Auto-Update: 2024-03-25T15:00:38.889212+00:00

CVE-2020/CVE-2020-368xx/CVE-2020-36826.json

@@ -2,12 +2,16 @@
   "id": "CVE-2020-36826",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-03-25T07:15:49.200",
-  "lastModified": "2024-03-25T07:15:49.200",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability was found in AwesomestCode LiveBot. It has been classified as problematic. Affected is the function parseSend of the file js/parseMessage.js. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Upgrading to version 0.1 is able to address this issue. The name of the patch is 57505527f838d1e46e8f93d567ba552a30185bfa. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-257784."
+    },
+    {
+      "lang": "es",
+      "value": "Se encontr\u00f3 una vulnerabilidad en AwesomestCode LiveBot. Ha sido clasificada como problem\u00e1tica. La funci\u00f3n parseSend del archivo js/parseMessage.js es afectada por la vulnerabilidad. La manipulaci\u00f3n conduce a cross-site scripting. Es posible lanzar el ataque de forma remota. Este producto utiliza un lanzamiento continuo para proporcionar una entrega continua. Por lo tanto, no hay detalles disponibles para las versiones afectadas ni actualizadas. La actualizaci\u00f3n a la versi\u00f3n 0.1 puede solucionar este problema. El nombre del parche es 57505527f838d1e46e8f93d567ba552a30185bfa. Se recomienda actualizar el componente afectado. El identificador de esta vulnerabilidad es VDB-257784."
     }
   ],
   "metrics": {

CVE-2021/CVE-2021-336xx/CVE-2021-33632.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-33632",
   "sourceIdentifier": "securities@openeuler.org",
   "published": "2024-03-25T07:15:49.630",
-  "lastModified": "2024-03-25T07:15:49.630",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files https://gitee.Com/openeuler/iSulad/blob/master/src/cmd/isulad/main.C.\n\nThis issue affects iSulad: 2.0.18-13, from 2.1.4-1 through 2.1.4-2.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La vulnerabilidad de condici\u00f3n de ejecuci\u00f3n de tiempo de verificaci\u00f3n y tiempo de uso (TOCTOU) en openEuler iSulad en Linux permite aprovechar las condiciones de ejecuci\u00f3n de tiempo de verificaci\u00f3n y tiempo de uso (TOCTOU). Esta vulnerabilidad est\u00e1 asociada con archivos de programa https://gitee.Com/openeuler/iSulad/blob/master/src/cmd/isulad/main.C. Este problema afecta a iSulad: 2.0.18-13, desde 2.1.4-1 hasta 2.1.4-2."
     }
   ],
   "metrics": {

CVE-2021/CVE-2021-471xx/CVE-2021-47136.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47136",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:07.970",
-  "lastModified": "2024-03-25T09:15:07.970",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: zero-initialize tc skb extension on allocation\n\nFunction skb_ext_add() doesn't initialize created skb extension with any\nvalue and leaves it up to the user. However, since extension of type\nTC_SKB_EXT originally contained only single value tc_skb_ext->chain its\nusers used to just assign the chain value without setting whole extension\nmemory to zero first. This assumption changed when TC_SKB_EXT extension was\nextended with additional fields but not all users were updated to\ninitialize the new fields which leads to use of uninitialized memory\nafterwards. UBSAN log:\n\n[  778.299821] UBSAN: invalid-load in net/openvswitch/flow.c:899:28\n[  778.301495] load of value 107 is not a valid value for type '_Bool'\n[  778.303215] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.12.0-rc7+ #2\n[  778.304933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[  778.307901] Call Trace:\n[  778.308680]  <IRQ>\n[  778.309358]  dump_stack+0xbb/0x107\n[  778.310307]  ubsan_epilogue+0x5/0x40\n[  778.311167]  __ubsan_handle_load_invalid_value.cold+0x43/0x48\n[  778.312454]  ? memset+0x20/0x40\n[  778.313230]  ovs_flow_key_extract.cold+0xf/0x14 [openvswitch]\n[  778.314532]  ovs_vport_receive+0x19e/0x2e0 [openvswitch]\n[  778.315749]  ? ovs_vport_find_upcall_portid+0x330/0x330 [openvswitch]\n[  778.317188]  ? create_prof_cpu_mask+0x20/0x20\n[  778.318220]  ? arch_stack_walk+0x82/0xf0\n[  778.319153]  ? secondary_startup_64_no_verify+0xb0/0xbb\n[  778.320399]  ? stack_trace_save+0x91/0xc0\n[  778.321362]  ? stack_trace_consume_entry+0x160/0x160\n[  778.322517]  ? lock_release+0x52e/0x760\n[  778.323444]  netdev_frame_hook+0x323/0x610 [openvswitch]\n[  778.324668]  ? ovs_netdev_get_vport+0xe0/0xe0 [openvswitch]\n[  778.325950]  __netif_receive_skb_core+0x771/0x2db0\n[  778.327067]  ? lock_downgrade+0x6e0/0x6f0\n[  778.328021]  ? lock_acquire+0x565/0x720\n[  778.328940]  ? generic_xdp_tx+0x4f0/0x4f0\n[  778.329902]  ? inet_gro_receive+0x2a7/0x10a0\n[  778.330914]  ? lock_downgrade+0x6f0/0x6f0\n[  778.331867]  ? udp4_gro_receive+0x4c4/0x13e0\n[  778.332876]  ? lock_release+0x52e/0x760\n[  778.333808]  ? dev_gro_receive+0xcc8/0x2380\n[  778.334810]  ? lock_downgrade+0x6f0/0x6f0\n[  778.335769]  __netif_receive_skb_list_core+0x295/0x820\n[  778.336955]  ? process_backlog+0x780/0x780\n[  778.337941]  ? mlx5e_rep_tc_netdevice_event_unregister+0x20/0x20 [mlx5_core]\n[  778.339613]  ? seqcount_lockdep_reader_access.constprop.0+0xa7/0xc0\n[  778.341033]  ? kvm_clock_get_cycles+0x14/0x20\n[  778.342072]  netif_receive_skb_list_internal+0x5f5/0xcb0\n[  778.343288]  ? __kasan_kmalloc+0x7a/0x90\n[  778.344234]  ? mlx5e_handle_rx_cqe_mpwrq+0x9e0/0x9e0 [mlx5_core]\n[  778.345676]  ? mlx5e_xmit_xdp_frame_mpwqe+0x14d0/0x14d0 [mlx5_core]\n[  778.347140]  ? __netif_receive_skb_list_core+0x820/0x820\n[  778.348351]  ? mlx5e_post_rx_mpwqes+0xa6/0x25d0 [mlx5_core]\n[  778.349688]  ? napi_gro_flush+0x26c/0x3c0\n[  778.350641]  napi_complete_done+0x188/0x6b0\n[  778.351627]  mlx5e_napi_poll+0x373/0x1b80 [mlx5_core]\n[  778.352853]  __napi_poll+0x9f/0x510\n[  778.353704]  ? mlx5_flow_namespace_set_mode+0x260/0x260 [mlx5_core]\n[  778.355158]  net_rx_action+0x34c/0xa40\n[  778.356060]  ? napi_threaded_poll+0x3d0/0x3d0\n[  778.357083]  ? sched_clock_cpu+0x18/0x190\n[  778.358041]  ? __common_interrupt+0x8e/0x1a0\n[  778.359045]  __do_softirq+0x1ce/0x984\n[  778.359938]  __irq_exit_rcu+0x137/0x1d0\n[  778.360865]  irq_exit_rcu+0xa/0x20\n[  778.361708]  common_interrupt+0x80/0xa0\n[  778.362640]  </IRQ>\n[  778.363212]  asm_common_interrupt+0x1e/0x40\n[  778.364204] RIP: 0010:native_safe_halt+0xe/0x10\n[  778.365273] Code: 4f ff ff ff 4c 89 e7 e8 50 3f 40 fe e9 dc fe ff ff 48 89 df e8 43 3f 40 fe eb 90 cc e9 07 00 00 00 0f 00 2d 74 05 62 00 fb f4 <c3> 90 e9 07 00 00 00 0f 00 2d 64 05 62 00 f4 c3 cc cc 0f 1f 44 00\n[  778.369355] RSP: 0018:ffffffff84407e48 EFLAGS: 00000246\n[  778.370570] RAX\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: inicializaci\u00f3n cero de la extensi\u00f3n tc skb en la asignaci\u00f3n La funci\u00f3n skb_ext_add() no inicializa la extensi\u00f3n skb creada con ning\u00fan valor y lo deja en manos del usuario. Sin embargo, dado que la extensi\u00f3n de tipo TC_SKB_EXT originalmente conten\u00eda solo un valor \u00fanico tc_skb_ext-&gt;chain, sus usuarios sol\u00edan asignar simplemente el valor de la cadena sin establecer primero toda la memoria de extensi\u00f3n en cero. Esta suposici\u00f3n cambi\u00f3 cuando la extensi\u00f3n TC_SKB_EXT se ampli\u00f3 con campos adicionales, pero no todos los usuarios se actualizaron para inicializar los nuevos campos, lo que lleva al uso de memoria no inicializada posteriormente. Registro de UBSAN: [778.299821] UBSAN: carga no v\u00e1lida en net/openvswitch/flow.c:899:28 [778.301495] la carga del valor 107 no es un valor v\u00e1lido para el tipo '_Bool' [778.303215] CPU: 0 PID: 0 Comm : swapper/0 Not tainted 5.12.0-rc7+ #2 [ 778.304933] Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/ 2014 [778.307901] Seguimiento de llamadas: [778.308680]  [778.309358] dump_stack+0xbb/0x107 [778.310307] ubsan_epilogue+0x5/0x40 [778.311167] __ubsan_handle_load_invalid_value.col d+0x43/0x48 [778.312454]? memset+0x20/0x40 [778.313230] ovs_flow_key_extract.cold+0xf/0x14 [openvswitch] [778.314532] ovs_vport_receive+0x19e/0x2e0 [openvswitch] [778.315749]? ovs_vport_find_upcall_portid+0x330/0x330 [openvswitch] [778.317188]? create_prof_cpu_mask+0x20/0x20 [778.318220]? arch_stack_walk+0x82/0xf0 [778.319153]? second_startup_64_no_verify+0xb0/0xbb [778.320399]? stack_trace_save+0x91/0xc0 [778.321362]? stack_trace_consume_entry+0x160/0x160 [778.322517]? lock_release+0x52e/0x760 [778.323444] netdev_frame_hook+0x323/0x610 [openvswitch] [778.324668]? ovs_netdev_get_vport+0xe0/0xe0 [openvswitch] [778.325950] __netif_receive_skb_core+0x771/0x2db0 [778.327067]? lock_downgrade+0x6e0/0x6f0 [778.328021]? lock_acquire+0x565/0x720 [778.328940]? generic_xdp_tx+0x4f0/0x4f0 [778.329902]? inet_gro_receive+0x2a7/0x10a0 [778.330914]? lock_downgrade+0x6f0/0x6f0 [778.331867]? udp4_gro_receive+0x4c4/0x13e0 [778.332876]? lock_release+0x52e/0x760 [778.333808]? dev_gro_receive+0xcc8/0x2380 [778.334810]? lock_downgrade+0x6f0/0x6f0 [ 778.335769] __netif_receive_skb_list_core+0x295/0x820 [ 778.336955] ? proceso_backlog+0x780/0x780 [778.337941]? mlx5e_rep_tc_netdevice_event_unregister+0x20/0x20 [mlx5_core] [778.339613]? seqcount_lockdep_reader_access.constprop.0+0xa7/0xc0 [778.341033]? kvm_clock_get_cycles+0x14/0x20 [ 778.342072] netif_receive_skb_list_internal+0x5f5/0xcb0 [ 778.343288] ? __kasan_kmalloc+0x7a/0x90 [778.344234]? mlx5e_handle_rx_cqe_mpwrq+0x9e0/0x9e0 [mlx5_core] [778.345676]? mlx5e_xmit_xdp_frame_mpwqe+0x14d0/0x14d0 [mlx5_core] [778.347140]? __netif_receive_skb_list_core+0x820/0x820 [778.348351]? mlx5e_post_rx_mpwqes+0xa6/0x25d0 [mlx5_core] [778.349688]? napi_gro_flush+0x26c/0x3c0 [ 778.350641] napi_complete_done+0x188/0x6b0 [ 778.351627] mlx5e_napi_poll+0x373/0x1b80 [mlx5_core] [ 778.352853] __napi_poll+0x9f/0x510 [778.353704] ? mlx5_flow_namespace_set_mode+0x260/0x260 [mlx5_core] [778.355158] net_rx_action+0x34c/0xa40 [778.356060]? napi_threaded_poll+0x3d0/0x3d0 [778.357083]? sched_clock_cpu+0x18/0x190 [778.358041]? __common_interrupt+0x8e/0x1a0 [ 778.359045] __do_softirq+0x1ce/0x984 [ 778.359938] __irq_exit_rcu+0x137/0x1d0 [ 778.360865] irq_exit_rcu+0xa/0x20 [ 778.36170 8] interrupci\u00f3n_com\u00fan+0x80/0xa0 [ 778.362640]  [ 778.363212] asm_interrupci\u00f3n_com\u00fan+0x1e /0x40 [ 778.364204] RIP: 0010:native_safe_halt+0xe/0x10 [ 778.365273] C\u00f3digo: 4f ff ff ff 4c 89 e7 e8 50 3f 40 fe e9 dc fe ff ff 48 89 df e8 43 3f 40 fe eb 90 cc e 9 07 00 00 00 0f 00 2d 74 05 62 00 fb f4  90 e9 07 00 00 00 0f 00 2d 64 05 62 00 f4 c3 cc cc 0f 1f 44 00 [ 778.369355] RSP: 0018:ffffffff84407 e48 EFLAGS: 00000246 [778.370570] RAX ---truncado---"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47137.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47137",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.240",
-  "lastModified": "2024-03-25T09:15:08.240",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lantiq: fix memory corruption in RX ring\n\nIn a situation where memory allocation or dma mapping fails, an\ninvalid address is programmed into the descriptor. This can lead\nto memory corruption. If the memory allocation fails, DMA should\nreuse the previous skb and mapping and drop the packet. This patch\nalso increments rx drop counter."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: lantiq: corrige la corrupci\u00f3n de la memoria en el anillo RX En una situaci\u00f3n en la que falla la asignaci\u00f3n de memoria o el mapeo dma, se programa una direcci\u00f3n no v\u00e1lida en el descriptor. Esto puede provocar da\u00f1os en la memoria. Si la asignaci\u00f3n de memoria falla, DMA deber\u00eda reutilizar el skb y el mapeo anteriores y descartar el paquete. Este parche tambi\u00e9n incrementa el contador de ca\u00eddas de rx."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47138.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47138",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.427",
-  "lastModified": "2024-03-25T09:15:08.427",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: avoid accessing registers when clearing filters\n\nHardware register having the server TID base can contain\ninvalid values when adapter is in bad state (for example,\ndue to AER fatal error). Reading these invalid values in the\nregister can lead to out-of-bound memory access. So, fix\nby using the saved server TID base when clearing filters."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cxgb4: evita acceder a los registros al borrar los filtros El registro de hardware que tiene la base TID del servidor puede contener valores no v\u00e1lidos cuando el adaptador est\u00e1 en mal estado (por ejemplo, debido a un error fatal de AER). Leer estos valores no v\u00e1lidos en el registro puede provocar un acceso a la memoria fuera de l\u00edmites. Por lo tanto, solucione el problema utilizando la base TID del servidor guardado al borrar los filtros."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47139.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47139",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.603",
