admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-18T10:00:22.591883+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-18 10:03:21 +00:00
parent e888b34cd6
commit 3bfe6f7cdd
80 changed files with 2705 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2023/CVE-2023-19xx/CVE-2023-1904.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-1904",
"sourceIdentifier": "security@octopus.com",
"published": "2023-12-14T08:15:36.550",
"lastModified": "2023-12-19T18:57:53.073",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-18T08:15:02.750",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server.\n\n"
"value": "In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server."
},
{
"lang": "es",

10
CVE-2023/CVE-2023-405xx/CVE-2023-40548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40548",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T15:15:08.893",
"lastModified": "2024-09-10T08:15:02.147",
"lastModified": "2024-09-18T09:15:03.310",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -42,20 +42,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.4,
"impactScore": 4.7
"impactScore": 5.5
}
]
},

14
CVE-2023/CVE-2023-52xx/CVE-2023-5240.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5240",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-10-13T13:15:12.693",
"lastModified": "2023-10-17T16:11:51.793",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-18T08:35:19.920",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

43
CVE-2024/CVE-2024-408xx/CVE-2024-40862.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-40862",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:49.743",
"lastModified": "2024-09-17T00:15:49.743",
"lastModified": "2024-09-18T08:35:48.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An attacker may be able to determine the Apple ID of the owner of the computer."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad eliminando datos confidenciales. Este problema se solucion\u00f3 en Xcode 16. Un atacante podr\u00eda determinar el ID de Apple del propietario del ordenador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121239",

43
CVE-2024/CVE-2024-441xx/CVE-2024-44167.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-44167",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:51.310",
"lastModified": "2024-09-17T00:15:51.310",
"lastModified": "2024-09-18T08:35:53.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en macOS Ventura 13.7, visionOS 2, iOS 18 y iPadOS 18, macOS Sonoma 14.7 y macOS Sequoia 15. Es posible que una aplicaci\u00f3n pueda sobrescribir archivos arbitrarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121234",

14
CVE-2024/CVE-2024-456xx/CVE-2024-45619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45619",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-03T22:15:05.527",
"lastModified": "2024-09-12T19:38:56.440",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-18T09:15:05.227",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,19 +42,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW"
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"exploitabilityScore": 0.9,
"impactScore": 3.4
}
]

37
CVE-2024/CVE-2024-467xx/CVE-2024-46734.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-46734",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:02.980",
"lastModified": "2024-09-18T08:15:02.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between direct IO write and fsync when using same fd\n\nIf we have 2 threads that are using the same file descriptor and one of\nthem is doing direct IO writes while the other is doing fsync, we have a\nrace where we can end up either:\n\n1) Attempt a fsync without holding the inode's lock, triggering an\n assertion failures when assertions are enabled;\n\n2) Do an invalid memory access from the fsync task because the file private\n points to memory allocated on stack by the direct IO task and it may be\n used by the fsync task after the stack was destroyed.\n\nThe race happens like this:\n\n1) A user space program opens a file descriptor with O_DIRECT;\n\n2) The program spawns 2 threads using libpthread for example;\n\n3) One of the threads uses the file descriptor to do direct IO writes,\n while the other calls fsync using the same file descriptor.\n\n4) Call task A the thread doing direct IO writes and task B the thread\n doing fsyncs;\n\n5) Task A does a direct IO write, and at btrfs_direct_write() sets the\n file's private to an on stack allocated private with the member\n 'fsync_skip_inode_lock' set to true;\n\n6) Task B enters btrfs_sync_file() and sees that there's a private\n structure associated to the file which has 'fsync_skip_inode_lock' set\n to true, so it skips locking the inode's VFS lock;\n\n7) Task A completes the direct IO write, and resets the file's private to\n NULL since it had no prior private and our private was stack allocated.\n Then it unlocks the inode's VFS lock;\n\n8) Task B enters btrfs_get_ordered_extents_for_logging(), then the\n assertion that checks the inode's VFS lock is held fails, since task B\n never locked it and task A has already unlocked it.\n\nThe stack trace produced is the following:\n\n assertion failed: inode_is_locked(&inode->vfs_inode), in fs/btrfs/ordered-data.c:983\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/ordered-data.c:983!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 9 PID: 5072 Comm: worker Tainted: G U OE 6.10.5-1-default #1 openSUSE Tumbleweed 69f48d427608e1c09e60ea24c6c55e2ca1b049e8\n Hardware name: Acer Predator PH315-52/Covini_CFS, BIOS V1.12 07/28/2020\n RIP: 0010:btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs]\n Code: 50 d6 86 c0 e8 (...)\n RSP: 0018:ffff9e4a03dcfc78 EFLAGS: 00010246\n RAX: 0000000000000054 RBX: ffff9078a9868e98 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff907dce4a7800 RDI: ffff907dce4a7800\n RBP: ffff907805518800 R08: 0000000000000000 R09: ffff9e4a03dcfb38\n R10: ffff9e4a03dcfb30 R11: 0000000000000003 R12: ffff907684ae7800\n R13: 0000000000000001 R14: ffff90774646b600 R15: 0000000000000000\n FS: 00007f04b96006c0(0000) GS:ffff907dce480000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f32acbfc000 CR3: 00000001fd4fa005 CR4: 00000000003726f0\n Call Trace:\n <TASK>\n ? __die_body.cold+0x14/0x24\n ? die+0x2e/0x50\n ? do_trap+0xca/0x110\n ? do_error_trap+0x6a/0x90\n ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n ? exc_invalid_op+0x50/0x70\n ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n ? asm_exc_invalid_op+0x1a/0x20\n ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n btrfs_sync_file+0x21a/0x4d0 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n ? __seccomp_filter+0x31d/0x4f0\n __x64_sys_fdatasync+0x4f/0x90\n do_syscall_64+0x82/0x160\n ? do_futex+0xcb/0x190\n ? __x64_sys_futex+0x10e/0x1d0\n ? switch_fpu_return+0x4f/0xd0\n ? syscall_exit_to_user_mode+0x72/0x220\n ? do_syscall_64+0x8e/0x160\n ? syscall_exit_to_user_mod\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/01681aa609b5f110502f56c4e3b2938efcf4a5bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7b5595f33c3c273613b590892a578d78186bb400",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd3087582e4fa36e89be4e6f859e75a4400292b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd9253c23aedd61eb5ff11f37a36247cd46faf86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d116a0b0e02f395cedfb8c725bd67480aa7c428c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-467xx/CVE-2024-46735.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46735",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.057",
"lastModified": "2024-09-18T08:15:03.057",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()\n\nWhen two UBLK_CMD_START_USER_RECOVERY commands are submitted, the\nfirst one sets 'ubq->ubq_daemon' to NULL, and the second one triggers\nWARN in ublk_queue_reinit() and subsequently a NULL pointer dereference\nissue.\n\nFix it by adding the check in ublk_ctrl_start_recovery() and return\nimmediately in case of zero 'ub->nr_queues_ready'.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000028\n RIP: 0010:ublk_ctrl_start_recovery.constprop.0+0x82/0x180\n Call Trace:\n <TASK>\n ? __die+0x20/0x70\n ? page_fault_oops+0x75/0x170\n ? exc_page_fault+0x64/0x140\n ? asm_exc_page_fault+0x22/0x30\n ? ublk_ctrl_start_recovery.constprop.0+0x82/0x180\n ublk_ctrl_uring_cmd+0x4f7/0x6c0\n ? pick_next_task_idle+0x26/0x40\n io_uring_cmd+0x9a/0x1b0\n io_issue_sqe+0x193/0x3f0\n io_wq_submit_work+0x9b/0x390\n io_worker_handle_work+0x165/0x360\n io_wq_worker+0xcb/0x2f0\n ? finish_task_switch.isra.0+0x203/0x290\n ? finish_task_switch.isra.0+0x203/0x290\n ? __pfx_io_wq_worker+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_io_wq_worker+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n </TASK>"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/136a29d8112df4ea0a57f9602ddf3579e04089dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7c890ef60bf417d3fe5c6f7a9f6cef0e1d77f74f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca249435893dda766f3845c15ca77ca5672022d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e58f5142f88320a5b1449f96a146f2f24615c5c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46736.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46736",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.113",
"lastModified": "2024-09-18T08:15:03.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1a46c7f6546b73cbf36f5a618a1a6bbb45391eb3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3523a3df03c6f04f7ea9c2e7050102657e331a4f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b27ea9c96efd2c252a981fb00d0f001b86c90f3e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-467xx/CVE-2024-46737.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46737",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.167",
"lastModified": "2024-09-18T08:15:03.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: fix kernel crash if commands allocation fails\n\nIf the commands allocation fails in nvmet_tcp_alloc_cmds()\nthe kernel crashes in nvmet_tcp_release_queue_work() because of\na NULL pointer dereference.\n\n nvmet: failed to install queue 0 cntlid 1 ret 6\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000008\n\nFix the bug by setting queue->nr_cmds to zero in case\nnvmet_tcp_alloc_cmd() fails."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/03e1fd0327fa5e2174567f5fe9290fe21d21b8f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/489f2913a63f528cfe3f21722583fb981967ecda",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/50632b877ce55356f5d276b9add289b1e7ddc683",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5572a55a6f830ee3f3a994b6b962a5c327d28cb3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6c04d1e3ab22cc5394ef656429638a5947f87244",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7957c731fc2b23312f8935812dee5a0b14b04e2d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/91dad30c5607e62864f888e735d0965567827bdf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46738.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46738",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.233",
"lastModified": "2024-09-18T08:15:03.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix use-after-free when removing resource in vmci_resource_remove()\n\nWhen removing a resource from vmci_resource_table in\nvmci_resource_remove(), the search is performed using the resource\nhandle by comparing context and resource fields.\n\nIt is possible though to create two resources with different types\nbut same handle (same context and resource fields).\n\nWhen trying to remove one of the resources, vmci_resource_remove()\nmay not remove the intended one, but the object will still be freed\nas in the case of the datagram type in vmci_datagram_destroy_handle().\nvmci_resource_table will still hold a pointer to this freed resource\nleading to a use-after-free vulnerability.\n\nBUG: KASAN: use-after-free in vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline]\nBUG: KASAN: use-after-free in vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147\nRead of size 4 at addr ffff88801c16d800 by task syz-executor197/1592\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x82/0xa9 lib/dump_stack.c:106\n print_address_description.constprop.0+0x21/0x366 mm/kasan/report.c:239\n __kasan_report.cold+0x7f/0x132 mm/kasan/report.c:425\n kasan_report+0x38/0x51 mm/kasan/report.c:442\n vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline]\n vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147\n vmci_qp_broker_detach+0x89a/0x11b9 drivers/misc/vmw_vmci/vmci_queue_pair.c:2182\n ctx_free_ctx+0x473/0xbe1 drivers/misc/vmw_vmci/vmci_context.c:444\n kref_put include/linux/kref.h:65 [inline]\n vmci_ctx_put drivers/misc/vmw_vmci/vmci_context.c:497 [inline]\n vmci_ctx_destroy+0x170/0x1d6 drivers/misc/vmw_vmci/vmci_context.c:195\n vmci_host_close+0x125/0x1ac drivers/misc/vmw_vmci/vmci_host.c:143\n __fput+0x261/0xa34 fs/file_table.c:282\n task_work_run+0xf0/0x194 kernel/task_work.c:164\n tracehook_notify_resume include/linux/tracehook.h:189 [inline]\n exit_to_user_mode_loop+0x184/0x189 kernel/entry/common.c:187\n exit_to_user_mode_prepare+0x11b/0x123 kernel/entry/common.c:220\n __syscall_exit_to_user_mode_work kernel/entry/common.c:302 [inline]\n syscall_exit_to_user_mode+0x18/0x42 kernel/entry/common.c:313\n do_syscall_64+0x41/0x85 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x6e/0x0\n\nThis change ensures the type is also checked when removing\nthe resource from vmci_resource_table in vmci_resource_remove()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/00fe5292f081f8d773e572df8e03bf6e1855fe49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/39e7e593418ccdbd151f2925fa6be1a616d16c96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/48b9a8dabcc3cf5f961b2ebcd8933bf9204babb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6c563a29857aa8053b67ee141191f69757f27f6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b243d52b5f6f59f9d39e69b191fb3d58b94a43b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b9efdf333174468651be40390cbc79c9f55d9cce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef5f4d0c5ee22d4f873116fec844ff6edaf3fa7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f6365931bf7c07b2b397dbb06a4f6573cc9fae73",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46739.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46739",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.293",
"lastModified": "2024-09-18T08:15:03.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind\n\nFor primary VM Bus channels, primary_channel pointer is always NULL. This\npointer is valid only for the secondary channels. Also, rescind callback\nis meant for primary channels only.\n\nFix NULL pointer dereference by retrieving the device_obj from the parent\nfor the primary channel."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1d8e020e51ab07e40f9dd00b52f1da7d96fec04c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2be373469be1774bbe03b0fa7e2854e65005b1cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3005091cd537ef8cdb7530dcb2ecfba8d2ef475c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3d414b64ecf6fd717d7510ffb893c6f23acbf50e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/928e399e84f4e80307dce44e89415115c473275b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de6946be9c8bc7d2279123433495af7c21011b99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f38f46da80a2ab7d1b2f8fcb444c916034a2dac4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fb1adbd7e50f3d2de56d0a2bb0700e2e819a329e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-467xx/CVE-2024-46740.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46740",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.377",
"lastModified": "2024-09-18T08:15:03.377",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix UAF caused by offsets overwrite\n\nBinder objects are processed and copied individually into the target\nbuffer during transactions. Any raw data in-between these objects is\ncopied as well. However, this raw data copy lacks an out-of-bounds\ncheck. If the raw data exceeds the data section size then the copy\noverwrites the offsets section. This eventually triggers an error that\nattempts to unwind the processed objects. However, at this point the\noffsets used to index these objects are now corrupted.\n\nUnwinding with corrupted offsets can result in decrements of arbitrary\nnodes and lead to their premature release. Other users of such nodes are\nleft with a dangling pointer triggering a use-after-free. This issue is\nmade evident by the following KASAN report (trimmed):\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in _raw_spin_lock+0xe4/0x19c\n Write of size 4 at addr ffff47fc91598f04 by task binder-util/743\n\n CPU: 9 UID: 0 PID: 743 Comm: binder-util Not tainted 6.11.0-rc4 #1\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n _raw_spin_lock+0xe4/0x19c\n binder_free_buf+0x128/0x434\n binder_thread_write+0x8a4/0x3260\n binder_ioctl+0x18f0/0x258c\n [...]\n\n Allocated by task 743:\n __kmalloc_cache_noprof+0x110/0x270\n binder_new_node+0x50/0x700\n binder_transaction+0x413c/0x6da8\n binder_thread_write+0x978/0x3260\n binder_ioctl+0x18f0/0x258c\n [...]\n\n Freed by task 745:\n kfree+0xbc/0x208\n binder_thread_read+0x1c5c/0x37d4\n binder_ioctl+0x16d8/0x258c\n [...]\n ==================================================================\n\nTo avoid this issue, let's check that the raw data copy is within the\nboundaries of the data section."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/109e845c1184c9f786d41516348ba3efd9112792",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1f33d9f1d9ac3f0129f8508925000900c2fe5bb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3a8154bb4ab4a01390a3abf1e6afac296e037da4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4df153652cc46545722879415937582028c18af5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f79e0b80dc69bd5eaaed70f0df1b558728b4e59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5a32bfd23022ffa7e152f273fa3fa29befb7d929",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eef79854a04feac5b861f94d7b19cbbe79874117",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46741.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46741",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.430",
"lastModified": "2024-09-18T08:15:03.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix double free of 'buf' in error path\n\nsmatch warning:\ndrivers/misc/fastrpc.c:1926 fastrpc_req_mmap() error: double free of 'buf'\n\nIn fastrpc_req_mmap() error path, the fastrpc buffer is freed in\nfastrpc_req_munmap_impl() if unmap is successful.\n\nBut in the end, there is an unconditional call to fastrpc_buf_free().\nSo the above case triggers the double free of fastrpc buf."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/bfc1704d909dc9911a558b1a5833d3d61a43a1f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e8c276d4dc0e19ee48385f74426aebc855b49aaf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f77dc8a75859e559f3238a6d906206259227985e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46742.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46742",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.480",
"lastModified": "2024-09-18T08:15:03.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()\n\nnull-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)\nand parse_lease_state() return NULL.\n\nFix this by check if 'lease_ctx_info' is NULL.\n\nAdditionally, remove the redundant parentheses in\nparse_durable_handle_context()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/07f384c5be1f8633b13f0a22616e227570450bc6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3b692794b81f2ecad69a4adbba687f3836824ada",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4e8771a3666c8f216eefd6bd2fd50121c6c437db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46743.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46743",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.540",
