86xx/CVE-2024-8664.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-8664",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T07:15:07.487",
"lastModified": "2024-09-13T07:15:07.487",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-test-email/tags/1.1.7/wp-test-email.php#L189",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150538%40wp-test-email&new=3150538%40wp-test-email&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70c1ee04-cfb1-4819-95ab-497e814da16f?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-86xx/CVE-2024-8665.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-8665",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T07:15:07.797",
"lastModified": "2024-09-13T07:15:07.797",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/yith-custom-login/tags/1.7.3/yit-common/yith-panel.php#L149",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150123%40yith-custom-login&new=3150123%40yith-custom-login&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150560%40yith-custom-login&new=3150560%40yith-custom-login&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0828a4a4-2dd5-4dff-8563-c81d6b24b949?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-87xx/CVE-2024-8742.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-8742",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T07:15:08.083",
"lastModified": "2024-09-13T07:15:08.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Essential Addons for Elementor \u2013 Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/6.0.3/includes/Elements/Filterable_Gallery.php#L566",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3148624/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/essential-addons-for-elementor-lite/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c292dc-e9da-4256-82df-58ac5def4771?source=cve",
"source": "security@wordfence.com"
}
]
}

38
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-13T06:00:17.926759+00:00
2024-09-13T08:00:18.772733+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-13T04:15:04.280000+00:00
2024-09-13T07:15:08.083000+00:00
```
### Last Data Feed Release
@ -33,20 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
262718
262779
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `61`
- [CVE-2024-8656](CVE-2024/CVE-2024-86xx/CVE-2024-8656.json) (`2024-09-13T04:15:04.280`)
- [CVE-2024-46703](CVE-2024/CVE-2024-467xx/CVE-2024-46703.json) (`2024-09-13T07:15:05.317`)
- [CVE-2024-46704](CVE-2024/CVE-2024-467xx/CVE-2024-46704.json) (`2024-09-13T07:15:05.397`)
- [CVE-2024-46705](CVE-2024/CVE-2024-467xx/CVE-2024-46705.json) (`2024-09-13T07:15:05.477`)
- [CVE-2024-46706](CVE-2024/CVE-2024-467xx/CVE-2024-46706.json) (`2024-09-13T07:15:05.560`)
- [CVE-2024-46707](CVE-2024/CVE-2024-467xx/CVE-2024-46707.json) (`2024-09-13T07:15:05.643`)
- [CVE-2024-46708](CVE-2024/CVE-2024-467xx/CVE-2024-46708.json) (`2024-09-13T07:15:05.717`)
- [CVE-2024-46709](CVE-2024/CVE-2024-467xx/CVE-2024-46709.json) (`2024-09-13T07:15:05.793`)
- [CVE-2024-46710](CVE-2024/CVE-2024-467xx/CVE-2024-46710.json) (`2024-09-13T07:15:05.880`)
- [CVE-2024-46711](CVE-2024/CVE-2024-467xx/CVE-2024-46711.json) (`2024-09-13T07:15:05.953`)