-  "lastModified": "2024-03-25T09:15:08.603",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: put off calling register_netdev() until client initialize complete\n\nCurrently, the netdevice is registered before client initializing\ncomplete. So there is a timewindow between netdevice available\nand usable. In this case, if user try to change the channel number\nor ring param, it may cause the hns3_set_rx_cpu_rmap() being called\ntwice, and report bug.\n\n[47199.416502] hns3 0000:35:00.0 eth1: set channels: tqp_num=1, rxfh=0\n[47199.430340] hns3 0000:35:00.0 eth1: already uninitialized\n[47199.438554] hns3 0000:35:00.0: rss changes from 4 to 1\n[47199.511854] hns3 0000:35:00.0: Channels changed, rss_size from 4 to 1, tqps from 4 to 1\n[47200.163524] ------------[ cut here ]------------\n[47200.171674] kernel BUG at lib/cpu_rmap.c:142!\n[47200.177847] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[47200.185259] Modules linked in: hclge(+) hns3(-) hns3_cae(O) hns_roce_hw_v2 hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O) [last unloaded: hclge]\n[47200.205912] CPU: 1 PID: 8260 Comm: ethtool Tainted: G           O      5.11.0-rc3+ #1\n[47200.215601] Hardware name:  , xxxxxx 02/04/2021\n[47200.223052] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[47200.230188] pc : cpu_rmap_add+0x38/0x40\n[47200.237472] lr : irq_cpu_rmap_add+0x84/0x140\n[47200.243291] sp : ffff800010e93a30\n[47200.247295] x29: ffff800010e93a30 x28: ffff082100584880\n[47200.254155] x27: 0000000000000000 x26: 0000000000000000\n[47200.260712] x25: 0000000000000000 x24: 0000000000000004\n[47200.267241] x23: ffff08209ba03000 x22: ffff08209ba038c0\n[47200.273789] x21: 000000000000003f x20: ffff0820e2bc1680\n[47200.280400] x19: ffff0820c970ec80 x18: 00000000000000c0\n[47200.286944] x17: 0000000000000000 x16: ffffb43debe4a0d0\n[47200.293456] x15: fffffc2082990600 x14: dead000000000122\n[47200.300059] x13: ffffffffffffffff x12: 000000000000003e\n[47200.306606] x11: ffff0820815b8080 x10: ffff53e411988000\n[47200.313171] x9 : 0000000000000000 x8 : ffff0820e2bc1700\n[47200.319682] x7 : 0000000000000000 x6 : 000000000000003f\n[47200.326170] x5 : 0000000000000040 x4 : ffff800010e93a20\n[47200.332656] x3 : 0000000000000004 x2 : ffff0820c970ec80\n[47200.339168] x1 : ffff0820e2bc1680 x0 : 0000000000000004\n[47200.346058] Call trace:\n[47200.349324]  cpu_rmap_add+0x38/0x40\n[47200.354300]  hns3_set_rx_cpu_rmap+0x6c/0xe0 [hns3]\n[47200.362294]  hns3_reset_notify_init_enet+0x1cc/0x340 [hns3]\n[47200.370049]  hns3_change_channels+0x40/0xb0 [hns3]\n[47200.376770]  hns3_set_channels+0x12c/0x2a0 [hns3]\n[47200.383353]  ethtool_set_channels+0x140/0x250\n[47200.389772]  dev_ethtool+0x714/0x23d0\n[47200.394440]  dev_ioctl+0x4cc/0x640\n[47200.399277]  sock_do_ioctl+0x100/0x2a0\n[47200.404574]  sock_ioctl+0x28c/0x470\n[47200.409079]  __arm64_sys_ioctl+0xb4/0x100\n[47200.415217]  el0_svc_common.constprop.0+0x84/0x210\n[47200.422088]  do_el0_svc+0x28/0x34\n[47200.426387]  el0_svc+0x28/0x70\n[47200.431308]  el0_sync_handler+0x1a4/0x1b0\n[47200.436477]  el0_sync+0x174/0x180\n[47200.441562] Code: 11000405 79000c45 f8247861 d65f03c0 (d4210000)\n[47200.448869] ---[ end trace a01efe4ce42e5f34 ]---\n\nThe process is like below:\nexcuting hns3_client_init\n|\nregister_netdev()\n|                           hns3_set_channels()\n|                           |\nhns3_set_rx_cpu_rmap()      hns3_reset_notify_uninit_enet()\n|                               |\n|                            quit without calling function\n|                            hns3_free_rx_cpu_rmap for flag\n|                            HNS3_NIC_STATE_INITED is unset.\n|                           |\n|                           hns3_reset_notify_init_enet()\n|                               |\nset HNS3_NIC_STATE_INITED    call hns3_set_rx_cpu_rmap()-- crash\n\nFix it by calling register_netdev() at the end of function\nhns3_client_init()."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: posponga la llamada a Register_netdev() hasta que se complete la inicializaci\u00f3n del cliente. Actualmente, el netdevice se registra antes de que se complete la inicializaci\u00f3n del cliente. Por lo tanto, existe una ventana de tiempo entre el dispositivo de red disponible y utilizable. En este caso, si el usuario intenta cambiar el n\u00famero de canal o el par\u00e1metro de timbre, puede provocar que se llame dos veces a hns3_set_rx_cpu_rmap() y se informe del error. [47199.416502] hns3 0000:35:00.0 eth1: configurar canales: tqp_num=1, rxfh=0 [47199.430340] hns3 0000:35:00.0 eth1: ya no inicializado [47199.438554] hns3 0000:35:00.0 : rss cambia de 4 a 1 [47199.511854] hns3 0000:35:00.0: Canales cambiados, rss_size de 4 a 1, tqps de 4 a 1 [47200.163524] ------------[ cortar aqu\u00ed ]------- ----- \u00a1ERROR del kernel [47200.171674] en lib/cpu_rmap.c:142! [47200.177847] Error interno: Ups - ERROR: 0 [#1] SMP PREEMPT [47200.185259] M\u00f3dulos vinculados en: hclge(+) hns3(-) hns3_cae(O) hns_roce_hw_v2 hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv68 0_mii(O) [\u00faltima descarga: HCLGE] [47200.205912] CPU: 1 PID: 8260 Comm: EthTool Tainted: Go 5.11.0 -RC3 + #1 [47200.215601] Nombre de hardware:, xxxxxx 02/04/2021 [47200.223052] Pstate: 60400009 (NZCV + PAN + PANEFI. -TCO BTYPE=--) [47200.230188] pc: cpu_rmap_add+0x38/0x40 [47200.237472] lr: irq_cpu_rmap_add+0x84/0x140 [47200.243291] sp: ffff800010e93a30 [47200.247 295] x29: ffff800010e93a30 x28: ffff082100584880 [47200.254155] x27: 0000000000000000 x26: 0000000000000000 [47200.260712] x25: 0000000000000000 x24: 0000000000000004 [47200.267241] x23: ffff08209ba03000 x22: ffff08209ba038c0 [ 47200.273789] x21: 000000000000003f x20: ffff0820e2bc1680 [47200.280400] x19: ffff0820c970ec80 x18: 00000000000000c0 [47200.286944] x17: 0 000000000000000 x16: ffffb43debe4a0d0 [47200.293456] x15 : ffffc2082990600 x14: muerto000000000122 [47200.300059] x13: ffffffffffffffff x12: 000000000000003e [47200.306606] x11: ffff0820815b8080 x10: ffff53e4 11988000 [47200.313171] x9: 00000000000000000 x8: ffff0820e2bc1700 [47200.319682] x7: 00000000000000000 x6: 000000000000003f [47200.32617 0] x5: 0000000000000040 x4: ffff800010e93a20 [47200.332656] x3: 0000000000000004 x2: ffff0820c970ec80 [47200.339168] x1: ffff0820e2bc1680 x0: 00000000000000004 [47200.346058] Rastreo de llamadas: [4720 0.349324] cpu_rmap_add+0x38/0x40 [47200.354300] hns3_set_rx_cpu_rmap+0x6c/0xe0 [hns3] [47200.362294] hns3_reset_notify_init_enet+0x1cc/ 0x340 [hns3] [47200.370049] hns3_change_channels+0x40/0xb0 [hns3] [47200.376770] hns3_set_channels+0x12c/0x2a0 [hns3] [47200.383353] ethtool_set_channels+0x140/0x250 [ 47200.389772] dev_ethtool+0x714/0x23d0 [47200.394440] dev_ioctl+0x4cc/0x640 [47200.399277] sock_do_ioctl+0x100/0x2a0 [47200.404574] sock_ioctl+0x28c/0x470 [47200.409079] __arm64_sys_ioctl+0xb4/0x100 [47200.415217] el0_svc _common.constprop.0+0x84/0x210 [47200.422088] do_el0_svc+0x28/0x34 [47200.426387] el0_svc+0x28 /0x70 [47200.431308] el0_sync_handler+0x1a4/0x1b0 [47200.436477] el0_sync+0x174/0x180 [47200.441562] C\u00f3digo: 11000405 79000c45 f8247861 d65f03c0 (d4210 000) [47200.448869] ---[ end trace a01efe4ce42e5f34 ]--- El proceso es el siguiente: ejecutando hns3_client_init | registrarse_netdev() | hns3_set_channels() | | hns3_set_rx_cpu_rmap() hns3_reset_notify_uninit_enet() | | | salir sin llamar a la funci\u00f3n | hns3_free_rx_cpu_rmap para bandera | HNS3_NIC_STATE_INITED no est\u00e1 configurado. | | | hns3_reset_notify_init_enet() | | set HNS3_NIC_STATE_INITED call hns3_set_rx_cpu_rmap()-- crash Solucionarlo llamando a Register_netdev() al final de la funci\u00f3n hns3_client_init()."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47140.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47140",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.740",
-  "lastModified": "2024-03-25T09:15:08.740",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Clear DMA ops when switching domain\n\nSince commit 08a27c1c3ecf (\"iommu: Add support to change default domain\nof an iommu group\") a user can switch a device between IOMMU and direct\nDMA through sysfs. This doesn't work for AMD IOMMU at the moment because\ndev->dma_ops is not cleared when switching from a DMA to an identity\nIOMMU domain. The DMA layer thus attempts to use the dma-iommu ops on an\nidentity domain, causing an oops:\n\n  # echo 0000:00:05.0 > /sys/sys/bus/pci/drivers/e1000e/unbind\n  # echo identity > /sys/bus/pci/devices/0000:00:05.0/iommu_group/type\n  # echo 0000:00:05.0 > /sys/sys/bus/pci/drivers/e1000e/bind\n   ...\n  BUG: kernel NULL pointer dereference, address: 0000000000000028\n   ...\n   Call Trace:\n    iommu_dma_alloc\n    e1000e_setup_tx_resources\n    e1000e_open\n\nSince iommu_change_dev_def_domain() calls probe_finalize() again, clear\nthe dma_ops there like Vt-d does."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/amd: borra las operaciones de DMA al cambiar de dominio. Desde el commit 08a27c1c3ecf (\"iommu: agrega soporte para cambiar el dominio predeterminado de un grupo iommu\"), un usuario puede cambiar un dispositivo entre IOMMU y DMA directo a trav\u00e9s de sysfs. Esto no funciona para AMD IOMMU en este momento porque dev->dma_ops no se borra al cambiar de un DMA a un dominio IOMMU de identidad. Por lo tanto, la capa DMA intenta utilizar las operaciones dma-iommu en un dominio de identidad, lo que provoca un error: # echo 0000:00:05.0 > /sys/sys/bus/pci/drivers/e1000e/unbind # echo Identity > /sys/ bus/pci/devices/0000:00:05.0/iommu_group/type # echo 0000:00:05.0 > /sys/sys/bus/pci/drivers/e1000e/bind ... ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000028 ... Seguimiento de llamadas: iommu_dma_alloc e1000e_setup_tx_resources e1000e_open Dado que iommu_change_dev_def_domain() llama a probe_finalize() nuevamente, borre dma_ops all\u00ed como lo hace Vt-d."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47141.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47141",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.790",
-  "lastModified": "2024-03-25T09:15:08.790",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Add NULL pointer checks when freeing irqs.\n\nWhen freeing notification blocks, we index priv->msix_vectors.\nIf we failed to allocate priv->msix_vectors (see abort_with_msix_vectors)\nthis could lead to a NULL pointer dereference if the driver is unloaded."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gve: agrega comprobaciones de puntero NULL al liberar irqs. Al liberar bloques de notificaciones, indexamos priv->msix_vectors. Si no pudimos asignar priv->msix_vectors (consulte abort_with_msix_vectors), esto podr\u00eda provocar una desreferencia del puntero NULL si el controlador est\u00e1 descargado."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47142.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47142",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.843",
-  "lastModified": "2024-03-25T09:15:08.843",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a use-after-free\n\nlooks like we forget to set ttm->sg to NULL.\nHit panic below\n\n[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 1235.989074] Call Trace:\n[ 1235.991751]  sg_free_table+0x17/0x20\n[ 1235.995667]  amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu]\n[ 1236.002288]  amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu]\n[ 1236.008464]  ttm_tt_destroy+0x1e/0x30 [ttm]\n[ 1236.013066]  ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm]\n[ 1236.018783]  ttm_bo_release+0x262/0xa50 [ttm]\n[ 1236.023547]  ttm_bo_put+0x82/0xd0 [ttm]\n[ 1236.027766]  amdgpu_bo_unref+0x26/0x50 [amdgpu]\n[ 1236.032809]  amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu]\n[ 1236.040400]  kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu]\n[ 1236.046912]  kfd_ioctl+0x463/0x690 [amdgpu]"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: se soluciona un problema de use-after-free que parece que nos olvidamos de configurar ttm->sg en NULL. Se produce p\u00e1nico a continuaci\u00f3n [1235.844104] falla de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI [1235.989074] Seguimiento de llamadas: [1235.991751] sg_free_table+0x17/0x20 [ 123 5.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu] [ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu] [ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm] [ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa 0 [ttm] [ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm] [ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm] [ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu] [ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu] [ 123 6.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu] [ 1236.046912] kfd_ioctl+0x463/0x690 [ amdgpu]"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47143.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47143",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.900",
-  "lastModified": "2024-03-25T09:15:08.900",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: remove device from smcd_dev_list after failed device_add()\n\nIf the device_add() for a smcd_dev fails, there's no cleanup step that\nrolls back the earlier list_add(). The device subsequently gets freed,\nand we end up with a corrupted list.\n\nAdd some error handling that removes the device from the list."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/smc: eliminar dispositivo de smcd_dev_list despu\u00e9s de fallar device_add() Si falla el dispositivo_add() para smcd_dev, no hay ning\u00fan paso de limpieza que revierta el list_add() anterior. Posteriormente, el dispositivo se libera y terminamos con una lista corrupta. Agregue alg\u00fan manejo de errores que elimine el dispositivo de la lista."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47144.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47144",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.950",
-  "lastModified": "2024-03-25T09:15:08.950",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu: fix refcount leak\n\n[Why]\nthe gem object rfb->base.obj[0] is get according to num_planes\nin amdgpufb_create, but is not put according to num_planes\n\n[How]\nput rfb->base.obj[0] in amdgpu_fbdev_destroy according to num_planes"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/amdgpu: corrige la fuga de refcount [Por qu\u00e9] el objeto gema rfb->base.obj[0] se obtiene seg\u00fan num_planes en amdgpufb_create, pero no se coloca seg\u00fan num_planes en amdgpufb_create num_planes [C\u00f3mo] poner rfb->base.obj[0] en amdgpu_fbdev_destroy seg\u00fan num_planes"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47145.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47145",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:08.993",
-  "lastModified": "2024-03-25T09:15:08.993",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not BUG_ON in link_to_fixup_dir\n\nWhile doing error injection testing I got the following panic\n\n  kernel BUG at fs/btrfs/tree-log.c:1862!\n  invalid opcode: 0000 [#1] SMP NOPTI\n  CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014\n  RIP: 0010:link_to_fixup_dir+0xd5/0xe0\n  RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216\n  RAX: fffffffffffffffb RBX: 00000000fffffffb RCX: ffff8f595287faf0\n  RDX: ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000\n  RBP: ffff8f5953af9450 R08: 0000000000000019 R09: 0000000000000001\n  R10: 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800\n  R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065\n  FS:  00007fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00007fc5287f47c0 CR3: 000000011275e002 CR4: 0000000000370ee0\n  Call Trace:\n   replay_one_buffer+0x409/0x470\n   ? btree_read_extent_buffer_pages+0xd0/0x110\n   walk_up_log_tree+0x157/0x1e0\n   walk_log_tree+0xa6/0x1d0\n   btrfs_recover_log_trees+0x1da/0x360\n   ? replay_one_extent+0x7b0/0x7b0\n   open_ctree+0x1486/0x1720\n   btrfs_mount_root.cold+0x12/0xea\n   ? __kmalloc_track_caller+0x12f/0x240\n   legacy_get_tree+0x24/0x40\n   vfs_get_tree+0x22/0xb0\n   vfs_kern_mount.part.0+0x71/0xb0\n   btrfs_mount+0x10d/0x380\n   ? vfs_parse_fs_string+0x4d/0x90\n   legacy_get_tree+0x24/0x40\n   vfs_get_tree+0x22/0xb0\n   path_mount+0x433/0xa10\n   __x64_sys_mount+0xe3/0x120\n   do_syscall_64+0x3d/0x80\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nWe can get -EIO or any number of legitimate errors from\nbtrfs_search_slot(), panicing here is not the appropriate response.  The\nerror path for this code handles errors properly, simply return the\nerror."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: btrfs: no haga ERROR_ON en link_to_fixup_dir Mientras realizaba pruebas de inyecci\u00f3n de errores, obtuve el siguiente ERROR de p\u00e1nico en el kernel en fs/btrfs/tree-log.c:1862. c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305 Nombre de hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 01/04/2014 RIP: 0010:link_to_fixup_dir+0xd5/0xe0 RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216 RAX: fffffffffffffffb RBX: 00000000ffffffffb RCX: ffff8f595287faf0 RDX : ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000 RBP: ffff8f5953af9450 R08: 00000000000000019 R09: 0000000000000001 R10 : 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800 R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065 FS: 00007 fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc5287f47c0 CR3: 0 00000011275e002 CR4: 0000000000370ee0 Seguimiento de llamadas: replay_one_buffer+0x409/0x470? btree_read_extent_buffer_pages+0xd0/0x110 walk_up_log_tree+0x157/0x1e0 walk_log_tree+0xa6/0x1d0 btrfs_recover_log_trees+0x1da/0x360 ? replay_one_extent+0x7b0/0x7b0 open_ctree+0x1486/0x1720 btrfs_mount_root.cold+0x12/0xea ? __kmalloc_track_caller+0x12f/0x240 Legacy_get_tree+0x24/0x40 vfs_get_tree+0x22/0xb0 vfs_kern_mount.part.0+0x71/0xb0 btrfs_mount+0x10d/0x380 ? vfs_parse_fs_string+0x4d/0x90 Legacy_get_tree+0x24/0x40 vfs_get_tree+0x22/0xb0 path_mount+0x433/0xa10 __x64_sys_mount+0xe3/0x120 do_syscall_64+0x3d/0x80 Entry_SYSCALL_64_after_hwframe+0 x44/0xae Podemos obtener -EIO o cualquier n\u00famero de errores leg\u00edtimos de btrfs_search_slot() , entrar en p\u00e1nico aqu\u00ed no es la respuesta adecuada. La ruta de error para este c\u00f3digo maneja los errores correctamente, simplemente devuelve el error."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47146.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47146",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.047",