"lastModified": "2024-09-18T08:15:03.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nof/irq: Prevent device address out-of-bounds read in interrupt map walk\n\nWhen of_irq_parse_raw() is invoked with a device address smaller than\nthe interrupt parent node (from #address-cells property), KASAN detects\nthe following out-of-bounds read when populating the initial match table\n(dyndbg=\"func of_irq_parse_* +p\"):\n\n OF: of_irq_parse_one: dev=/soc@0/picasso/watchdog, index=0\n OF: parent=/soc@0/pci@878000000000/gpio0@17,0, intsize=2\n OF: intspec=4\n OF: of_irq_parse_raw: ipar=/soc@0/pci@878000000000/gpio0@17,0, size=2\n OF: -> addrsize=3\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in of_irq_parse_raw+0x2b8/0x8d0\n Read of size 4 at addr ffffff81beca5608 by task bash/764\n\n CPU: 1 PID: 764 Comm: bash Tainted: G O 6.1.67-484c613561-nokia_sm_arm64 #1\n Hardware name: Unknown Unknown Product/Unknown Product, BIOS 2023.01-12.24.03-dirty 01/01/2023\n Call trace:\n dump_backtrace+0xdc/0x130\n show_stack+0x1c/0x30\n dump_stack_lvl+0x6c/0x84\n print_report+0x150/0x448\n kasan_report+0x98/0x140\n __asan_load4+0x78/0xa0\n of_irq_parse_raw+0x2b8/0x8d0\n of_irq_parse_one+0x24c/0x270\n parse_interrupts+0xc0/0x120\n of_fwnode_add_links+0x100/0x2d0\n fw_devlink_parse_fwtree+0x64/0xc0\n device_add+0xb38/0xc30\n of_device_add+0x64/0x90\n of_platform_device_create_pdata+0xd0/0x170\n of_platform_bus_create+0x244/0x600\n of_platform_notify+0x1b0/0x254\n blocking_notifier_call_chain+0x9c/0xd0\n __of_changeset_entry_notify+0x1b8/0x230\n __of_changeset_apply_notify+0x54/0xe4\n of_overlay_fdt_apply+0xc04/0xd94\n ...\n\n The buggy address belongs to the object at ffffff81beca5600\n which belongs to the cache kmalloc-128 of size 128\n The buggy address is located 8 bytes inside of\n 128-byte region [ffffff81beca5600, ffffff81beca5680)\n\n The buggy address belongs to the physical page:\n page:00000000230d3d03 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1beca4\n head:00000000230d3d03 order:1 compound_mapcount:0 compound_pincount:0\n flags: 0x8000000000010200(slab|head|zone=2)\n raw: 8000000000010200 0000000000000000 dead000000000122 ffffff810000c300\n raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffffff81beca5500: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffffff81beca5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n >ffffff81beca5600: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ^\n ffffff81beca5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffffff81beca5700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc\n ==================================================================\n OF: -> got it !\n\nPrevent the out-of-bounds read by copying the device address into a\nbuffer of sufficient size."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7ead730af11ee7da107f16fc77995613c58d292d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8ff351ea12e918db1373b915c4c268815929cbe5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d1e9f0876b03d74d44513a0ed3ed15ef8f2fed5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b739dffa5d570b411d4bdf4bb9b8dfd6b7d72305",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/baaf26723beab3a04da578d3008be3544f83758f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bf68acd840b6a5bfd3777e0d5aaa204db6b461a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2a79494d8a5262949736fb2c3ac44d20a51b0d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/defcaa426ba0bc89ffdafb799d2e50b52f74ffc4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46744.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46744",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.603",
"lastModified": "2024-09-18T08:15:03.603",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: sanity check symbolic link size\n\nSyzkiller reports a \"KMSAN: uninit-value in pick_link\" bug.\n\nThis is caused by an uninitialised page, which is ultimately caused\nby a corrupted symbolic link size read from disk.\n\nThe reason why the corrupted symlink size causes an uninitialised\npage is due to the following sequence of events:\n\n1. squashfs_read_inode() is called to read the symbolic\n link from disk. This assigns the corrupted value\n 3875536935 to inode->i_size.\n\n2. Later squashfs_symlink_read_folio() is called, which assigns\n this corrupted value to the length variable, which being a\n signed int, overflows producing a negative number.\n\n3. The following loop that fills in the page contents checks that\n the copied bytes is less than length, which being negative means\n the loop is skipped, producing an uninitialised page.\n\nThis patch adds a sanity check which checks that the symbolic\nlink size is not larger than expected.\n\n--\n\nV2: fix spelling mistake."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/087f25b2d36adae19951114ffcbb7106ed405ebb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1b9451ba6f21478a75288ea3e3fca4be35e2a438",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5c8906de98d0d7ad42ff3edf2cb6cd7e0ea658c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/810ee43d9cd245d138a2733d87a24858a23f577d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c3af7e460a526007e4bed1ce3623274a1a6afe5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef4e249971eb77ec33d74c5c3de1e2576faf6c90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f82cb7f24032ed023fc67d26ea9bf322d8431a90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fac5e82ab1334fc8ed6ff7183702df634bd1d93d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46745.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46745",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.667",
"lastModified": "2024-09-18T08:15:03.667",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: uinput - reject requests with unreasonable number of slots\n\n\nWhen exercising uinput interface syzkaller may try setting up device\nwith a really large number of slots, which causes memory allocation\nfailure in input_mt_init_slots(). While this allocation failure is\nhandled properly and request is rejected, it results in syzkaller\nreports. Additionally, such request may put undue burden on the\nsystem which will try to free a lot of memory for a bogus request.\n\nFix it by limiting allowed number of slots to 100. This can easily\nbe extended if we see devices that can track more than 100 contacts."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/206f533a0a7c683982af473079c4111f4a0f9f5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/51fa08edd80003db700bdaa099385c5900d27f4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/597ff930296c4c8fc6b6a536884d4f1a7187ec70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/61df76619e270a46fd427fbdeb670ad491c42de2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9719687398dea8a6a12a10321a54dd75eec7ab2d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9c6d189f0c1c59ba9a32326ec82a0b367a3cd47b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a4858b00a1ec57043697fb935565fe267f161833",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d76fc0f0b18d49b7e721c9e4975ef4bffde2f3e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-467xx/CVE-2024-46746.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-46746",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.730",
"lastModified": "2024-09-18T08:15:03.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: free driver_data after destroying hid device\n\nHID driver callbacks aren't called anymore once hid_destroy_device() has\nbeen called. Hence, hid driver_data should be freed only after the\nhid_destroy_device() function returned as driver_data is used in several\ncallbacks.\n\nI observed a crash with kernel 6.10.0 on my T14s Gen 3, after enabling\nKASAN to debug memory allocation, I got this output:\n\n [ 13.050438] ==================================================================\n [ 13.054060] BUG: KASAN: slab-use-after-free in amd_sfh_get_report+0x3ec/0x530 [amd_sfh]\n [ 13.054809] psmouse serio1: trackpoint: Synaptics TrackPoint firmware: 0x02, buttons: 3/3\n [ 13.056432] Read of size 8 at addr ffff88813152f408 by task (udev-worker)/479\n\n [ 13.060970] CPU: 5 PID: 479 Comm: (udev-worker) Not tainted 6.10.0-arch1-2 #1 893bb55d7f0073f25c46adbb49eb3785fefd74b0\n [ 13.063978] Hardware name: LENOVO 21CQCTO1WW/21CQCTO1WW, BIOS R22ET70W (1.40 ) 03/21/2024\n [ 13.067860] Call Trace:\n [ 13.069383] input: TPPS/2 Synaptics TrackPoint as /devices/platform/i8042/serio1/input/input8\n [ 13.071486] <TASK>\n [ 13.071492] dump_stack_lvl+0x5d/0x80\n [ 13.074870] snd_hda_intel 0000:33:00.6: enabling device (0000 -> 0002)\n [ 13.078296] ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n [ 13.082199] print_report+0x174/0x505\n [ 13.085776] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n [ 13.089367] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.093255] ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n [ 13.097464] kasan_report+0xc8/0x150\n [ 13.101461] ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n [ 13.105802] amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n [ 13.110303] amdtp_hid_request+0xb8/0x110 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n [ 13.114879] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.119450] sensor_hub_get_feature+0x1d3/0x540 [hid_sensor_hub 3f13be3016ff415bea03008d45d99da837ee3082]\n [ 13.124097] hid_sensor_parse_common_attributes+0x4d0/0xad0 [hid_sensor_iio_common c3a5cbe93969c28b122609768bbe23efe52eb8f5]\n [ 13.127404] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.131925] ? __pfx_hid_sensor_parse_common_attributes+0x10/0x10 [hid_sensor_iio_common c3a5cbe93969c28b122609768bbe23efe52eb8f5]\n [ 13.136455] ? _raw_spin_lock_irqsave+0x96/0xf0\n [ 13.140197] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n [ 13.143602] ? devm_iio_device_alloc+0x34/0x50 [industrialio 3d261d5e5765625d2b052be40e526d62b1d2123b]\n [ 13.147234] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.150446] ? __devm_add_action+0x167/0x1d0\n [ 13.155061] hid_gyro_3d_probe+0x120/0x7f0 [hid_sensor_gyro_3d 63da36a143b775846ab2dbb86c343b401b5e3172]\n [ 13.158581] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.161814] platform_probe+0xa2/0x150\n [ 13.165029] really_probe+0x1e3/0x8a0\n [ 13.168243] __driver_probe_device+0x18c/0x370\n [ 13.171500] driver_probe_device+0x4a/0x120\n [ 13.175000] __driver_attach+0x190/0x4a0\n [ 13.178521] ? __pfx___driver_attach+0x10/0x10\n [ 13.181771] bus_for_each_dev+0x106/0x180\n [ 13.185033] ? __pfx__raw_spin_lock+0x10/0x10\n [ 13.188229] ? __pfx_bus_for_each_dev+0x10/0x10\n [ 13.191446] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.194382] bus_add_driver+0x29e/0x4d0\n [ 13.197328] driver_register+0x1a5/0x360\n [ 13.200283] ? __pfx_hid_gyro_3d_platform_driver_init+0x10/0x10 [hid_sensor_gyro_3d 63da36a143b775846ab2dbb86c343b401b5e3172]\n [ 13.203362] do_one_initcall+0xa7/0x380\n [ 13.206432] ? __pfx_do_one_initcall+0x10/0x10\n [ 13.210175] ? srso_alias_return_thunk+0x5/0xfbef5\n [ 13.213211] ? kasan_unpoison+0x44/0x70\n [ 13.216688] do_init_module+0x238/0x750\n [ 13.2196\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/60dc4ee0428d70bcbb41436b6729d29f1cbdfb89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/775125c7fe38533aaa4b20769f5b5e62cc1170a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86b4f5cf91ca03c08e3822ac89476a677a780bcc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/97155021ae17b86985121b33cf8098bcde00d497",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/adb3e3c1ddb5a23b8b7122ef1913f528d728937c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46747.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46747",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.790",
"lastModified": "2024-09-18T08:15:03.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup\n\nreport_fixup for the Cougar 500k Gaming Keyboard was not verifying\nthat the report descriptor size was correct before accessing it"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/30e9ce7cd5591be639b53595c95812f1a2afdfdc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/34185de73d74fdc90e8651cfc472bfea6073a13f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/48b2108efa205f4579052c27fba2b22cc6ad8aa0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/890dde6001b651be79819ef7a3f8c71fc8f9cabf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a6e9c391d45b5865b61e569146304cff72821a5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e239e44dcd419b13cf840e2a3a833204e4329714",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e4a602a45aecd6a98b4b37482f5c9f8f67a32ddd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fac3cb3c6428afe2207593a183b5bc4742529dfd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46748.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46748",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.847",
"lastModified": "2024-09-18T08:15:03.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT\n\nSet the maximum size of a subrequest that writes to cachefiles to be\nMAX_RW_COUNT so that we don't overrun the maximum write we can make to the\nbacking filesystem."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/51d37982bbac3ea0ca21b2797a9cb0044272b3aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cec226f9b1fd6cf55bc157873aec61b523083e96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46749.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46749",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.893",
"lastModified": "2024-09-18T08:15:03.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()\n\nThis adds a check before freeing the rx->skb in flush and close\nfunctions to handle the kernel crash seen while removing driver after FW\ndownload fails or before FW download completes.\n\ndmesg log:\n[ 54.634586] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000080\n[ 54.643398] Mem abort info:\n[ 54.646204] ESR = 0x0000000096000004\n[ 54.649964] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 54.655286] SET = 0, FnV = 0\n[ 54.658348] EA = 0, S1PTW = 0\n[ 54.661498] FSC = 0x04: level 0 translation fault\n[ 54.666391] Data abort info:\n[ 54.669273] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 54.674768] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 54.674771] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 54.674775] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000048860000\n[ 54.674780] [0000000000000080] pgd=0000000000000000, p4d=0000000000000000\n[ 54.703880] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 54.710152] Modules linked in: btnxpuart(-) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic snd_soc_imx_spdif snd_soc_imx_card snd_soc_ak5558 snd_soc_ak4458 caam secvio error snd_soc_fsl_micfil snd_soc_fsl_spdif snd_soc_fsl_sai snd_soc_fsl_utils imx_pcm_dma gpio_ir_recv rc_core sch_fq_codel fuse\n[ 54.744357] CPU: 3 PID: 72 Comm: kworker/u9:0 Not tainted 6.6.3-otbr-g128004619037 #2\n[ 54.744364] Hardware name: FSL i.MX8MM EVK board (DT)\n[ 54.744368] Workqueue: hci0 hci_power_on\n[ 54.757244] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 54.757249] pc : kfree_skb_reason+0x18/0xb0\n[ 54.772299] lr : btnxpuart_flush+0x40/0x58 [btnxpuart]\n[ 54.782921] sp : ffff8000805ebca0\n[ 54.782923] x29: ffff8000805ebca0 x28: ffffa5c6cf1869c0 x27: ffffa5c6cf186000\n[ 54.782931] x26: ffff377b84852400 x25: ffff377b848523c0 x24: ffff377b845e7230\n[ 54.782938] x23: ffffa5c6ce8dbe08 x22: ffffa5c6ceb65410 x21: 00000000ffffff92\n[ 54.782945] x20: ffffa5c6ce8dbe98 x19: ffffffffffffffac x18: ffffffffffffffff\n[ 54.807651] x17: 0000000000000000 x16: ffffa5c6ce2824ec x15: ffff8001005eb857\n[ 54.821917] x14: 0000000000000000 x13: ffffa5c6cf1a02e0 x12: 0000000000000642\n[ 54.821924] x11: 0000000000000040 x10: ffffa5c6cf19d690 x9 : ffffa5c6cf19d688\n[ 54.821931] x8 : ffff377b86000028 x7 : 0000000000000000 x6 : 0000000000000000\n[ 54.821938] x5 : ffff377b86000000 x4 : 0000000000000000 x3 : 0000000000000000\n[ 54.843331] x2 : 0000000000000000 x1 : 0000000000000002 x0 : ffffffffffffffac\n[ 54.857599] Call trace:\n[ 54.857601] kfree_skb_reason+0x18/0xb0\n[ 54.863878] btnxpuart_flush+0x40/0x58 [btnxpuart]\n[ 54.863888] hci_dev_open_sync+0x3a8/0xa04\n[ 54.872773] hci_power_on+0x54/0x2e4\n[ 54.881832] process_one_work+0x138/0x260\n[ 54.881842] worker_thread+0x32c/0x438\n[ 54.881847] kthread+0x118/0x11c\n[ 54.881853] ret_from_fork+0x10/0x20\n[ 54.896406] Code: a9be7bfd 910003fd f9000bf3 aa0003f3 (b940d400)\n[ 54.896410] ---[ end trace 0000000000000000 ]---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/013dae4735d2010544d1f2121bdeb8e6c9ea171e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/056e0cd381d59a9124b7c43dd715e15f56a11635",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c68bbf5e334b35b36ac5b9f0419f1f93f796bad1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46750.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46750",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:03.947",
"lastModified": "2024-09-18T08:15:03.947",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Add missing bridge lock to pci_bus_lock()\n\nOne of the true positives that the cfg_access_lock lockdep effort\nidentified is this sequence:\n\n WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pci_bridge_secondary_bus_reset+0x5d/0x70\n RIP: 0010:pci_bridge_secondary_bus_reset+0x5d/0x70\n Call Trace:\n <TASK>\n ? __warn+0x8c/0x190\n ? pci_bridge_secondary_bus_reset+0x5d/0x70\n ? report_bug+0x1f8/0x200\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? pci_bridge_secondary_bus_reset+0x5d/0x70\n pci_reset_bus+0x1d8/0x270\n vmd_probe+0x778/0xa10\n pci_device_probe+0x95/0x120\n\nWhere pci_reset_bus() users are triggering unlocked secondary bus resets.\nIronically pci_bus_reset(), several calls down from pci_reset_bus(), uses\npci_bus_lock() before issuing the reset which locks everything *but* the\nbridge itself.\n\nFor the same motivation as adding:\n\n bridge = pci_upstream_bridge(dev);\n if (bridge)\n pci_dev_lock(bridge);\n\nto pci_reset_function() for the \"bus\" and \"cxl_bus\" reset cases, add\npci_dev_lock() for @bus->self to pci_bus_lock().\n\n[bhelgaas: squash in recursive locking deadlock fix from Keith Busch:\nhttps://lore.kernel.org/r/20240711193650.701834-1-kbusch@meta.com]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/04e85a3285b0e5c5af6fd2c0fd6e95ffecc01945",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0790b89c7e911003b8c50ae50e3ac7645de1fae9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7253b4fed46471cc247c6cacefac890a8472c083",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78c6e39fef5c428960aff742149bba302dd46f5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/81c68e218ab883dfa368460a59b674084c0240da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a4e772898f8bf2e7e1cf661a12c60a5612c4afab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df77a678c33871a6e4ac5b54a71662f1d702335b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e2355d513b89a2cb511b4ded0deb426cdb01acd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46751.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46751",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.010",
"lastModified": "2024-09-18T08:15:04.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()\n\nInstead of doing a BUG_ON() handle the error by returning -EUCLEAN,\naborting the transaction and logging an error message."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/28cb13f29faf6290597b24b728dc3100c019356f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef9a8b73c8b60b27d9db4787e624a3438ffe8428",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-467xx/CVE-2024-46752.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-46752",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.057",
"lastModified": "2024-09-18T08:15:04.057",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: replace BUG_ON() with error handling at update_ref_for_cow()\n\nInstead of a BUG_ON() just return an error, log an error message and\nabort the transaction in case we find an extent buffer belonging to the\nrelocation tree that doesn't have the full backref flag set. This is\nunexpected and should never happen (save for bugs or a potential bad\nmemory)."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0fbac73a97286a7ec72229cb9b42d760a2c717ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/41a0f85e268d72fe04f731b8ceea4748c2d65491",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b50857b96429a09fd3beed9f7f21b7bb7c433688",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b56329a782314fde5b61058e2a25097af7ccb675",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f895db00c65e5d77c437cce946da9ec29dcdf563",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46753.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46753",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.107",
"lastModified": "2024-09-18T08:15:04.107",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle errors from btrfs_dec_ref() properly\n\nIn walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref(). This is\nincorrect, we have proper error handling here, return the error."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5eb178f373b4f16f3b42d55ff88fc94dd95b93b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a7f16a7a709845855cb5a0e080a52bda5873f9de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46754.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46754",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.153",