- [CVE-2024-46712](CVE-2024/CVE-2024-467xx/CVE-2024-46712.json) (`2024-09-13T07:15:06.030`)
- [CVE-2024-5567](CVE-2024/CVE-2024-55xx/CVE-2024-5567.json) (`2024-09-13T07:15:06.113`)
- [CVE-2024-5628](CVE-2024/CVE-2024-56xx/CVE-2024-5628.json) (`2024-09-13T06:15:14.793`)
- [CVE-2024-6493](CVE-2024/CVE-2024-64xx/CVE-2024-6493.json) (`2024-09-13T06:15:15.200`)
- [CVE-2024-6617](CVE-2024/CVE-2024-66xx/CVE-2024-6617.json) (`2024-09-13T06:15:15.290`)
- [CVE-2024-6723](CVE-2024/CVE-2024-67xx/CVE-2024-6723.json) (`2024-09-13T06:15:15.353`)
- [CVE-2024-6850](CVE-2024/CVE-2024-68xx/CVE-2024-6850.json) (`2024-09-13T06:15:15.437`)
- [CVE-2024-7129](CVE-2024/CVE-2024-71xx/CVE-2024-7129.json) (`2024-09-13T06:15:15.507`)
- [CVE-2024-7133](CVE-2024/CVE-2024-71xx/CVE-2024-7133.json) (`2024-09-13T06:15:15.580`)
- [CVE-2024-7863](CVE-2024/CVE-2024-78xx/CVE-2024-7863.json) (`2024-09-13T06:15:15.650`)
- [CVE-2024-7864](CVE-2024/CVE-2024-78xx/CVE-2024-7864.json) (`2024-09-13T06:15:15.720`)
- [CVE-2024-7888](CVE-2024/CVE-2024-78xx/CVE-2024-7888.json) (`2024-09-13T07:15:06.500`)
- [CVE-2024-8663](CVE-2024/CVE-2024-86xx/CVE-2024-8663.json) (`2024-09-13T07:15:07.113`)
- [CVE-2024-8664](CVE-2024/CVE-2024-86xx/CVE-2024-8664.json) (`2024-09-13T07:15:07.487`)
- [CVE-2024-8665](CVE-2024/CVE-2024-86xx/CVE-2024-8665.json) (`2024-09-13T07:15:07.797`)
- [CVE-2024-8742](CVE-2024/CVE-2024-87xx/CVE-2024-8742.json) (`2024-09-13T07:15:08.083`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `2`
- [CVE-2024-7932](CVE-2024/CVE-2024-79xx/CVE-2024-7932.json) (`2024-09-13T07:15:06.800`)
- [CVE-2024-7939](CVE-2024/CVE-2024-79xx/CVE-2024-7939.json) (`2024-09-13T07:15:06.990`)
## Download and Usage

67
_state.csv
View File

@ -256222,6 +256222,7 @@ CVE-2024-38808,0,0,53d74bad70081ff05a1300457357e667e449199d0759115b64cb9ca097eee
CVE-2024-3881,0,0,3699310594a82ce285b52bf9c21755fa8173160a66408c76064512e538b3fcc8,2024-05-17T02:40:10.360000
CVE-2024-38810,0,0,a8d05ba61ad79ab8e573251f3391c7e33071f14ecb67883defa939520cad5b0a,2024-08-20T15:44:20.567000
CVE-2024-38811,0,0,d88dcb1be0f29aec7140dae02da045eb114691708f1eeeee0e69f2bdb3c1446f,2024-09-03T12:59:02.453000
CVE-2024-38816,1,1,f2f73f00912ad5358900febb5338410ce68c01464a0ecb7e2b6e5b296a44ed15,2024-09-13T06:15:11.190000
CVE-2024-3882,0,0,8cf286ca42c3a62eccb821d9ac0678dabad594eee248c127390ddaf169987d46,2024-05-17T02:40:10.457000
CVE-2024-3883,0,0,e6bda202b9fd54c10f25f29dd8ae0cebb83b1538aee636944c2fd66bf4045fff,2024-05-02T13:27:25.103000
CVE-2024-3885,0,0,9b28a2ee85edfe77753e71858fb1438bd68a9b6ee299843f3a5752cca4753d01,2024-05-02T18:00:37.360000
@ -256474,6 +256475,7 @@ CVE-2024-39373,0,0,e03c6c4e4265087cfa8c4bbe8fccd5576189838192e80bd89272e600b85fa
CVE-2024-39374,0,0,ceb09b5bb4e8be416a15f13560d443b1e635d211ece43c085341bae7ef26131f,2024-06-27T17:11:52.390000
CVE-2024-39375,0,0,7f7f7a9309aed2a09a305dfdf1e1d93b0589de917a3b11ae3ae79eb9d410a9e7,2024-06-27T17:11:52.390000
CVE-2024-39376,0,0,ff38615940f53b46258a81c8b3ac7c33f4e18906965f9bf4f05657720710f5f6,2024-06-27T17:11:52.390000
CVE-2024-39377,1,1,310790e4074377099f62f66bf31157668eaaebbdbb05e3c00a054e7c77639817,2024-09-13T07:15:02.390000
CVE-2024-39378,0,0,f7f5123468282f7de4ae299ed6fab3b253ceb1b2199b38ceb3e8512ca9694993,2024-09-11T16:26:11.920000