-  "lastModified": "2024-03-25T09:15:09.047",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmld: fix panic in mld_newpack()\n\nmld_newpack() doesn't allow to allocate high order page,\nonly order-0 allocation is allowed.\nIf headroom size is too large, a kernel panic could occur in skb_put().\n\nTest commands:\n    ip netns del A\n    ip netns del B\n    ip netns add A\n    ip netns add B\n    ip link add veth0 type veth peer name veth1\n    ip link set veth0 netns A\n    ip link set veth1 netns B\n\n    ip netns exec A ip link set lo up\n    ip netns exec A ip link set veth0 up\n    ip netns exec A ip -6 a a 2001:db8:0::1/64 dev veth0\n    ip netns exec B ip link set lo up\n    ip netns exec B ip link set veth1 up\n    ip netns exec B ip -6 a a 2001:db8:0::2/64 dev veth1\n    for i in {1..99}\n    do\n        let A=$i-1\n        ip netns exec A ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::1 remote 2001:db8:$A::2 encaplimit 100\n        ip netns exec A ip -6 a a 2001:db8:$i::1/64 dev ip6gre$i\n        ip netns exec A ip link set ip6gre$i up\n\n        ip netns exec B ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::2 remote 2001:db8:$A::1 encaplimit 100\n        ip netns exec B ip -6 a a 2001:db8:$i::2/64 dev ip6gre$i\n        ip netns exec B ip link set ip6gre$i up\n    done\n\nSplat looks like:\nkernel BUG at net/core/skbuff.c:110!\ninvalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI\nCPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.12.0+ #891\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:skb_panic+0x15d/0x15f\nCode: 92 fe 4c 8b 4c 24 10 53 8b 4d 70 45 89 e0 48 c7 c7 00 ae 79 83\n41 57 41 56 41 55 48 8b 54 24 a6 26 f9 ff <0f> 0b 48 8b 6c 24 20 89\n34 24 e8 4a 4e 92 fe 8b 34 24 48 c7 c1 20\nRSP: 0018:ffff88810091f820 EFLAGS: 00010282\nRAX: 0000000000000089 RBX: ffff8881086e9000 RCX: 0000000000000000\nRDX: 0000000000000089 RSI: 0000000000000008 RDI: ffffed1020123efb\nRBP: ffff888005f6eac0 R08: ffffed1022fc0031 R09: ffffed1022fc0031\nR10: ffff888117e00187 R11: ffffed1022fc0030 R12: 0000000000000028\nR13: ffff888008284eb0 R14: 0000000000000ed8 R15: 0000000000000ec0\nFS:  0000000000000000(0000) GS:ffff888117c00000(0000)\nknlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8b801c5640 CR3: 0000000033c2c006 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n skb_put.cold.104+0x22/0x22\n ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? rcu_read_lock_sched_held+0x91/0xc0\n mld_newpack+0x398/0x8f0\n ? ip6_mc_hdr.isra.26.constprop.46+0x600/0x600\n ? lock_contended+0xc40/0xc40\n add_grhead.isra.33+0x280/0x380\n add_grec+0x5ca/0xff0\n ? mld_sendpack+0xf40/0xf40\n ? lock_downgrade+0x690/0x690\n mld_send_initial_cr.part.34+0xb9/0x180\n ipv6_mc_dad_complete+0x15d/0x1b0\n addrconf_dad_completed+0x8d2/0xbb0\n ? lock_downgrade+0x690/0x690\n ? addrconf_rs_timer+0x660/0x660\n ? addrconf_dad_work+0x73c/0x10e0\n addrconf_dad_work+0x73c/0x10e0\n\nAllowing high order page allocation could fix this problem."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mld: corrige el p\u00e1nico en mld_newpack() mld_newpack() no permite asignar p\u00e1ginas de orden superior, solo se permite la asignaci\u00f3n de orden 0. Si el tama\u00f1o del espacio libre es demasiado grande, podr\u00eda ocurrir un p\u00e1nico en el kernel en skb_put(). Comandos de prueba: ip netns del A ip netns del B ip netns agregar A ip netns agregar enlace ip B agregar veth0 tipo nombre de par veth veth1 conjunto de enlace ip veth0 netns A conjunto de enlace ip veth1 netns B ip netns exec A enlace ip configurar lo up ip netns exec A configuraci\u00f3n de enlace ip veth0 up ip netns exec A ip -6 aa 2001:db8:0::1/64 dev veth0 ip netns exec B configuraci\u00f3n de enlace ip lo up ip netns exec B configuraci\u00f3n de enlace ip veth1 up ip netns exec B ip -6 aa 2001:db8:0::2/64 dev veth1 para i en {1..99} haga let A=$i-1 ip netns exec Un enlace ip agregue ip6gre$i escriba ip6gre \\ local 2001:db8 :$A::1 remoto 2001:db8:$A::2 encaplimit 100 ip netns exec A ip -6 aa 2001:db8:$i::1/64 dev ip6gre$i ip netns exec A conjunto de enlaces ip ip6gre$ Subo ip netns exec B enlace ip agregue ip6gre$escribo ip6gre \\ local 2001:db8:$A::2 remoto 2001:db8:$A::1 encaplimit 100 ip netns exec B ip -6 aa 2001:db8:$ i::2/64 dev ip6gre$i ip netns exec B ip link set ip6gre$i listo Splat se ve as\u00ed: \u00a1ERROR del kernel en net/core/skbuff.c:110! c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI CPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.12.0+ #891 Cola de trabajo: ipv6_addrconf addrconf_dad_work RIP: 0010:skb_panic+0x15d/0x15f C\u00f3digo: 92 fe 4c 8b 4c 24 10 53 8b 4d 70 45 89 e0 48 c7 c7 00 ae 79 83 41 57 41 56 41 55 48 8b 54 24 a6 26 f9 ff &lt;0f&gt; 0b 48 8b 6c 24 20 89 34 24 e 8 4a 4e 92fe 8b 34 24 48 c7 c1 20 RSP: 0018:ffff88810091f820 EFLAGS: 00010282 RAX: 0000000000000089 RBX: ffff8881086e9000 RCX: 0000000000000000 RDX: 0000 000000000089 RSI: 0000000000000008 RDI: ffffed1020123efb RBP: ffff888005f6eac0 R08: ffffed1022fc0031 R09: ffffed1022fc0031 R10: ffff888117e00187 R11: ffffed1022fc0030 R12: 0000000000000028 R13: ffff888008284eb0 R14: 0000000000000ed8 R15: 0000000000000ec0 FS: 00000000000000000(0000) GS:ffff888117c00000(0000) k nlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8b801c5640 CR3: 0000000033c2c006 CR4: 00000000003706f0 DR0: 0000000000000000 DR1 : 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600 skb_put.cold.104+0x22/0x22 ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600 ? rcu_read_lock_sched_held+0x91/0xc0 mld_newpack+0x398/0x8f0? ip6_mc_hdr.isra.26.constprop.46+0x600/0x600? lock_contended+0xc40/0xc40 add_grhead.isra.33+0x280/0x380 add_grec+0x5ca/0xff0 ? mld_sendpack+0xf40/0xf40? lock_downgrade+0x690/0x690 mld_send_initial_cr.part.34+0xb9/0x180 ipv6_mc_dad_complete+0x15d/0x1b0 addrconf_dad_completed+0x8d2/0xbb0 ? lock_downgrade+0x690/0x690? addrconf_rs_timer+0x660/0x660? addrconf_dad_work+0x73c/0x10e0 addrconf_dad_work+0x73c/0x10e0 Permitir la asignaci\u00f3n de p\u00e1ginas de alto orden podr\u00eda solucionar este problema."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47147.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47147",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.100",
-  "lastModified": "2024-03-25T09:15:09.100",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: ocp: Fix a resource leak in an error handling path\n\nIf an error occurs after a successful 'pci_ioremap_bar()' call, it must be\nundone by a corresponding 'pci_iounmap()' call, as already done in the\nremove function."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptp: ocp: corrige una fuga de recursos en una ruta de manejo de errores. Si se produce un error despu\u00e9s de una llamada exitosa a 'pci_ioremap_bar()', se debe deshacer mediante el correspondiente 'pci_iounmap()' 'llamar, como ya se hizo en la funci\u00f3n de eliminaci\u00f3n."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47148.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47148",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.150",
-  "lastModified": "2024-03-25T09:15:09.150",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()\n\nThis function is called from ethtool_set_rxfh() and \"*rss_context\"\ncomes from the user.  Add some bounds checking to prevent memory\ncorruption."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: octeontx2-pf: corrige un desbordamiento del b\u00fafer en otx2_set_rxfh_context() Esta funci\u00f3n se llama desde ethtool_set_rxfh() y \"*rss_context\" proviene del usuario. Agregue algunas comprobaciones de los l\u00edmites para evitar da\u00f1os en la memoria."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47149.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47149",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.200",
-  "lastModified": "2024-03-25T09:15:09.200",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fujitsu: fix potential null-ptr-deref\n\nIn fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer\nderef. To fix this, check the return value of ioremap and return -1\nto the caller in case of failure."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: fujitsu: corrige el potencial null-ptr-deref En fmvj18x_get_hwinfo(), si ioremap falla, habr\u00e1 un puntero NULL deref. Para solucionar este problema, verifique el valor de retorno de ioremap y devuelva -1 a la persona que llama en caso de falla."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47150.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47150",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.257",
-  "lastModified": "2024-03-25T09:15:09.257",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: fix the potential memory leak in fec_enet_init()\n\nIf the memory allocated for cbd_base is failed, it should\nfree the memory allocated for the queues, otherwise it causes\nmemory leak.\n\nAnd if the memory allocated for the queues is failed, it can\nreturn error directly."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: fec: soluciona la posible p\u00e9rdida de memoria en fec_enet_init() Si la memoria asignada para cbd_base falla, deber\u00eda liberar la memoria asignada para las colas; de lo contrario, provoca una p\u00e9rdida de memoria. Y si falla la memoria asignada para las colas, puede devolver un error directamente."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47151.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47151",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.310",
-  "lastModified": "2024-03-25T09:15:09.310",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: qcom: bcm-voter: add a missing of_node_put()\n\nAdd a missing of_node_put() in of_bcm_voter_get() to avoid the\nreference leak."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: interconexi\u00f3n: qcom: bcm-voter: agregar un of_node_put() faltante. Agregue un of_node_put() faltante en of_bcm_voter_get() para evitar la fuga de referencia."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47152.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47152",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.357",
-  "lastModified": "2024-03-25T09:15:09.357",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix data stream corruption\n\nMaxim reported several issues when forcing a TCP transparent proxy\nto use the MPTCP protocol for the inbound connections. He also\nprovided a clean reproducer.\n\nThe problem boils down to 'mptcp_frag_can_collapse_to()' assuming\nthat only MPTCP will use the given page_frag.\n\nIf others - e.g. the plain TCP protocol - allocate page fragments,\nwe can end-up re-using already allocated memory for mptcp_data_frag.\n\nFix the issue ensuring that the to-be-expanded data fragment is\nlocated at the current page frag end.\n\nv1 -> v2:\n - added missing fixes tag (Mat)"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mptcp: corrige la corrupci\u00f3n del flujo de datos Maxim inform\u00f3 varios problemas al forzar a un proxy transparente TCP a utilizar el protocolo MPTCP para las conexiones entrantes. Tambi\u00e9n proporcion\u00f3 un reproductor limpio. El problema se reduce a 'mptcp_frag_can_collapse_to()' suponiendo que s\u00f3lo MPTCP utilizar\u00e1 el page_frag dado. Si otros (por ejemplo, el protocolo TCP simple) asignan fragmentos de p\u00e1gina, podemos terminar reutilizando la memoria ya asignada para mptcp_data_frag. Solucione el problema asegur\u00e1ndose de que el fragmento de datos que se va a expandir est\u00e9 ubicado al final del fragmento de la p\u00e1gina actual. v1 -> v2: - se agreg\u00f3 la etiqueta de correcciones faltantes (Mat)"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47153.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47153",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T09:15:09.407",
-  "lastModified": "2024-03-25T09:15:09.407",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don't generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: i801: no genera una interrupci\u00f3n al restablecer el bus Ahora que el controlador i2c-i801 admite interrupciones, configurar el bit KILL en un intento de recuperarse de una transacci\u00f3n con tiempo de espera agotado se activa una interrupci\u00f3n. Desafortunadamente, el controlador de interrupciones (i801_isr) no est\u00e1 preparado para esta situaci\u00f3n e intentar\u00e1 procesar la interrupci\u00f3n como si estuviera indicando el final de una transacci\u00f3n exitosa. En el caso de una transacci\u00f3n en bloque, esto puede resultar en un acceso a la memoria fuera de rango. Esta condici\u00f3n fue reproducida varias veces por syzbot: https://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e https://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e https://syzkaller.appspot.com/bug ?extid=c8ff0b6d6c73d81b610e https://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb https://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a https://syzkaller.appspot.com/bug?extid=b 4d3fd1dfd53e90afd79 Entonces deshabilite las interrupciones al intentar restablecer el bus. Las interrupciones se habilitar\u00e1n nuevamente para la siguiente transacci\u00f3n."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47158.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47158",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:07.707",