"lastModified": "2024-09-18T08:15:04.153",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Remove tst_run from lwt_seg6local_prog_ops.\n\nThe syzbot reported that the lwt_seg6 related BPF ops can be invoked\nvia bpf_test_run() without without entering input_action_end_bpf()\nfirst.\n\nMartin KaFai Lau said that self test for BPF_PROG_TYPE_LWT_SEG6LOCAL\nprobably didn't work since it was introduced in commit 04d4b274e2a\n(\"ipv6: sr: Add seg6local action End.BPF\"). The reason is that the\nper-CPU variable seg6_bpf_srh_states::srh is never assigned in the self\ntest case but each BPF function expects it.\n\nRemove test_run for BPF_PROG_TYPE_LWT_SEG6LOCAL."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/9cd15511de7c619bbd0f54bb3f28e6e720ded5d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c13fda93aca118b8e5cd202e339046728ee7dddb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46755.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46755",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.203",
"lastModified": "2024-09-18T08:15:04.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()\n\nmwifiex_get_priv_by_id() returns the priv pointer corresponding to\nthe bss_num and bss_type, but without checking if the priv is actually\ncurrently in use.\nUnused priv pointers do not have a wiphy attached to them which can\nlead to NULL pointer dereferences further down the callstack. Fix\nthis by returning only used priv pointers which have priv->bss_mode\nset to something else than NL80211_IFTYPE_UNSPECIFIED.\n\nSaid NULL pointer dereference happened when an Accesspoint was started\nwith wpa_supplicant -i mlan0 with this config:\n\nnetwork={\n ssid=\"somessid\"\n mode=2\n frequency=2412\n key_mgmt=WPA-PSK WPA-PSK-SHA256\n proto=RSN\n group=CCMP\n pairwise=CCMP\n psk=\"12345678\"\n}\n\nWhen waiting for the AP to be established, interrupting wpa_supplicant\nwith <ctrl-c> and starting it again this happens:\n\n| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000140\n| Mem abort info:\n| ESR = 0x0000000096000004\n| EC = 0x25: DABT (current EL), IL = 32 bits\n| SET = 0, FnV = 0\n| EA = 0, S1PTW = 0\n| FSC = 0x04: level 0 translation fault\n| Data abort info:\n| ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n| CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n| GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n| user pgtable: 4k pages, 48-bit VAs, pgdp=0000000046d96000\n| [0000000000000140] pgd=0000000000000000, p4d=0000000000000000\n| Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n| Modules linked in: caam_jr caamhash_desc spidev caamalg_desc crypto_engine authenc libdes mwifiex_sdio\n+mwifiex crct10dif_ce cdc_acm onboard_usb_hub fsl_imx8_ddr_perf imx8m_ddrc rtc_ds1307 lm75 rtc_snvs\n+imx_sdma caam imx8mm_thermal spi_imx error imx_cpufreq_dt fuse ip_tables x_tables ipv6\n| CPU: 0 PID: 8 Comm: kworker/0:1 Not tainted 6.9.0-00007-g937242013fce-dirty #18\n| Hardware name: somemachine (DT)\n| Workqueue: events sdio_irq_work\n| pstate: 00000005 (nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : mwifiex_get_cfp+0xd8/0x15c [mwifiex]\n| lr : mwifiex_get_cfp+0x34/0x15c [mwifiex]\n| sp : ffff8000818b3a70\n| x29: ffff8000818b3a70 x28: ffff000006bfd8a5 x27: 0000000000000004\n| x26: 000000000000002c x25: 0000000000001511 x24: 0000000002e86bc9\n| x23: ffff000006bfd996 x22: 0000000000000004 x21: ffff000007bec000\n| x20: 000000000000002c x19: 0000000000000000 x18: 0000000000000000\n| x17: 000000040044ffff x16: 00500072b5503510 x15: ccc283740681e517\n| x14: 0201000101006d15 x13: 0000000002e8ff43 x12: 002c01000000ffb1\n| x11: 0100000000000000 x10: 02e8ff43002c0100 x9 : 0000ffb100100157\n| x8 : ffff000003d20000 x7 : 00000000000002f1 x6 : 00000000ffffe124\n| x5 : 0000000000000001 x4 : 0000000000000003 x3 : 0000000000000000\n| x2 : 0000000000000000 x1 : 0001000000011001 x0 : 0000000000000000\n| Call trace:\n| mwifiex_get_cfp+0xd8/0x15c [mwifiex]\n| mwifiex_parse_single_response_buf+0x1d0/0x504 [mwifiex]\n| mwifiex_handle_event_ext_scan_report+0x19c/0x2f8 [mwifiex]\n| mwifiex_process_sta_event+0x298/0xf0c [mwifiex]\n| mwifiex_process_event+0x110/0x238 [mwifiex]\n| mwifiex_main_process+0x428/0xa44 [mwifiex]\n| mwifiex_sdio_interrupt+0x64/0x12c [mwifiex_sdio]\n| process_sdio_pending_irqs+0x64/0x1b8\n| sdio_irq_work+0x4c/0x7c\n| process_one_work+0x148/0x2a0\n| worker_thread+0x2fc/0x40c\n| kthread+0x110/0x114\n| ret_from_fork+0x10/0x20\n| Code: a94153f3 a8c37bfd d50323bf d65f03c0 (f940a000)\n| ---[ end trace 0000000000000000 ]---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1a05d8d02cfa3540ea5dbd6b39446bd3f515521f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9813770f25855b866b8ead8155b8806b2db70f6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a12cf97cbefa139ef8d95081f2ea047cbbd74b7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c145eea2f75ff7949392aebecf7ef0a81c1f6c14",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c16916dd6c16fa7e13ca3923eb6b9f50d848ad03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c2618dcb26c7211342b54520b5b148c0d3471c8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb67b2e51b75f1a17bee7599c8161b96e1808a70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d834433ff313838a259bb6607055ece87b895b66",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46756.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46756",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.260",
"lastModified": "2024-09-18T08:15:04.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83627ehf) Fix underflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large\nnegative number such as -9223372036854775808 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/26825b62bd1bd3e53b4f44e0745cb516d5186343",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/56cfdeb2c77291f0b5e4592731adfb6ca8fc7c24",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5c1de37969b7bc0abcb20b86e91e70caebbd4f89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/77ab0fd231c4ca873ec6908e761970360acc6df2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8fecb75bff1b7d87a071c32a37aa0700f2be379d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/93cf73a7bfdce683bde3a7bb65f270d3bd24497b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cc4be794c8d8c253770103e097ab9dbdb5f99ae1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d92f0baf99a7e327dcceab37cce57c38aab1f691",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46757.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46757",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.313",
"lastModified": "2024-09-18T08:15:04.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (nct6775-core) Fix underflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large\nnegative number such as -9223372036854775808 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/02bb3b4c7d5695ff4be01e0f55676bba49df435e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0403e10bf0824bf0ec2bb135d4cf1c0cc3bf4bf0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0c23e18cef20b989a9fd7cb0a745e1259b969159",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/298a55f11edd811f2189b74eb8f53dee34d4f14c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2f695544084a559f181cafdfd3f864c5ff9dd1db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8a1e958e26640ce015abdbb75c8896301b9bf398",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/996221b030995cc5f5baa4a642201d64b62a17cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6035c55fa9afefc23f85f57eff1d4a1d82c5b10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46758.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46758",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.367",
"lastModified": "2024-09-18T08:15:04.367",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (lm95234) Fix underflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large\nnegative number such as -9223372036854775808 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8c0c6198",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46759.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46759",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.413",
"lastModified": "2024-09-18T08:15:04.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (adc128d818) Fix underflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large\nnegative number such as -9223372036854775808 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/019ef2d396363ecddc46e826153a842f8603799b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/05419d0056dcf7088687e561bb583cc06deba777",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2a3add62f183459a057336381ef3a896da01ce38",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6891b11a0c6227ca7ed15786928a07b1c0e4d4af",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7645d783df23878342d5d8d22030c3861d2d5426",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8cad724c8537fe3e0da8004646abc00290adae40",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b0bdb43852bf7f55ba02f0cbf00b4ea7ca897bff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f7f5101af5b47a331cdbfa42ba64c507b47dd1fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46760.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46760",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.470",
"lastModified": "2024-09-18T08:15:04.470",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: usb: schedule rx work after everything is set up\n\nRight now it's possible to hit NULL pointer dereference in\nrtw_rx_fill_rx_status on hw object and/or its fields because\ninitialization routine can start getting USB replies before\nrtw_dev is fully setup.\n\nThe stack trace looks like this:\n\nrtw_rx_fill_rx_status\nrtw8821c_query_rx_desc\nrtw_usb_rx_handler\n...\nqueue_work\nrtw_usb_read_port_complete\n...\nusb_submit_urb\nrtw_usb_rx_resubmit\nrtw_usb_init_rx\nrtw_usb_probe\n\nSo while we do the async stuff rtw_usb_probe continues and calls\nrtw_register_hw, which does all kinds of initialization (e.g.\nvia ieee80211_register_hw) that rtw_rx_fill_rx_status relies on.\n\nFix this by moving the first usb_submit_urb after everything\nis set up.\n\nFor me, this bug manifested as:\n[ 8.893177] rtw_8821cu 1-1:1.2: band wrong, packet dropped\n[ 8.910904] rtw_8821cu 1-1:1.2: hw->conf.chandef.chan NULL in rtw_rx_fill_rx_status\nbecause I'm using Larry's backport of rtw88 driver with the NULL\nchecks in rtw_rx_fill_rx_status."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/25eaef533bf3ccc6fee5067aac16f41f280e343e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/adc539784c98a7cc602cbf557debfc2e7b9be8b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c83d464b82a8ad62ec9077637f75d73fe955635a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46761.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46761",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.517",
"lastModified": "2024-09-18T08:15:04.517",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npci/hotplug/pnv_php: Fix hotplug driver crash on Powernv\n\nThe hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel\ncrash when we try to hot-unplug/disable the PCIe switch/bridge from\nthe PHB.\n\nThe crash occurs because although the MSI data structure has been\nreleased during disable/hot-unplug path and it has been assigned\nwith NULL, still during unregistration the code was again trying to\nexplicitly disable the MSI which causes the NULL pointer dereference and\nkernel crash.\n\nThe patch fixes the check during unregistration path to prevent invoking\npci_disable_msi/msix() since its data structure is already freed."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/335e35b748527f0c06ded9eebb65387f60647fda",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/438d522227374042b5c8798f8ce83bbe479dca4d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4eb4085c1346d19d4a05c55246eb93e74e671048",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b82d4d5c736f4fd2ed224c35f554f50d1953d21e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bc1faed19db95abf0933b104910a3fb01b138f59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bfc44075b19740d372f989f21dd03168bfda0689",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c0d8094dc740cfacf3775bbc6a1c4720459e8de4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c4c681999d385e28f84808bbf3a85ea8e982da55",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46762.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46762",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.570",
"lastModified": "2024-09-18T08:15:04.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: privcmd: Fix possible access to a freed kirqfd instance\n\nNothing prevents simultaneous ioctl calls to privcmd_irqfd_assign() and\nprivcmd_irqfd_deassign(). If that happens, it is possible that a kirqfd\ncreated and added to the irqfds_list by privcmd_irqfd_assign() may get\nremoved by another thread executing privcmd_irqfd_deassign(), while the\nformer is still using it after dropping the locks.\n\nThis can lead to a situation where an already freed kirqfd instance may\nbe accessed and cause kernel oops.\n\nUse SRCU locking to prevent the same, as is done for the KVM\nimplementation for irqfds."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/112fd2f02b308564724b8e81006c254d20945c4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/611ff1b1ae989a7bcce3e2a8e132ee30e968c557",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e997b357b13a7d95de31681fc54fcc34235fa527",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-467xx/CVE-2024-46763.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-46763",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.613",
"lastModified": "2024-09-18T08:15:04.613",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk->sk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk->sk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk->sk_user_data could be NULL.\n\nLet's use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 <0f> b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n <IRQ>\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n</IRQ>\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 <fa> c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1df42be305fe478ded1ee0c1d775f4ece713483b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/231c235d2f7a66f018f172e26ffd47c363f244ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4494bccb52ffda22ce5a1163a776d970e6229e08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7e4196935069947d8b70b09c1660b67b067e75cb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c46cd6aaca81040deaea3500ba75126963294bd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d7567f098f54cb53ee3cee1c82e3d0ed9698b6b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46764.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46764",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.670",
"lastModified": "2024-09-18T08:15:04.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: add check for invalid name in btf_name_valid_section()\n\nIf the length of the name string is 1 and the value of name[0] is NULL\nbyte, an OOB vulnerability occurs in btf_name_valid_section() and the\nreturn value is true, so the invalid name passes the check.\n\nTo solve this, you need to check if the first position is NULL byte and\nif the first character is printable."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/bb6705c3f93bed2af03d43691743d4c43e3c8e6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c8ffe2d4d37a05ce18c71b87421443c16f8475e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46765.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46765",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.710",
"lastModified": "2024-09-18T08:15:04.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: protect XDP configuration with a mutex\n\nThe main threat to data consistency in ice_xdp() is a possible asynchronous\nPF reset. It can be triggered by a user or by TX timeout handler.\n\nXDP setup and PF reset code access the same resources in the following\nsections:\n* ice_vsi_close() in ice_prepare_for_reset() - already rtnl-locked\n* ice_vsi_rebuild() for the PF VSI - not protected\n* ice_vsi_open() - already rtnl-locked\n\nWith an unfortunate timing, such accesses can result in a crash such as the\none below:\n\n[ +1.999878] ice 0000:b1:00.0: Registered XDP mem model MEM_TYPE_XSK_BUFF_POOL on Rx ring 14\n[ +2.002992] ice 0000:b1:00.0: Registered XDP mem model MEM_TYPE_XSK_BUFF_POOL on Rx ring 18\n[Mar15 18:17] ice 0000:b1:00.0 ens801f0np0: NETDEV WATCHDOG: CPU: 38: transmit queue 14 timed out 80692736 ms\n[ +0.000093] ice 0000:b1:00.0 ens801f0np0: tx_timeout: VSI_num: 6, Q 14, NTC: 0x0, HW_HEAD: 0x0, NTU: 0x0, INT: 0x4000001\n[ +0.000012] ice 0000:b1:00.0 ens801f0np0: tx_timeout recovery level 1, txqueue 14\n[ +0.394718] ice 0000:b1:00.0: PTP reset successful\n[ +0.006184] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ +0.000045] #PF: supervisor read access in kernel mode\n[ +0.000023] #PF: error_code(0x0000) - not-present page\n[ +0.000023] PGD 0 P4D 0\n[ +0.000018] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ +0.000023] CPU: 38 PID: 7540 Comm: kworker/38:1 Not tainted 6.8.0-rc7 #1\n[ +0.000031] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0014.082620210524 08/26/2021\n[ +0.000036] Workqueue: ice ice_service_task [ice]\n[ +0.000183] RIP: 0010:ice_clean_tx_ring+0xa/0xd0 [ice]\n[...]\n[ +0.000013] Call Trace:\n[ +0.000016] <TASK>\n[ +0.000014] ? __die+0x1f/0x70\n[ +0.000029] ? page_fault_oops+0x171/0x4f0\n[ +0.000029] ? schedule+0x3b/0xd0\n[ +0.000027] ? exc_page_fault+0x7b/0x180\n[ +0.000022] ? asm_exc_page_fault+0x22/0x30\n[ +0.000031] ? ice_clean_tx_ring+0xa/0xd0 [ice]\n[ +0.000194] ice_free_tx_ring+0xe/0x60 [ice]\n[ +0.000186] ice_destroy_xdp_rings+0x157/0x310 [ice]\n[ +0.000151] ice_vsi_decfg+0x53/0xe0 [ice]\n[ +0.000180] ice_vsi_rebuild+0x239/0x540 [ice]\n[ +0.000186] ice_vsi_rebuild_by_type+0x76/0x180 [ice]\n[ +0.000145] ice_rebuild+0x18c/0x840 [ice]\n[ +0.000145] ? delay_tsc+0x4a/0xc0\n[ +0.000022] ? delay_tsc+0x92/0xc0\n[ +0.000020] ice_do_reset+0x140/0x180 [ice]\n[ +0.000886] ice_service_task+0x404/0x1030 [ice]\n[ +0.000824] process_one_work+0x171/0x340\n[ +0.000685] worker_thread+0x277/0x3a0\n[ +0.000675] ? preempt_count_add+0x6a/0xa0\n[ +0.000677] ? _raw_spin_lock_irqsave+0x23/0x50\n[ +0.000679] ? __pfx_worker_thread+0x10/0x10\n[ +0.000653] kthread+0xf0/0x120\n[ +0.000635] ? __pfx_kthread+0x10/0x10\n[ +0.000616] ret_from_fork+0x2d/0x50\n[ +0.000612] ? __pfx_kthread+0x10/0x10\n[ +0.000604] ret_from_fork_asm+0x1b/0x30\n[ +0.000604] </TASK>\n\nThe previous way of handling this through returning -EBUSY is not viable,\nparticularly when destroying AF_XDP socket, because the kernel proceeds\nwith removal anyway.\n\nThere is plenty of code between those calls and there is no need to create\na large critical section that covers all of them, same as there is no need\nto protect ice_vsi_rebuild() with rtnl_lock().\n\nAdd xdp_state_lock mutex to protect ice_vsi_rebuild() and ice_xdp().\n\nLeaving unprotected sections in between would result in two states that\nhave to be considered:\n1. when the VSI is closed, but not yet rebuild\n2. when VSI is already rebuild, but not yet open\n\nThe latter case is actually already handled through !netif_running() case,\nwe just need to adjust flag checking a little. The former one is not as\ntrivial, because between ice_vsi_close() and ice_vsi_rebuild(), a lot of\nhardware interaction happens, this can make adding/deleting rings exit\nwith an error. Luckily, VSI rebuild is pending and can apply new\nconfiguration for us in a managed fashion.\n\nTherefore, add an additional VSI state flag ICE_VSI_REBUILD_PENDING to\nindicate that ice_x\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2504b8405768a57a71e660dbfd5abd59f679a03f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2f057db2fb29bc209c103050647562e60554d3d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/391f7dae3d836891fc6cfbde38add2d0e10c6b7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46766.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46766",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.760",