CVE-2024-39379,0,0,254a12bd73909f0be093719c5b38b4eaf337f7e58beca38b827a09c853e5a892,2024-09-11T15:52:47.053000
CVE-2024-3938,0,0,9f6aecdfa53fe6eb1c4aca56683969fdb193b03c1b9229add1400e00af205f88,2024-08-13T14:09:14.087000
@ -257835,6 +257837,10 @@ CVE-2024-41865,0,0,f8ad10055028d3dfea657c3bbd8eb5b04fbd0fb8a1dcfeb71cfad07c37511
CVE-2024-41866,0,0,b06a8427315afa6008377ed5627aeeeb7bf41e3428063742d7f1fa0c27e9a784,2024-08-19T18:44:22.577000
CVE-2024-41868,0,0,c557561aee86e68644073c59daf1bdf943751c167cde3bf04976db642e7616a6,2024-09-11T16:26:11.920000
CVE-2024-4187,0,0,59e73639acf686e0c0fe315911f8a7728baeee66452eb3299dce70437688c22e,2024-08-15T14:45:27.797000
CVE-2024-41870,1,1,330cf7f3efc6d46134f4145c34d923106cd31afd0f2d97f0309cd1f9f71efdd1,2024-09-13T07:15:03.750000
CVE-2024-41871,1,1,7b509d8edddf510e10468441bbf14bc563f351a62bc5ac242492a18371df9d6a,2024-09-13T07:15:04.097000
CVE-2024-41872,1,1,94a432ba56a73538cff555b02d20e1a217abc045428083b5b2d7aa1bb7fd3cfa,2024-09-13T07:15:04.440000
CVE-2024-41873,1,1,32fda75ae0c0af01400945b9e98c8e8de4b825cd92b4259f0b9b28429af029c7,2024-09-13T07:15:04.790000
CVE-2024-41875,0,0,57025102705afb3f64ed9ca037e457d95a3751eb418da98d63205817feaa131c,2024-08-27T14:45:28.927000
CVE-2024-41876,0,0,2e90360efc316da37d37f6761f555864c070f8e4b10b19f1a9af1a905273c5a3,2024-08-27T14:45:40.377000
CVE-2024-41877,0,0,6103adaf29f838766c82e017d2b75c7c95c893efc9460aaf0a14a2c0a2483c27,2024-08-27T14:46:02.147000
@ -259743,10 +259749,50 @@ CVE-2024-4664,0,0,b622a884dca6c94dd91f571bd68ec3e5e60df69c2ec441187a6010b0dbb54f
CVE-2024-4666,0,0,574e789fc18a09e540199055631026983551e2de180e4487a378ddd991d469a5,2024-05-15T16:40:19.330000
CVE-2024-4667,0,0,5f6a087811f370dc89d31ef88ad63586b7ea4db405d3be18d05609409a87488f,2024-07-12T14:25:13.923000
CVE-2024-46672,0,0,06a7e230f728789568c6fa3a46c71d770ce48f791ddef073d22dd696f3de90d0,2024-09-11T16:26:11.920000
CVE-2024-46673,1,1,4aded6a3ca78f41443184d68a8846f5e93722284260e13fb487c258990274265,2024-09-13T06:15:11.917000
CVE-2024-46674,1,1,3b237afca8d174a5dbad9b0e11bbee34a25d1eae6e64548f20a6ff90fd39793d,2024-09-13T06:15:12.017000
CVE-2024-46675,1,1,3c7ec14582628e86d463069b027a201111e5bebf711ca4a3ce68622540fe6646,2024-09-13T06:15:12.117000
CVE-2024-46676,1,1,97720e356af6f592ad3fe9c989a408ef2639f908f17a1cf1a8aacf9d7405a1d5,2024-09-13T06:15:12.223000
CVE-2024-46677,1,1,70e7796642d3c3f5cd996384ea40efa16d453ee2b441ae543c1beedcfe995365,2024-09-13T06:15:12.360000
CVE-2024-46678,1,1,78234430ffb5e8c1bc93814ac47ddbd9a962ae3cc7549dc803e7a6a76532d8ed,2024-09-13T06:15:12.450000
CVE-2024-46679,1,1,a13a18c6e22eaeeac7a1532d28545c38af2ffd24691b0923a6145ed1506fd580,2024-09-13T06:15:12.530000
CVE-2024-4668,0,0,ecbe5c3985983203e802de76c9f88e6fca1078853835be834d70b53a54cc9e61,2024-05-30T13:15:41.297000
CVE-2024-46680,1,1,57990cc321049bf47f0a5ae70702a15c0df0807e9e86a9e3117a581a3fa4248f,2024-09-13T06:15:12.617000
CVE-2024-46681,1,1,659835d1192554be30e3e12a866e72ee8bfeebda1bfff7f131ff6f0148d85538,2024-09-13T06:15:12.710000
CVE-2024-46682,1,1,774b14c2ca515a2eb3327c5cdd15179d0ea42ab832e97886882ea3e947ffd4af,2024-09-13T06:15:12.793000
CVE-2024-46683,1,1,8588b330693a5b4c67e6e4439ea8b3869f9df6bee6868bab68d09a256cba45b5,2024-09-13T06:15:12.993000