-  "lastModified": "2024-03-25T10:15:07.707",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: add error handling in sja1105_setup()\n\nIf any of sja1105_static_config_load(), sja1105_clocking_setup() or\nsja1105_devlink_setup() fails, we can't just return in the middle of\nsja1105_setup() or memory will leak. Add a cleanup path."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: sja1105: agregue manejo de errores en sja1105_setup() Si alguno de sja1105_static_config_load(), sja1105_clocking_setup() o sja1105_devlink_setup() falla, no podemos simplemente regresar en el medio de sja1105_setup() o se perder\u00e1 memoria. Agregue una ruta de limpieza."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47159.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47159",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.330",
-  "lastModified": "2024-03-25T10:15:08.330",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix a crash if ->get_sset_count() fails\n\nIf ds->ops->get_sset_count() fails then it \"count\" is a negative error\ncode such as -EOPNOTSUPP.  Because \"i\" is an unsigned int, the negative\nerror code is type promoted to a very high value and the loop will\ncorrupt memory until the system crashes.\n\nFix this by checking for error codes and changing the type of \"i\" to\njust int."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: corrige un bloqueo si ->get_sset_count() falla. Si ds->ops->get_sset_count() falla, entonces \"count\" es un c\u00f3digo de error negativo como - EOPNOTSUPP. Debido a que \"i\" es un int sin signo, el c\u00f3digo de error negativo se promociona a un valor muy alto y el bucle corromper\u00e1 la memoria hasta que el sistema falle. Solucione este problema buscando c\u00f3digos de error y cambiando el tipo de \"i\" a solo int."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47160.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47160",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.377",
-  "lastModified": "2024-03-25T10:15:08.377",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mt7530: fix VLAN traffic leaks\n\nPCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\n\n\tip link add br0 type bridge vlan_filtering 1\n\tip link add br1 type bridge vlan_filtering 1\n\tip link set swp0 master br0\n\tip link set swp1 master br1\n\tip link set br0 type bridge vlan_filtering 0\n\tip link set br1 type bridge vlan_filtering 0\n\t# traffic in br0 and br1 will start leaking to each other\n\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: dsa: mt7530: corregir fugas de tr\u00e1fico de VLAN El campo PCR_MATRIX se configur\u00f3 en todos 1 cuando el filtrado de VLAN est\u00e1 habilitado, pero no se restableci\u00f3 cuando est\u00e1 deshabilitado, lo que puede causar fugas de tr\u00e1fico: enlace ip agregar puente tipo br0 vlan_filtering 1 enlace ip agregar puente tipo br1 vlan_filtering 1 conjunto de enlaces ip swp0 master br0 conjunto de enlaces ip swp1 maestro br1 conjunto de enlaces ip br0 puente tipo vlan_filtering 0 conjunto de enlaces ip br1 tipo puente vlan_filtering 0 # tr\u00e1fico en br0 y br1 comenzar\u00e1n a filtrarse entre s\u00ed. Como port_bridge_{add,del} ha configurado PCR_MATRIX correctamente, elimine la escritura PCR_MATRIX de mt7530_port_set_vlan_aware."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47161.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47161",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.433",
-  "lastModified": "2024-03-25T10:15:08.433",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix a resource leak in an error handling path\n\n'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the\nerror handling path of the probe function, as already done in the remove\nfunction"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: spi: spi-fsl-dspi: reparar una fuga de recursos en una ruta de manejo de errores 'dspi_request_dma()' debe deshacerse mediante una llamada 'dspi_release_dma()' en la ruta de manejo de errores de la funci\u00f3n de sonda, como ya se hizo en la funci\u00f3n de eliminaci\u00f3n"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47162.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47162",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.480",
-  "lastModified": "2024-03-25T10:15:08.480",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt's not a good idea to append the frag skb to a skb's frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get'ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n  [] kernel BUG at net/core/skbuff.c:1970!\n  [] Call Trace:\n  []  skb_clone+0x4d/0xb0\n  []  macvlan_broadcast+0xd8/0x160 [macvlan]\n  []  macvlan_process_broadcast+0x148/0x150 [macvlan]\n  []  process_one_work+0x1a7/0x360\n  []  worker_thread+0x30/0x390\n\n  [] kernel BUG at mm/usercopy.c:102!\n  [] Call Trace:\n  []  __check_heap_object+0xd3/0x100\n  []  __check_object_size+0xff/0x16b\n  []  simple_copy_to_iter+0x1c/0x30\n  []  __skb_datagram_iter+0x7d/0x310\n  []  __skb_datagram_iter+0x2a5/0x310\n  []  skb_copy_datagram_iter+0x3b/0x90\n  []  tipc_recvmsg+0x14a/0x3a0 [tipc]\n  []  ____sys_recvmsg+0x91/0x150\n  []  ___sys_recvmsg+0x7b/0xc0\n\n  [] kernel BUG at mm/slub.c:305!\n  [] Call Trace:\n  []  <IRQ>\n  []  kmem_cache_free+0x3ff/0x400\n  []  __netif_receive_skb_core+0x12c/0xc40\n  []  ? kmem_cache_alloc+0x12e/0x270\n  []  netif_receive_skb_internal+0x3d/0xb0\n  []  ? get_rx_page_info+0x8e/0xa0 [be2net]\n  []  be_poll+0x6ef/0xd00 [be2net]\n  []  ? irq_exit+0x4f/0x100\n  []  net_rx_action+0x149/0x3b0\n\n  ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: skb_linearize el skb principal al volver a ensamblar mensajes No es una buena idea agregar el frag skb a la frag_list de un skb si la frag_list ya tiene skbs de otro lugar, como por ejemplo este skb fue creado por pskb_copy() donde se clon\u00f3 frag_list (todos los skbs que conten\u00eda fueron skb_get'ed) y se comparti\u00f3 con varios skbs. Sin embargo, el nuevo fragmento skb adjunto solo deber\u00eda haber sido visto por el skb actual. De lo contrario, causar\u00e1 uso despu\u00e9s de fallas gratuitas, ya que varios skbs ven este fragmento skb agregado, pero solo se llam\u00f3 a skb_get una vez. Lo mismo sucede con un skb actualizado por pskb_may_pull() con un skb skb_cloned. Li Shuang ha informado de bastantes fallos causados por esto al realizar pruebas en dispositivos macvlan: [] \u00a1ERROR del kernel en net/core/skbuff.c:1970! [] Seguimiento de llamadas: [] skb_clone+0x4d/0xb0 [] macvlan_broadcast+0xd8/0x160 [macvlan] [] macvlan_process_broadcast+0x148/0x150 [macvlan] [] Process_one_work+0x1a7/0x360 [] trabajador_thread+0x30/0x390 [] ERROR del kernel en mm/usercopy.c:102! [] Seguimiento de llamadas: [] __check_heap_object+0xd3/0x100 [] __check_object_size+0xff/0x16b [] simple_copy_to_iter+0x1c/0x30 [] __skb_datagram_iter+0x7d/0x310 [] __skb_datagram_iter+0x2a5/0x310 [] skb_copy_datagram _iter+0x3b/0x90 [] tipc_recvmsg +0x14a/0x3a0 [tipc] [] ____sys_recvmsg+0x91/0x150 [] ___sys_recvmsg+0x7b/0xc0 [] \u00a1ERROR del kernel en mm/slub.c:305! [] Seguimiento de llamadas: []  [] kmem_cache_free+0x3ff/0x400 [] __netif_receive_skb_core+0x12c/0xc40 [] ? kmem_cache_alloc+0x12e/0x270 [] netif_receive_skb_internal+0x3d/0xb0 [] ? get_rx_page_info+0x8e/0xa0 [be2net] [] be_poll+0x6ef/0xd00 [be2net] [] ? irq_exit+0x4f/0x100 [] net_rx_action+0x149/0x3b0 ... Este parche es para solucionarlo linealizando el skb principal si tiene frag_list configurado en tipc_buf_append(). Tenga en cuenta que elegimos hacer esto antes de llamar a skb_unshare(), ya que __skb_linearize() evitar\u00e1 skb_copy(). Adem\u00e1s, tampoco podemos simplemente eliminar frag_list desde el principio."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47163.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47163",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.530",
-  "lastModified": "2024-03-25T10:15:08.530",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: wait and exit until all work queues are done\n\nOn some host, a crash could be triggered simply by repeating these\ncommands several times:\n\n  # modprobe tipc\n  # tipc bearer enable media udp name UDP1 localip 127.0.0.1\n  # rmmod tipc\n\n  [] BUG: unable to handle kernel paging request at ffffffffc096bb00\n  [] Workqueue: events 0xffffffffc096bb00\n  [] Call Trace:\n  []  ? process_one_work+0x1a7/0x360\n  []  ? worker_thread+0x30/0x390\n  []  ? create_worker+0x1a0/0x1a0\n  []  ? kthread+0x116/0x130\n  []  ? kthread_flush_work_fn+0x10/0x10\n  []  ? ret_from_fork+0x35/0x40\n\nWhen removing the TIPC module, the UDP tunnel sock will be delayed to\nrelease in a work queue as sock_release() can't be done in rtnl_lock().\nIf the work queue is schedule to run after the TIPC module is removed,\nkernel will crash as the work queue function cleanup_beareri() code no\nlonger exists when trying to invoke it.\n\nTo fix it, this patch introduce a member wq_count in tipc_net to track\nthe numbers of work queues in schedule, and  wait and exit until all\nwork queues are done in tipc_exit_net()."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: espere y salga hasta que todas las colas de trabajo est\u00e9n terminadas. En algunos hosts, se podr\u00eda desencadenar un bloqueo simplemente repitiendo estos comandos varias veces: # modprobe tipc # tipc portador habilitar media udp nombre UDP1 localip 127.0.0.1 # rmmod tipc [] ERROR: no se puede manejar la solicitud de paginaci\u00f3n del kernel en ffffffffc096bb00 [] Cola de trabajo: eventos 0xffffffffc096bb00 [] Seguimiento de llamadas: []? proceso_one_work+0x1a7/0x360 []? hilo_trabajador+0x30/0x390 []? crear_trabajador+0x1a0/0x1a0 []? kthread+0x116/0x130 []? kthread_flush_work_fn+0x10/0x10 []? ret_from_fork+0x35/0x40 Al retirar el m\u00f3dulo TIPC, el calcet\u00edn del t\u00fanel UDP se retrasar\u00e1 para liberarse en una cola de trabajo, ya que sock_release() no se puede realizar en rtnl_lock(). Si la cola de trabajo est\u00e1 programada para ejecutarse despu\u00e9s de eliminar el m\u00f3dulo TIPC, el kernel fallar\u00e1 porque el c\u00f3digo de la funci\u00f3n de cola de trabajo cleanup_beareri() ya no existe al intentar invocarlo. Para solucionarlo, este parche introduce un miembro wq_count en tipc_net para rastrear el n\u00famero de colas de trabajo programadas y esperar y salir hasta que todas las colas de trabajo est\u00e9n terminadas en tipc_exit_net()."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47164.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47164",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.577",
-  "lastModified": "2024-03-25T10:15:08.577",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix null deref accessing lag dev\n\nIt could be the lag dev is null so stop processing the event.\nIn bond_enslave() the active/backup slave being set before setting the\nupper dev so first event is without an upper dev.\nAfter setting the upper dev with bond_master_upper_dev_link() there is\na second event and in that event we have an upper dev."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/mlx5e: corrigi\u00f3 el deref nulo al acceder a lag dev. Podr\u00eda ser que el lag dev sea nulo, as\u00ed que deje de procesar el evento. En bond_enslave(), el esclavo activo/de respaldo se configura antes de configurar el desarrollo superior, por lo que el primer evento es sin un desarrollo superior. Despu\u00e9s de configurar el desarrollo superior con bond_master_upper_dev_link() hay un segundo evento y en ese evento tenemos un desarrollo superior."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47165.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47165",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.620",
-  "lastModified": "2024-03-25T10:15:08.620",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/meson: corrige el fallo de apagado cuando el componente no se prueba Cuando el componente principal no se prueba, por ejemplo, cuando el m\u00f3dulo dw-hdmi a\u00fan no est\u00e1 cargado o en el aplazamiento de la prueba, se produce el siguiente fallo aparece al apagar: No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000038... pc: meson_drv_shutdown+0x24/0x50 lr: platform_drv_shutdown+0x20/0x30... Rastreo de llamadas: meson_drv_shutdown+0x24/0x50 platform_drv_shutdown+0x20/0x3 0 dispositivo_apagado+ 0x158/0x360 kernel_restart_prepare+0x38/0x48 kernel_restart+0x18/0x68 __do_sys_reboot+0x224/0x250 __arm64_sys_reboot+0x24/0x30... Simplemente verifique si la estructura priv se ha asignado antes de usarla."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47166.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47166",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.667",
-  "lastModified": "2024-03-25T10:15:08.667",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()\n\nThe value of mirror->pg_bytes_written should only be updated after a\nsuccessful attempt to flush out the requests on the list."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: NFS: no corrompa el valor de pg_bytes_writing en nfs_do_recoalesce() El valor de mirror->pg_bytes_write solo debe actualizarse despu\u00e9s de un intento exitoso de eliminar las solicitudes de la lista."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47167.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47167",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.720",
-  "lastModified": "2024-03-25T10:15:08.720",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix an Oopsable condition in __nfs_pageio_add_request()\n\nEnsure that nfs_pageio_error_cleanup() resets the mirror array contents,\nso that the structure reflects the fact that it is now empty.\nAlso change the test in nfs_pageio_do_add_request() to be more robust by\nchecking whether or not the list is empty rather than relying on the\nvalue of pg_count."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: NFS: corrija una condici\u00f3n de Oopsable en __nfs_pageio_add_request() Aseg\u00farese de que nfs_pageio_error_cleanup() restablezca el contenido de la matriz reflejada, de modo que la estructura refleje el hecho de que ahora est\u00e1 vac\u00eda. Tambi\u00e9n cambie la prueba en nfs_pageio_do_add_request() para que sea m\u00e1s s\u00f3lida verificando si la lista est\u00e1 vac\u00eda o no en lugar de confiar en el valor de pg_count."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47168.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47168",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.773",
-  "lastModified": "2024-03-25T10:15:08.773",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption.  It should be NFS_MAXFHSIZE because that's the size\nof the ->data[] buffer.\n\nI reversed the size of the arguments to put the variable on the left."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: corrige un l\u00edmite incorrecto en filelayout_decode_layout() El \"sizeof(struct nfs_fh)\" es dos bytes demasiado grande y podr\u00eda provocar da\u00f1os en la memoria. Deber\u00eda ser NFS_MAXFHSIZE porque ese es el tama\u00f1o del b\u00fafer ->datos[]. Invert\u00ed el tama\u00f1o de los argumentos para poner la variable a la izquierda."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47169.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47169",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.820",