"lastModified": "2024-09-18T08:15:04.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: move netif_queue_set_napi to rtnl-protected sections\n\nCurrently, netif_queue_set_napi() is called from ice_vsi_rebuild() that is\nnot rtnl-locked when called from the reset. This creates the need to take\nthe rtnl_lock just for a single function and complicates the\nsynchronization with .ndo_bpf. At the same time, there no actual need to\nfill napi-to-queue information at this exact point.\n\nFill napi-to-queue information when opening the VSI and clear it when the\nVSI is being closed. Those routines are already rtnl-locked.\n\nAlso, rewrite napi-to-queue assignment in a way that prevents inclusion of\nXDP queues, as this leads to out-of-bounds writes, such as one below.\n\n[ +0.000004] BUG: KASAN: slab-out-of-bounds in netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000012] Write of size 8 at addr ffff889881727c80 by task bash/7047\n[ +0.000006] CPU: 24 PID: 7047 Comm: bash Not tainted 6.10.0-rc2+ #2\n[ +0.000004] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0014.082620210524 08/26/2021\n[ +0.000003] Call Trace:\n[ +0.000003] <TASK>\n[ +0.000002] dump_stack_lvl+0x60/0x80\n[ +0.000007] print_report+0xce/0x630\n[ +0.000007] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ +0.000007] ? __virt_addr_valid+0x1c9/0x2c0\n[ +0.000005] ? netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000003] kasan_report+0xe9/0x120\n[ +0.000004] ? netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000004] netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000005] ice_vsi_close+0x161/0x670 [ice]\n[ +0.000114] ice_dis_vsi+0x22f/0x270 [ice]\n[ +0.000095] ice_pf_dis_all_vsi.constprop.0+0xae/0x1c0 [ice]\n[ +0.000086] ice_prepare_for_reset+0x299/0x750 [ice]\n[ +0.000087] pci_dev_save_and_disable+0x82/0xd0\n[ +0.000006] pci_reset_function+0x12d/0x230\n[ +0.000004] reset_store+0xa0/0x100\n[ +0.000006] ? __pfx_reset_store+0x10/0x10\n[ +0.000002] ? __pfx_mutex_lock+0x10/0x10\n[ +0.000004] ? __check_object_size+0x4c1/0x640\n[ +0.000007] kernfs_fop_write_iter+0x30b/0x4a0\n[ +0.000006] vfs_write+0x5d6/0xdf0\n[ +0.000005] ? fd_install+0x180/0x350\n[ +0.000005] ? __pfx_vfs_write+0x10/0xA10\n[ +0.000004] ? do_fcntl+0x52c/0xcd0\n[ +0.000004] ? kasan_save_track+0x13/0x60\n[ +0.000003] ? kasan_save_free_info+0x37/0x60\n[ +0.000006] ksys_write+0xfa/0x1d0\n[ +0.000003] ? __pfx_ksys_write+0x10/0x10\n[ +0.000002] ? __x64_sys_fcntl+0x121/0x180\n[ +0.000004] ? _raw_spin_lock+0x87/0xe0\n[ +0.000005] do_syscall_64+0x80/0x170\n[ +0.000007] ? _raw_spin_lock+0x87/0xe0\n[ +0.000004] ? __pfx__raw_spin_lock+0x10/0x10\n[ +0.000003] ? file_close_fd_locked+0x167/0x230\n[ +0.000005] ? syscall_exit_to_user_mode+0x7d/0x220\n[ +0.000005] ? do_syscall_64+0x8c/0x170\n[ +0.000004] ? do_syscall_64+0x8c/0x170\n[ +0.000003] ? do_syscall_64+0x8c/0x170\n[ +0.000003] ? fput+0x1a/0x2c0\n[ +0.000004] ? filp_close+0x19/0x30\n[ +0.000004] ? do_dup2+0x25a/0x4c0\n[ +0.000004] ? __x64_sys_dup2+0x6e/0x2e0\n[ +0.000002] ? syscall_exit_to_user_mode+0x7d/0x220\n[ +0.000004] ? do_syscall_64+0x8c/0x170\n[ +0.000003] ? __count_memcg_events+0x113/0x380\n[ +0.000005] ? handle_mm_fault+0x136/0x820\n[ +0.000005] ? do_user_addr_fault+0x444/0xa80\n[ +0.000004] ? clear_bhb_loop+0x25/0x80\n[ +0.000004] ? clear_bhb_loop+0x25/0x80\n[ +0.000002] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ +0.000005] RIP: 0033:0x7f2033593154"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2285c2faef19ee08a6bd6754f4c3ec07dceb2889",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2a5dc090b92cfa5270e20056074241c6db5c9cdd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46767.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46767",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.810",
"lastModified": "2024-09-18T08:15:04.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Fix missing of_node_put() for leds\n\nThe call of of_get_child_by_name() will cause refcount incremented\nfor leds, if it succeeds, it should call of_node_put() to decrease\nit, fix it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2560db6ede1aaf162a73b2df43e0b6c5ed8819f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/26928c8f00f6bb0e194f3957fe51c69d36838eb2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d9c8dbbc236cdc6231ee91cdede2fc97b430cfff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46768.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46768",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.853",
"lastModified": "2024-09-18T08:15:04.853",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (hp-wmi-sensors) Check if WMI event data exists\n\nThe BIOS can choose to return no event data in response to a\nWMI event, so the ACPI object passed to the WMI notify handler\ncan be NULL.\n\nCheck for such a situation and ignore the event in such a case."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/217539e994e53206bbf3fb330261cc78c480d311",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4b19c83ba108aa66226da5b79810e4d19e005f12",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a54da9df75cd1b4b5028f6c60f9a211532680585",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46769.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46769",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.903",
"lastModified": "2024-09-18T08:15:04.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: intel: Add check devm_kasprintf() returned value\n\nintel_spi_populate_chip() use devm_kasprintf() to set pdata->name.\nThis can return a NULL pointer on failure but this returned value\nis not checked."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2920294686ec23211637998f3ec386dfd3d784a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6e68abdc5d674f9f4185bf1e1956368d05df4838",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-467xx/CVE-2024-46770.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46770",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:04.957",
"lastModified": "2024-09-18T08:15:04.957",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Add netif_device_attach/detach into PF reset flow\n\nEthtool callbacks can be executed while reset is in progress and try to\naccess deleted resources, e.g. getting coalesce settings can result in a\nNULL pointer dereference seen below.\n\nReproduction steps:\nOnce the driver is fully initialized, trigger reset:\n\t# echo 1 > /sys/class/net/<interface>/device/reset\nwhen reset is in progress try to get coalesce settings using ethtool:\n\t# ethtool -c <interface>\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] PREEMPT SMP PTI\nCPU: 11 PID: 19713 Comm: ethtool Tainted: G S 6.10.0-rc7+ #7\nRIP: 0010:ice_get_q_coalesce+0x2e/0xa0 [ice]\nRSP: 0018:ffffbab1e9bcf6a8 EFLAGS: 00010206\nRAX: 000000000000000c RBX: ffff94512305b028 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff9451c3f2e588 RDI: ffff9451c3f2e588\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffff9451c3f2e580 R11: 000000000000001f R12: ffff945121fa9000\nR13: ffffbab1e9bcf760 R14: 0000000000000013 R15: ffffffff9e65dd40\nFS: 00007faee5fbe740(0000) GS:ffff94546fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000020 CR3: 0000000106c2e005 CR4: 00000000001706f0\nCall Trace:\n<TASK>\nice_get_coalesce+0x17/0x30 [ice]\ncoalesce_prepare_data+0x61/0x80\nethnl_default_doit+0xde/0x340\ngenl_family_rcv_msg_doit+0xf2/0x150\ngenl_rcv_msg+0x1b3/0x2c0\nnetlink_rcv_skb+0x5b/0x110\ngenl_rcv+0x28/0x40\nnetlink_unicast+0x19c/0x290\nnetlink_sendmsg+0x222/0x490\n__sys_sendto+0x1df/0x1f0\n__x64_sys_sendto+0x24/0x30\ndo_syscall_64+0x82/0x160\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7faee60d8e27\n\nCalling netif_device_detach() before reset makes the net core not call\nthe driver when ethtool command is issued, the attempt to execute an\nethtool command during reset will result in the following message:\n\n netlink error: No such device\n\ninstead of NULL pointer dereference. Once reset is done and\nice_rebuild() is executing, the netif_device_attach() is called to allow\nfor ethtool operations to occur again in a safe manner."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/36486c9e8e01b84faaee47203eac0b7e9cc7fa4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e3ffb839249eca113062587659224f856fe14e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d11a67634227f9f9da51938af085fb41a733848f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/efe8effe138044a4747d1112ebb8c454d1663723",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46771.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46771",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.010",
"lastModified": "2024-09-18T08:15:05.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Remove proc entry when dev is unregistered.\n\nsyzkaller reported a warning in bcm_connect() below. [0]\n\nThe repro calls connect() to vxcan1, removes vxcan1, and calls\nconnect() with ifindex == 0.\n\nCalling connect() for a BCM socket allocates a proc entry.\nThen, bcm_sk(sk)->bound is set to 1 to prevent further connect().\n\nHowever, removing the bound device resets bcm_sk(sk)->bound to 0\nin bcm_notify().\n\nThe 2nd connect() tries to allocate a proc entry with the same\nname and sets NULL to bcm_sk(sk)->bcm_proc_read, leaking the\noriginal proc entry.\n\nSince the proc entry is available only for connect()ed sockets,\nlet's clean up the entry when the bound netdev is unregistered.\n\n[0]:\nproc_dir_entry 'can-bcm/2456' already registered\nWARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375\nModules linked in:\nCPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375\nCode: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 <0f> 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48\nRSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246\nRAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002\nRBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0\nR10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec\nFS: 00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n <TASK>\n proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220\n bcm_connect+0x472/0x840 net/can/bcm.c:1673\n __sys_connect_file net/socket.c:2049 [inline]\n __sys_connect+0x5d2/0x690 net/socket.c:2066\n __do_sys_connect net/socket.c:2076 [inline]\n __se_sys_connect net/socket.c:2073 [inline]\n __x64_sys_connect+0x8f/0x100 net/socket.c:2073\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7fbd708b0e5d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48\nRSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d\nRDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040\nR10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098\nR13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000\n </TASK>\nremove_proc_entry: removing non-empty directory 'net/can-bcm', leaking at least '2456'"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/10bfacbd5e8d821011d857bee73310457c9c989a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/33ed4ba73caae39f34ab874ba79138badc2c65dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3b39dc2901aa7a679a5ca981a3de9f8d5658afe8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4377b79323df62eb5d310354f19b4d130ff58d50",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5c680022c4e28ba18ea500f3e29f0428271afa92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/76fe372ccb81b0c89b6cd2fec26e2f38c958be85",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/abb0a615569ec008e8a93d9f3ab2d5b418ea94d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aec92dbebdbec7567d9f56d7c9296a572b8fd849",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46772.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46772",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.073",
"lastModified": "2024-09-18T08:15:05.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check denominator crb_pipes before used\n\n[WHAT & HOW]\nA denominator cannot be 0, and is checked before used.\n\nThis fixes 2 DIVIDE_BY_ZERO issues reported by Coverity."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/ea79068d4073bf303f8203f2625af7d9185a1bc6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ede06d23392529b039cf7ac11b5875b047900f1c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-467xx/CVE-2024-46773.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46773",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.123",
"lastModified": "2024-09-18T08:15:05.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check denominator pbn_div before used\n\n[WHAT & HOW]\nA denominator cannot be 0, and is checked before used.\n\nThis fixes 1 DIVIDE_BY_ZERO issue reported by Coverity."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/116a678f3a9abc24f5c9d2525b7393d18d9eb58e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/11f997143c67680d6e40a13363618380cd57a414",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/20e7164c52d9bfbb9d9862b833fa989624a61345",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dfafee0a7b51c7c9612edd2d991401294964d02f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46774.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46774",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.180",
"lastModified": "2024-09-18T08:15:05.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()\n\nSmatch warns:\n\n arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential\n spectre issue 'args.args' [r] (local cap)\n\nThe 'nargs' and 'nret' locals come directly from a user-supplied\nbuffer and are used as indexes into a small stack-based array and as\ninputs to copy_to_user() after they are subject to bounds checks.\n\nUse array_index_nospec() after the bounds checks to clamp these values\nfor speculative execution."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0974d03eb479384466d828d65637814bee6b26d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/68d8156480940b79227d58865ec5d2947b9384a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46775.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46775",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.240",
"lastModified": "2024-09-18T08:15:05.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Validate function returns\n\n[WHAT & HOW]\nFunction return values must be checked before data can be used\nin subsequent functions.\n\nThis fixes 4 CHECKED_RETURN issues reported by Coverity."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5639a3048c7079803256374204ad55ec52cd0b49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/673f816b9e1e92d1f70e1bf5f21b531e0ff9ad6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46776.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46776",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.287",
"lastModified": "2024-09-18T08:15:05.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Run DC_LOG_DC after checking link->link_enc\n\n[WHAT]\nThe DC_LOG_DC should be run after link->link_enc is checked, not before.\n\nThis fixes 1 REVERSE_INULL issue reported by Coverity."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a82f62b0d9d7687eac47603bb6cd14a50fa718b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/874e3bb302f97b94ac548959ec4f925b8e7b45e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/adc74d25cdbba978afbb57caec23bbcd0329f7b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46777.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46777",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.330",
"lastModified": "2024-09-18T08:15:05.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Avoid excessive partition lengths\n\nAvoid mounting filesystems where the partition would overflow the\n32-bits used for block number. Also refuse to mount filesystems where\nthe partition length is so large we cannot safely index bits in a\nblock bitmap."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0173999123082280cf904bd640015951f194a294",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1497a4484cdb2cf6c37960d788fb6ba67567bdb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2ddf831451357c6da4b64645eb797c93c1c054d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/551966371e17912564bc387fbeb2ac13077c3db1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/925fd8ee80d5348a5e965548e5484d164d19221d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a56330761950cb83de1dfb348479f20c56c95f90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c0c23130d38e8bc28e9ef581443de9b1fc749966",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ebbe26fd54a9621994bc16b14f2ba8f84c089693",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46778.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46778",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.380",
"lastModified": "2024-09-18T08:15:05.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check UnboundedRequestEnabled's value\n\nCalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled\nis a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and thus\nif (p->UnboundedRequestEnabled) checks its address, not bool value.\n\nThis fixes 1 REVERSE_INULL issue reported by Coverity."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4e2b49a85e7974d21364798c5d4aa8070aa864d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a7b38c7852093385d0605aa3c8a2efd6edd1edfd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46779.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46779",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.430",
"lastModified": "2024-09-18T08:15:05.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Free pvr_vm_gpuva after unlink\n\nThis caused a measurable memory leak. Although the individual\nallocations are small, the leaks occurs in a high-usage codepath\n(remapping or unmapping device memory) so they add up quickly."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1cc695be8920df234f83270d789078cb2d3bc564",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3f6b2f60b4631cd0c368da6a1587ab55a696164d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46780.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46780",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.473",
"lastModified": "2024-09-18T08:15:05.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: protect references to superblock parameters exposed in sysfs\n\nThe superblock buffers of nilfs2 can not only be overwritten at runtime\nfor modifications/repairs, but they are also regularly swapped, replaced\nduring resizing, and even abandoned when degrading to one side due to\nbacking device issues. So, accessing them requires mutual exclusion using\nthe reader/writer semaphore \"nilfs->ns_sem\".\n\nSome sysfs attribute show methods read this superblock buffer without the\nnecessary mutual exclusion, which can cause problems with pointer\ndereferencing and memory access, so fix it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/157c0d94b4c40887329418c70ef4edd1a8d6b4ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/19cfeba0e4b8eda51484fcf8cf7d150418e1d880",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/683408258917541bdb294cd717c210a04381931e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8c6e43b3d5f109cf9c61bc188fcc8175404e924f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/962562d4c70c5cdeb4e955d63ff2017c4eca1aad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b14e7260bb691d7f563f61da07d61e3c8b59a614",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b90beafac05931cbfcb6b1bd4f67c1923f47040e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ba97ba173f9625d5f34a986088979eae8b80d38e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46781.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46781",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.527",
"lastModified": "2024-09-18T08:15:05.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix missing cleanup on rollforward recovery error\n\nIn an error injection test of a routine for mount-time recovery, KASAN\nfound a use-after-free bug.\n\nIt turned out that if data recovery was performed using partial logs\ncreated by dsync writes, but an error occurred before starting the log\nwriter to create a recovered checkpoint, the inodes whose data had been\nrecovered were left in the ns_dirty_files list of the nilfs object and\nwere not freed.\n\nFix this issue by cleaning up inodes that have read the recovery data if\nthe recovery routine fails midway before the log writer starts."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/07e4dc2fe000ab008bcfe90be4324ef56b5b4355",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1cf1f7e8cd47244fa947d357ef1f642d91e219a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35a9a7a7d94662146396199b0cfd95f9517cdd14",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5787fcaab9eb5930f5378d6a1dd03d916d146622",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8e2d1e9d93c4ec51354229361ac3373058529ec4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d8c3a585d564d776ee60d4aabec59b404be7403",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca92c4bff2833cb30d493b935168d6cccd5c805d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/da02f9eb333333b2e4f25d2a14967cff785ac82e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-467xx/CVE-2024-46782.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46782",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.577",