CVE-2024-46684,1,1,27bba2174550ec2274bbd90e2e10d95ddccdfe5b1215f0f6be037a2b79c3de63,2024-09-13T06:15:13.103000
CVE-2024-46685,1,1,2cd50d07f68a97b7671861f14d6462f70905a973c63d827782472ab17bc261ca,2024-09-13T06:15:13.200000
CVE-2024-46686,1,1,7c09e8bed61b09a858c63428baeabe5060ea480a3cd85ea997e483c785e64f2b,2024-09-13T06:15:13.280000
CVE-2024-46687,1,1,a986eb1ad849003e87805d593b961506299a00a0d9095df17d3e8bd873eb4f64,2024-09-13T06:15:13.377000
CVE-2024-46688,1,1,ab2e86754afeddc96c96353c0a77c2807b4d5c42843035015e611efd161800ee,2024-09-13T06:15:13.547000
CVE-2024-46689,1,1,6f6fba91aa632c4fa8c015c329bfeb52ee9059ac6b31e09d2401375ed00a7571,2024-09-13T06:15:13.653000
CVE-2024-4669,0,0,a0976f7ea3148ea450eb6167436e6be2dce8d6ef83862711f573c56cae3ce5e3,2024-06-13T18:36:09.013000
CVE-2024-46690,1,1,9fa8801eb9b99058e2fd056c189dde4e3be5e13a9f6eedfd397d3c8e472fc94b,2024-09-13T06:15:13.753000
CVE-2024-46691,1,1,0306b1c32244ab98af8d67bed2a32de408d3d642a370dc8b8ff42e5afce108de,2024-09-13T06:15:13.960000
CVE-2024-46692,1,1,07043225bcf6bf7deb36d97776c997e586f70815235d71471be9284e05d1fc5d,2024-09-13T06:15:14.047000
CVE-2024-46693,1,1,cd0e29c8dc0c89e92873560af988db5e94cc89a6bc79d50074a44749059cb285,2024-09-13T06:15:14.140000
CVE-2024-46694,1,1,e5ee5201b7bdb6c541022ca9f5588b8fd4966f386d8e893a0f6698513574ac30,2024-09-13T06:15:14.240000
CVE-2024-46695,1,1,0c4abca61df12f91b5d7dd61ecb3e6368e608c3735bf625a66785a88d93d746e,2024-09-13T06:15:14.320000
CVE-2024-46696,1,1,02734637d123c617c5e4fea2f524b5f7751a0d8a0d73334210ef80f48f3c1d7e,2024-09-13T06:15:14.423000
CVE-2024-46697,1,1,9248bffc375025a5e765748522599886523f5511201844ca12d66aa0054f05cc,2024-09-13T06:15:14.500000
CVE-2024-46698,1,1,90208209f8ec4e50485c38e3ac5e71cca6e345556ab81cf3e5d8aeb08459abee,2024-09-13T06:15:14.563000
CVE-2024-46699,1,1,f60490a7f227880944b43395f5cc1b2db045b82bf8f0e5f1c62361cb5a8e1767,2024-09-13T06:15:14.643000
CVE-2024-4670,0,0,08919fb788216a4ef8fb408ade2563afef66ea572b0f16375f44123bc9f15eb1,2024-05-15T16:40:19.330000
CVE-2024-46700,1,1,096b6e149d20ea622c070d87dacf8eff96246bd8d34cf1aea913246349f32b8a,2024-09-13T06:15:14.720000
CVE-2024-46701,1,1,159272b5126bf87b2cfc03d995b69a4e9563d7482081bfa05eb433ad567d933a,2024-09-13T07:15:05.127000
CVE-2024-46702,1,1,1003ca2674ec145c0228612bef609df939785887dcd445e96f71208ea51fc869,2024-09-13T07:15:05.217000
CVE-2024-46703,1,1,4d31fab34b53374bc9470dab42e06676f7ddf323b54727512fb04d9c6fcef62c,2024-09-13T07:15:05.317000
CVE-2024-46704,1,1,e9ea1941722962da0f4560bbf15a9e2f55947133e4bbf03b345e8290b3ddf0e0,2024-09-13T07:15:05.397000
CVE-2024-46705,1,1,425954983fb48dc260d3cbda091831d4f3e47b30fe41a26afc56e069b9c53018,2024-09-13T07:15:05.477000
CVE-2024-46706,1,1,0bc7b92f1891797d2df7649419951fbce941fb91c72ab28fd3edd27eca73f893,2024-09-13T07:15:05.560000
CVE-2024-46707,1,1,64a8b81716543f59464c25ae3cffced09399995f303f45181dc9416829dc1b03,2024-09-13T07:15:05.643000
CVE-2024-46708,1,1,2ced7f6e5bbd9037952c4e6c172b32445db3004d4d58e8893a510a72b3caa923,2024-09-13T07:15:05.717000
CVE-2024-46709,1,1,755888f6e371d41ae69ca9e3287671c4223f29595fb8e6738ee8d612dec6570d,2024-09-13T07:15:05.793000
CVE-2024-4671,0,0,185dc0ba34bc0f367bb40abcb8d9eaaa2a7101f2bad0c1d95e54ade99bea383c,2024-08-14T17:06:43.910000