-  "lastModified": "2024-03-25T10:15:08.820",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'\n\nIn 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls\n'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if the\nfirmware don't exists, function just return without initializing ports\nof 'rp2_card'. But now the interrupt handler function has been\nregistered, and when an interrupt comes, 'rp2_uart_interrupt' may access\nthose ports then causing NULL pointer dereference or other bugs.\n\nBecause the driver does some initialization work in 'rp2_fw_cb', in\norder to make the driver ready to handle interrupts, 'request_firmware'\nshould be used instead of asynchronous 'request_firmware_nowait'.\n\nThis report reveals it:\n\nINFO: trying to register non-static key.\nthe code is fine but needs lockdep annotation.\nturning off the locking correctness validator.\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n <IRQ>\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xec/0x156 lib/dump_stack.c:118\n assign_lock_key kernel/locking/lockdep.c:727 [inline]\n register_lock_class+0x14e5/0x1ba0 kernel/locking/lockdep.c:753\n __lock_acquire+0x187/0x3750 kernel/locking/lockdep.c:3303\n lock_acquire+0x124/0x340 kernel/locking/lockdep.c:3907\n __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]\n _raw_spin_lock+0x32/0x50 kernel/locking/spinlock.c:144\n spin_lock include/linux/spinlock.h:329 [inline]\n rp2_ch_interrupt drivers/tty/serial/rp2.c:466 [inline]\n rp2_asic_interrupt.isra.9+0x15d/0x990 drivers/tty/serial/rp2.c:493\n rp2_uart_interrupt+0x49/0xe0 drivers/tty/serial/rp2.c:504\n __handle_irq_event_percpu+0xfb/0x770 kernel/irq/handle.c:149\n handle_irq_event_percpu+0x79/0x150 kernel/irq/handle.c:189\n handle_irq_event+0xac/0x140 kernel/irq/handle.c:206\n handle_fasteoi_irq+0x232/0x5c0 kernel/irq/chip.c:725\n generic_handle_irq_desc include/linux/irqdesc.h:155 [inline]\n handle_irq+0x230/0x3a0 arch/x86/kernel/irq_64.c:87\n do_IRQ+0xa7/0x1e0 arch/x86/kernel/irq.c:247\n common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:670\n </IRQ>\nRIP: 0010:native_safe_halt+0x28/0x30 arch/x86/include/asm/irqflags.h:61\nCode: 00 00 55 be 04 00 00 00 48 c7 c7 00 c2 2f 8c 48 89 e5 e8 fb 31 e7 f8\n8b 05 75 af 8d 03 85 c0 7e 07 0f 00 2d 8a 61 65 00 fb f4 <5d> c3 90 90 90\n90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41\nRSP: 0018:ffff88806b71fcc8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffde\nRAX: 0000000000000000 RBX: ffffffff8bde7e48 RCX: ffffffff88a21285\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8c2fc200\nRBP: ffff88806b71fcc8 R08: fffffbfff185f840 R09: fffffbfff185f840\nR10: 0000000000000001 R11: fffffbfff185f840 R12: 0000000000000002\nR13: ffffffff8bea18a0 R14: 0000000000000000 R15: 0000000000000000\n arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline]\n default_idle+0x6f/0x360 arch/x86/kernel/process.c:557\n arch_cpu_idle+0xf/0x20 arch/x86/kernel/process.c:548\n default_idle_call+0x3b/0x60 kernel/sched/idle.c:93\n cpuidle_idle_call kernel/sched/idle.c:153 [inline]\n do_idle+0x2ab/0x3c0 kernel/sched/idle.c:263\n cpu_startup_entry+0xcb/0xe0 kernel/sched/idle.c:369\n start_secondary+0x3b8/0x4e0 arch/x86/kernel/smpboot.c:271\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000010\nPGD 8000000056d27067 P4D 8000000056d27067 PUD 56d28067 PMD 0\nOops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nRIP: 0010:readl arch/x86/include/asm/io.h:59 [inline]\nRIP: 0010:rp2_ch_interrupt drivers/tty/serial/rp2.c:472 [inline]\nRIP: 0010:rp2_asic_interrupt.isra.9+0x181/0x990 drivers/tty/serial/rp2.c:\n493\nCo\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: rp2: use 'request_firmware' en lugar de 'request_firmware_nowait' En 'rp2_probe', el controlador registra 'rp2_uart_interrupt' y luego llama a 'rp2_fw_cb' a trav\u00e9s de 'request_firmware_nowait'. En 'rp2_fw_cb', si el firmware no existe, la funci\u00f3n simplemente regresa sin inicializar los puertos de 'rp2_card'. Pero ahora la funci\u00f3n de manejo de interrupciones ha sido registrada, y cuando llega una interrupci\u00f3n, 'rp2_uart_interrupt' puede acceder a esos puertos y causar desreferencia al puntero NULL u otros errores. Debido a que el controlador realiza alg\u00fan trabajo de inicializaci\u00f3n en 'rp2_fw_cb', para que el controlador est\u00e9 listo para manejar interrupciones, se debe usar 'request_firmware' en lugar de 'request_firmware_nowait' as\u00edncrono. Este informe lo revela: INFORMACI\u00d3N: intentando registrar una clave no est\u00e1tica. el c\u00f3digo est\u00e1 bien pero necesita una anotaci\u00f3n de bloqueo. apagando el validador de correcci\u00f3n de bloqueo. CPU: 2 PID: 0 Comunicaciones: swapper/2 No contaminado 4.19.177-gdba4159c14ef-dirty #45 Nombre del hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS rel-1.12.0-59- gc9ba5276e321-prebuilt.qemu .org 01/04/2014 Seguimiento de llamadas:  __dump_stack lib/dump_stack.c:77 [en l\u00ednea] dump_stack+0xec/0x156 lib/dump_stack.c:118 asignar_lock_key kernel/locking/lockdep.c:727 [en l\u00ednea] Register_lock_class +0x14e5/0x1ba0 kernel/locking/lockdep.c:753 __lock_acquire+0x187/0x3750 kernel/locking/lockdep.c:3303 lock_acquire+0x124/0x340 kernel/locking/lockdep.c:3907 __raw_spin_lock include/linux/spinlock_api_smp.h: 142 [en l\u00ednea] _raw_spin_lock+0x32/0x50 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [en l\u00ednea] rp2_ch_interrupt drivers/tty/serial/rp2.c:466 [en l\u00ednea] rp2_asic_interrupt.isra. 9+0x15d/0x990 controladores/tty/serial/rp2.c:493 rp2_uart_interrupt+0x49/0xe0 controladores/tty/serial/rp2.c:504 __handle_irq_event_percpu+0xfb/0x770 kernel/irq/handle.c:149 handle_irq_event_percpu+0x79/ 0x150 kernel/irq/handle.c:189 handle_irq_event+0xac/0x140 kernel/irq/handle.c:206 handle_fasteoi_irq+0x232/0x5c0 kernel/irq/chip.c:725 generic_handle_irq_desc include/linux/irqdesc.h:155 [en l\u00ednea ] handle_irq+0x230/0x3a0 arch/x86/kernel/irq_64.c:87 do_IRQ+0xa7/0x1e0 arch/x86/kernel/irq.c:247 common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:670 &lt; /IRQ&gt; RIP: 0010:native_safe_halt+0x28/0x30 arch/x86/include/asm/irqflags.h:61 C\u00f3digo: 00 00 55 be 04 00 00 00 48 c7 c7 00 c2 2f 8c 48 89 e5 e8 fb 31 e7 f8 8b 05 75 af 8d 03 85 c0 7e 07 0f 00 2d 8a 61 65 00 fb f4 &lt;5d&gt; c3 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 RSP: 00 18:ffff88806b71fcc8 EF BANDERAS: 00000246 ORIG_RAX: ffffffffffffffde RAX: 0000000000000000 RBX: ffffffff8bde7e48 RCX: ffffffff88a21285 RDX: 00000000000000000 RSI: 00000000000000004 RDI: ffffff ff8c2fc200 RBP: ffff88806b71fcc8 R08: ffffbfff185f840 R09: ffffbfff185f840 R10: 00000000000000001 R11: ffffbfff185f840 R12: 0000000000000002 R13: ff ffffff8bea18a0 R14: 0000000000000000 R15: 0000000000000000 arch_safe_halt arch/x86/include/asm/paravirt.h:94 [en l\u00ednea] default_idle+0x6f/0x360 arch/x86/kernel/process.c:557 arch_cpu_idle+0xf/0x20 arch/x86/kernel/process.c:548 default_idle_call+ 0x3b/0x60 kernel/sched/idle.c:93 cpuidle_idle_call kernel/sched/idle.c:153 [en l\u00ednea] do_idle+0x2ab/0x3c0 kernel/sched/idle.c:263 cpu_startup_entry+0xcb/0xe0 kernel/sched/idle. c:369 start_secondary+0x3b8/0x4e0 arch/x86/kernel/smpboot.c:271 second_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243 ERROR: no se puede manejar la desreferencia del puntero NULL del kernel en 00000000000000010 PGD 8000000056d270 67 P4D 8000000056d27067 PUD 56d28067 PMD 0 Ups: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 2 PID: 0 Comm: swapper/2 No contaminado 4.19.177-gdba4159c14ef-dirty #45 Nombre de hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009) , BIOS rel-1.12.0-59- gc9ba5276e321-prebuilt.qemu.org 01/04/2014 ---truncado---"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47170.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47170",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.870",
-  "lastModified": "2024-03-25T10:15:08.870",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbfs: Don't WARN about excessively large memory allocations\n\nSyzbot found that the kernel generates a WARNing if the user tries to\nsubmit a bulk transfer through usbfs with a buffer that is way too\nlarge.  This isn't a bug in the kernel; it's merely an invalid request\nfrom the user and the usbfs code does handle it correctly.\n\nIn theory the same thing can happen with async transfers, or with the\npacket descriptor table for isochronous transfers.\n\nTo prevent the MM subsystem from complaining about these bad\nallocation requests, add the __GFP_NOWARN flag to the kmalloc calls\nfor these buffers."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: USB: usbfs: No ADVERTIR sobre asignaciones de memoria excesivamente grandes. Syzbot descubri\u00f3 que el kernel genera una ADVERTENCIA si el usuario intenta enviar una transferencia masiva a trav\u00e9s de usbfs con un b\u00fafer demasiado grande. Esto no es un error en el kernel; es simplemente una solicitud no v\u00e1lida del usuario y el c\u00f3digo usbfs la maneja correctamente. En teor\u00eda, lo mismo puede suceder con las transferencias as\u00edncronas o con la tabla de descriptores de paquetes para transferencias is\u00f3cronas. Para evitar que el subsistema MM se queje de estas solicitudes de asignaci\u00f3n incorrectas, agregue el indicador __GFP_NOWARN a las llamadas kmalloc para estos b\u00faferes."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47171.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47171",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.917",
-  "lastModified": "2024-03-25T10:15:08.917",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n  [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline]\n  [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline]\n  [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n  [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: usb: corrige la p\u00e9rdida de memoria en smsc75xx_bind Syzbot inform\u00f3 una p\u00e9rdida de memoria en smsc75xx_bind(). El problema era que la memoria no se liberaba en caso de errores despu\u00e9s de la asignaci\u00f3n de memoria. backtrace: [] kmalloc include/linux/slab.h:556 [en l\u00ednea] [] kzalloc include/linux/slab.h:686 [en l\u00ednea] [] smsc75xx_bind+0x7a/0x334 controladores/ net/usb/smsc75xx.c:1460 [] usbnet_probe+0x3b6/0xc30 controladores/net/usb/usbnet.c:1728"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47172.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47172",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:08.967",
-  "lastModified": "2024-03-25T10:15:08.967",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7124: Fix potential overflow due to non sequential channel numbers\n\nChannel numbering must start at 0 and then not have any holes, or\nit is possible to overflow the available storage.  Note this bug was\nintroduced as part of a fix to ensure we didn't rely on the ordering\nof child nodes.  So we need to support arbitrary ordering but they all\nneed to be there somewhere.\n\nNote I hit this when using qemu to test the rest of this series.\nArguably this isn't the best fix, but it is probably the most minimal\noption for backporting etc.\n\nAlexandru's sign-off is here because he carried this patch in a larger\nset that Jonathan then applied."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: iio: adc: ad7124: Se corrige posible desbordamiento por n\u00fameros de canales no secuenciales. La numeraci\u00f3n de canales debe comenzar en 0 y luego no tener huecos, o es posible que se desborde el almacenamiento disponible. Tenga en cuenta que este error se introdujo como parte de una soluci\u00f3n para garantizar que no dependi\u00e9ramos del orden de los nodos secundarios. Por lo tanto, debemos apoyar el ordenamiento arbitrario, pero todos deben estar ah\u00ed en alguna parte. Tenga en cuenta que presion\u00e9 esto cuando uso qemu para probar el resto de esta serie. Podr\u00eda decirse que esta no es la mejor soluci\u00f3n, pero probablemente sea la opci\u00f3n m\u00e1s m\u00ednima para realizar backporting, etc. La aprobaci\u00f3n de Alexandru est\u00e1 aqu\u00ed porque llev\u00f3 este parche en un conjunto m\u00e1s grande que luego aplic\u00f3 Jonathan."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47173.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47173",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.010",
-  "lastModified": "2024-03-25T10:15:09.010",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/uss720: fix memory leak in uss720_probe\n\nuss720_probe forgets to decrease the refcount of usbdev in uss720_probe.\nFix this by decreasing the refcount of usbdev by usb_put_dev.\n\nBUG: memory leak\nunreferenced object 0xffff888101113800 (size 2048):\n  comm \"kworker/0:1\", pid 7, jiffies 4294956777 (age 28.870s)\n  hex dump (first 32 bytes):\n    ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00  ....1...........\n    00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00  ................\n  backtrace:\n    [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline]\n    [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline]\n    [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582\n    [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline]\n    [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]\n    [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline]\n    [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591\n    [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275\n    [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421\n    [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292\n    [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/uss720: corrige la p\u00e9rdida de memoria en uss720_probe uss720_probe olvida disminuir el recuento de usbdev en uss720_probe. Solucione este problema disminuyendo el recuento de usbdev por usb_put_dev. ERROR: p\u00e9rdida de memoria, objeto sin referencia 0xffff888101113800 (tama\u00f1o 2048): comunicaci\u00f3n \"kworker/0:1\", pid 7, jiffies 4294956777 (edad 28,870 s) volcado hexadecimal (primeros 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1.......... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................. ... seguimiento: [] kmalloc include/linux/slab.h:554 [en l\u00ednea] [] kzalloc include/linux/slab.h:684 [en l\u00ednea] [] usb_alloc_dev+0x32/ 0x450 controladores/usb/core/usb.c:582 [] hub_port_connect drivers/usb/core/hub.c:5129 [en l\u00ednea] [] hub_port_connect_change drivers/usb/core/hub.c:5363 [ en l\u00ednea] [] port_event drivers/usb/core/hub.c:5509 [en l\u00ednea] [] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [] Process_one_work+ 0x2c9/0x600 kernel/workqueue.c:2275 [] trabajador_thread+0x59/0x5d0 kernel/workqueue.c:2421 [] kthread+0x178/0x1b0 kernel/kthread.c:292 [ ] ret_from_fork +0x1f/0x30 arco/x86/entrada/entrada_64.S:294"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47174.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47174",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.060",