"lastModified": "2024-09-18T08:15:05.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/031ae72825cef43e4650140b800ad58bf7a6a466",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/18a5a16940464b301ea91bf5da3a324aedb347b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/43d34110882b97ba1ec66cc8234b18983efb9abf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/47abd8adddbc0aecb8f231269ef659148d5dabe4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/925c18a7cff93d8a4320d652351294ff7d0ac93c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/93ee345ba349922834e6a9d1dadabaedcc12dce6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bda4d84ac0d5421b346faee720011f58bdb99673",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dcaf4e2216824839d26727a15b638c6a677bd9fc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-467xx/CVE-2024-46783.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46783",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.630",
"lastModified": "2024-09-18T08:15:05.630",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: fix return value of tcp_bpf_sendmsg()\n\nWhen we cork messages in psock->cork, the last message triggers the\nflushing will result in sending a sk_msg larger than the current\nmessage size. In this case, in tcp_bpf_send_verdict(), 'copied' becomes\nnegative at least in the following case:\n\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta); // <==== HERE\n473 return -EACCES;\n\nTherefore, it could lead to the following BUG with a proper value of\n'copied' (thanks to syzbot). We should not use negative 'copied' as a\nreturn value here.\n\n ------------[ cut here ]------------\n kernel BUG at net/socket.c:733!\n Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n Modules linked in:\n CPU: 0 UID: 0 PID: 3265 Comm: syz-executor510 Not tainted 6.11.0-rc3-syzkaller-00060-gd07b43284ab3 #0\n Hardware name: linux,dummy-virt (DT)\n pstate: 61400009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n pc : sock_sendmsg_nosec net/socket.c:733 [inline]\n pc : sock_sendmsg_nosec net/socket.c:728 [inline]\n pc : __sock_sendmsg+0x5c/0x60 net/socket.c:745\n lr : sock_sendmsg_nosec net/socket.c:730 [inline]\n lr : __sock_sendmsg+0x54/0x60 net/socket.c:745\n sp : ffff800088ea3b30\n x29: ffff800088ea3b30 x28: fbf00000062bc900 x27: 0000000000000000\n x26: ffff800088ea3bc0 x25: ffff800088ea3bc0 x24: 0000000000000000\n x23: f9f00000048dc000 x22: 0000000000000000 x21: ffff800088ea3d90\n x20: f9f00000048dc000 x19: ffff800088ea3d90 x18: 0000000000000001\n x17: 0000000000000000 x16: 0000000000000000 x15: 000000002002ffaf\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: ffff8000815849c0 x9 : ffff8000815b49c0\n x8 : 0000000000000000 x7 : 000000000000003f x6 : 0000000000000000\n x5 : 00000000000007e0 x4 : fff07ffffd239000 x3 : fbf00000062bc900\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 00000000fffffdef\n Call trace:\n sock_sendmsg_nosec net/socket.c:733 [inline]\n __sock_sendmsg+0x5c/0x60 net/socket.c:745\n ____sys_sendmsg+0x274/0x2ac net/socket.c:2597\n ___sys_sendmsg+0xac/0x100 net/socket.c:2651\n __sys_sendmsg+0x84/0xe0 net/socket.c:2680\n __do_sys_sendmsg net/socket.c:2689 [inline]\n __se_sys_sendmsg net/socket.c:2687 [inline]\n __arm64_sys_sendmsg+0x24/0x30 net/socket.c:2687\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x48/0x110 arch/arm64/kernel/syscall.c:49\n el0_svc_common.constprop.0+0x40/0xe0 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x1c/0x28 arch/arm64/kernel/syscall.c:151\n el0_svc+0x34/0xec arch/arm64/kernel/entry-common.c:712\n el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598\n Code: f9404463 d63f0060 3108441f 54fffe81 (d4210000)\n ---[ end trace 0000000000000000 ]---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/126d72b726c4cf1119f3a7fe413a78d341c3fea9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3efe53eb221a38e207c1e3f81c51e4ca057d50c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6f9fdf5806cced888c43512bccbdf7fefd50f510",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78bb38d9c5a311c5f8bdef7c9557d7d81ca30e4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/810a4e7d92dea4074cb04c25758320909d752193",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c8219a27fa43a2cbf99f5176f6dddfe73e7a24ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fe1910f9337bd46a9343967b547ccab26b4b2c6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-467xx/CVE-2024-46784.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46784",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.683",
"lastModified": "2024-09-18T08:15:05.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup\n\nCurrently napi_disable() gets called during rxq and txq cleanup,\neven before napi is enabled and hrtimer is initialized. It causes\nkernel panic.\n\n? page_fault_oops+0x136/0x2b0\n ? page_counter_cancel+0x2e/0x80\n ? do_user_addr_fault+0x2f2/0x640\n ? refill_obj_stock+0xc4/0x110\n ? exc_page_fault+0x71/0x160\n ? asm_exc_page_fault+0x27/0x30\n ? __mmdrop+0x10/0x180\n ? __mmdrop+0xec/0x180\n ? hrtimer_active+0xd/0x50\n hrtimer_try_to_cancel+0x2c/0xf0\n hrtimer_cancel+0x15/0x30\n napi_disable+0x65/0x90\n mana_destroy_rxq+0x4c/0x2f0\n mana_create_rxq.isra.0+0x56c/0x6d0\n ? mana_uncfg_vport+0x50/0x50\n mana_alloc_queues+0x21b/0x320\n ? skb_dequeue+0x5f/0x80"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4982a47154f0b50de81ee0a0b169a3fc74120a65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9178eb8ebcd887ab75e54ac40d538e54bb9c7788",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e0bff4900b5d412a9bafe4baeaa6facd34f671c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b6ecc662037694488bfff7c9fd21c405df8411f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46785.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46785",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.730",
"lastModified": "2024-09-18T08:15:05.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\neventfs: Use list_del_rcu() for SRCU protected list variable\n\nChi Zhiling reported:\n\n We found a null pointer accessing in tracefs[1], the reason is that the\n variable 'ei_child' is set to LIST_POISON1, that means the list was\n removed in eventfs_remove_rec. so when access the ei_child->is_freed, the\n panic triggered.\n\n by the way, the following script can reproduce this panic\n\n loop1 (){\n while true\n do\n echo \"p:kp submit_bio\" > /sys/kernel/debug/tracing/kprobe_events\n echo \"\" > /sys/kernel/debug/tracing/kprobe_events\n done\n }\n loop2 (){\n while true\n do\n tree /sys/kernel/debug/tracing/events/kprobes/\n done\n }\n loop1 &\n loop2\n\n [1]:\n [ 1147.959632][T17331] Unable to handle kernel paging request at virtual address dead000000000150\n [ 1147.968239][T17331] Mem abort info:\n [ 1147.971739][T17331] ESR = 0x0000000096000004\n [ 1147.976172][T17331] EC = 0x25: DABT (current EL), IL = 32 bits\n [ 1147.982171][T17331] SET = 0, FnV = 0\n [ 1147.985906][T17331] EA = 0, S1PTW = 0\n [ 1147.989734][T17331] FSC = 0x04: level 0 translation fault\n [ 1147.995292][T17331] Data abort info:\n [ 1147.998858][T17331] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n [ 1148.005023][T17331] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n [ 1148.010759][T17331] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [ 1148.016752][T17331] [dead000000000150] address between user and kernel address ranges\n [ 1148.024571][T17331] Internal error: Oops: 0000000096000004 [#1] SMP\n [ 1148.030825][T17331] Modules linked in: team_mode_loadbalance team nlmon act_gact cls_flower sch_ingress bonding tls macvlan dummy ib_core bridge stp llc veth amdgpu amdxcp mfd_core gpu_sched drm_exec drm_buddy radeon crct10dif_ce video drm_suballoc_helper ghash_ce drm_ttm_helper sha2_ce ttm sha256_arm64 i2c_algo_bit sha1_ce sbsa_gwdt cp210x drm_display_helper cec sr_mod cdrom drm_kms_helper binfmt_misc sg loop fuse drm dm_mod nfnetlink ip_tables autofs4 [last unloaded: tls]\n [ 1148.072808][T17331] CPU: 3 PID: 17331 Comm: ls Tainted: G W ------- ---- 6.6.43 #2\n [ 1148.081751][T17331] Source Version: 21b3b386e948bedd29369af66f3e98ab01b1c650\n [ 1148.088783][T17331] Hardware name: Greatwall GW-001M1A-FTF/GW-001M1A-FTF, BIOS KunLun BIOS V4.0 07/16/2020\n [ 1148.098419][T17331] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n [ 1148.106060][T17331] pc : eventfs_iterate+0x2c0/0x398\n [ 1148.111017][T17331] lr : eventfs_iterate+0x2fc/0x398\n [ 1148.115969][T17331] sp : ffff80008d56bbd0\n [ 1148.119964][T17331] x29: ffff80008d56bbf0 x28: ffff001ff5be2600 x27: 0000000000000000\n [ 1148.127781][T17331] x26: ffff001ff52ca4e0 x25: 0000000000009977 x24: dead000000000100\n [ 1148.135598][T17331] x23: 0000000000000000 x22: 000000000000000b x21: ffff800082645f10\n [ 1148.143415][T17331] x20: ffff001fddf87c70 x19: ffff80008d56bc90 x18: 0000000000000000\n [ 1148.151231][T17331] x17: 0000000000000000 x16: 0000000000000000 x15: ffff001ff52ca4e0\n [ 1148.159048][T17331] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n [ 1148.166864][T17331] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff8000804391d0\n [ 1148.174680][T17331] x8 : 0000000180000000 x7 : 0000000000000018 x6 : 0000aaab04b92862\n [ 1148.182498][T17331] x5 : 0000aaab04b92862 x4 : 0000000080000000 x3 : 0000000000000068\n [ 1148.190314][T17331] x2 : 000000000000000f x1 : 0000000000007ea8 x0 : 0000000000000001\n [ 1148.198131][T17331] Call trace:\n [ 1148.201259][T17331] eventfs_iterate+0x2c0/0x398\n [ 1148.205864][T17331] iterate_dir+0x98/0x188\n [ 1148.210036][T17331] __arm64_sys_getdents64+0x78/0x160\n [ 1148.215161][T17331] invoke_syscall+0x78/0x108\n [ 1148.219593][T17331] el0_svc_common.constprop.0+0x48/0xf0\n [ 1148.224977][T17331] do_el0_svc+0x24/0x38\n [ 1148.228974][T17331] el0_svc+0x40/0x168\n [ 1148.232798][T17\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/05e08297c3c298d8ec28e5a5adb55840312dd87e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2603279c7d645bf0d11fa253b23f1ab48fc8d3c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f579d17a86448779f9642ad8baca6e3036a8e2d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46786.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46786",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.783",
"lastModified": "2024-09-18T08:15:05.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF\n\nThe fscache_cookie_lru_timer is initialized when the fscache module\nis inserted, but is not deleted when the fscache module is removed.\nIf timer_reduce() is called before removing the fscache module,\nthe fscache_cookie_lru_timer will be added to the timer list of\nthe current cpu. Afterwards, a use-after-free will be triggered\nin the softIRQ after removing the fscache module, as follows:\n\n==================================================================\nBUG: unable to handle page fault for address: fffffbfff803c9e9\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 21ffea067 P4D 21ffea067 PUD 21ffe6067 PMD 110a7c067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.11.0-rc3 #855\nTainted: [W]=WARN\nRIP: 0010:__run_timer_base.part.0+0x254/0x8a0\nCall Trace:\n <IRQ>\n tmigr_handle_remote_up+0x627/0x810\n __walk_groups.isra.0+0x47/0x140\n tmigr_handle_remote+0x1fa/0x2f0\n handle_softirqs+0x180/0x590\n irq_exit_rcu+0x84/0xb0\n sysvec_apic_timer_interrupt+0x6e/0x90\n </IRQ>\n <TASK>\n asm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:default_idle+0xf/0x20\n default_idle_call+0x38/0x60\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x54/0x60\n start_secondary+0x20d/0x280\n common_startup_64+0x13e/0x148\n </TASK>\nModules linked in: [last unloaded: netfs]\n==================================================================\n\nTherefore delete fscache_cookie_lru_timer when removing the fscahe module."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a11262549ac2ac6fb98c7cd40a67136817e5a52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/72a6e22c604c95ddb3b10b5d3bb85b6ff4dbc34f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e0d724932ad12e3528f4ce97fc0f6078d0cce4bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46787.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46787",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.833",
"lastModified": "2024-09-18T08:15:05.833",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: fix checks for huge PMDs\n\nPatch series \"userfaultfd: fix races around pmd_trans_huge() check\", v2.\n\nThe pmd_trans_huge() code in mfill_atomic() is wrong in three different\nways depending on kernel version:\n\n1. The pmd_trans_huge() check is racy and can lead to a BUG_ON() (if you hit\n the right two race windows) - I've tested this in a kernel build with\n some extra mdelay() calls. See the commit message for a description\n of the race scenario.\n On older kernels (before 6.5), I think the same bug can even\n theoretically lead to accessing transhuge page contents as a page table\n if you hit the right 5 narrow race windows (I haven't tested this case).\n2. As pointed out by Qi Zheng, pmd_trans_huge() is not sufficient for\n detecting PMDs that don't point to page tables.\n On older kernels (before 6.5), you'd just have to win a single fairly\n wide race to hit this.\n I've tested this on 6.1 stable by racing migration (with a mdelay()\n patched into try_to_migrate()) against UFFDIO_ZEROPAGE - on my x86\n VM, that causes a kernel oops in ptlock_ptr().\n3. On newer kernels (>=6.5), for shmem mappings, khugepaged is allowed\n to yank page tables out from under us (though I haven't tested that),\n so I think the BUG_ON() checks in mfill_atomic() are just wrong.\n\nI decided to write two separate fixes for these (one fix for bugs 1+2, one\nfix for bug 3), so that the first fix can be backported to kernels\naffected by bugs 1+2.\n\n\nThis patch (of 2):\n\nThis fixes two issues.\n\nI discovered that the following race can occur:\n\n mfill_atomic other thread\n ============ ============\n <zap PMD>\n pmdp_get_lockless() [reads none pmd]\n <bail if trans_huge>\n <if none:>\n <pagefault creates transhuge zeropage>\n __pte_alloc [no-op]\n <zap PMD>\n <bail if pmd_trans_huge(*dst_pmd)>\n BUG_ON(pmd_none(*dst_pmd))\n\nI have experimentally verified this in a kernel with extra mdelay() calls;\nthe BUG_ON(pmd_none(*dst_pmd)) triggers.\n\nOn kernels newer than commit 0d940a9b270b (\"mm/pgtable: allow\npte_offset_map[_lock]() to fail\"), this can't lead to anything worse than\na BUG_ON(), since the page table access helpers are actually designed to\ndeal with page tables concurrently disappearing; but on older kernels\n(<=6.4), I think we could probably theoretically race past the two\nBUG_ON() checks and end up treating a hugepage as a page table.\n\nThe second issue is that, as Qi Zheng pointed out, there are other types\nof huge PMDs that pmd_trans_huge() can't catch: devmap PMDs and swap PMDs\n(in particular, migration PMDs).\n\nOn <=6.4, this is worse than the first issue: If mfill_atomic() runs on a\nPMD that contains a migration entry (which just requires winning a single,\nfairly wide race), it will pass the PMD to pte_offset_map_lock(), which\nassumes that the PMD points to a page table.\n\nBreakage follows: First, the kernel tries to take the PTE lock (which will\ncrash or maybe worse if there is no \"struct page\" for the address bits in\nthe migration entry PMD - I think at least on X86 there usually is no\ncorresponding \"struct page\" thanks to the PTE inversion mitigation, amd64\nlooks different).\n\nIf that didn't crash, the kernel would next try to write a PTE into what\nit wrongly thinks is a page table.\n\nAs part of fixing these issues, get rid of the check for pmd_trans_huge()\nbefore __pte_alloc() - that's redundant, we're going to have to check for\nthat after the __pte_alloc() anyway.\n\nBackport note: pmdp_get_lockless() is pmd_read_atomic() in older kernels."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3c6b4bcf37845c9359aed926324bed66bdd2448d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/71c186efc1b2cf1aeabfeff3b9bd5ac4c5ac14d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/98cc18b1b71e23fe81a5194ed432b20c2d81a01a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46788.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46788",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.893",
"lastModified": "2024-09-18T08:15:05.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Use a cpumask to know what threads are kthreads\n\nThe start_kthread() and stop_thread() code was not always called with the\ninterface_lock held. This means that the kthread variable could be\nunexpectedly changed causing the kthread_stop() to be called on it when it\nshould not have been, leading to:\n\n while true; do\n rtla timerlat top -u -q & PID=$!;\n sleep 5;\n kill -INT $PID;\n sleep 0.001;\n kill -TERM $PID;\n wait $PID;\n done\n\nCausing the following OOPS:\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN PTI\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n CPU: 5 UID: 0 PID: 885 Comm: timerlatu/5 Not tainted 6.11.0-rc4-test-00002-gbc754cc76d1b-dirty #125 a533010b71dab205ad2f507188ce8c82203b0254\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:hrtimer_active+0x58/0x300\n Code: 48 c1 ee 03 41 54 48 01 d1 48 01 d6 55 53 48 83 ec 20 80 39 00 0f 85 30 02 00 00 49 8b 6f 30 4c 8d 75 10 4c 89 f0 48 c1 e8 03 <0f> b6 3c 10 4c 89 f0 83 e0 07 83 c0 03 40 38 f8 7c 09 40 84 ff 0f\n RSP: 0018:ffff88811d97f940 EFLAGS: 00010202\n RAX: 0000000000000002 RBX: ffff88823c6b5b28 RCX: ffffed10478d6b6b\n RDX: dffffc0000000000 RSI: ffffed10478d6b6c RDI: ffff88823c6b5b28\n RBP: 0000000000000000 R08: ffff88823c6b5b58 R09: ffff88823c6b5b60\n R10: ffff88811d97f957 R11: 0000000000000010 R12: 00000000000a801d\n R13: ffff88810d8b35d8 R14: 0000000000000010 R15: ffff88823c6b5b28\n FS: 0000000000000000(0000) GS:ffff88823c680000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000561858ad7258 CR3: 000000007729e001 CR4: 0000000000170ef0\n Call Trace:\n <TASK>\n ? die_addr+0x40/0xa0\n ? exc_general_protection+0x154/0x230\n ? asm_exc_general_protection+0x26/0x30\n ? hrtimer_active+0x58/0x300\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx_locks_remove_file+0x10/0x10\n hrtimer_cancel+0x15/0x40\n timerlat_fd_release+0x8e/0x1f0\n ? security_file_release+0x43/0x80\n __fput+0x372/0xb10\n task_work_run+0x11e/0x1f0\n ? _raw_spin_lock+0x85/0xe0\n ? __pfx_task_work_run+0x10/0x10\n ? poison_slab_object+0x109/0x170\n ? do_exit+0x7a0/0x24b0\n do_exit+0x7bd/0x24b0\n ? __pfx_migrate_enable+0x10/0x10\n ? __pfx_do_exit+0x10/0x10\n ? __pfx_read_tsc+0x10/0x10\n ? ktime_get+0x64/0x140\n ? _raw_spin_lock_irq+0x86/0xe0\n do_group_exit+0xb0/0x220\n get_signal+0x17ba/0x1b50\n ? vfs_read+0x179/0xa40\n ? timerlat_fd_read+0x30b/0x9d0\n ? __pfx_get_signal+0x10/0x10\n ? __pfx_timerlat_fd_read+0x10/0x10\n arch_do_signal_or_restart+0x8c/0x570\n ? __pfx_arch_do_signal_or_restart+0x10/0x10\n ? vfs_read+0x179/0xa40\n ? ksys_read+0xfe/0x1d0\n ? __pfx_ksys_read+0x10/0x10\n syscall_exit_to_user_mode+0xbc/0x130\n do_syscall_64+0x74/0x110\n ? __pfx___rseq_handle_notify_resume+0x10/0x10\n ? __pfx_ksys_read+0x10/0x10\n ? fpregs_restore_userregs+0xdb/0x1e0\n ? fpregs_restore_userregs+0xdb/0x1e0\n ? syscall_exit_to_user_mode+0x116/0x130\n ? do_syscall_64+0x74/0x110\n ? do_syscall_64+0x74/0x110\n ? do_syscall_64+0x74/0x110\n entry_SYSCALL_64_after_hwframe+0x71/0x79\n RIP: 0033:0x7ff0070eca9c\n Code: Unable to access opcode bytes at 0x7ff0070eca72.\n RSP: 002b:00007ff006dff8c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007ff0070eca9c\n RDX: 0000000000000400 RSI: 00007ff006dff9a0 RDI: 0000000000000003\n RBP: 00007ff006dffde0 R08: 0000000000000000 R09: 00007ff000000ba0\n R10: 00007ff007004b08 R11: 0000000000000246 R12: 0000000000000003\n R13: 00007ff006dff9a0 R14: 0000000000000007 R15: 0000000000000008\n </TASK>\n Modules linked in: snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec snd_hwdep snd_hda_core\n ---[ end trace 0000000000000000 ]---\n\nThis is because it would mistakenly call kthread_stop() on a user space\nthread making it \"exit\" before it actually exits.\n\nSince kthread\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/177e1cc2f41235c145041eed03ef5bab18f32328",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/27282d2505b402f39371fd60d19d95c01a4b6776",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7a5f01828edf152c144d27cf63de446fdf2dc222",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46789.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46789",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:05.957",