CVE-2024-46710,1,1,9362f94c78c56b58cc12959f972e46de24e777af1307d1cdc1d5ff89c0c055cf,2024-09-13T07:15:05.880000
CVE-2024-46711,1,1,3b6d9e5e0fe47f51b22303d048b1bc4af23641043eed68b5d59285c3a63a7c38,2024-09-13T07:15:05.953000
CVE-2024-46712,1,1,939e5baa7db403aaf844c24ff993ad2b4dcddc11ce696dd15bf5ddc38baa8868,2024-09-13T07:15:06.030000
CVE-2024-4672,0,0,35f3d370a957f330147d6589398835ee73958e29db9da9b60896b5f03e87d787,2024-06-04T19:20:45.330000
CVE-2024-4673,0,0,534fe3baa36c9b2de1fe1f9372b44f4a695e5779fe305c090e0c97233d7085b1,2024-06-04T19:20:45.437000
CVE-2024-4674,0,0,60247f20a2a4283bfbeed309267e9d6b22bdb830da33ae543a1f6522ba4ea3ca,2024-06-04T19:20:45.527000
@ -260546,6 +260592,7 @@ CVE-2024-5561,0,0,82dc9c7a28558b655d3278268f7fefe112c6724d8ad6919886d73aaa7545bf
CVE-2024-5564,0,0,582ae8d6e013444879054c957a9f974e1fbdab4bea18417275b8c53698226d12,2024-07-19T16:15:03.193000
CVE-2024-5565,0,0,e1d36fa68b4a73d6b78bd8eb39c3f27f14d8d32dc884b4fdfa0f8545d690e8d1,2024-07-03T02:09:05.567000
CVE-2024-5566,0,0,5233947f09c3c6c0de3bbc1356e893f745531db8e2929187d54352e5877fee4e,2024-07-17T13:34:20.520000
CVE-2024-5567,1,1,889ac6dfb4e2ceac8b10fa7178ffe1c047c9d9a4f58e1980aebe682abb403b1f,2024-09-13T07:15:06.113000
CVE-2024-5569,0,0,b9fd3bed59b5f668c54b0264622201b8600e789b08e0f56eae05ce6b6e8c76ce,2024-07-09T18:19:14.047000
CVE-2024-5570,0,0,752c5aec7899d5cf3a8e3335b609e2b612878d2e224e641cf0205f3f8bec404d,2024-07-09T16:23:05.823000
CVE-2024-5571,0,0,c5656d92123399f657b6e24b44e300308aef779837a4ed7761c4afb3c16bfae8,2024-06-11T17:29:03.277000
@ -260591,6 +260638,7 @@ CVE-2024-5624,0,0,21cefbaefb318c9503ab9f172b93f3e9f438de105b5fa2bcec586c3477a040
CVE-2024-5625,0,0,2e44049535f78135e500a8f8d54d8f4d59ba5936e80e3b134df5c51262f22971,2024-07-19T13:01:44.567000
CVE-2024-5626,0,0,3116199e86dacfa5c8c4bfcae9231b5a383289e4e0bd8acb32e36f957ab44c86,2024-08-01T13:59:55.383000
CVE-2024-5627,0,0,b223ea977e14432dc305de4592ca7e0252873a120062584093cd834d6b6d0c82,2024-07-15T13:00:34.853000
CVE-2024-5628,1,1,44b5d0ec2b598a94784d363d755589a898b40975befbb689a48f961749144761,2024-09-13T06:15:14.793000
CVE-2024-5629,0,0,7b249822418cf5aa1c707605ba6baf660f2f435a4da7f400697e48d05f897bc1,2024-06-18T18:31:05.663000
CVE-2024-5630,0,0,b423cbbfe930ee92b838e29f77793f2e7fb28fa122fa6868ec504c922282a541,2024-08-01T13:59:55.667000
CVE-2024-5631,0,0,e9d1cf72e46e29c7303d5938f186f5edf7f1da39627a1f9d4fd0abcd32f19b31,2024-08-01T22:15:32.220000
@ -261303,6 +261351,7 @@ CVE-2024-6489,0,0,9e9ca0d507c7dd8804b1fd0a0aa043e3fe6638bfc4af4b9ea109d44e00b0a1
CVE-2024-6490,0,0,899b982533855ad09e3dbb0e567c02d65e33383a1b395d2221626be09ed0f8ee,2024-08-01T14:00:24.333000
CVE-2024-6491,0,0,777eb845cac0fc56ad6345347b6b7dff4d99542463073dd5b5752a23e8a26dec,2024-07-22T13:00:53.287000
CVE-2024-6492,0,0,82f79625038ad5debf137137104e45e1e353947b9c4b14df742baece7a047a71,2024-07-17T13:34:20.520000
CVE-2024-6493,1,1,b85fd7bf9dd1581dccd65a72d61e39d9a7454d7f5aec39a172be9a16b20c63af,2024-09-13T06:15:15.200000
CVE-2024-6494,0,0,5d616b6f04502e7b8421d6bcde94ff1c84cc44e101748b87939c18b401c713e1,2024-08-07T15:17:46.717000
CVE-2024-6495,0,0,b5144ce6ead337054723bddaa938cbde5875226dc2ad6f1282d875ef6548d915,2024-07-12T16:34:58.687000