-  "lastModified": "2024-03-25T10:15:09.060",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version\n\nArturo reported this backtrace:\n\n[709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_begin_mask+0xae/0xe0\n[709732.358793] Modules linked in: binfmt_misc nft_nat nft_chain_nat nf_nat nft_counter nft_ct nf_tables nf_conntrack_netlink nfnetlink 8021q garp stp mrp llc vrf intel_rapl_msr intel_rapl_common skx_edac nfit libnvdimm ipmi_ssif x86_pkg_temp_thermal intel_powerclamp coretemp crc32_pclmul mgag200 ghash_clmulni_intel drm_kms_helper cec aesni_intel drm libaes crypto_simd cryptd glue_helper mei_me dell_smbios iTCO_wdt evdev intel_pmc_bxt iTCO_vendor_support dcdbas pcspkr rapl dell_wmi_descriptor wmi_bmof sg i2c_algo_bit watchdog mei acpi_ipmi ipmi_si button nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ipmi_devintf ipmi_msghandler ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 dm_mod raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor sd_mod t10_pi crc_t10dif crct10dif_generic raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod ahci libahci tg3 libata xhci_pci libphy xhci_hcd ptp usbcore crct10dif_pclmul crct10dif_common bnxt_en crc32c_intel scsi_mod\n[709732.358941]  pps_core i2c_i801 lpc_ich i2c_smbus wmi usb_common\n[709732.358957] CPU: 3 PID: 456 Comm: jbd2/dm-0-8 Not tainted 5.10.0-0.bpo.5-amd64 #1 Debian 5.10.24-1~bpo10+1\n[709732.358959] Hardware name: Dell Inc. PowerEdge R440/04JN2K, BIOS 2.9.3 09/23/2020\n[709732.358964] RIP: 0010:kernel_fpu_begin_mask+0xae/0xe0\n[709732.358969] Code: ae 54 24 04 83 e3 01 75 38 48 8b 44 24 08 65 48 33 04 25 28 00 00 00 75 33 48 83 c4 10 5b c3 65 8a 05 5e 21 5e 76 84 c0 74 92 <0f> 0b eb 8e f0 80 4f 01 40 48 81 c7 00 14 00 00 e8 dd fb ff ff eb\n[709732.358972] RSP: 0018:ffffbb9700304740 EFLAGS: 00010202\n[709732.358976] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000000001\n[709732.358979] RDX: ffffbb9700304970 RSI: ffff922fe1952e00 RDI: 0000000000000003\n[709732.358981] RBP: ffffbb9700304970 R08: ffff922fc868a600 R09: ffff922fc711e462\n[709732.358984] R10: 000000000000005f R11: ffff922ff0b27180 R12: ffffbb9700304960\n[709732.358987] R13: ffffbb9700304b08 R14: ffff922fc664b6c8 R15: ffff922fc664b660\n[709732.358990] FS:  0000000000000000(0000) GS:ffff92371fec0000(0000) knlGS:0000000000000000\n[709732.358993] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[709732.358996] CR2: 0000557a6655bdd0 CR3: 000000026020a001 CR4: 00000000007706e0\n[709732.358999] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[709732.359001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[709732.359003] PKRU: 55555554\n[709732.359005] Call Trace:\n[709732.359009]  <IRQ>\n[709732.359035]  nft_pipapo_avx2_lookup+0x4c/0x1cba [nf_tables]\n[709732.359046]  ? sched_clock+0x5/0x10\n[709732.359054]  ? sched_clock_cpu+0xc/0xb0\n[709732.359061]  ? record_times+0x16/0x80\n[709732.359068]  ? plist_add+0xc1/0x100\n[709732.359073]  ? psi_group_change+0x47/0x230\n[709732.359079]  ? skb_clone+0x4d/0xb0\n[709732.359085]  ? enqueue_task_rt+0x22b/0x310\n[709732.359098]  ? bnxt_start_xmit+0x1e8/0xaf0 [bnxt_en]\n[709732.359102]  ? packet_rcv+0x40/0x4a0\n[709732.359121]  nft_lookup_eval+0x59/0x160 [nf_tables]\n[709732.359133]  nft_do_chain+0x350/0x500 [nf_tables]\n[709732.359152]  ? nft_lookup_eval+0x59/0x160 [nf_tables]\n[709732.359163]  ? nft_do_chain+0x364/0x500 [nf_tables]\n[709732.359172]  ? fib4_rule_action+0x6d/0x80\n[709732.359178]  ? fib_rules_lookup+0x107/0x250\n[709732.359184]  nft_nat_do_chain+0x8a/0xf2 [nft_chain_nat]\n[709732.359193]  nf_nat_inet_fn+0xea/0x210 [nf_nat]\n[709732.359202]  nf_nat_ipv4_out+0x14/0xa0 [nf_nat]\n[709732.359207]  nf_hook_slow+0x44/0xc0\n[709732.359214]  ip_output+0xd2/0x100\n[709732.359221]  ? __ip_finish_output+0x210/0x210\n[709732.359226]  ip_forward+0x37d/0x4a0\n[709732.359232]  ? ip4_key_hashfn+0xb0/0xb0\n[709732.359238]  ip_subli\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nft_set_pipapo_avx2: agregar verificaci\u00f3n irq_fpu_usable(), respaldo a una versi\u00f3n que no sea AVX2 Arturo inform\u00f3 este seguimiento: [709732.358791] ADVERTENCIA: CPU: 3 PID: 456 en arch/x86/kernel /fpu/core.c:128 kernel_fpu_begin_mask+0xae/0xe0 [709732.358793] M\u00f3dulos vinculados en: binfmt_misc nft_nat nft_chain_nat nf_nat nft_counter nft_ct nf_tables nf_conntrack_netlink nfnetlink 8021q garp stp mrp ll c vrf intel_rapl_msr intel_rapl_common skx_edac nfit libnvdimm ipmi_ssif x86_pkg_temp_thermal intel_powerclamp coretemp crc32_pclmul mgag200 ghash_clmulni_intel drm_kms_helper cec aesni_intel drm libaes crypto_simd cryptd pegamento_helper mei_me dell_smbios iTCO_wdt evdev intel_pmc_bxt iTCO_vendor_support dcdbas pcspkr rapl dell_wmi_descriptor wmi_bmof sg i2c_algo_bit perro guardi\u00e1n mei acpi_ipmi ipmi_si bot\u00f3n nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ipmi_devintf ipmi_msghandler ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 dm_mod raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor sd_mod t10_pi crc_t10dif crct10dif_generic raid6_pq libcrc32c crc32c_generic raid1 raid0 multiruta lineal md_mod ahci libahci tg3 libata xhci_pci libphy xhci_hcd ptp usbcore crct10dif_pclmul crct10dif_common bnxt_en crc32c_intel scsi_mod [709732.358941] pps_core i2c_i801 lpc_ich i2c_ smbus wmi usb_common [709732.358957] CPU: 3 PID: 456 Comunicaciones: jbd2/dm-0-8 No contaminado 5.10 .0-0.bpo.5-amd64 #1 Debian 5.10.24-1~bpo10+1 [709732.358959] Nombre del hardware: Dell Inc. PowerEdge R440/04JN2K, BIOS 2.9.3 23/09/2020 [709732.358964] RIP: 0010:kernel_fpu_begin_mask+0xae/0xe0 [709732.358969] C\u00f3digo: ae 54 24 04 83 e3 01 75 38 48 8b 44 24 08 65 48 33 04 25 28 00 00 00 75 33 48 83 c4 10 5b c3 65 8a 05 5e 21 5e 76 84 c0 74 92 &lt;0f&gt; 0b eb 8e f0 80 4f 01 40 48 81 c7 00 14 00 00 e8 dd fb ff ff eb [709732.358972] RSP: 0018:ffffbb9700304740 EFLAGS: 00010202 [709 732.358976] RAX: 00000000000000001 RBX: 0000000000000003 RCX: 0000000000000001 [709732.358979] RDX: ffffbb9700304970 RSI: ffff922fe1952e00 RDI: 00000000000000003 [709732.358981] RBP: ffffbb9700304970 R08: ffff922fc868a600 R09: ffff922fc711e462 [709732.358984] R10: 000000000000005f R11: ffff922ff0b27180 R12: ffffbb9700304960 [709732.358987] R13: ffffbb9700304b08 R14: ffff922fc664b6c8 R15: ffff922fc664b660 [ 709732.358990] FS: 0000000000000000(0000) GS:ffff92371fec0000(0000) knlGS:0000000000000000 [709732.358993] CS: 0010 DS: 0000 ES: 0000 CR0: 00 00000080050033 [709732.358996] CR2: 0000557a6655bdd0 CR3: 000000026020a001 CR4: 00000000007706e0 [709732.358999] DR0: 00000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [709732.359001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [709732.3590 03] PKRU: 55555554 [709732.359005] Seguimiento de llamadas: [709732.359009]  [709732.359035] nft_pipapo_avx2_lookup+0x4c/0x1cba [nf_tables] [709732.359046] ? sched_clock+0x5/0x10 [709732.359054] ? sched_clock_cpu+0xc/0xb0 [709732.359061] ? record_times+0x16/0x80 [709732.359068] ? plist_add+0xc1/0x100 [709732.359073] ? psi_group_change+0x47/0x230 [709732.359079] ? skb_clone+0x4d/0xb0 [709732.359085] ? enqueue_task_rt+0x22b/0x310 [709732.359098] ? bnxt_start_xmit+0x1e8/0xaf0 [bnxt_es] [709732.359102] ? paquete_rcv+0x40/0x4a0 [709732.359121] nft_lookup_eval+0x59/0x160 [nf_tables] [709732.359133] nft_do_chain+0x350/0x500 [nf_tables] [709732.359152] ? nft_lookup_eval+0x59/0x160 [nf_tables] [709732.359163] ? nft_do_chain+0x364/0x500 [nf_tables] [709732.359172]? fib4_rule_action+0x6d/0x80 [709732.359178] ? fib_rules_lookup+0x107/0x250 [709732.359184] nft_nat_do_chain+0x8a/0xf2 [nft_chain_nat] [709732.359193] nf_nat_inet_fn+0xea/0x210 [nf_nat] [709732.359202 ] nf_nat_ipv4_out+0x14/0xa0 [nf_nat] [709732.359207] nf_hook_slow+0x44/0xc0 [709732.359214] salida_ip +0xd2/0x100 [709732.359221] ? __ip_finish_output+0x210/0x210 [709732.359226] ip_forward+0x37d/0x4a0 [709732.359232] ? ip4_key_hashfn+0xb0/0xb0 [709732.359238] ip_subli ---truncado---"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47175.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47175",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.110",
-  "lastModified": "2024-03-25T10:15:09.110",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fq_pie: fix OOB access in the traffic path\n\nthe following script:\n\n  # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2\n  # tc qdisc add dev eth0 clsact\n  # tc filter add dev eth0 egress matchall action skbedit priority 0x10002\n  # ping 192.0.2.2 -I eth0 -c2 -w1 -q\n\nproduces the following splat:\n\n BUG: KASAN: slab-out-of-bounds in fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie]\n Read of size 4 at addr ffff888171306924 by task ping/942\n\n CPU: 3 PID: 942 Comm: ping Not tainted 5.12.0+ #441\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n  dump_stack+0x92/0xc1\n  print_address_description.constprop.7+0x1a/0x150\n  kasan_report.cold.13+0x7f/0x111\n  fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie]\n  __dev_queue_xmit+0x1034/0x2b10\n  ip_finish_output2+0xc62/0x2120\n  __ip_finish_output+0x553/0xea0\n  ip_output+0x1ca/0x4d0\n  ip_send_skb+0x37/0xa0\n  raw_sendmsg+0x1c4b/0x2d00\n  sock_sendmsg+0xdb/0x110\n  __sys_sendto+0x1d7/0x2b0\n  __x64_sys_sendto+0xdd/0x1b0\n  do_syscall_64+0x3c/0x80\n  entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fe69735c3eb\n Code: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 75 42 2c 00 41 89 ca 8b 00 85 c0 75 14 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 41 57 4d 89 c7 41 56 41 89\n RSP: 002b:00007fff06d7fb38 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\n RAX: ffffffffffffffda RBX: 000055e961413700 RCX: 00007fe69735c3eb\n RDX: 0000000000000040 RSI: 000055e961413700 RDI: 0000000000000003\n RBP: 0000000000000040 R08: 000055e961410500 R09: 0000000000000010\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff06d81260\n R13: 00007fff06d7fb40 R14: 00007fff06d7fc30 R15: 000055e96140f0a0\n\n Allocated by task 917:\n  kasan_save_stack+0x19/0x40\n  __kasan_kmalloc+0x7f/0xa0\n  __kmalloc_node+0x139/0x280\n  fq_pie_init+0x555/0x8e8 [sch_fq_pie]\n  qdisc_create+0x407/0x11b0\n  tc_modify_qdisc+0x3c2/0x17e0\n  rtnetlink_rcv_msg+0x346/0x8e0\n  netlink_rcv_skb+0x120/0x380\n  netlink_unicast+0x439/0x630\n  netlink_sendmsg+0x719/0xbf0\n  sock_sendmsg+0xe2/0x110\n  ____sys_sendmsg+0x5ba/0x890\n  ___sys_sendmsg+0xe9/0x160\n  __sys_sendmsg+0xd3/0x170\n  do_syscall_64+0x3c/0x80\n  entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n The buggy address belongs to the object at ffff888171306800\n  which belongs to the cache kmalloc-256 of size 256\n The buggy address is located 36 bytes to the right of\n  256-byte region [ffff888171306800, ffff888171306900)\n The buggy address belongs to the page:\n page:00000000bcfb624e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x171306\n head:00000000bcfb624e order:1 compound_mapcount:0\n flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\n raw: 0017ffffc0010200 dead000000000100 dead000000000122 ffff888100042b40\n raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n  ffff888171306800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n  ffff888171306880: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc\n >ffff888171306900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n                                ^\n  ffff888171306980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n  ffff888171306a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\nfix fq_pie traffic path to avoid selecting 'q->flows + q->flows_cnt' as a\nvalid flow: it's an address beyond the allocated memory."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sched: fq_pie: arregla el acceso OOB en la ruta de tr\u00e1fico el siguiente script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filtrar agregar dev eth0 salida matchall acci\u00f3n skbedit prioridad 0x10002 # ping 192.0.2.2 -I eth0 -c2 -w1 -q produce el siguiente s\u00edmbolo: ERROR: KASAN: slab-out-of-bounds in fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie] Leer de tama\u00f1o 4 en la direcci\u00f3n ffff888171306924 por tarea ping/942 CPU: 3 PID: 942 Comm: ping Not tainted 5.12.0+ #441 Nombre de hardware: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+ 0f1aadab 01/04/2014 Seguimiento de llamadas: dump_stack+0x92/0xc1 print_address_description.constprop.7+0x1a/0x150 kasan_report.cold.13+0x7f/0x111 fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie] __dev_queue_x mit+0x1034/0x2b10 ip_finish_output2+0xc62/0x2120 __ip_finish_output+0x553/0xea0 ip_output+0x1ca/0x4d0 ip_send_skb+0x37/0xa0 raw_sendmsg+0x1c4b/0x2d00 sock_sendmsg+0xdb/0x110 __sys_sendto+0x1d7/0x2b0 __x64_sys_s endto+0xdd/0x1b0 do_syscall_64+0x3c/0x80 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fe69735c3eb C\u00f3digo: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 75 42 2c 00 41 89 ca 8b 00 85 c0 75 14 b8 2c 00 00 00 0f 05 &lt;48 &gt; 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 41 57 4d 89 c7 41 56 41 89 RSP: 002b:00007fff06d7fb38 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 000055e961413700 RCX: 00007fe69735c3eb RDX: 0000000000000040 RSI: 000055e961413700 RDI: 0000000000000003 RBP: 0000000000000040 R08: 000055e961410500 R09: 00000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff06d81260 R13: 00007fff06d7fb40 R14: 00007fff06d7fc30 R15: 000055e96140f0a0 Asignado por la tarea 917: kasan_save_stack+0x19/0x40 __kasan_kmalloc+0x7f/0xa0 __kmalloc_node+0x139/0x280 fq_pie_init+0x555/0x8e8 [ sch_fq_pie] qdisc_create+0x407/0x11b0 tc_modify_qdisc+0x3c2/0x17e0 rtnetlink_rcv_msg+0x346/0x8e0 netlink_rcv_skb+0x120/0x380 netlink_unicast+0x439/0x630 netlink_sendmsg+0x719/ 0xbf0 sock_sendmsg+0xe2/0x110 ____sys_sendmsg+0x5ba/0x890 ___sys_sendmsg+0xe9/0x160 __sys_sendmsg+0xd3 /0x170 do_syscall_64+0x3c/0x80 Entry_SYSCALL_64_after_hwframe+0x44/0xae La direcci\u00f3n con errores pertenece al objeto en ffff888171306800 que pertenece al cach\u00e9 kmalloc-256 de tama\u00f1o 256. La direcci\u00f3n con errores se encuentra 36 bytes a la derecha de la regi\u00f3n de 256 bytes [ffff888171306 800, ffff888171306900) La direcci\u00f3n del error pertenece a la p\u00e1gina: p\u00e1gina:00000000bcfb624e refcount:1 mapcount:0 mapeo:0000000000000000 index:0x0 pfn:0x171306 head:00000000bcfb624e order:1 composite_mapcount:0 flags: 0x17ffffc00 10200(losa|cabeza|nodo=0|zona =2|lastcpupid=0x1fffff) raw: 0017ffffc0010200 dead000000000100 dead000000000122 ffff888100042b40 raw: 000000000000000000 0000000000100010 00000001ffffffff 0000000000000000 p\u00e1gina volcada porque: kasan: se detect\u00f3 mal acceso Estado de la memoria alrededor de la direcci\u00f3n con errores: ffff888171306800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff888171306880: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc &gt;ffff888171306900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff888 171306980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff888171306a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb corrige la ruta de tr\u00e1fico fq_pie para evitar seleccionar 'q-&gt;flows + q-&gt;flows_cnt' como un flujo v\u00e1lido: es una direcci\u00f3n m\u00e1s all\u00e1 de la memoria asignada."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47176.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47176",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.163",