"lastModified": "2024-09-18T08:15:05.957",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: add check for s->flags in the alloc_tagging_slab_free_hook\n\nWhen enable CONFIG_MEMCG & CONFIG_KFENCE & CONFIG_KMEMLEAK, the following\nwarning always occurs,This is because the following call stack occurred:\nmem_pool_alloc\n kmem_cache_alloc_noprof\n slab_alloc_node\n kfence_alloc\n\nOnce the kfence allocation is successful,slab->obj_exts will not be empty,\nbecause it has already been assigned a value in kfence_init_pool.\n\nSince in the prepare_slab_obj_exts_hook function,we perform a check for\ns->flags & (SLAB_NO_OBJ_EXT | SLAB_NOLEAKTRACE),the alloc_tag_add function\nwill not be called as a result.Therefore,ref->ct remains NULL.\n\nHowever,when we call mem_pool_free,since obj_ext is not empty, it\neventually leads to the alloc_tag_sub scenario being invoked. This is\nwhere the warning occurs.\n\nSo we should add corresponding checks in the alloc_tagging_slab_free_hook.\nFor __GFP_NO_OBJ_EXT case,I didn't see the specific case where it's using\nkfence,so I won't add the corresponding check in\nalloc_tagging_slab_free_hook for now.\n\n[ 3.734349] ------------[ cut here ]------------\n[ 3.734807] alloc_tag was not set\n[ 3.735129] WARNING: CPU: 4 PID: 40 at ./include/linux/alloc_tag.h:130 kmem_cache_free+0x444/0x574\n[ 3.735866] Modules linked in: autofs4\n[ 3.736211] CPU: 4 UID: 0 PID: 40 Comm: ksoftirqd/4 Tainted: G W 6.11.0-rc3-dirty #1\n[ 3.736969] Tainted: [W]=WARN\n[ 3.737258] Hardware name: QEMU KVM Virtual Machine, BIOS unknown 2/2/2022\n[ 3.737875] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 3.738501] pc : kmem_cache_free+0x444/0x574\n[ 3.738951] lr : kmem_cache_free+0x444/0x574\n[ 3.739361] sp : ffff80008357bb60\n[ 3.739693] x29: ffff80008357bb70 x28: 0000000000000000 x27: 0000000000000000\n[ 3.740338] x26: ffff80008207f000 x25: ffff000b2eb2fd60 x24: ffff0000c0005700\n[ 3.740982] x23: ffff8000804229e4 x22: ffff800082080000 x21: ffff800081756000\n[ 3.741630] x20: fffffd7ff8253360 x19: 00000000000000a8 x18: ffffffffffffffff\n[ 3.742274] x17: ffff800ab327f000 x16: ffff800083398000 x15: ffff800081756df0\n[ 3.742919] x14: 0000000000000000 x13: 205d344320202020 x12: 5b5d373038343337\n[ 3.743560] x11: ffff80008357b650 x10: 000000000000005d x9 : 00000000ffffffd0\n[ 3.744231] x8 : 7f7f7f7f7f7f7f7f x7 : ffff80008237bad0 x6 : c0000000ffff7fff\n[ 3.744907] x5 : ffff80008237ba78 x4 : ffff8000820bbad0 x3 : 0000000000000001\n[ 3.745580] x2 : 68d66547c09f7800 x1 : 68d66547c09f7800 x0 : 0000000000000000\n[ 3.746255] Call trace:\n[ 3.746530] kmem_cache_free+0x444/0x574\n[ 3.746931] mem_pool_free+0x44/0xf4\n[ 3.747306] free_object_rcu+0xc8/0xdc\n[ 3.747693] rcu_do_batch+0x234/0x8a4\n[ 3.748075] rcu_core+0x230/0x3e4\n[ 3.748424] rcu_core_si+0x14/0x1c\n[ 3.748780] handle_softirqs+0x134/0x378\n[ 3.749189] run_ksoftirqd+0x70/0x9c\n[ 3.749560] smpboot_thread_fn+0x148/0x22c\n[ 3.749978] kthread+0x10c/0x118\n[ 3.750323] ret_from_fork+0x10/0x20\n[ 3.750696] ---[ end trace 0000000000000000 ]---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d476c86ba4745fcbc912ce4627df4fa80caa9ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ab7ca09520e9c41c219a4427fe0dae24024bfe7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46790.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46790",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.010",
"lastModified": "2024-09-18T08:15:06.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodetag: debug: mark codetags for poisoned page as empty\n\nWhen PG_hwpoison pages are freed they are treated differently in\nfree_pages_prepare() and instead of being released they are isolated.\n\nPage allocation tag counters are decremented at this point since the page\nis considered not in use. Later on when such pages are released by\nunpoison_memory(), the allocation tag counters will be decremented again\nand the following warning gets reported:\n\n[ 113.930443][ T3282] ------------[ cut here ]------------\n[ 113.931105][ T3282] alloc_tag was not set\n[ 113.931576][ T3282] WARNING: CPU: 2 PID: 3282 at ./include/linux/alloc_tag.h:130 pgalloc_tag_sub.part.66+0x154/0x164\n[ 113.932866][ T3282] Modules linked in: hwpoison_inject fuse ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 ipt_REJECT nf_reject_ipv4 xt_conntrack ebtable_nat ebtable_broute ip6table_nat ip6table_man4\n[ 113.941638][ T3282] CPU: 2 UID: 0 PID: 3282 Comm: madvise11 Kdump: loaded Tainted: G W 6.11.0-rc4-dirty #18\n[ 113.943003][ T3282] Tainted: [W]=WARN\n[ 113.943453][ T3282] Hardware name: QEMU KVM Virtual Machine, BIOS unknown 2/2/2022\n[ 113.944378][ T3282] pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 113.945319][ T3282] pc : pgalloc_tag_sub.part.66+0x154/0x164\n[ 113.946016][ T3282] lr : pgalloc_tag_sub.part.66+0x154/0x164\n[ 113.946706][ T3282] sp : ffff800087093a10\n[ 113.947197][ T3282] x29: ffff800087093a10 x28: ffff0000d7a9d400 x27: ffff80008249f0a0\n[ 113.948165][ T3282] x26: 0000000000000000 x25: ffff80008249f2b0 x24: 0000000000000000\n[ 113.949134][ T3282] x23: 0000000000000001 x22: 0000000000000001 x21: 0000000000000000\n[ 113.950597][ T3282] x20: ffff0000c08fcad8 x19: ffff80008251e000 x18: ffffffffffffffff\n[ 113.952207][ T3282] x17: 0000000000000000 x16: 0000000000000000 x15: ffff800081746210\n[ 113.953161][ T3282] x14: 0000000000000000 x13: 205d323832335420 x12: 5b5d353031313339\n[ 113.954120][ T3282] x11: ffff800087093500 x10: 000000000000005d x9 : 00000000ffffffd0\n[ 113.955078][ T3282] x8 : 7f7f7f7f7f7f7f7f x7 : ffff80008236ba90 x6 : c0000000ffff7fff\n[ 113.956036][ T3282] x5 : ffff000b34bf4dc8 x4 : ffff8000820aba90 x3 : 0000000000000001\n[ 113.956994][ T3282] x2 : ffff800ab320f000 x1 : 841d1e35ac932e00 x0 : 0000000000000000\n[ 113.957962][ T3282] Call trace:\n[ 113.958350][ T3282] pgalloc_tag_sub.part.66+0x154/0x164\n[ 113.959000][ T3282] pgalloc_tag_sub+0x14/0x1c\n[ 113.959539][ T3282] free_unref_page+0xf4/0x4b8\n[ 113.960096][ T3282] __folio_put+0xd4/0x120\n[ 113.960614][ T3282] folio_put+0x24/0x50\n[ 113.961103][ T3282] unpoison_memory+0x4f0/0x5b0\n[ 113.961678][ T3282] hwpoison_unpoison+0x30/0x48 [hwpoison_inject]\n[ 113.962436][ T3282] simple_attr_write_xsigned.isra.34+0xec/0x1cc\n[ 113.963183][ T3282] simple_attr_write+0x38/0x48\n[ 113.963750][ T3282] debugfs_attr_write+0x54/0x80\n[ 113.964330][ T3282] full_proxy_write+0x68/0x98\n[ 113.964880][ T3282] vfs_write+0xdc/0x4d0\n[ 113.965372][ T3282] ksys_write+0x78/0x100\n[ 113.965875][ T3282] __arm64_sys_write+0x24/0x30\n[ 113.966440][ T3282] invoke_syscall+0x7c/0x104\n[ 113.966984][ T3282] el0_svc_common.constprop.1+0x88/0x104\n[ 113.967652][ T3282] do_el0_svc+0x2c/0x38\n[ 113.968893][ T3282] el0_svc+0x3c/0x1b8\n[ 113.969379][ T3282] el0t_64_sync_handler+0x98/0xbc\n[ 113.969980][ T3282] el0t_64_sync+0x19c/0x1a0\n[ 113.970511][ T3282] ---[ end trace 0000000000000000 ]---\n\nTo fix this, clear the page tag reference after the page got isolated\nand accounted for."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/16ad36c8e66a26626e7d0224100b433483a2acef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5e9784e997620af7c1399029282f5d6964b41942",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-467xx/CVE-2024-46791.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-46791",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.067",
"lastModified": "2024-09-18T08:15:06.067",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open\n\nThe mcp251x_hw_wake() function is called with the mpc_lock mutex held and\ndisables the interrupt handler so that no interrupts can be processed while\nwaking the device. If an interrupt has already occurred then waiting for\nthe interrupt handler to complete will deadlock because it will be trying\nto acquire the same mutex.\n\nCPU0 CPU1\n---- ----\nmcp251x_open()\n mutex_lock(&priv->mcp_lock)\n request_threaded_irq()\n <interrupt>\n mcp251x_can_ist()\n mutex_lock(&priv->mcp_lock)\n mcp251x_hw_wake()\n disable_irq() <-- deadlock\n\nUse disable_irq_nosync() instead because the interrupt handler does\neverything while holding the mutex so it doesn't matter if it's still\nrunning."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a49b6b1caf5cefc05264d29079d52c99cb188e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/513c8fc189b52f7922e36bdca58997482b198f0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7dd9c26bd6cf679bcfdef01a8659791aa6487a29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8fecde9c3f9a4b97b68bb97c9f47e5b662586ba7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e554113a1cd2a9cfc6c7af7bdea2141c5757e188",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f7ab9e14b23a3eac6714bdc4dba244d8aa1ef646",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46792.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46792",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.123",
"lastModified": "2024-09-18T08:15:06.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: misaligned: Restrict user access to kernel memory\n\nraw_copy_{to,from}_user() do not call access_ok(), so this code allowed\nuserspace to access any virtual memory address."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/a3b6ff6c896aee5ef9b581e40d0045ff04fcbc8c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b686ecdeacf6658e1348c1a32a08e2e72f7c0f00",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46793.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46793",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.177",
"lastModified": "2024-09-18T08:15:06.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder\n\nSince commit 13f58267cda3 (\"ASoC: soc.h: don't create dummy Component\nvia COMP_DUMMY()\") dummy codecs declared like this:\n\nSND_SOC_DAILINK_DEF(dummy,\n DAILINK_COMP_ARRAY(COMP_DUMMY()));\n\nexpand to:\n\nstatic struct snd_soc_dai_link_component dummy[] = {\n};\n\nWhich means that dummy is a zero sized array and thus dais[i].codecs should\nnot be dereferenced *at all* since it points to the address of the next\nvariable stored in the data section as the \"dummy\" variable has an address\nbut no size, so even dereferencing dais[0] is already an out of bounds\narray reference.\n\nWhich means that the if (dais[i].codecs->name) check added in\ncommit 7d99a70b6595 (\"ASoC: Intel: Boards: Fix NULL pointer deref\nin BYT/CHT boards\") relies on that the part of the next variable which\nthe name member maps to just happens to be NULL.\n\nWhich apparently so far it usually is, except when it isn't\nand then it results in crashes like this one:\n\n[ 28.795659] BUG: unable to handle page fault for address: 0000000000030011\n...\n[ 28.795780] Call Trace:\n[ 28.795787] <TASK>\n...\n[ 28.795862] ? strcmp+0x18/0x40\n[ 28.795872] 0xffffffffc150c605\n[ 28.795887] platform_probe+0x40/0xa0\n...\n[ 28.795979] ? __pfx_init_module+0x10/0x10 [snd_soc_sst_bytcr_wm5102]\n\nReally fix things this time around by checking dais.num_codecs != 0."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0cc65482f5b03ac2b1c240bc34665e43ea2d71bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/85cda5b040bda9c577b34eb72d5b2e5b7e31985c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-467xx/CVE-2024-46794.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46794",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.230",
"lastModified": "2024-09-18T08:15:06.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Fix data leak in mmio_read()\n\nThe mmio_read() function makes a TDVMCALL to retrieve MMIO data for an\naddress from the VMM.\n\nSean noticed that mmio_read() unintentionally exposes the value of an\ninitialized variable (val) on the stack to the VMM.\n\nThis variable is only needed as an output value. It did not need to be\npassed to the VMM in the first place.\n\nDo not send the original value of *val to the VMM.\n\n[ dhansen: clarify what 'val' is used for. ]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/26c6af49d26ffc377e392e30d4086db19eed0ef7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b55ce742afcb8e8189d82f2f1e635ba1b5a461fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b6fb565a2d15277896583d471b21bc14a0c99661",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef00818c50cf55a3a56bd9a9fae867c92dfb84e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-467xx/CVE-2024-46795.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-46795",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.280",
"lastModified": "2024-09-18T08:15:06.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: unset the binding mark of a reused connection\n\nSteve French reported null pointer dereference error from sha256 lib.\ncifs.ko can send session setup requests on reused connection.\nIf reused connection is used for binding session, conn->binding can\nstill remain true and generate_preauth_hash() will not set\nsess->Preauth_HashValue and it will be NULL.\nIt is used as a material to create an encryption key in\nksmbd_gen_smb311_encryptionkey. ->Preauth_HashValue cause null pointer\ndereference error from crypto_shash_update().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n#PF: supervisor read access in kernel mode\n#PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 8 PID: 429254 Comm: kworker/8:39\nHardware name: LENOVO 20MAS08500/20MAS08500, BIOS N2CET69W (1.52 )\nWorkqueue: ksmbd-io handle_ksmbd_work [ksmbd]\nRIP: 0010:lib_sha256_base_do_update.isra.0+0x11e/0x1d0 [sha256_ssse3]\n<TASK>\n? show_regs+0x6d/0x80\n? __die+0x24/0x80\n? page_fault_oops+0x99/0x1b0\n? do_user_addr_fault+0x2ee/0x6b0\n? exc_page_fault+0x83/0x1b0\n? asm_exc_page_fault+0x27/0x30\n? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3]\n? lib_sha256_base_do_update.isra.0+0x11e/0x1d0 [sha256_ssse3]\n? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3]\n? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3]\n_sha256_update+0x77/0xa0 [sha256_ssse3]\nsha256_avx2_update+0x15/0x30 [sha256_ssse3]\ncrypto_shash_update+0x1e/0x40\nhmac_update+0x12/0x20\ncrypto_shash_update+0x1e/0x40\ngenerate_key+0x234/0x380 [ksmbd]\ngenerate_smb3encryptionkey+0x40/0x1c0 [ksmbd]\nksmbd_gen_smb311_encryptionkey+0x72/0xa0 [ksmbd]\nntlm_authenticate.isra.0+0x423/0x5d0 [ksmbd]\nsmb2_sess_setup+0x952/0xaa0 [ksmbd]\n__process_request+0xa3/0x1d0 [ksmbd]\n__handle_ksmbd_work+0x1c4/0x2f0 [ksmbd]\nhandle_ksmbd_work+0x2d/0xa0 [ksmbd]\nprocess_one_work+0x16c/0x350\nworker_thread+0x306/0x440\n? __pfx_worker_thread+0x10/0x10\nkthread+0xef/0x120\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x44/0x70\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1b/0x30\n</TASK>"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/41bc256da7e47b679df87c7fc7a5b393052b9cce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4c8496f44f5bb5c06cdef5eb130ab259643392a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78c5a6f1f630172b19af4912e755e1da93ef0ab5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/93d54a4b59c4b3d803d20aa645ab5ca71f3b3b02",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9914f1bd61d5e838bb1ab15a71076d37a6db65d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46796.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46796",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.340",
"lastModified": "2024-09-18T08:15:06.340",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n <TASK>\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n </TASK>\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5a72d1edb0843e4c927a4096f81e631031c25c28",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/762099898309218b4a7954f3d49e985dc4dfd638",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f9c169b51b6ce20394594ef674d6b10efba31220",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-467xx/CVE-2024-46797.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-46797",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.403",
"lastModified": "2024-09-18T08:15:06.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/qspinlock: Fix deadlock in MCS queue\n\nIf an interrupt occurs in queued_spin_lock_slowpath() after we increment\nqnodesp->count and before node->lock is initialized, another CPU might\nsee stale lock values in get_tail_qnode(). If the stale lock value happens\nto match the lock on that CPU, then we write to the \"next\" pointer of\nthe wrong qnode. This causes a deadlock as the former CPU, once it becomes\nthe head of the MCS queue, will spin indefinitely until it's \"next\" pointer\nis set by its successor in the queue.\n\nRunning stress-ng on a 16 core (16EC/16VP) shared LPAR, results in\noccasional lockups similar to the following:\n\n $ stress-ng --all 128 --vm-bytes 80% --aggressive \\\n --maximize --oomable --verify --syslog \\\n --metrics --times --timeout 5m\n\n watchdog: CPU 15 Hard LOCKUP\n ......\n NIP [c0000000000b78f4] queued_spin_lock_slowpath+0x1184/0x1490\n LR [c000000001037c5c] _raw_spin_lock+0x6c/0x90\n Call Trace:\n 0xc000002cfffa3bf0 (unreliable)\n _raw_spin_lock+0x6c/0x90\n raw_spin_rq_lock_nested.part.135+0x4c/0xd0\n sched_ttwu_pending+0x60/0x1f0\n __flush_smp_call_function_queue+0x1dc/0x670\n smp_ipi_demux_relaxed+0xa4/0x100\n xive_muxed_ipi_action+0x20/0x40\n __handle_irq_event_percpu+0x80/0x240\n handle_irq_event_percpu+0x2c/0x80\n handle_percpu_irq+0x84/0xd0\n generic_handle_irq+0x54/0x80\n __do_irq+0xac/0x210\n __do_IRQ+0x74/0xd0\n 0x0\n do_IRQ+0x8c/0x170\n hardware_interrupt_common_virt+0x29c/0x2a0\n --- interrupt: 500 at queued_spin_lock_slowpath+0x4b8/0x1490\n ......\n NIP [c0000000000b6c28] queued_spin_lock_slowpath+0x4b8/0x1490\n LR [c000000001037c5c] _raw_spin_lock+0x6c/0x90\n --- interrupt: 500\n 0xc0000029c1a41d00 (unreliable)\n _raw_spin_lock+0x6c/0x90\n futex_wake+0x100/0x260\n do_futex+0x21c/0x2a0\n sys_futex+0x98/0x270\n system_call_exception+0x14c/0x2f0\n system_call_vectored_common+0x15c/0x2ec\n\nThe following code flow illustrates how the deadlock occurs.\nFor the sake of brevity, assume that both locks (A and B) are\ncontended and we call the queued_spin_lock_slowpath() function.\n\n CPU0 CPU1\n ---- ----\n spin_lock_irqsave(A) |\n spin_unlock_irqrestore(A) |\n spin_lock(B) |\n | |\n \u25bc |\n id = qnodesp->count++; |\n (Note that nodes[0].lock == A) |\n | |\n \u25bc |\n Interrupt |\n (happens before \"nodes[0].lock = B\") |\n | |\n \u25bc |\n spin_lock_irqsave(A) |\n | |\n \u25bc |\n id = qnodesp->count++ |\n nodes[1].lock = A |\n | |\n \u25bc |\n Tail of MCS queue |\n | spin_lock_irqsave(A)\n \u25bc |\n Head of MCS queue \u25bc\n | CPU0 is previous tail\n \u25bc |\n Spin indefinitely \u25bc\n (until \"nodes[1].next != NULL\") prev = get_tail_qnode(A, CPU0)\n |\n \u25bc\n prev == &qnodes[CPU0].nodes[0]\n (as qnodes\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/734ad0af3609464f8f93e00b6c0de1e112f44559",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d84ab6661e8d09092de9b034b016515ef9b66085",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f06af737e4be28c0e926dc25d5f0a111da4e2987",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-467xx/CVE-2024-46798.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-46798",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.463",
"lastModified": "2024-09-18T08:15:06.463",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: dapm: Fix UAF for snd_soc_pcm_runtime object\n\nWhen using kernel with the following extra config,\n\n - CONFIG_KASAN=y\n - CONFIG_KASAN_GENERIC=y\n - CONFIG_KASAN_INLINE=y\n - CONFIG_KASAN_VMALLOC=y\n - CONFIG_FRAME_WARN=4096\n\nkernel detects that snd_pcm_suspend_all() access a freed\n'snd_soc_pcm_runtime' object when the system is suspended, which\nleads to a use-after-free bug:\n\n[ 52.047746] BUG: KASAN: use-after-free in snd_pcm_suspend_all+0x1a8/0x270\n[ 52.047765] Read of size 1 at addr ffff0000b9434d50 by task systemd-sleep/2330\n\n[ 52.047785] Call trace:\n[ 52.047787] dump_backtrace+0x0/0x3c0\n[ 52.047794] show_stack+0x34/0x50\n[ 52.047797] dump_stack_lvl+0x68/0x8c\n[ 52.047802] print_address_description.constprop.0+0x74/0x2c0\n[ 52.047809] kasan_report+0x210/0x230\n[ 52.047815] __asan_report_load1_noabort+0x3c/0x50\n[ 52.047820] snd_pcm_suspend_all+0x1a8/0x270\n[ 52.047824] snd_soc_suspend+0x19c/0x4e0\n\nThe snd_pcm_sync_stop() has a NULL check on 'substream->runtime' before\nmaking any access. So we need to always set 'substream->runtime' to NULL\neverytime we kfree() it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3033ed903b4f28b5e1ab66042084fbc2c48f8624",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d13afd021eb43868fe03cef6da34ad08831ad6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6a14fad8be178df6c4589667efec1789a3307b4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8ca21e7a27c66b95a4b215edc8e45e5d66679f9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/993b60c7f93fa1d8ff296b58f646a867e945ae89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b4a90b543d9f62d3ac34ec1ab97fc5334b048565",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fe5046ca91d631ec432eee3bdb1f1c49b09c8b5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-467xx/CVE-2024-46799.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46799",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.523",