CVE-2024-6496,0,0,4f2145d6969061de095037c65c4c02c00a89d2331ecd0d31a6eacfc030927f42,2024-08-07T14:35:07.403000
@ -261400,6 +261449,7 @@ CVE-2024-6612,0,0,d34a2e10bc1c43655aa28f997fd8d7918b9d5919fcfded6bd9a7bc48a40520
CVE-2024-6613,0,0,2c9248a7ca42e8738ab702e9dc188d19870d6e260e6ad7403e7b1f4010624eaa,2024-07-16T18:15:09.747000
CVE-2024-6614,0,0,92c74753eb3da74f24a895083a8e9cff7c2fc2f9bf400831c94c14936544ed9b,2024-07-16T18:15:09.813000
CVE-2024-6615,0,0,21e70ce6d005932fad51efb1cef43277a3ff57e367ed55aea5460b226c9f9ba8,2024-07-16T18:15:09.893000
CVE-2024-6617,1,1,389fdc49b44066b4fbff39472b517ef23227ceac64fe9c023b7fc6412ee1bee7,2024-09-13T06:15:15.290000
CVE-2024-6618,0,0,e35778534e5c89186065378dfc4e3df4bed15c4f9d7950adea6d3cb891d47959,2024-08-14T02:07:05.410000
CVE-2024-6619,0,0,f3a91e3a6a10b3f4f501b46572779a0f05e320927845dcf9e15b84cacb4a9100,2024-08-14T02:07:05.410000
CVE-2024-6620,0,0,64e06f08829405566592b044b4a90e5d81b7212d27ff82e69e11d8e82efebda8,2024-07-30T13:33:30.653000
@ -261475,6 +261525,7 @@ CVE-2024-6717,0,0,0b065284c5a83df80f016d53c3ebe26a820992221428250ad8b4acf1f2d75b
CVE-2024-6720,0,0,1dc3a2e2b9f95baf4f0364462830a2005109f2f0ee9a4c40c2088696994c0bf6,2024-08-07T20:53:27.343000
CVE-2024-6721,0,0,20bc3ac9fd25b0ef666ff8f606cfc8f742981337efa5a16bd2cfa701fac87a51,2024-07-15T16:15:03.467000
CVE-2024-6722,0,0,703a21dd5b88a7779498c521e3d50e4d788d54c0da4855e87bfa30931015fa08,2024-09-04T15:35:25.590000
CVE-2024-6723,1,1,d0fb6041404a9a034eefa75fcc10a26b57b857647a0f6b9047bce7ba650dfc69,2024-09-13T06:15:15.353000
CVE-2024-6724,0,0,4c62a72c14d0d54a44bd529f2e1e2cb1bbf7b4dd7ab83d5409a9b7e23529f22d,2024-08-13T15:35:30.033000
CVE-2024-6725,0,0,02f518ea588b9f58d1f41a7ee9055d6a87d38c1076b40cf72b33d47960c5f058,2024-07-31T12:57:02.300000
CVE-2024-6726,0,0,67da9a54e5a829e4300bb2883a5b7a4407d07a460c0b67dc5027c2e9a4f78316,2024-07-30T13:33:30.653000
@ -261563,6 +261614,7 @@ CVE-2024-6846,0,0,3f14d31d382a54a260125fd51294d960031d5921ae608f837ae240e5738c3b
CVE-2024-6847,0,0,3aed5f2ad75c2a50eaefca5c72002315f9d747456f8615efa188f54be39bf54d,2024-08-20T19:35:15.040000
CVE-2024-6848,0,0,e171c12c58967922126feefb09977b436bb9e206684562a37899ca6ed3e35d20,2024-07-22T13:00:31.330000
CVE-2024-6849,0,0,e6f29da7a266dc9f2d47ff3eb73c4709c5f498e6b954324661269c57220502c9,2024-09-09T13:03:38.303000
CVE-2024-6850,1,1,8ba61a9a32d41c854d9530227a4b349ea56f4428a8e68af60abeecada9d1a0bb,2024-09-13T06:15:15.437000
CVE-2024-6852,0,0,cd867431022b85ee5515b69c46ab068b7525885927be7fa9cfc4c875a9f47878,2024-09-11T16:23:02.500000
CVE-2024-6853,0,0,bfc770724a0cf755cd219c2fcd6258a625eb83bca7472f15162225f6a8c2c118,2024-09-11T16:22:18.850000
CVE-2024-6855,0,0,747d35631c84525ad9c2f1282cefb607972b06ed8ec8bcfcc6cf90db5747a736,2024-09-11T16:21:38.833000
@ -261750,7 +261802,9 @@ CVE-2024-7123,0,0,9cd56c5d21be01850838f11a2df252558cd6c9b176bc2485ad2b1b549f072a
CVE-2024-7125,0,0,eeabb5486a5ad2f2094206d4f0142bb635fc7a57bcd2279354b026b1e44628c1,2024-08-27T13:01:37.913000
CVE-2024-7127,0,0,2842be40cd41bba2687b1d2d238a3a521369bfe05553f868496bd1f3f7f4951f,2024-08-23T14:00:59.740000
CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000
CVE-2024-7129,1,1,b3b0a0c691914e48e5372245ba73f10929ed11509a8cd58fee4ee183bb4bd890,2024-09-13T06:15:15.507000