-  "lastModified": "2024-03-25T10:15:09.163",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: add missing discipline function\n\nFix crash with illegal operation exception in dasd_device_tasklet.\nCommit b72949328869 (\"s390/dasd: Prepare for additional path event handling\")\nrenamed the verify_path function for ECKD but not for FBA and DIAG.\nThis leads to a panic when the path verification function is called for a\nFBA or DIAG device.\n\nFix by defining a wrapper function for dasd_generic_verify_path()."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: s390/dasd: agregar funci\u00f3n de disciplina faltante. Se corrigi\u00f3 falla con excepci\u00f3n de operaci\u00f3n ilegal en dasd_device_tasklet. El commit b72949328869 (\"s390/dasd: Prep\u00e1rese para el manejo de eventos de ruta adicional\") cambi\u00f3 el nombre de la funci\u00f3n verificar_ruta para ECKD pero no para Log\u00edstica de Amazon y DIAG. Esto provoca p\u00e1nico cuando se llama a la funci\u00f3n de verificaci\u00f3n de ruta para un dispositivo FBA o DIAG. Para solucionarlo, defina una funci\u00f3n contenedora para dasd_generic_verify_path()."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47177.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47177",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.213",
-  "lastModified": "2024-03-25T10:15:09.213",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix sysfs leak in alloc_iommu()\n\niommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent\nerrors."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: iommu/vt-d: corrige la fuga de sysfs en alloc_iommu() iommu_device_sysfs_add() se llama antes, por lo que debe limpiarse en caso de errores posteriores."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47178.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47178",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.267",
-  "lastModified": "2024-03-25T10:15:09.267",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Avoid smp_processor_id() in preemptible code\n\nThe BUG message \"BUG: using smp_processor_id() in preemptible [00000000]\ncode\" was observed for TCMU devices with kernel config DEBUG_PREEMPT.\n\nThe message was observed when blktests block/005 was run on TCMU devices\nwith fileio backend or user:zbc backend [1]. The commit 1130b499b4a7\n(\"scsi: target: tcm_loop: Use LIO wq cmd submission helper\") triggered the\nsymptom. The commit modified work queue to handle commands and changed\n'current->nr_cpu_allowed' at smp_processor_id() call.\n\nThe message was also observed at system shutdown when TCMU devices were not\ncleaned up [2]. The function smp_processor_id() was called in SCSI host\nwork queue for abort handling, and triggered the BUG message. This symptom\nwas observed regardless of the commit 1130b499b4a7 (\"scsi: target:\ntcm_loop: Use LIO wq cmd submission helper\").\n\nTo avoid the preemptible code check at smp_processor_id(), get CPU ID with\nraw_smp_processor_id() instead. The CPU ID is used for performance\nimprovement then thread move to other CPU will not affect the code.\n\n[1]\n\n[   56.468103] run blktests block/005 at 2021-05-12 14:16:38\n[   57.369473] check_preemption_disabled: 85 callbacks suppressed\n[   57.369480] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1511\n[   57.369506] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1510\n[   57.369512] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1506\n[   57.369552] caller is __target_init_cmd+0x157/0x170 [target_core_mod]\n[   57.369606] CPU: 4 PID: 1506 Comm: fio Not tainted 5.13.0-rc1+ #34\n[   57.369613] Hardware name: System manufacturer System Product Name/PRIME Z270-A, BIOS 1302 03/15/2018\n[   57.369617] Call Trace:\n[   57.369621] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1507\n[   57.369628]  dump_stack+0x6d/0x89\n[   57.369642]  check_preemption_disabled+0xc8/0xd0\n[   57.369628] caller is __target_init_cmd+0x157/0x170 [target_core_mod]\n[   57.369655]  __target_init_cmd+0x157/0x170 [target_core_mod]\n[   57.369695]  target_init_cmd+0x76/0x90 [target_core_mod]\n[   57.369732]  tcm_loop_queuecommand+0x109/0x210 [tcm_loop]\n[   57.369744]  scsi_queue_rq+0x38e/0xc40\n[   57.369761]  __blk_mq_try_issue_directly+0x109/0x1c0\n[   57.369779]  blk_mq_try_issue_directly+0x43/0x90\n[   57.369790]  blk_mq_submit_bio+0x4e5/0x5d0\n[   57.369812]  submit_bio_noacct+0x46e/0x4e0\n[   57.369830]  __blkdev_direct_IO_simple+0x1a3/0x2d0\n[   57.369859]  ? set_init_blocksize.isra.0+0x60/0x60\n[   57.369880]  generic_file_read_iter+0x89/0x160\n[   57.369898]  blkdev_read_iter+0x44/0x60\n[   57.369906]  new_sync_read+0x102/0x170\n[   57.369929]  vfs_read+0xd4/0x160\n[   57.369941]  __x64_sys_pread64+0x6e/0xa0\n[   57.369946]  ? lockdep_hardirqs_on+0x79/0x100\n[   57.369958]  do_syscall_64+0x3a/0x70\n[   57.369965]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[   57.369973] RIP: 0033:0x7f7ed4c1399f\n[   57.369979] Code: 08 89 3c 24 48 89 4c 24 18 e8 7d f3 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 cd f3 ff ff 48 8b\n[   57.369983] RSP: 002b:00007ffd7918c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000011\n[   57.369990] RAX: ffffffffffffffda RBX: 00000000015b4540 RCX: 00007f7ed4c1399f\n[   57.369993] RDX: 0000000000001000 RSI: 00000000015de000 RDI: 0000000000000009\n[   57.369996] RBP: 00000000015b4540 R08: 0000000000000000 R09: 0000000000000001\n[   57.369999] R10: 0000000000e5c000 R11: 0000000000000293 R12: 00007f7eb5269a70\n[   57.370002] R13: 0000000000000000 R14: 0000000000001000 R15: 00000000015b4568\n[   57.370031] CPU: 7 PID: 1507 Comm: fio Not tainted 5.13.0-rc1+ #34\n[   57.370036] Hardware name: System manufacturer System Product Name/PRIME Z270-A, BIOS 1302 03/15/2018\n[   57.370039] Call Trace:\n[   57.370045]  dump_stack+0x6d/0x89\n[   57.370056]  ch\n---truncated---"
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: target: core: Evite smp_processor_id() en c\u00f3digo interrumpible Se observ\u00f3 el mensaje de ERROR \"ERROR: usar smp_processor_id() en c\u00f3digo interrumpible [00000000]\" para dispositivos TCMU con configuraci\u00f3n de kernel DEBUG_PREEMPT. El mensaje se observ\u00f3 cuando se ejecut\u00f3 blktests block/005 en dispositivos TCMU con backend fileio o usuario:zbc [1]. La confirmaci\u00f3n 1130b499b4a7 (\"scsi: target: tcm_loop: Use el asistente de env\u00edo LIO wq cmd\") desencaden\u00f3 el s\u00edntoma. La confirmaci\u00f3n modific\u00f3 la cola de trabajo para manejar comandos y cambi\u00f3 'current-&gt;nr_cpu_allowed' en la llamada a smp_processor_id(). El mensaje tambi\u00e9n se observ\u00f3 al apagar el sistema cuando los dispositivos TCMU no se limpiaron [2]. La funci\u00f3n smp_processor_id() fue llamada en la cola de trabajo del host SCSI para el manejo de abortos y activ\u00f3 el mensaje de ERROR. Este s\u00edntoma se observ\u00f3 independientemente de la confirmaci\u00f3n 1130b499b4a7 (\"scsi: target: tcm_loop: Use el asistente de env\u00edo LIO wq cmd\"). Para evitar la verificaci\u00f3n del c\u00f3digo interrumpible en smp_processor_id(), obtenga el ID de la CPU con raw_smp_processor_id() en su lugar. El ID de la CPU se utiliza para mejorar el rendimiento, luego el movimiento del subproceso a otra CPU no afectar\u00e1 el c\u00f3digo. [1] [56.468103] ejecute blktests block/005 el 2021-05-12 14:16:38 [57.369473] check_preemption_disabled: 85 devoluciones de llamada suprimidas [57.369480] ERROR: usar smp_processor_id() en c\u00f3digo preferente [00000000]: fio/151 1 [ 57.369506] ERROR: usar smp_processor_id() en c\u00f3digo interrumpible [00000000]: fio/1510 [57.369512] ERROR: usar smp_processor_id() en c\u00f3digo interrumpible [00000000]: fio/1506 [57.369552] la persona que llama es __target_init_cmd+0 x157/0x170 [objetivo_core_mod] [ 57.369606] CPU: 4 PID: 1506 Comm: fio Not tainted 5.13.0-rc1+ #34 [ 57.369613] Nombre del hardware: Fabricante del sistema Nombre del producto del sistema/PRIME Z270-A, BIOS 1302 15/03/2018 [ 57.369617] Seguimiento de llamadas : [57.369621] ERROR: usar smp_processor_id() en c\u00f3digo interrumpible [00000000]: fio/1507 [57.369628] dump_stack+0x6d/0x89 [57.369642] check_preemption_disabled+0xc8/0xd0 [57.369628] la persona que llama es __ target_init_cmd+0x157/0x170 [target_core_mod] [ 57.369655] __target_init_cmd+0x157/0x170 [target_core_mod] [ 57.369695] target_init_cmd+0x76/0x90 [target_core_mod] [ 57.369732] tcm_loop_queuecommand+0x109/0x210 [tcm_loop] [ 57 .369744] scsi_queue_rq+0x38e/0xc40 [ 57.369761] __blk_mq_try_issue_directly+0x109/0x1c0 [ 57.369779 ] blk_mq_try_issue_directly+0x43/0x90 [ 57.369790] blk_mq_submit_bio+0x4e5/0x5d0 [ 57.369812] submit_bio_noacct+0x46e/0x4e0 [ 57.369830] __blkdev_direct_IO_simple+0x1a3/0x2 d0 [57.369859]? set_init_blocksize.isra.0+0x60/0x60 [ 57.369880] generic_file_read_iter+0x89/0x160 [ 57.369898] blkdev_read_iter+0x44/0x60 [ 57.369906] new_sync_read+0x102/0x170 [ 57.369929 ] vfs_read+0xd4/0x160 [ 57.369941] __x64_sys_pread64+0x6e/0xa0 [ 57.369946] ? lockdep_hardirqs_on+0x79/0x100 [ 57.369958] do_syscall_64+0x3a/0x70 [ 57.369965] Entry_SYSCALL_64_after_hwframe+0x44/0xae [ 57.369973] RIP: 0033:0x7f7ed4c1399f [ 5 7.369979] C\u00f3digo: 08 89 3c 24 48 89 4c 24 18 e8 7d f3 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00 00 0f 05 &lt;48&gt; 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 cd f3 ff ff 48 8b [ 57.369983] RSP: 002b:00007ffd7918c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000011 [ 57.369990] RAX: fffffffffffffffda RBX: 00000000015b4540 RCX: 00 007f7ed4c1399f [ 57.369993] RDX: 0000000000001000 RSI: 00000000015de000 RDI: 000000000000000009 [ 57.369996] RBP: 00000000015b4540 R08: 000 0000000000000 R09: 0000000000000001 [ 57.369999] R10: 0000000000e5c000 R11: 0000000000000293 R12: 00007f7eb5269a70 [ 57.370002] R13: 00000000000000000 R14: 000000000000 1000 R15: 00000000015b4568 [57.370031] CPU: 7 PID: 1507 ---truncado---"
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47179.json

@@ -2,12 +2,16 @@
   "id": "CVE-2021-47179",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.317",
-  "lastModified": "2024-03-25T10:15:09.317",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()\n\nCommit de144ff4234f changes _pnfs_return_layout() to call\npnfs_mark_matching_lsegs_return() passing NULL as the struct\npnfs_layout_range argument. Unfortunately,\npnfs_mark_matching_lsegs_return() doesn't check if we have a value here\nbefore dereferencing it, causing an oops.\n\nI'm able to hit this crash consistently when running connectathon basic\ntests on NFS v4.1/v4.2 against Ontap."
+    },
+    {
+      "lang": "es",
+      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSv4: corrige una desreferencia de puntero NULL en pnfs_mark_matching_lsegs_return(). Confirme los cambios de144ff4234f _pnfs_return_layout() para llamar a pnfs_mark_matching_lsegs_return() pasando NULL como argumento de estructura pnfs_layout_range. Desafortunadamente, pnfs_mark_matching_lsegs_return() no verifica si tenemos un valor aqu\u00ed antes de eliminar la referencia a \u00e9l, lo que provoca un error. Puedo alcanzar este bloqueo de manera consistente cuando ejecuto pruebas b\u00e1sicas de Connectathon en NFS v4.1/v4.2 contra Ontap."
     }
   ],
   "metrics": {},

CVE-2021/CVE-2021-471xx/CVE-2021-47180.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-47180",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-03-25T10:15:09.363",
-  "lastModified": "2024-03-25T10:15:09.363",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-364xx/CVE-2022-36407.json

@@ -2,12 +2,16 @@
   "id": "CVE-2022-36407",
   "sourceIdentifier": "hirt@hitachi.co.jp",
   "published": "2024-03-25T06:15:08.450",
-  "lastModified": "2024-03-25T06:15:08.450",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows \n\nlocal users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en un archivo de registro en Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, VM de almacenamiento unificado Hitachi, plataforma de almacenamiento virtual Hitachi G100, G200, G400, G600, G800, plataforma de almacenamiento virtual Hitachi F400, F600, F800, plataforma de almacenamiento virtual Hitachi G130, G150, G350, G370, G700 , G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H permite a los usuarios locales obtener informaci\u00f3n confidencial. Este problema afecta a Hitachi Virtual Storage Plataforma: anterior a DKCMAIN Ver. 70-06-74-00/00, versi\u00f3n SVP. 70-06-58/00; Plataforma de almacenamiento virtual Hitachi VP9500: anterior a DKCMAIN Ver. 70-06-74-00/00, versi\u00f3n SVP. 70-06-58/00; Plataforma de almacenamiento virtual Hitachi G1000, G1500: anterior a DKCMAIN Ver. 80-06-92-00/00, versi\u00f3n SVP. 80-06-87/00; Plataforma de almacenamiento virtual Hitachi F1500: anterior a DKCMAIN Ver. 80-06-92-00/00, versi\u00f3n SVP. 80-06-87/00; Plataforma de almacenamiento virtual Hitachi 5100, 5500,5100H, 5500H: anterior a DKCMAIN Ver. 90-08-81-00/00, versi\u00f3n SVP. 90-08-81/00, antes de DKCMAIN Ver. 90-08-62-00/00, versi\u00f3n SVP. 90-08-62/00, antes de DKCMAIN Ver. 90-08-43-00/00, versi\u00f3n SVP. 90-08-43/00; Plataforma de almacenamiento virtual Hitachi 5200, 5600,5200H, 5600H: anterior a DKCMAIN Ver. 90-08-81-00/00, versi\u00f3n SVP. 90-08-81/00, antes de DKCMAIN Ver. 90-08-62-00/00, versi\u00f3n SVP. 90-08-62/00, antes de DKCMAIN Ver. 90-08-43-00/00, versi\u00f3n SVP. 90-08-43/00; M\u00e1quina virtual de almacenamiento unificado de Hitachi: anterior a DKCMAIN Ver. 73-03-75-X0/00, versi\u00f3n SVP. 73-03-74/00, antes de DKCMAIN Ver. 73(75)-03-75-X0/00, versi\u00f3n SVP. 73(75)-03-74/00; Plataforma de almacenamiento virtual Hitachi G100, G200, G400, G600, G800: anterior a DKCMAIN Ver. 83-06-19-X0/00, versi\u00f3n SVP. 83-06-20-X0/00, antes de DKCMAIN Ver. 83-05-47-X0/00, versi\u00f3n SVP. 83-05-51-X0/00; Plataforma de almacenamiento virtual Hitachi F400, F600, F800: anterior a DKCMAIN Ver. 83-06-19-X0/00, versi\u00f3n SVP. 83-06-20-X0/00, antes de DKCMAIN Ver. 83-05-47-X0/00, versi\u00f3n SVP. 83-05-51-X0/00; Plataforma de almacenamiento virtual Hitachi G130, G150, G350, G370, G700, G900: anterior a DKCMAIN Ver. 88-08-09-XX/00, versi\u00f3n SVP. 88-08-11-X0/02; Plataforma de almacenamiento virtual Hitachi F350, F370, F700, F900: anterior a DKCMAIN Ver. 88-08-09-XX/00, versi\u00f3n SVP. 88-08-11-X0/02; Plataforma de almacenamiento virtual Hitachi E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: anterior a DKCMAIN Ver. 93-06-81-X0/00, versi\u00f3n SVP. 93-06-81-X0/00, antes de DKCMAIN Ver. 93-06-62-X0/00, versi\u00f3n SVP. 93-06-62-X0/00, antes de DKCMAIN Ver. 93-06-43-X0/00, versi\u00f3n SVP. 93-06-43-X0/00."