"lastModified": "2024-09-18T08:15:06.523",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX\n\nIf number of TX queues are set to 1 we get a NULL pointer\ndereference during XDP_TX.\n\n~# ethtool -L eth0 tx 1\n~# ./xdp-trafficgen udp -A <ipv6-src> -a <ipv6-dst> eth0 -t 2\nTransmitting on eth0 (ifindex 2)\n[ 241.135257] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030\n\nFix this by using actual TX queues instead of max TX queues\nwhen picking the TX channel in am65_cpsw_ndo_xdp_xmit()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a50c35277f96481a5a6ed5faf347f282040c57d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2e7189d2b1de51fc2567676cd4f96c0fe0960b9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-468xx/CVE-2024-46800.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-46800",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.573",
"lastModified": "2024-09-18T08:15:06.573",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent's\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/14f91ab8d391f249b845916820a56f42cf747241",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/295ad5afd9efc5f67b86c64fce28fb94e26dc4c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/32008ab989ddcff1a485fa2b4906234c25dc5cd6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3b3a2a9c6349e25a025d2330f479bc33a6ccb54a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/98c75d76187944296068d685dfd8a1e9fd8c4fdc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/db2c235682913a63054e741fe4e19645fdf2d68e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dde33a9d0b80aae0c69594d1f462515d7ff1cb3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f0bddb4de043399f16d1969dad5ee5b984a64e7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-468xx/CVE-2024-46801.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46801",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-18T08:15:06.633",
"lastModified": "2024-09-18T08:15:06.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibfs: fix get_stashed_dentry()\n\nget_stashed_dentry() tries to optimistically retrieve a stashed dentry\nfrom a provided location. It needs to ensure to hold rcu lock before it\ndereference the stashed location to prevent UAF issues. Use\nrcu_dereference() instead of READ_ONCE() it's effectively equivalent\nwith some lockdep bells and whistles and it communicates clearly that\nthis expects rcu protection."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/03e2a1209a83a380df34a72f7d6d1bc6c74132c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4e32c25b58b945f976435bbe51f39b32d714052e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

12
CVE-2024/CVE-2024-62xx/CVE-2024-6239.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6239",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-06-21T14:15:14.007",
"lastModified": "2024-08-16T16:15:06.760",
"lastModified": "2024-09-18T09:15:05.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -42,19 +42,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]

16
CVE-2024/CVE-2024-65xx/CVE-2024-6535.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6535",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-07-17T03:15:01.890",
"lastModified": "2024-07-25T16:15:04.583",
"lastModified": "2024-09-18T09:15:06.037",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -42,20 +42,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

20
CVE-2024/CVE-2024-70xx/CVE-2024-7079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7079",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-07-24T16:15:07.613",
"lastModified": "2024-07-26T10:15:02.840",
"lastModified": "2024-09-18T09:15:06.290",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -42,20 +42,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},

12
CVE-2024/CVE-2024-80xx/CVE-2024-8007.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8007",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-08-21T14:15:09.753",
"lastModified": "2024-08-23T17:06:04.643",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-18T08:15:06.990",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,19 +42,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]

71
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-18T08:00:19.808771+00:00
2024-09-18T10:00:22.591883+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-18T07:15:04.657000+00:00
2024-09-18T09:15:06.290000+00:00
```
### Last Data Feed Release
@ -33,45 +33,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
263207
263275
```
### CVEs added in the last Commit
Recently added CVEs: `27`
Recently added CVEs: `68`
- [CVE-2024-43778](CVE-2024/CVE-2024-437xx/CVE-2024-43778.json) (`2024-09-18T07:15:03.007`)
- [CVE-2024-45366](CVE-2024/CVE-2024-453xx/CVE-2024-45366.json) (`2024-09-18T06:15:02.413`)
- [CVE-2024-46714](CVE-2024/CVE-2024-467xx/CVE-2024-46714.json) (`2024-09-18T07:15:03.060`)
- [CVE-2024-46715](CVE-2024/CVE-2024-467xx/CVE-2024-46715.json) (`2024-09-18T07:15:03.130`)
- [CVE-2024-46716](CVE-2024/CVE-2024-467xx/CVE-2024-46716.json) (`2024-09-18T07:15:03.183`)
- [CVE-2024-46717](CVE-2024/CVE-2024-467xx/CVE-2024-46717.json) (`2024-09-18T07:15:03.237`)
- [CVE-2024-46718](CVE-2024/CVE-2024-467xx/CVE-2024-46718.json) (`2024-09-18T07:15:03.303`)
- [CVE-2024-46719](CVE-2024/CVE-2024-467xx/CVE-2024-46719.json) (`2024-09-18T07:15:03.357`)
- [CVE-2024-46720](CVE-2024/CVE-2024-467xx/CVE-2024-46720.json) (`2024-09-18T07:15:03.420`)
- [CVE-2024-46721](CVE-2024/CVE-2024-467xx/CVE-2024-46721.json) (`2024-09-18T07:15:03.480`)
- [CVE-2024-46722](CVE-2024/CVE-2024-467xx/CVE-2024-46722.json) (`2024-09-18T07:15:03.547`)
- [CVE-2024-46723](CVE-2024/CVE-2024-467xx/CVE-2024-46723.json) (`2024-09-18T07:15:03.610`)
- [CVE-2024-46724](CVE-2024/CVE-2024-467xx/CVE-2024-46724.json) (`2024-09-18T07:15:03.673`)
- [CVE-2024-46725](CVE-2024/CVE-2024-467xx/CVE-2024-46725.json) (`2024-09-18T07:15:03.733`)
- [CVE-2024-46726](CVE-2024/CVE-2024-467xx/CVE-2024-46726.json) (`2024-09-18T07:15:03.787`)
- [CVE-2024-46727](CVE-2024/CVE-2024-467xx/CVE-2024-46727.json) (`2024-09-18T07:15:03.840`)
- [CVE-2024-46728](CVE-2024/CVE-2024-467xx/CVE-2024-46728.json) (`2024-09-18T07:15:03.893`)
- [CVE-2024-46729](CVE-2024/CVE-2024-467xx/CVE-2024-46729.json) (`2024-09-18T07:15:03.950`)
- [CVE-2024-46730](CVE-2024/CVE-2024-467xx/CVE-2024-46730.json) (`2024-09-18T07:15:04.003`)
- [CVE-2024-46731](CVE-2024/CVE-2024-467xx/CVE-2024-46731.json) (`2024-09-18T07:15:04.057`)
- [CVE-2024-46732](CVE-2024/CVE-2024-467xx/CVE-2024-46732.json) (`2024-09-18T07:15:04.117`)
- [CVE-2024-46733](CVE-2024/CVE-2024-467xx/CVE-2024-46733.json) (`2024-09-18T07:15:04.170`)
- [CVE-2024-47001](CVE-2024/CVE-2024-470xx/CVE-2024-47001.json) (`2024-09-18T07:15:04.220`)
- [CVE-2024-6641](CVE-2024/CVE-2024-66xx/CVE-2024-6641.json) (`2024-09-18T06:15:02.490`)
- [CVE-2024-8969](CVE-2024/CVE-2024-89xx/CVE-2024-8969.json) (`2024-09-18T07:15:04.657`)
- [CVE-2024-46777](CVE-2024/CVE-2024-467xx/CVE-2024-46777.json) (`2024-09-18T08:15:05.330`)
- [CVE-2024-46778](CVE-2024/CVE-2024-467xx/CVE-2024-46778.json) (`2024-09-18T08:15:05.380`)
- [CVE-2024-46779](CVE-2024/CVE-2024-467xx/CVE-2024-46779.json) (`2024-09-18T08:15:05.430`)
- [CVE-2024-46780](CVE-2024/CVE-2024-467xx/CVE-2024-46780.json) (`2024-09-18T08:15:05.473`)
- [CVE-2024-46781](CVE-2024/CVE-2024-467xx/CVE-2024-46781.json) (`2024-09-18T08:15:05.527`)
- [CVE-2024-46782](CVE-2024/CVE-2024-467xx/CVE-2024-46782.json) (`2024-09-18T08:15:05.577`)
- [CVE-2024-46783](CVE-2024/CVE-2024-467xx/CVE-2024-46783.json) (`2024-09-18T08:15:05.630`)
- [CVE-2024-46784](CVE-2024/CVE-2024-467xx/CVE-2024-46784.json) (`2024-09-18T08:15:05.683`)
- [CVE-2024-46785](CVE-2024/CVE-2024-467xx/CVE-2024-46785.json) (`2024-09-18T08:15:05.730`)
- [CVE-2024-46786](CVE-2024/CVE-2024-467xx/CVE-2024-46786.json) (`2024-09-18T08:15:05.783`)
- [CVE-2024-46787](CVE-2024/CVE-2024-467xx/CVE-2024-46787.json) (`2024-09-18T08:15:05.833`)
- [CVE-2024-46788](CVE-2024/CVE-2024-467xx/CVE-2024-46788.json) (`2024-09-18T08:15:05.893`)
- [CVE-2024-46789](CVE-2024/CVE-2024-467xx/CVE-2024-46789.json) (`2024-09-18T08:15:05.957`)
- [CVE-2024-46790](CVE-2024/CVE-2024-467xx/CVE-2024-46790.json) (`2024-09-18T08:15:06.010`)
- [CVE-2024-46791](CVE-2024/CVE-2024-467xx/CVE-2024-46791.json) (`2024-09-18T08:15:06.067`)
- [CVE-2024-46792](CVE-2024/CVE-2024-467xx/CVE-2024-46792.json) (`2024-09-18T08:15:06.123`)
- [CVE-2024-46793](CVE-2024/CVE-2024-467xx/CVE-2024-46793.json) (`2024-09-18T08:15:06.177`)
- [CVE-2024-46794](CVE-2024/CVE-2024-467xx/CVE-2024-46794.json) (`2024-09-18T08:15:06.230`)
- [CVE-2024-46795](CVE-2024/CVE-2024-467xx/CVE-2024-46795.json) (`2024-09-18T08:15:06.280`)
- [CVE-2024-46796](CVE-2024/CVE-2024-467xx/CVE-2024-46796.json) (`2024-09-18T08:15:06.340`)
- [CVE-2024-46797](CVE-2024/CVE-2024-467xx/CVE-2024-46797.json) (`2024-09-18T08:15:06.403`)
- [CVE-2024-46798](CVE-2024/CVE-2024-467xx/CVE-2024-46798.json) (`2024-09-18T08:15:06.463`)
- [CVE-2024-46799](CVE-2024/CVE-2024-467xx/CVE-2024-46799.json) (`2024-09-18T08:15:06.523`)
- [CVE-2024-46800](CVE-2024/CVE-2024-468xx/CVE-2024-46800.json) (`2024-09-18T08:15:06.573`)
- [CVE-2024-46801](CVE-2024/CVE-2024-468xx/CVE-2024-46801.json) (`2024-09-18T08:15:06.633`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `10`
- [CVE-2024-7557](CVE-2024/CVE-2024-75xx/CVE-2024-7557.json) (`2024-09-18T07:15:04.293`)
- [CVE-2023-1904](CVE-2023/CVE-2023-19xx/CVE-2023-1904.json) (`2024-09-18T08:15:02.750`)
- [CVE-2023-40548](CVE-2023/CVE-2023-405xx/CVE-2023-40548.json) (`2024-09-18T09:15:03.310`)
- [CVE-2023-5240](CVE-2023/CVE-2023-52xx/CVE-2023-5240.json) (`2024-09-18T08:35:19.920`)
- [CVE-2024-40862](CVE-2024/CVE-2024-408xx/CVE-2024-40862.json) (`2024-09-18T08:35:48.760`)
- [CVE-2024-44167](CVE-2024/CVE-2024-441xx/CVE-2024-44167.json) (`2024-09-18T08:35:53.200`)
- [CVE-2024-45619](CVE-2024/CVE-2024-456xx/CVE-2024-45619.json) (`2024-09-18T09:15:05.227`)
- [CVE-2024-6239](CVE-2024/CVE-2024-62xx/CVE-2024-6239.json) (`2024-09-18T09:15:05.803`)
- [CVE-2024-6535](CVE-2024/CVE-2024-65xx/CVE-2024-6535.json) (`2024-09-18T09:15:06.037`)
- [CVE-2024-7079](CVE-2024/CVE-2024-70xx/CVE-2024-7079.json) (`2024-09-18T09:15:06.290`)
- [CVE-2024-8007](CVE-2024/CVE-2024-80xx/CVE-2024-8007.json) (`2024-09-18T08:15:06.990`)
## Download and Usage

144
_state.csv
View File

@ -214384,7 +214384,7 @@ CVE-2023-1900,0,0,72409a3f95d38eeb4336b8dc846b1d849861468ef3fd5810e6759f1cda76bc
CVE-2023-1901,0,0,b727e97eeddcce29bf4a30f2a0c3b60ee39b4b12129ed647441c96d63dfd35bc,2023-07-14T16:48:07.930000
CVE-2023-1902,0,0,0cbb317a6d95201cac6531592e7f226e1cf3b81b4bae8d5fd780e476bec35a23,2023-07-17T13:45:49.067000
CVE-2023-1903,0,0,8a314d84e4e5f507402d54d4991f8e9e30a78e4f11310ef298e33d6806ddf9c3,2023-04-18T15:15:07.707000
CVE-2023-1904,0,0,0d37733f5efcf18a955395f09b19c96ab14dfa9ee19c8eb43f2971626e1c676a,2023-12-19T18:57:53.073000
CVE-2023-1904,0,1,145693db77a69e8a3a8cf0bbdc0fad7bb1ef66482a3df8b6b9c7f9420bc11940,2024-09-18T08:15:02.750000
CVE-2023-1905,0,0,a7cda20dfe6217359b5ea5692f7971f066752b84da39a1520ace365b70249ac8,2023-11-07T04:05:19.383000
CVE-2023-1906,0,0,4fe6a845d023429d576d5c9ee37419c94c5ec3e17250bbc753d7cc66058645c0,2023-11-07T04:05:19.457000
CVE-2023-1908,0,0,701db6a99cc57a3a029c78d7ec8458962a34ea7d03647039f803af06632639cc,2024-05-17T02:18:32.610000
@ -230665,7 +230665,7 @@ CVE-2023-40544,0,0,0fc1193e5ecc7ee9670646c9d9c81e4c5888861b329951f2d39dd20b0e6ed
CVE-2023-40545,0,0,4532249010b6a6004e21372516818bfffe3ad51f3d0730df682026d0392eb917,2024-02-13T21:08:23.400000
CVE-2023-40546,0,0,6ddbdc19841f6cb290ec2b905e60bc26911fc88c11de04bc8a7d662cb4831ccf,2024-09-16T19:16:05.753000
CVE-2023-40547,0,0,aa8c5d2793a75f3ad9a6a915b845d7aafd35608216f0b3f68592a1e5df2bf1b7,2024-09-16T19:16:05.947000
CVE-2023-40548,0,0,388901dd40da5783ea3c49f521444e960caaba391cdaa3a84d6d27afa58d0c8e,2024-09-10T08:15:02.147000
CVE-2023-40548,0,1,e0038d7b0642fe8bec2a154c945bd166745675bec9bb8024b18029f9f7651672,2024-09-18T09:15:03.310000
CVE-2023-40549,0,0,409bbcdd4cb8887d85ad6922d10081d4ffe6d9a4dd03532a76d9c9a92dc5fdfe,2024-09-16T19:16:06.287000
CVE-2023-4055,0,0,c84104f0c8ec282dfd40a04ff729cf2844caf560f3c96dbbf5c3172d6bb6b24f,2023-08-09T21:15:11.820000
CVE-2023-40550,0,0,7e315e619d697d87543604bbff3ef14f7418177adad4c5f0a7f3c6da81e8e2d8,2024-09-16T19:16:06.450000
@ -238870,7 +238870,7 @@ CVE-2023-52395,0,0,c60b89c1de45293543ae71a0564c728badd1ade8e0f190c4651b0c67b51a7
CVE-2023-52396,0,0,877bc93d7a7f406ec5dfa0515342c072bf08d3a0bce47c0b60247ee16a3a793f,2024-02-14T18:15:47.003000
CVE-2023-52398,0,0,06463de5818415382a24255b36320909f56396995497c3ebd61f5785e4590db6,2024-02-14T18:15:47.040000
CVE-2023-52399,0,0,3eabdd842a7bae7b76bfd491cabfa6add736d73e7f5060e5708270b6fab26fc1,2024-02-14T18:15:47.070000
CVE-2023-5240,0,0,214dd7c99a9b03f7fe1038ab49ddf439f88a855eb0888efff5c344b109bc3305,2023-10-17T16:11:51.793000
CVE-2023-5240,0,1,42fb9d4427c9707cf28f6e3f228c15f01eab66638af2833d76e92853d5247695,2024-09-18T08:35:19.920000
CVE-2023-5241,0,0,411866a1ec86cf397c335d9f1911846a5dbe49f719bf369e5a8858638257c20c,2023-12-22T19:02:58.717000
CVE-2023-52424,0,0,dd00ce5bd5f0127edc0f085308e3c4c575aeaa945754c66a530759a6f3d067c1,2024-08-29T20:35:48.540000
CVE-2023-52425,0,0,3cdfdc314fa83fb5af809d9132a0994bcdd918d186b1c4985a8cb6aee50ffac5,2024-08-26T20:35:10.427000
@ -257333,7 +257333,7 @@ CVE-2024-40859,0,0,e916e4b7db6a9dfa2ed076989768bd728e51b7d2e72afe8840855cec7e5b4
CVE-2024-4086,0,0,4591112164bebe25a6e3755e5f7d7b3acd1442e1405281bbc9f49b1286c02b38,2024-05-02T18:00:37.360000
CVE-2024-40860,0,0,e36dab9e833d088b935ab68c9a151e9f1fa4c0b43f03d6bb0621ce4e4428b44e,2024-09-17T00:15:49.640000
CVE-2024-40861,0,0,d87cf92bd694c19d1e4d3aca5f00c6e43dee289f9de1a39f0fc2b781db69db0f,2024-09-17T15:35:08.583000
CVE-2024-40862,0,0,df9e4ea852ef1d9d984f24af2941fa2336b46e00c778d6cc11be815483fd1a07,2024-09-17T00:15:49.743000
CVE-2024-40862,0,1,41adab65858c72ffe5166360c0c7d08451acfb072731fac3b645799d62b8fb88,2024-09-18T08:35:48.760000
CVE-2024-40863,0,0,8102a55f22f39834a5de79e8de0f022b089678ae9882643f5ee65b65c051fabf,2024-09-17T00:15:49.793000
CVE-2024-40865,0,0,da7586cfbd2003f6f1240fe202cc300fbe506399c68902f838212b111751df31,2024-09-06T12:08:04.550000
CVE-2024-40866,0,0,ffb4d4555ccfaa65df4084c4704bde934d69f675e3f09339fb6d0f4bf47c0770,2024-09-17T00:15:49.840000
@ -257979,7 +257979,7 @@ CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280
CVE-2024-41926,0,0,d7564816d433232552fda23a5f10a79963d6c502f628c4841f8484c17aa4f54f,2024-09-04T16:55:35.570000
CVE-2024-41927,0,0,f4ba4a6c9a9886f976121a9d30837f6ba4dc4ccf9fc0f7a56ac6b8acaf04eb66,2024-09-04T13:05:36.067000
CVE-2024-41928,0,0,fac45a5eba953351f64e8420aefaa828221c1e8b109e75da05d07c8ee7a8c443,2024-09-06T17:35:13.400000
CVE-2024-41929,1,1,25f7e24f5bee5963e177d6e85983211e56e869e6611a491dedac239b6f50e148,2024-09-18T07:15:02.847000
CVE-2024-41929,0,0,25f7e24f5bee5963e177d6e85983211e56e869e6611a491dedac239b6f50e148,2024-09-18T07:15:02.847000
CVE-2024-4193,0,0,4d4f4fcde78b01b33e30a077c434c1714d01a9ac9cd58d916bc86b963b6ddbd7,2024-05-14T16:11:39.510000
CVE-2024-41936,0,0,d330b2a32a604797fc4eb94f395ba3140911090caf0d19e4d7603d421735298b,2024-08-20T16:26:54.663000
CVE-2024-41937,0,0,17d01be9af92612ee6b4d89126a811836507d3fbf35417e172928be42551212a,2024-08-23T16:21:21.893000
@ -258360,7 +258360,7 @@ CVE-2024-42398,0,0,ecec97745a6273f6b5e5720bfa1d0ff4b8e46532c92273931272e35e326b7
CVE-2024-42399,0,0,b2d8d291d138c04491424e6796bb04940f5bfb5f03fc0a00b681faa84689b158,2024-08-23T15:06:13.350000
CVE-2024-4240,0,0,c278b752586c1bf53091999087140c7ddb924945ab9e2c19f82d090171b2b4e6,2024-06-04T19:20:33.263000
CVE-2024-42400,0,0,bada445f5210525c2b124a846736c128f6bdefeabff1b80f8c8c07a166ac65a5,2024-08-23T15:06:00
CVE-2024-42404,1,1,c54f40e946bc7f12e50d8450bfb496ff304e1510d799bbbe2fb7fc352b6de97f,2024-09-18T06:15:02.223000
CVE-2024-42404,0,0,c54f40e946bc7f12e50d8450bfb496ff304e1510d799bbbe2fb7fc352b6de97f,2024-09-18T06:15:02.223000
CVE-2024-42408,0,0,4d58de4373d6b44540fc0d8799a258082f4b72e8c10ed3de4134395815aaf808,2024-08-29T14:22:45.603000
CVE-2024-4241,0,0,1e8cfaace7e8ae3194846b1351a77e14aef6cd3a07b429e780198fa55ccad7c3,2024-05-17T02:40:19.957000
CVE-2024-42411,0,0,3fcf900cd705b45045cb94d8edb3d48eeb6b58809490fd9c74760d8ca62aa9ff,2024-08-23T16:04:26.227000
@ -259015,7 +259015,7 @@ CVE-2024-43773,0,0,8c0c6d6cc6b93c34cfa09ef3705fb324f136fe885f1952674b354433c7d54
CVE-2024-43774,0,0,8a1a7395e0266f26fabce42b3d201bdd365872f3bb986b16a4813718545afbb5,2024-09-04T12:26:42.387000
CVE-2024-43775,0,0,386009b272e00dd7e320eaa82eec20a93bfce64d4bcdb8a26930d34c6fe0dc22,2024-09-04T12:27:22.670000
CVE-2024-43776,0,0,27e4419e8ce01901c27e76cb21d9618c21e34d6a14d012499c61adf6cf980a12,2024-09-04T12:27:40.113000
CVE-2024-43778,1,1,76638df950d50523be0fbd70a74b5fe43ab8573deed6543c498438c4d40996c8,2024-09-18T07:15:03.007000
CVE-2024-43778,0,0,76638df950d50523be0fbd70a74b5fe43ab8573deed6543c498438c4d40996c8,2024-09-18T07:15:03.007000
CVE-2024-4378,0,0,09f9e04bae659373b82712486e7efa4baa3211e21ee904b68f572ef978953753,2024-05-24T01:15:30.977000
CVE-2024-43780,0,0,5217ce0351fcb75bd7982f01c3d436316e02e5a2bb3d0e7b3ad2fd10f4519787,2024-08-23T16:18:28.547000
CVE-2024-43781,0,0,fe4ff27a41c5a2d11128d539a346b2aa7ff5522b07e03c5290a837b9cf154eca,2024-09-10T12:09:50.377000
@ -259308,7 +259308,7 @@ CVE-2024-44163,0,0,25be5dffd3a9e5399c3e325f19381dfb9a95df04f88c89632525d3a3e0c86
CVE-2024-44164,0,0,b99a062b58b97c7a3d98a80823f224d9bff8927a0e72290c92b3a6e29a1f31be,2024-09-17T00:15:51.157000
CVE-2024-44165,0,0,a7e8f145a76de2fcef8206444371e2a7f7ad0b6c0af30e6cd99ee6833ed6e202,2024-09-17T00:15:51.207000
CVE-2024-44166,0,0,2d8190455851a8a67b982415e9d3ab8fddb339b6e45b81afd68e2435f8536ac5,2024-09-17T00:15:51.260000
CVE-2024-44167,0,0,0fc7ed8cffb900bd9864c44df59df3d069be7e146339c6595bd34bfb4910f251,2024-09-17T00:15:51.310000
CVE-2024-44167,0,1,9f3d56f83dc067ac305f54368fd7f5896f58eadd0eff0a391ba78547ebd4120e,2024-09-18T08:35:53.200000
CVE-2024-44168,0,0,4c6aa60d3ee36133c15b85dacb7853804a1499a3b87e6bf9a00be00f39f6c9c9,2024-09-17T00:15:51.367000
CVE-2024-44169,0,0,92236126660592a1c9f1a92db5cf0926d3435475ab83053e9be05d8c74b3b13f,2024-09-17T21:35:07.080000
CVE-2024-4417,0,0,9b4dc22c7f1e74f381016fafb921403ecdaeb7b3b80aa5fc2130db180ef5935c,2024-05-14T16:11:39.510000
@ -259766,7 +259766,7 @@ CVE-2024-4534,0,0,527a3127a7586bdf18d80cd2b5b17fe74ac5ed6a2aa4ee562148173cc1d9d3
CVE-2024-45346,0,0,2f7f906fa8e830e09f5dc1994b30102df77aeab36a86b7c31755a212ce377dbe,2024-08-29T03:15:05.247000
CVE-2024-4535,0,0,87b4b5e0787ea182ddd9c6fa8e26c59b6c616e4e57e592ee0d6f169678ff9b64,2024-05-28T12:39:28.377000
CVE-2024-4536,0,0,7a5702ddadcf7f48c7c82ca09978f30e343a6d4f259e12cc6fa88068d1723500,2024-05-07T13:39:32.710000
CVE-2024-45366,1,1,4d1063d2ce8874d0b4e0f4cd2e5266ec8448f270090d611b1129889d93c2e5e4,2024-09-18T06:15:02.413000
CVE-2024-45366,0,0,4d1063d2ce8874d0b4e0f4cd2e5266ec8448f270090d611b1129889d93c2e5e4,2024-09-18T06:15:02.413000
CVE-2024-45368,0,0,90b261935345e5a71065b81f602a78ead3b313d8ed7a8032973fdb3888383312,2024-09-14T11:47:14.677000
CVE-2024-4537,0,0,2e530ca2c49a8373646367a8e0c1771a783669d0151f9600cf6b8a99b12e73b9,2024-05-07T13:39:32.710000
CVE-2024-4538,0,0,1753f7bd0b59062edc1103b5572b8666a59c2630e5fb59443506518ac4083bd7,2024-05-07T13:39:32.710000
@ -259874,7 +259874,7 @@ CVE-2024-45615,0,0,c6d6282e5a9613bcbeb55c568082301f30c66c5c3e170d6aa78e0325f2dae
CVE-2024-45616,0,0,ec4ff704ba2aae95f08442d1bfa2173f2a102c1c3b0570dfa4cb1518cb449547,2024-09-13T19:21:11.507000
CVE-2024-45617,0,0,6cb16d6fbb6421ff7c08177427efbe84e4a03cb3cf72e212ba5673d3ad33ab5e,2024-09-13T19:21:08.633000
CVE-2024-45618,0,0,dc2dc7fd3bf0d86469d9d1e7cf8afe886c6a0db83c5b7c56e1d5c7bc488c4153,2024-09-13T16:30:27.693000
CVE-2024-45619,0,0,2abd48d619985db90e20877de00fd66188e27000d25d9d673e881a46eb7700ce,2024-09-12T19:38:56.440000
CVE-2024-45619,0,1,19913ec071f09571eb2fafb85b3bcf05650473cef15788106e54de572df55757,2024-09-18T09:15:05.227000
CVE-2024-4562,0,0,e0a783b0d1c16da234e0fe3d351cbae7a089d075739ba22ec0641c397b879b0f,2024-05-15T16:40:19.330000
CVE-2024-45620,0,0,4b93eb131fcc5aa370c611a1d350fa96cf799a590a6dd2ccf111caa79d7e72d1,2024-09-12T19:38:16.130000
CVE-2024-45621,0,0,0e87271e3b523f5d125d92dc504ca3a7772b99de219d6f52d1ecafc891e937da,2024-09-16T17:28:53.437000
@ -260080,35 +260080,103 @@ CVE-2024-46710,0,0,a4ebac24f77ec09b7dede285490ca9442896e0f636deada81f35080b17ed7
CVE-2024-46711,0,0,c3d885bd91fed12a5d6c801c0d7542eef9468260fad1d33236aa3beacba38072,2024-09-13T14:06:04.777000
CVE-2024-46712,0,0,74a79a6f4330ed1d1217cf13ada08cf4d1499d5777abdc6b1cc98655e080937d,2024-09-13T14:06:04.777000
CVE-2024-46713,0,0,d8ee32a1d2f66a0382271f856af541b1f264ab38003525966195157bdf6c59dd,2024-09-13T16:37:22.997000