CVE-2024-7132,0,0,3deac5f1e9f8ee84791f2e4d6b9257b8de66af7b06b212663d3e71b6260e8de4,2024-08-29T20:37:07.980000
CVE-2024-7133,1,1,4ea98c735f29c30beccc1251ee6ed5236f4ace2dfb9e5e3f601e9249f7000f38,2024-09-13T06:15:15.580000
CVE-2024-7134,0,0,c5170ada8be1ea583d3dc92d1c0c20ff0ddcfa0f860d82c947cda0aff2380786,2024-08-21T12:30:33.697000
CVE-2024-7135,0,0,31437d1db396166831d3abd18bbeb77eef50ad11110b9df0f25d86e90a9b1fe1,2024-07-31T12:57:02.300000
CVE-2024-7136,0,0,8aada0541fe051e5634e6d0e6056d54d479250830cd49e1b32d308af5a5c28dc,2024-08-19T13:00:23.117000
@ -262288,6 +262342,8 @@ CVE-2024-7859,0,0,2e9efdc14165216e115d44a68371c6f167a605d4d7db791f71b61c4268679b
CVE-2024-7860,0,0,6478691d52b931fe14a87d864f1defb31ceb3c959fc542786a5c247463eccd66,2024-09-12T14:35:19.980000
CVE-2024-7861,0,0,7dc841d67f7cbf14766a683bac9706b93075a04167273c804ada991b965813f0,2024-09-12T14:35:20.767000
CVE-2024-7862,0,0,ab3213803d3b49b6ac19aa8c58cc004e989e60ff7f240b01de14d09685981992,2024-09-12T14:35:21.530000
CVE-2024-7863,1,1,d2269a8420222ae1464f606888c99feb0f09800d48a359d61f98abf89be2b979,2024-09-13T06:15:15.650000
CVE-2024-7864,1,1,ec8c8ba0517a66b0f6d3d9d102e5cf0945bc273d7b172f7beb86b6c2d60cd8d0,2024-09-13T06:15:15.720000
CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000
CVE-2024-7867,0,0,cc4e8e2cbae6cc9c2393332b56b3dc1a7160836d4b3b7919e8d1234e73599a3b,2024-08-28T21:59:33.973000
CVE-2024-7868,0,0,c4ea1bb97a13baa8d231995b3d29c0db15f328b428d9b25a1a7a0b4c8b9c1d1a,2024-09-11T12:40:01.817000
@ -262297,6 +262353,7 @@ CVE-2024-7884,0,0,785c516d1dabe55fa31f7695706ba6a05f994a8f8d63c46081a0777ad4e173
CVE-2024-7885,0,0,8ccead187965a5f1c2abb39b48c133d9f576a21859dc9731309caf892f9de5e4,2024-09-09T23:15:10.350000
CVE-2024-7886,0,0,b8c1f856b8479c6982faa8a2fc4a6d8b2480e045b8b096d9bd3b8640a06eb6f3,2024-08-19T13:00:23.117000
CVE-2024-7887,0,0,ba2ac28c88e5c856e9fa78c00b11f37e0df98a3508bf609dc9edbaa04a8fdb8e,2024-08-19T12:59:59.177000
CVE-2024-7888,1,1,18ce6a83e660944b7fe7e660d66b9c0b5c509f073f62f5f3f4fae69d8d358753,2024-09-13T07:15:06.500000
CVE-2024-7889,0,0,0c7c33437bec0235d44235714053c0dff80cc4be025d2065fb73eaf578af8760,2024-09-12T12:35:54.013000
CVE-2024-7890,0,0,5fc68443350e0746efaf8c3dba6c4db079dc957ebe4b2494b265529339aeb537,2024-09-12T12:35:54.013000
CVE-2024-7891,0,0,5aaf92f1216ccc2cb89b6db2b8f39b542c60dfffb3bd17a4a092f87d2244167e,2024-09-12T20:35:27.267000
@ -262336,14 +262393,14 @@ CVE-2024-7928,0,0,671a039a8258001c6ef11e23ca79fcb6be7f38f136ccb6e85345eff1e57a63
CVE-2024-7929,0,0,a805877edcd3cdd34f9befcb94d499b15f392a2db9c65471420306feafc6b5f3,2024-08-21T14:10:01.937000
CVE-2024-7930,0,0,100658e5f06d4675f601c6d01184159576ab92141783db14fc9e9c2655e99e3e,2024-08-21T14:09:28.830000
CVE-2024-7931,0,0,863f45f588d3a95c5820542bfd54aa0c5198b18b9403ddeaa589881d711878b9,2024-08-21T14:08:54.820000
CVE-2024-7932,0,0,76b4bef3950511267ce92a9fa48bb92becab9a9eff770b154c53074c95f49795,2024-09-04T14:52:06.830000
CVE-2024-7932,0,1,318c0aa591abd2c0e07fe604e20a993f7f5ba73e8ac39dd3efc9452b065b1bfb,2024-09-13T07:15:06.800000
CVE-2024-7933,0,0,4c4d1784cb4756567970ab7962609b658773d623a89ad02de59731f72704024d,2024-08-23T19:53:54.260000
CVE-2024-7934,0,0,378bcc55a3df62e429d1f101d54479de592e8336c09692e7e3a6942b8872bbc5,2024-08-23T19:54:37.790000