CVE-2024-46714,1,1,b72ad44a954f2715ef56c9102a244a355debec6037b8929871f8785f000f2aa0,2024-09-18T07:15:03.060000
CVE-2024-46715,1,1,7d56260d3c8e43c2b1103e17b191e44a00795874e8dfaaf69c4d53ea8d6e708a,2024-09-18T07:15:03.130000
CVE-2024-46716,1,1,f0c06910c0f0108021204a31d3b99a21339fd759427583f73b07fb17bfb4398b,2024-09-18T07:15:03.183000
CVE-2024-46717,1,1,58e023325c3d7a2093f7f409ac6c3d7a620565d1ae4a826a1d3ad7a098cf13c2,2024-09-18T07:15:03.237000
CVE-2024-46718,1,1,cf3af73466d6bbd0afb1db52d7a36e95453d29578bfc8de05f662a43e1d1c575,2024-09-18T07:15:03.303000
CVE-2024-46719,1,1,a98e453395a34394743cd0299c4df1ac5f0421b80366fb3e5b2fc95d5d69f456,2024-09-18T07:15:03.357000
CVE-2024-46714,0,0,b72ad44a954f2715ef56c9102a244a355debec6037b8929871f8785f000f2aa0,2024-09-18T07:15:03.060000
CVE-2024-46715,0,0,7d56260d3c8e43c2b1103e17b191e44a00795874e8dfaaf69c4d53ea8d6e708a,2024-09-18T07:15:03.130000
CVE-2024-46716,0,0,f0c06910c0f0108021204a31d3b99a21339fd759427583f73b07fb17bfb4398b,2024-09-18T07:15:03.183000
CVE-2024-46717,0,0,58e023325c3d7a2093f7f409ac6c3d7a620565d1ae4a826a1d3ad7a098cf13c2,2024-09-18T07:15:03.237000
CVE-2024-46718,0,0,cf3af73466d6bbd0afb1db52d7a36e95453d29578bfc8de05f662a43e1d1c575,2024-09-18T07:15:03.303000
CVE-2024-46719,0,0,a98e453395a34394743cd0299c4df1ac5f0421b80366fb3e5b2fc95d5d69f456,2024-09-18T07:15:03.357000
CVE-2024-4672,0,0,35f3d370a957f330147d6589398835ee73958e29db9da9b60896b5f03e87d787,2024-06-04T19:20:45.330000
CVE-2024-46720,1,1,e3161e09133bba9dc30a4ca20f98d5adcc706e17282ee413d2709c9b74a376f8,2024-09-18T07:15:03.420000
CVE-2024-46721,1,1,9494d6e4bb6468169d547543bb2def558dd6fbb56d913287202d81e10ee4094d,2024-09-18T07:15:03.480000
CVE-2024-46722,1,1,81372ea97dbfccde1319c85d9f57adf890fa914b8e3ae7f745a9d7903c465123,2024-09-18T07:15:03.547000
CVE-2024-46723,1,1,2a0a3fa7e2e4134fd622cb00816daf317356741248d44691c05c963dfcd3da60,2024-09-18T07:15:03.610000
CVE-2024-46724,1,1,6a49c4863b7dc5b1a396051c9766018a91c9b73d52254fee30119905cf8601af,2024-09-18T07:15:03.673000
CVE-2024-46725,1,1,e3446e982b438aea881f5aa322f3de93a7ef060cb0d6eab7eeb3300518b20d40,2024-09-18T07:15:03.733000
CVE-2024-46726,1,1,f99f1e94fc50be4e09d1aa883bc5f7f94caaf437fa4b1eb519a033065d71ecf4,2024-09-18T07:15:03.787000
CVE-2024-46727,1,1,a67bb64f5914afc360000d2d6dbb2c2174bac49d8be41ef3251d3d9fd2bfef97,2024-09-18T07:15:03.840000
CVE-2024-46728,1,1,0c2b39983ac0d45f940d03286be472be8b9e82ffd64c660e156b22c601b9f5cc,2024-09-18T07:15:03.893000
CVE-2024-46729,1,1,0d8e6c4f42d731dce965f983d0e201a80c26212f7eeaded58347d635d48547f8,2024-09-18T07:15:03.950000
CVE-2024-46720,0,0,e3161e09133bba9dc30a4ca20f98d5adcc706e17282ee413d2709c9b74a376f8,2024-09-18T07:15:03.420000
CVE-2024-46721,0,0,9494d6e4bb6468169d547543bb2def558dd6fbb56d913287202d81e10ee4094d,2024-09-18T07:15:03.480000
CVE-2024-46722,0,0,81372ea97dbfccde1319c85d9f57adf890fa914b8e3ae7f745a9d7903c465123,2024-09-18T07:15:03.547000
CVE-2024-46723,0,0,2a0a3fa7e2e4134fd622cb00816daf317356741248d44691c05c963dfcd3da60,2024-09-18T07:15:03.610000
CVE-2024-46724,0,0,6a49c4863b7dc5b1a396051c9766018a91c9b73d52254fee30119905cf8601af,2024-09-18T07:15:03.673000
CVE-2024-46725,0,0,e3446e982b438aea881f5aa322f3de93a7ef060cb0d6eab7eeb3300518b20d40,2024-09-18T07:15:03.733000
CVE-2024-46726,0,0,f99f1e94fc50be4e09d1aa883bc5f7f94caaf437fa4b1eb519a033065d71ecf4,2024-09-18T07:15:03.787000
CVE-2024-46727,0,0,a67bb64f5914afc360000d2d6dbb2c2174bac49d8be41ef3251d3d9fd2bfef97,2024-09-18T07:15:03.840000
CVE-2024-46728,0,0,0c2b39983ac0d45f940d03286be472be8b9e82ffd64c660e156b22c601b9f5cc,2024-09-18T07:15:03.893000
CVE-2024-46729,0,0,0d8e6c4f42d731dce965f983d0e201a80c26212f7eeaded58347d635d48547f8,2024-09-18T07:15:03.950000
CVE-2024-4673,0,0,534fe3baa36c9b2de1fe1f9372b44f4a695e5779fe305c090e0c97233d7085b1,2024-06-04T19:20:45.437000
CVE-2024-46730,1,1,1adc8291665857c7c0f2647d015b9412b8fdf4990cc38ffd2877ad27489a37be,2024-09-18T07:15:04.003000
CVE-2024-46731,1,1,13a373ddcd5f315ac18e0946969b2c5c495766f1aea575fd0555bc4c1db9f1b1,2024-09-18T07:15:04.057000
CVE-2024-46732,1,1,a5427b13e2293c253d511105d2e0d2effba659346184f11515e61e5403229ab8,2024-09-18T07:15:04.117000
CVE-2024-46733,1,1,4e6821936c110c6cba37f3f3ba1aac8acf438c28676b0744bfa28c2e36d500e2,2024-09-18T07:15:04.170000
CVE-2024-46730,0,0,1adc8291665857c7c0f2647d015b9412b8fdf4990cc38ffd2877ad27489a37be,2024-09-18T07:15:04.003000
CVE-2024-46731,0,0,13a373ddcd5f315ac18e0946969b2c5c495766f1aea575fd0555bc4c1db9f1b1,2024-09-18T07:15:04.057000
CVE-2024-46732,0,0,a5427b13e2293c253d511105d2e0d2effba659346184f11515e61e5403229ab8,2024-09-18T07:15:04.117000
CVE-2024-46733,0,0,4e6821936c110c6cba37f3f3ba1aac8acf438c28676b0744bfa28c2e36d500e2,2024-09-18T07:15:04.170000
CVE-2024-46734,1,1,ca8157dffc30c848222a36425eb0ca003896ae1557bd4054bad8eeadb6c115f2,2024-09-18T08:15:02.980000
CVE-2024-46735,1,1,23dcfc7438cb86f8fa67c88ccd8490e78ed6fda0a20ab836c34757840e546eb1,2024-09-18T08:15:03.057000
CVE-2024-46736,1,1,82bc2a49b7ce30a8d0cdf3e30e9310b0335c20538d0c4db741eb41883c2ef422,2024-09-18T08:15:03.113000
CVE-2024-46737,1,1,b451cfb21869e663a9907cf1b6c43fd0619852cf9d047432a95a9be2edaff8c2,2024-09-18T08:15:03.167000
CVE-2024-46738,1,1,321080f5c21f3354f1096c7dabb4731bd866638f5eafd666ebeada79e7755a8f,2024-09-18T08:15:03.233000
CVE-2024-46739,1,1,6a3269f8b7f581274dd284c855dd5505a03c6d740dac85d7d47db87f721288a9,2024-09-18T08:15:03.293000
CVE-2024-4674,0,0,60247f20a2a4283bfbeed309267e9d6b22bdb830da33ae543a1f6522ba4ea3ca,2024-06-04T19:20:45.527000
CVE-2024-46740,1,1,c57a330ddb408700c00759e66521ee359785c25d500312a457a50f333d0fafcd,2024-09-18T08:15:03.377000
CVE-2024-46741,1,1,7fc217d442c1871a95dcd26d0675d278db8b06ee2dde9d4c65e5c8bf50a5d7c7,2024-09-18T08:15:03.430000
CVE-2024-46742,1,1,1520154e2aece5372bfa4988bcf830bbc57b01e5ef0771490bd71d5a70b906bf,2024-09-18T08:15:03.480000
CVE-2024-46743,1,1,43a9fec176cc021a6ddd29460956f5674a48d3e852f2ad277cf6036de8eec4d9,2024-09-18T08:15:03.540000
CVE-2024-46744,1,1,0177ac74e1dcb965170b4c5eff27204534e6e039c229f955ddd20fa2d5959821,2024-09-18T08:15:03.603000
CVE-2024-46745,1,1,14210a0a3e69adfcfa23efce8119555c9fdc39951541d131f8ed407f7f2b993f,2024-09-18T08:15:03.667000
CVE-2024-46746,1,1,a9acee6010f9e46506c14d6c7ab845747513de49a6f383c813fa635db3bf4928,2024-09-18T08:15:03.730000
CVE-2024-46747,1,1,0c0bcfb183b4e427845b56a01b01e403278e79efdf19d4134a59087f309153dd,2024-09-18T08:15:03.790000
CVE-2024-46748,1,1,84e1d760015a869d639ddc906eea238feb7f25bf77bc3de265e49df8e67d2ea5,2024-09-18T08:15:03.847000
CVE-2024-46749,1,1,a84dc47f1a685cca130fd1d205ba545590944b2287763f8082943274c97fa444,2024-09-18T08:15:03.893000
CVE-2024-4675,0,0,897bf9bfba1675ab43c3b9cceb7b3ad24a12ab65256b892b47361d9f07ed1f4e,2024-06-04T19:20:45.627000
CVE-2024-46750,1,1,aee5ebe7558bfb9a061bb6cd49323b6cfe0cd1a818ff34428f92fb4c203bf5d9,2024-09-18T08:15:03.947000
CVE-2024-46751,1,1,500d65fd4878c17e59e0460623e699bf5a05ef513b976b7f7fc40531de5e867d,2024-09-18T08:15:04.010000
CVE-2024-46752,1,1,95700a0fd1347632123627bfeed0884541591678cc370aa8e8f91bc180445ec3,2024-09-18T08:15:04.057000
CVE-2024-46753,1,1,aaa56db2056ad72d2210ed453cdb7699d4c83c1c83b8a842a2c55676e9ae5328,2024-09-18T08:15:04.107000
CVE-2024-46754,1,1,519ad8ed4f70fc79baf215f1fae225c69ec584d6a61e86940f2856c730f11951,2024-09-18T08:15:04.153000
CVE-2024-46755,1,1,d65402df22689d74c2901ddfca934b261817c6ea05cbaea37fede63b09c7be25,2024-09-18T08:15:04.203000
CVE-2024-46756,1,1,efc9393bae4300cabbd67283339c039e1e347253f565010ca3ab40e68ec107f4,2024-09-18T08:15:04.260000
CVE-2024-46757,1,1,b053c4fbda2b1e302c0dfeef758e02db09110978a7e541103df7be899fd72473,2024-09-18T08:15:04.313000
CVE-2024-46758,1,1,2c71d2b40db06a20bb5ef5ccc4a1c9f6b2178bd692dd524d9908f0f0a0f6e005,2024-09-18T08:15:04.367000
CVE-2024-46759,1,1,ada271a1cb7ade7f46688431c0f7e6a642de7c840c35d1c69dc93d8b7f37137b,2024-09-18T08:15:04.413000
CVE-2024-4676,0,0,36c2a5f720119d264342d4d9b8586d4aebc357e75b49de4b862f0e7d867ff32b,2024-06-04T19:20:45.727000
CVE-2024-46760,1,1,3e2300cd8d2fabb5cf9827a46591e30e5af12d81b529bb4898a37599f6bf17b3,2024-09-18T08:15:04.470000
CVE-2024-46761,1,1,d794a75c09d81e3cf2420d27e3fec20450ae3eeae382df2bdbbd37ceb53c6336,2024-09-18T08:15:04.517000
CVE-2024-46762,1,1,311ded7d89bac2ce37980efb774b64419b0297daf3311304efdf7bbe4352e47b,2024-09-18T08:15:04.570000
CVE-2024-46763,1,1,fded74b609da36f293ef91439089fca2c339650d06eaa8338e0b394be2512369,2024-09-18T08:15:04.613000
CVE-2024-46764,1,1,c0c3b16d2104728940b34dcab85289300736cfa68f1e9d24048f48ef35472920,2024-09-18T08:15:04.670000
CVE-2024-46765,1,1,be2a64e60e7281b042f49be55c2190c79212f83fa0575808e1635043aeb497e7,2024-09-18T08:15:04.710000
CVE-2024-46766,1,1,bf62edb91010fc35fb49ea0fbdeb83286e8f94577e85a901da1cf346909c8903,2024-09-18T08:15:04.760000
CVE-2024-46767,1,1,f9ddafdd83482ad232f7883c1565304e3c8cdc3d50b610dc014c3526e6c9a0f4,2024-09-18T08:15:04.810000
CVE-2024-46768,1,1,5271c54138b132bd74549712838ad23987e543eeecef1de7950914c7073515d3,2024-09-18T08:15:04.853000
CVE-2024-46769,1,1,8e83b56277e9718dfb6f9ebef7918b4e31b05988377611bde3198ae0fc5da5b0,2024-09-18T08:15:04.903000
CVE-2024-4677,0,0,06b789b4e22353188f4fa1dbcfc045ef487187889647b738ddd6f1b3dabcd887,2024-06-04T19:20:45.830000
CVE-2024-46770,1,1,3f4294f35fa46bd644327bb119a7d649d1e5d430016155a3be0373dc62531fbf,2024-09-18T08:15:04.957000
CVE-2024-46771,1,1,66bcc8c19784e6a549884b183adf2b278b5b3e81ee9940357877a5123b86ea26,2024-09-18T08:15:05.010000
CVE-2024-46772,1,1,1642d179863b0ad9729f1e477daa23a89c819cec037bcb7c988c5e9e2118133f,2024-09-18T08:15:05.073000
CVE-2024-46773,1,1,bb1cbd774c918bcf0e139aa4b8b6313886238c92d9536ca9e9e82630df89c795,2024-09-18T08:15:05.123000
CVE-2024-46774,1,1,df1c5e77c06dbd9b106228b7c368b6ad5c4966fab6a95b97cb6229d63b6176bb,2024-09-18T08:15:05.180000
CVE-2024-46775,1,1,283ebb629ae0601e3c0cfd444a28a230977bf1a273655962b8a6e3c78d71a20c,2024-09-18T08:15:05.240000
CVE-2024-46776,1,1,c8f2a75c0261c691dd667e52c608f508f8803277127f673fc6db443900bbbf2d,2024-09-18T08:15:05.287000
CVE-2024-46777,1,1,8cdc9a39570265278d9e350aadaa9c58cce6e89a9dcfcf8c31f8f1094f07ad9b,2024-09-18T08:15:05.330000
CVE-2024-46778,1,1,396380603e968003b58900d0d6490bbd6acfb10302f743c9f7cf9856c1c60b1b,2024-09-18T08:15:05.380000
CVE-2024-46779,1,1,bf47890b5db85f1151a1f3f701c0c22151de888592e192e303c6ca501a5d224c,2024-09-18T08:15:05.430000
CVE-2024-4678,0,0,be695eaab1f72a88b10d5b9b54afd539ecd5dccc02b3dde1eca881aeeba1ff59,2024-06-04T19:20:45.930000
CVE-2024-46780,1,1,7b1bba29160bfd83b176fb8e0d1f40f48f858bbf35f08f76ad30ce3254b6d8dc,2024-09-18T08:15:05.473000
CVE-2024-46781,1,1,597bc570a64ccf458b5f007cb1b9bb1fbb8c80ba6c44612b54cb99a0f4dd329a,2024-09-18T08:15:05.527000
CVE-2024-46782,1,1,bfe5fd54d42ab2d5a56dbed17ca47a24c8b851b2ecc919d2654eaa75cd27c7ee,2024-09-18T08:15:05.577000
CVE-2024-46783,1,1,177b79cb044c64bdd1ba5ec4df2c0194374ddb06b727bcb28ee590c1edb71806,2024-09-18T08:15:05.630000
CVE-2024-46784,1,1,1cb02002808032cce280c51dc21ba513691e1421440415a90656bd0aec4254c9,2024-09-18T08:15:05.683000
CVE-2024-46785,1,1,88edcda4b6a413136bd12d34f9993a9814755864fe55569ac385479d63cb3838,2024-09-18T08:15:05.730000
CVE-2024-46786,1,1,2afbea964bbb8e8e0af027de7dcd2557cbc76f10803a1ef9d28441f442ec1ac2,2024-09-18T08:15:05.783000
CVE-2024-46787,1,1,8673b56cc0cde759acc6c3b46fb56f29d3bed68790505e12c0d024209f02c4ce,2024-09-18T08:15:05.833000
CVE-2024-46788,1,1,6863b050d499c258508d08167bf5fd5b190433b7c9d93f657fd609255797c155,2024-09-18T08:15:05.893000
CVE-2024-46789,1,1,32bcb44e01af3e39425bea50f4012b3cf64106bf1e6fd2e81b0c290b840e513b,2024-09-18T08:15:05.957000
CVE-2024-4679,0,0,9bfb1104bd992ff014fab2b1166f6f818504f2232183224a6a702e4c44b2119a,2024-07-02T12:09:16.907000
CVE-2024-46790,1,1,0e5f417035edc97890f7422f1a5ed558a218db3741cf1169d25a20dab7b5be63,2024-09-18T08:15:06.010000
CVE-2024-46791,1,1,ac0a42f40cb248198e15dc852d5167199a32b81f4938e31573af311e3901d026,2024-09-18T08:15:06.067000
CVE-2024-46792,1,1,d38cb61b8caa44931422580fcadde7ec500ae4af201ad39f926e73e5a8878183,2024-09-18T08:15:06.123000
CVE-2024-46793,1,1,1c3720a58618218f02f33bcb019fe1af7bffec77c282dcb9cdf6b79f4c3920ac,2024-09-18T08:15:06.177000
CVE-2024-46794,1,1,be84dad7d86db27f47727010e1f732d1c64835dd4cdbb36666d2fae21dc33a64,2024-09-18T08:15:06.230000
CVE-2024-46795,1,1,2711ac53c713016191834849cacc7c866bf81469c68b13c1d81152bcd18cf7fa,2024-09-18T08:15:06.280000
CVE-2024-46796,1,1,e02b9590a0e56b309481819e3f1983453a532a2f0f3f200cb7b6fc82321650ca,2024-09-18T08:15:06.340000
CVE-2024-46797,1,1,0681211f2d2ffd817071cc32b3ea0ad9d55c684ee5ca1363c17b0fb948b1a2d2,2024-09-18T08:15:06.403000
CVE-2024-46798,1,1,0aba1fbc2db265a759029f391a6dabd6d21e9643b67c2735d30595a521be5af2,2024-09-18T08:15:06.463000
CVE-2024-46799,1,1,6b67f44c56049465bc9d56da43c7a044a2c7fde44d68186b9b25e96f0eee326a,2024-09-18T08:15:06.523000
CVE-2024-4680,0,0,0c8976c1b63cea89edb43ad9d9b81fc90d65237e24435549d62994fa7d6af35d,2024-07-19T18:51:53.003000
CVE-2024-46800,1,1,c66c41d358180fbf4c204f6a3b9cda44ad03ccadfd845f41ee5c20a598448cb8,2024-09-18T08:15:06.573000
CVE-2024-46801,1,1,5a25cda834e5800cd9c501ac0fe5feafbcf74cf7074dcd3eff31a0148ad4b31c,2024-09-18T08:15:06.633000
CVE-2024-4681,0,0,fe9d790ee9979c1aca5fe28a3e8115d4c327b815a1753595a7df398a95b1856e,2024-06-04T19:20:46.033000
CVE-2024-4682,0,0,b188d20fdb53d2324882bc38bcdbd4c51d4b6beb562fc8362c2866e7563895e8,2024-06-04T19:20:46.140000
CVE-2024-4683,0,0,f97d6282ccf029728c8ab8e65ca2b64efa101897ef8ccdc22b5456d11d66a8f8,2024-06-04T19:20:46.247000
@ -260134,7 +260202,7 @@ CVE-2024-4698,0,0,9dba1ffb097faf0537551ac7612916f547965c7b253baf1637388ba1ee83ae
CVE-2024-46982,0,0,ea2fe597553d263f2cd1280d984988f3dd8bd84e5f24bd16a84753abcca26655,2024-09-17T22:15:02.273000
CVE-2024-4699,0,0,094a3293d1ad6c00b8f42deb1643b829befd633ab0dcef49a183da331debaad7,2024-08-06T19:15:57.580000
CVE-2024-4700,0,0,fa1a582bbd6e4a675ead2d89728236d2ca7c92c15fe998cffa14cb24a4febb9d,2024-05-21T12:37:59.687000
CVE-2024-47001,1,1,094e9aa8d79eefa5514e8d3a7817f886863a81c7b672996006f51769cece0126,2024-09-18T07:15:04.220000
CVE-2024-47001,0,0,094e9aa8d79eefa5514e8d3a7817f886863a81c7b672996006f51769cece0126,2024-09-18T07:15:04.220000
CVE-2024-4701,0,0,5f841f0540b46f49c80d409ca526b0c08d190fe4f1f5bc2d7cfb115b5ba38647,2024-05-14T16:11:39.510000
CVE-2024-4702,0,0,dd020b59844aa3c2b904a852a1e5f578b8784127317756ef97f595c083848ea0,2024-05-15T16:40:19.330000
CVE-2024-4703,0,0,7e57d47de6048bcd912b4c77aa51d488946887d89315e68305481f1a25780324,2024-06-11T18:06:31.967000
@ -261477,7 +261545,7 @@ CVE-2024-6235,0,0,3389c73a6ea8d57ad4659a54003738203401403add7f113413f0341ee66fc3
CVE-2024-6236,0,0,ea4366a2dacd229dc05ea79ccc864c81d00975b5a5c000367714796c8eb1d7e4,2024-08-01T14:00:16.777000
CVE-2024-6237,0,0,42d974b137e9f6fa213536980d088f395c1fe724ef5f0786bbfbf5436af83280,2024-08-29T18:15:14.947000
CVE-2024-6238,0,0,e8b3f57765062eca265deb8b1ecf893867ae3e3cc25fdad8633c66082a70ffd0,2024-06-25T18:50:42.040000
CVE-2024-6239,0,0,f9926b0cd048febae2346520b44e3c86bff18a382e32c768152365d4c8d177e9,2024-08-16T16:15:06.760000
CVE-2024-6239,0,1,331baa2e2a54956b72059cf6f370c174a3a7f88f365f410b1d7435c4cb7f3fbb,2024-09-18T09:15:05.803000
CVE-2024-6240,0,0,ac0ea1c33037082252bc61d50d67379872fe94c26d657b4cc70544d56df4853f,2024-06-24T19:10:38.983000
CVE-2024-6241,0,0,6290249fb2556f2c86210bd1da990f0543c81351c0646b54f9f1e8ad7a654dfa,2024-06-24T19:42:44.280000
CVE-2024-6242,0,0,3710863ac72ff4e84ea0fd78a36f5e9434d67cfe63e5360760beb47932695486,2024-08-01T16:45:25.400000
@ -261720,7 +261788,7 @@ CVE-2024-6531,0,0,1125a21608be8cb0502ea86867294670584ed16918c5bd752fdbbd37969404
CVE-2024-6532,0,0,34d446197f804dcbdd8feccdfe721cd1c46fe7ee3b5e0da65e1be9d287c7b644,2024-08-14T13:00:37.107000
CVE-2024-6533,0,0,66400252f24e50c2d9b1e3ed6e622d7f7b7af745f22a620964464c66ff668430,2024-08-19T18:13:59.457000
CVE-2024-6534,0,0,0cc2422c4acf0879987370c9bde0fddfc0c65c819154f83a709538e35fb27fca,2024-08-19T18:17:15.110000
CVE-2024-6535,0,0,d515bd0c9a2788945f1c070eede854437b7a1c58e6a79916f8d2b46233d5b6de,2024-07-25T16:15:04.583000
CVE-2024-6535,0,1,3933087fb45ecc6b0ecc9b074f4274211c579214228b2b0b3595456c11ddf683,2024-09-18T09:15:06.037000
CVE-2024-6536,0,0,db3a8f54349ce01fbebd842277117fe6b2369b9af6752930ef3e5c8ea43f79f4,2024-07-30T13:32:45.943000
CVE-2024-6539,0,0,81a7a773476044a536e1904849aff55df114add8144e8265b917f8120b92d867,2024-07-11T14:56:20.733000
CVE-2024-6540,0,0,f13af52637070826766869c9a967d13110a057955f51f107eb0d0f88b4032338,2024-07-16T18:05:37.267000
@ -261807,7 +261875,7 @@ CVE-2024-6637,0,0,59f76fa21430fd2f815d25b14c560949a8f50f1f9b39a99ada5c48c5c42ab4
CVE-2024-6638,0,0,e1ef78f4a331a1760f078cffbff2fa855ff8b1eb633d9ef9812bbb8cfee1af62,2024-07-24T12:55:13.223000
CVE-2024-6639,0,0,b0961b2e4919c622335aabbfc385d1eb275ee15e95377de0fc4654e6fe695570,2024-08-12T14:46:23.463000
CVE-2024-6640,0,0,9ee47aa53dd102db483256b30926c63cffc6a6337fe30ff4760f8de568b66f8d,2024-08-12T13:41:36.517000
CVE-2024-6641,1,1,fc48afbd07714902932ac7ca9c80a4df48bc38a3e3fded50001d4232b0ae9676,2024-09-18T06:15:02.490000
CVE-2024-6641,0,0,fc48afbd07714902932ac7ca9c80a4df48bc38a3e3fded50001d4232b0ae9676,2024-09-18T06:15:02.490000
CVE-2024-6642,0,0,8d96c1180af1047f7b667e53dd25106a95583c9fef6033b783f527ef0b9e4e6b,2024-07-10T13:15:11.140000
CVE-2024-6643,0,0,c4eab211147138bb5613809a885f81bacb4eb0fc3c1e7955b1f331b632c0ef4a,2024-07-11T10:15:02.650000
CVE-2024-6644,0,0,0f2d20ba591a113ddb0330b932f8a246adf881e1931b22ed31564a539ff168f9,2024-07-11T13:05:54.930000
@ -262115,7 +262183,7 @@ CVE-2024-7071,0,0,aa4d5566fa9986369b04898e3cb9a48a60e9dce9bca40572b84743b3df14ef
CVE-2024-7076,0,0,946a1d901be5e53a430b33836289b857a65e6ba0adf8d1f0800179da55d6f751,2024-09-05T14:39:32.487000
CVE-2024-7077,0,0,0df9c3aa04251d094f4c8f367a1652c4c149867d3c5e28bd833f85f57c0db8b6,2024-09-05T14:39:17.510000
CVE-2024-7078,0,0,512b093146b430a3bc5d3dce59599e5dd0ff7bbcf726ce315b82fff221d16013,2024-09-05T14:38:46.947000
CVE-2024-7079,0,0,432b6c38d04c17da8e2aeea6e5677915e33a84f70f04ebe0988a953bc8892b6d,2024-07-26T10:15:02.840000
CVE-2024-7079,0,1,13d562804a44e5f3528dea9852ed1e10425a23ab1961d21d36e5bbe466abf375,2024-09-18T09:15:06.290000
CVE-2024-7080,0,0,e8f51ead66f7469f7e63dc63102236554262bdfa2e68b9dc33e11c14a1ca04d2,2024-07-26T13:22:43.387000
CVE-2024-7081,0,0,6a139e489a9ff084a663269dd9c842c08d77e29c45f0c2d71d596839a517bb01,2024-07-26T13:18:21.957000
CVE-2024-7082,0,0,7f537cf9e56a23a456a2abd974bf40cbc8fb8378373545e42b0269e937581d9d,2024-08-06T16:30:24.547000
@ -262472,7 +262540,7 @@ CVE-2024-7551,0,0,b186fc017c389d319de7d861b1d913a84a5458cd5dbd51c140f542d4aff6a7
CVE-2024-7552,0,0,811aa90d2d18bb406f73befc3765a8f78539782307b57a4dcd481925c3ed1f73,2024-08-07T21:29:57.417000
CVE-2024-7553,0,0,423c29f04f0f081a0c5d9465a918cf0ed131ece97e02d2f5996269c83101214a,2024-08-07T15:17:46.717000
CVE-2024-7554,0,0,dfc64307827dd001a7e870992bca03e6a424d33d4584f122a641b15fec5c52ce,2024-08-29T15:42:13.387000
CVE-2024-7557,0,1,ae8c41f4adb3726b27116f90c8ab746ad0ea79736dd5450dde42c0320a002e78,2024-09-18T07:15:04.293000
CVE-2024-7557,0,0,ae8c41f4adb3726b27116f90c8ab746ad0ea79736dd5450dde42c0320a002e78,2024-09-18T07:15:04.293000
CVE-2024-7559,0,0,4dc25ec2b0f2eec8919ecc81f209446d933d662f72b02d2630c82c602d53e698,2024-08-23T16:18:28.547000
CVE-2024-7560,0,0,69bf0d3c1d2353061d3a66813d4df2a8a02417391648b6018a10fb1d777785c6,2024-08-08T13:04:18.753000
CVE-2024-7561,0,0,4f145ac8bff9e09f18481f098864cf0c68d07bfaa0facd60438519477eaf9cd1,2024-08-08T13:04:18.753000
@ -262794,7 +262862,7 @@ CVE-2024-8003,0,0,1eb6cc8bd16248d54ed281136e233da0a723cb74879af6e3337c9532a3caf8
CVE-2024-8004,0,0,6053860c0b4fdc62f3a7122a051813b35afd677f12aaae8780fae160750aa789,2024-09-04T14:56:46.947000
CVE-2024-8005,0,0,c059370cb975aea915e5671e32cb80d879151797480dbd5423b1593aeba96675,2024-08-21T15:49:59.470000
CVE-2024-8006,0,0,092177f7b5a6e786b0c334d1c1238c9acce1b59320806ff7e04615edaed13d55,2024-09-03T12:59:02.453000
CVE-2024-8007,0,0,52ca9c0e82e8a1b579386af92379a7290d3dc66a84196be21e42591213ed68f8,2024-08-23T17:06:04.643000
CVE-2024-8007,0,1,d4843ecbff9c18b0a3733961009c3b0a5fd18a5329783b13479a12d64d8f35f3,2024-09-18T08:15:06.990000
CVE-2024-8011,0,0,47ed34213e682e27e1c9cff56ca191160c24a6476f0554888eb469f5be11be06,2024-09-11T18:15:02.023000
CVE-2024-8012,0,0,077057538036fd2de7e2ef46ba096dfeb2616c8d077a9c28a57acea505ab6056,2024-09-11T16:26:11.920000
CVE-2024-8016,0,0,2657510d64afe84d5852969b1e9344475f01e752907a5430dff930bc1f486129,2024-09-03T14:51:16.470000
@ -263205,4 +263273,4 @@ CVE-2024-8949,0,0,558b0f2a15aa10d0215f6e776b245d8a42240ea8527c9ffd4d56905704832d
CVE-2024-8951,0,0,fdcc8f1ef8d6875cdf064fe8ca72ee0e4237f3f89d53a358120e1931bee39aef,2024-09-17T20:15:07.020000
CVE-2024-8956,0,0,8fb796f1e52be7bf3f012ac38934615fcbd07a654b11f2c40ea225bc31651e57,2024-09-17T20:15:07.287000
CVE-2024-8957,0,0,745e7f02f1c26d5de4df67e0c2795340d562588c5301af2d060cb965e1ba5dae,2024-09-17T21:15:13.423000
CVE-2024-8969,1,1,b91ca645bf2071dccf15db49fd3efa26a97008959fe8a964028e51af15b02de3,2024-09-18T07:15:04.657000
CVE-2024-8969,0,0,b91ca645bf2071dccf15db49fd3efa26a97008959fe8a964028e51af15b02de3,2024-09-18T07:15:04.657000

Can't render this file because it is too large.