CVE-2024-7935,0,0,de5faf49db18a7840e6f8ddda5ba5a34ca6452592345acf93a6a1be43f2a05c7,2024-08-23T19:52:06.570000
CVE-2024-7936,0,0,031afbd95ed3099dc254ea3d5976503b2e92208fcd0c3be15e33867bddad8093,2024-09-03T20:43:55.790000
CVE-2024-7937,0,0,58f817c63d0d354ded52ec3007f0bc413c02bdd9e5e4a4484a57dcc393e99498,2024-09-03T20:43:08.620000
CVE-2024-7938,0,0,05885971f29247a07809090893658b29d0c486ec3695696a5efeaad9575e9baa,2024-09-04T14:53:13.887000
CVE-2024-7939,0,0,4b7069eae0518b4820db13af93e87ba3f296d2255e89954eb0066ce56b0321c7,2024-09-04T14:54:22.290000
CVE-2024-7939,0,1,1694bf433403f87f2893bf75dc39017446333f520bf502dae403d9f8dca4c12a,2024-09-13T07:15:06.990000
CVE-2024-7940,0,0,dbd0239c121d6194e450c1260a59c9e5a29e98f7339f7b43ef0e94924bfd60bf,2024-08-28T16:24:07.043000
CVE-2024-7941,0,0,f84a573c5184fa9f02bbf2be035433cf04406330bf9f18b5c31c6f416d5532c2,2024-08-28T16:09:03.693000
CVE-2024-7942,0,0,10ad4e44439e447affdd92c4cf521f51989afe951a6ccfba24c688ebb8095c63,2024-09-03T20:39:07.790000
@ -262693,7 +262750,10 @@ CVE-2024-8645,0,0,a9ec59eb761dcf7b03b051641e3314ff9102e8e55de30e4e3a512e1bddcece
CVE-2024-8646,0,0,19fa9f650168d587e83426e12fdaf58fb8d99e18fbbdb4568c4c398d745e4ed2,2024-09-11T16:26:11.920000
CVE-2024-8654,0,0,9ff4197fc4fa3acdeeaabf5d042cf9151def7011df3ee9c1e3c9b932ce455541,2024-09-10T15:50:57.713000
CVE-2024-8655,0,0,ae8f7bc5241b7c169a5dccbcccc728c3b8a01d5ae62a1e846fce72d64496b2eb,2024-09-11T16:26:11.920000
CVE-2024-8656,1,1,bc8e9de2353de0c6010b2503d59e4eac7d8376bac707c323a192aeb258e32f51,2024-09-13T04:15:04.280000
CVE-2024-8656,0,0,bc8e9de2353de0c6010b2503d59e4eac7d8376bac707c323a192aeb258e32f51,2024-09-13T04:15:04.280000
CVE-2024-8663,1,1,bdfa8c30bb20ba32d216ff8b89bb9ae6a766371440d57091f0c96aae52937773,2024-09-13T07:15:07.113000
CVE-2024-8664,1,1,70b5c102cac2edf95dc5aa09f42b78bca589ec2c5fd143c9497f09453b1786e4,2024-09-13T07:15:07.487000
CVE-2024-8665,1,1,61887d4c904e049b6fb9a886108b14ff741b76c4439f9090b0c724e0c0dac32b,2024-09-13T07:15:07.797000
CVE-2024-8686,0,0,ede88dcdbc0e792bd803e1f16895e5a739a1631453b49ef7e6a4fb82c32bd0dd,2024-09-12T12:35:54.013000
CVE-2024-8687,0,0,113cfff3abfee2dabf4872656a1085a998928e6c5f0a4785deb63af7b2621db8,2024-09-12T12:35:54.013000
CVE-2024-8688,0,0,622feee60e16c8839b74efa94c0181d710fda4c1e7dbcb6de36b0dc3a1f1b61b,2024-09-12T12:35:54.013000
@ -262712,6 +262772,7 @@ CVE-2024-8708,0,0,5ef2b50614a0df8bc885350592e6748544bb35fd26cfadc248f257341a2118
CVE-2024-8709,0,0,002b3fdc4504e3a8e90cfb73cfd92235f00c2180db683f0a52dbc2dfe0eff62b,2024-09-12T12:35:54.013000
CVE-2024-8710,0,0,5201612712a005197694d95d57304261dfb33fc9c18e66babb635a0037176679,2024-09-12T12:35:54.013000
CVE-2024-8711,0,0,b7bac1cd180aad7dc32fae997a12eb16b0ac91bf4702c25ed2514ca60e9a05c4,2024-09-12T12:35:54.013000
CVE-2024-8742,1,1,385d905223ae6954355ff08b0873dca01c7c3fea4056e1fded5ecd9bab20fbe5,2024-09-13T07:15:08.083000
CVE-2024-8749,0,0,6c300bdfd0775f414e5e2003c3bfef67fe867038e6f1a0c3495f0a7e6012e1de,2024-09-12T12:35:54.013000
CVE-2024-8750,0,0,418fabeb18e7b297a31252c3e8fef09ccda76bf14212f7478abfd99c5bae6ae6,2024-09-12T12:35:54.013000
CVE-2024-8751,0,0,66bf4cb3efd3a19b11cc04552e956e3ad68f7c58b21ee98d18c0d4f60816db0f,2024-09-12T22:15:02.680000

Can't render this file because it is too large.