     }
   ],
   "metrics": {

CVE-2022/CVE-2022-380xx/CVE-2022-38057.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-38057",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:08.010",
-  "lastModified": "2024-03-25T12:15:08.010",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-446xx/CVE-2022-44626.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-44626",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:08.227",
-  "lastModified": "2024-03-25T12:15:08.227",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-453xx/CVE-2022-45349.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-45349",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:08.503",
-  "lastModified": "2024-03-25T12:15:08.503",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-453xx/CVE-2022-45351.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-45351",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:08.803",
-  "lastModified": "2024-03-25T12:15:08.803",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-453xx/CVE-2022-45352.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-45352",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:09.010",
-  "lastModified": "2024-03-25T12:15:09.010",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-453xx/CVE-2022-45356.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-45356",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:09.210",
-  "lastModified": "2024-03-25T12:15:09.210",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2022/CVE-2022-458xx/CVE-2022-45851.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-45851",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:09.520",
-  "lastModified": "2024-03-25T12:15:09.520",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-226xx/CVE-2023-22699.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-22699",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:09.740",
-  "lastModified": "2024-03-25T12:15:09.740",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-250xx/CVE-2023-25039.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-25039",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:10.027",
-  "lastModified": "2024-03-25T12:15:10.027",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-276xx/CVE-2023-27608.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-27608",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T12:15:10.287",
-  "lastModified": "2024-03-25T12:15:10.287",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-304xx/CVE-2023-30480.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-30480",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T05:15:49.560",
-  "lastModified": "2024-03-25T05:15:49.560",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de autorizaci\u00f3n faltante en Sparkle WP Educenter. Este problema afecta a Educenter: desde n/a hasta 1.5.5."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-339xx/CVE-2023-33923.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-33923",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T05:15:49.837",
-  "lastModified": "2024-03-25T05:15:49.837",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Missing Authorization vulnerability in HashThemes Viral News, HashThemes Viral, HashThemes HashOne.This issue affects Viral News: from n/a through 1.4.5; Viral: from n/a through 1.8.0; HashOne: from n/a through 1.3.0.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de autorizaci\u00f3n faltante en HashThemes Viral News, HashThemes Viral, HashThemes HashOne. Este problema afecta a Viral News: desde n/a hasta 1.4.5; Viral: desde n/a hasta 1.8.0; HashOne: desde n/a hasta 1.3.0."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-378xx/CVE-2023-37885.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-37885",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T05:15:50.047",
-  "lastModified": "2024-03-25T05:15:50.047",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de autorizaci\u00f3n faltante en InspiryThemes RealHomes. Este problema afecta a RealHomes: desde n/a hasta 4.0.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-378xx/CVE-2023-37886.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-37886",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T05:15:50.237",
-  "lastModified": "2024-03-25T05:15:50.237",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de autorizaci\u00f3n faltante en InspiryThemes RealHomes. Este problema afecta a RealHomes: desde n/a hasta 4.0.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-521xx/CVE-2023-52159.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-52159",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-03-18T02:15:06.053",
-  "lastModified": "2024-03-18T12:38:25.490",
+  "lastModified": "2024-03-25T14:15:09.267",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -19,6 +19,10 @@
     {
       "url": "https://codeberg.org/bizdelnick/gross/wiki/Known-vulnerabilities#cve-2023-52159",
       "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00027.html",
+      "source": "cve@mitre.org"
     }
   ]
 }

CVE-2024/CVE-2024-12xx/CVE-2024-1231.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1231",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2024-03-25T05:15:50.443",
-  "lastModified": "2024-03-25T05:15:50.443",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The CM Download Manager  WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack"
+    },
+    {
+      "lang": "es",
+      "value": "El complemento CM Download Manager de WordPress anterior a 2.9.0 no tiene comprobaciones CSRF en algunos lugares, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados anulen la publicaci\u00f3n de las descargas mediante un ataque CSRF."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-12xx/CVE-2024-1232.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1232",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2024-03-25T05:15:50.507",
-  "lastModified": "2024-03-25T05:15:50.507",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The CM Download Manager  WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack"
+    },
+    {
+      "lang": "es",
+      "value": "El complemento CM Download Manager de WordPress anterior a 2.9.0 no tiene comprobaciones CSRF en algunos lugares, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados eliminen las descargas mediante un ataque CSRF."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-15xx/CVE-2024-1564.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1564",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2024-03-25T05:15:50.557",
-  "lastModified": "2024-03-25T05:15:50.557",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode"
+    },
+    {
+      "lang": "es",
+      "value": "El complemento wp-schema-pro de WordPress anterior a 2.7.16 no valida el acceso a la publicaci\u00f3n, lo que permite a un usuario colaborador acceder a campos personalizados en cualquier publicaci\u00f3n, independientemente del tipo o estado de la publicaci\u00f3n a trav\u00e9s de un c\u00f3digo corto."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-19xx/CVE-2024-1962.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-1962",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2024-03-25T05:15:50.610",
-  "lastModified": "2024-03-25T05:15:50.610",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "The CM Download Manager  WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack"
+    },
+    {
+      "lang": "es",
+      "value": "El complemento CM Download Manager de WordPress anterior a 2.9.1 no tiene controles CSRF en algunos lugares, lo que podr\u00eda permitir a los atacantes hacer que los administradores registrados editen las descargas a trav\u00e9s de un ataque CSRF."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-215xx/CVE-2024-21505.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-21505",
   "sourceIdentifier": "report@snyk.io",
   "published": "2024-03-25T05:15:50.663",
-  "lastModified": "2024-03-25T05:15:50.663",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Versions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utility functions format and mergeDeep, due to insecure recursive merge.\rAn attacker can manipulate an object's prototype, potentially leading to the alteration of the behavior of all objects inheriting from the affected prototype by passing specially crafted input to these functions."
+    },
+    {
+      "lang": "es",
+      "value": "Las versiones del paquete web3-utils anteriores a la 4.2.1 son vulnerables a Prototype Pollution a trav\u00e9s de las funciones de utilidad format y mergeDeep, debido a una fusi\u00f3n recursiva insegura. Un atacante puede manipular el prototipo de un objeto, lo que podr\u00eda provocar la alteraci\u00f3n del comportamiento de todos los objetos que heredan del prototipo afectado al pasar entradas especialmente manipuladas a estas funciones."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-218xx/CVE-2024-21865.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-21865",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2024-03-25T05:15:50.863",
-  "lastModified": "2024-03-25T05:15:50.863",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect to the product via SSH and use a shell."
+    },
+    {
+      "lang": "es",
+      "value": "HGW BL1500HM Ver 002.001.013 y anteriores contienen un problema de uso de credenciales semanales. Un atacante no autenticado adyacente a la red puede conectarse al producto a trav\u00e9s de SSH y utilizar un shell."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-248xx/CVE-2024-24890.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-24890",
   "sourceIdentifier": "securities@openeuler.org",
   "published": "2024-03-25T07:15:49.903",
-  "lastModified": "2024-03-25T07:15:49.903",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in openEuler gala-gopher on Linux allows Command Injection. This vulnerability is associated with program files https://gitee.Com/openeuler/gala-gopher/blob/master/src/probes/extends/ebpf.Probe/src/ioprobe/ioprobe.C.\n\nThis issue affects gala-gopher: through 1.0.2.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del sistema operativo ('inyecci\u00f3n de comando del sistema operativo') en openEuler gala-gopher en Linux permite la inyecci\u00f3n de comando. Esta vulnerabilidad est\u00e1 asociada con archivos de programa https://gitee.Com/openeuler/gala-gopher/blob/master/src/probes/extends/ebpf.Probe/src/ioprobe/ioprobe.C. Este problema afecta a gala-gopher: hasta 1.0.2."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-248xx/CVE-2024-24892.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-24892",
   "sourceIdentifier": "securities@openeuler.org",
   "published": "2024-03-25T07:15:50.133",
-  "lastModified": "2024-03-25T07:15:50.133",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Privilege Management vulnerability in openEuler migration-tools on Linux allows Command Injection, Restful Privilege Elevation. This vulnerability is associated with program files https://gitee.Com/openeuler/migration-tools/blob/master/index.Py.\n\nThis issue affects migration-tools: from 1.0.0 through 1.0.1.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando del sistema operativo (\"Inyecci\u00f3n de comandos del sistema operativo\"), vulnerabilidad de administraci\u00f3n de privilegios inadecuada en las herramientas de migraci\u00f3n de openEuler en Linux permite la inyecci\u00f3n de comandos y la elevaci\u00f3n de privilegios de descanso. Esta vulnerabilidad est\u00e1 asociada con archivos de programa https://gitee.Com/openeuler/migration-tools/blob/master/index.Py. Este problema afecta a las herramientas de migraci\u00f3n: desde 1.0.0 hasta 1.0.1."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-248xx/CVE-2024-24897.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-24897",
   "sourceIdentifier": "securities@openeuler.org",
   "published": "2024-03-25T07:15:50.350",
-  "lastModified": "2024-03-25T07:15:50.350",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in openEuler A-Tune-Collector on Linux allows Command Injection. This vulnerability is associated with program files https://gitee.Com/openeuler/A-Tune-Collector/blob/master/atune_collector/plugin/monitor/process/sched.Py.\n\nThis issue affects A-Tune-Collector: from 1.1.0-3 through 1.3.0.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando (\"Inyecci\u00f3n de comando\") en openEuler A-Tune-Collector en Linux permite la inyecci\u00f3n de comando. Esta vulnerabilidad est\u00e1 asociada con archivos de programa https://gitee.Com/openeuler/A-Tune-Collector/blob/master/atune_collector/plugin/monitor/process/sched.Py. Este problema afecta a A-Tune-Collector: desde 1.1.0-3 hasta 1.3.0."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-248xx/CVE-2024-24899.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-24899",
   "sourceIdentifier": "securities@openeuler.org",
   "published": "2024-03-25T07:15:50.560",
-  "lastModified": "2024-03-25T07:15:50.560",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in openEuler aops-zeus on Linux allows Command Injection. This vulnerability is associated with program files https://gitee.Com/openeuler/aops-zeus/blob/master/zeus/conf/constant.Py.\n\nThis issue affects aops-zeus: from 1.2.0 through 1.4.0.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "La neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del sistema operativo ('inyecci\u00f3n de comando del sistema operativo') en openEuler aops-zeus en Linux permite la inyecci\u00f3n de comando. Esta vulnerabilidad est\u00e1 asociada con archivos de programa https://gitee.Com/openeuler/aops-zeus/blob/master/zeus/conf/constant.Py. Este problema afecta a aops-zeus: desde 1.2.0 hasta 1.4.0."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-250xx/CVE-2024-25002.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-25002",
+  "sourceIdentifier": "psirt@bosch.com",
+  "published": "2024-03-25T14:15:09.343",
+  "lastModified": "2024-03-25T14:15:09.343",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows unauthorized users full access to the device."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@bosch.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@bosch.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-152190.html",
+      "source": "psirt@bosch.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-259xx/CVE-2024-25964.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-25964",
   "sourceIdentifier": "security_alert@emc.com",
   "published": "2024-03-25T09:15:09.477",
-  "lastModified": "2024-03-25T09:15:09.477",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-280xx/CVE-2024-28041.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-28041",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2024-03-25T04:15:08.880",
-  "lastModified": "2024-03-25T04:15:08.880",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary command."
+    },
+    {
+      "lang": "es",
+      "value": "HGW BL1500HM Ver 002.001.013 y anteriores permiten que un atacante no autenticado adyacente a la red ejecute un comando arbitrario."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-283xx/CVE-2024-28386.json

@@ -0,0 +1,36 @@
+{
+  "id": "CVE-2024-28386",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-25T14:15:09.553",
+  "lastModified": "2024-03-25T14:15:09.553",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin() component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://fastmagsync.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "http://home-madeio.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://reference1.example.com/modules/fastmagsync/crons/cron_mutualise_job_queue.php?hosting=.%20%26%20%20echo%20%27%3C%3Fphp%20echo%20%2242ovh%22%3B%27%20%3E%20a.php%3B%23&syncway=tofastmag",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://security.friendsofpresta.org/modules/2024/03/19/fastmagsync.html",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.home-made.io/module-fastmag-sync-prestashop/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-283xx/CVE-2024-28387.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-28387",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-25T14:15:09.613",
+  "lastModified": "2024-03-25T14:15:09.613",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in axonaut v.3.1.23 and before allows a remote attacker to obtain sensitive information via the log.txt component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://axonaut.com/integration/detail/prestashop",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://security.friendsofpresta.org/modules/2024/03/19/axonaut.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-283xx/CVE-2024-28393.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-28393",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-25T14:15:09.663",
+  "lastModified": "2024-03-25T14:15:09.663",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess() method."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://addons.prestashop.com/fr/paiement-en-plusieurs-fois/87023-scalapay-payez-en-3-fois-sans-frais.html",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://security.friendsofpresta.org/modules/2024/03/19/scalapay.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-284xx/CVE-2024-28434.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-28434",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-25T14:15:09.720",
+  "lastModified": "2024-03-25T14:15:09.720",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-28434",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/twentyhq/twenty",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-284xx/CVE-2024-28435.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-28435",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-25T14:15:09.767",
+  "lastModified": "2024-03-25T14:15:09.767",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-28435",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/twentyhq/twenty",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-28xx/CVE-2024-2856.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-2856",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-03-24T07:15:08.140",
-  "lastModified": "2024-03-25T01:51:01.223",
+  "lastModified": "2024-03-25T13:15:48.683",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257780. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad fue encontrada en Tenda AC10 16.03.10.13/16.03.10.20 y clasificada como cr\u00edtica. La funci\u00f3n fromSetSysTime del archivo /goform/SetSysTimeCfg es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento timeZone provoca un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-257780. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
     }
   ],
   "metrics": {
@@ -83,6 +87,10 @@
     {
       "url": "https://vuldb.com/?id.257780",
       "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.299741",
+      "source": "cna@vuldb.com"
     }
   ]
 }

CVE-2024/CVE-2024-28xx/CVE-2024-2862.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-2862",
   "sourceIdentifier": "product.security@lge.com",
   "published": "2024-03-25T07:15:50.807",
-  "lastModified": "2024-03-25T07:15:50.807",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "\nThis vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Esta vulnerabilidad permite a atacantes remotos restablecer la contrase\u00f1a de usuarios an\u00f3nimos sin autorizaci\u00f3n en el LG LED Assistant afectado."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-28xx/CVE-2024-2863.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-2863",
   "sourceIdentifier": "product.security@lge.com",
   "published": "2024-03-25T07:15:51.030",
-  "lastModified": "2024-03-25T07:15:51.030",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant."
+    },
+    {
+      "lang": "es",
+      "value": "Esta vulnerabilidad permite a atacantes remotos atravesar rutas mediante la carga de archivos en el LG LED Assistant afectado."
     }
   ],
   "metrics": {

CVE-2024/CVE-2024-28xx/CVE-2024-2864.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-2864",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2024-03-25T11:15:45.353",
-  "lastModified": "2024-03-25T11:15:45.353",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-28xx/CVE-2024-2865.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-2865",
+  "sourceIdentifier": "iletisim@usom.gov.tr",
+  "published": "2024-03-25T14:15:09.820",
+  "lastModified": "2024-03-25T14:15:09.820",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection.This issue affects Quality Management System: through 25032024.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "iletisim@usom.gov.tr",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "iletisim@usom.gov.tr",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.usom.gov.tr/bildirim/tr-24-0229",
+      "source": "iletisim@usom.gov.tr"
+    }
+  ]
+}

CVE-2024/CVE-2024-290xx/CVE-2024-29009.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-29009",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2024-03-25T05:15:50.913",
-  "lastModified": "2024-03-25T05:15:50.913",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Cross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote unauthenticated attacker to hijack the authentication of the administrator and to perform unintended operations if the administrator views a malicious page while logged in."
+    },
+    {
+      "lang": "es",
+      "value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en easy-popup-show todas las versiones permite a un atacante remoto no autenticado secuestrar la autenticaci\u00f3n del administrador y realizar operaciones no deseadas si el administrador ve una p\u00e1gina maliciosa mientras est\u00e1 conectado."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-290xx/CVE-2024-29071.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-29071",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2024-03-25T04:15:09.017",
-  "lastModified": "2024-03-25T04:15:09.017",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may change the system settings."
+    },
+    {
+      "lang": "es",
+      "value": "HGW BL1500HM Ver 002.001.013 y anteriores contienen un problema de uso de credenciales semanales. Un atacante no autenticado adyacente a la red puede cambiar la configuraci\u00f3n del sistema."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-292xx/CVE-2024-29216.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-29216",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2024-03-25T07:15:50.750",
-  "lastModified": "2024-03-25T07:15:50.750",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware."
+    },
+    {
+      "lang": "es",
+      "value": "Existe un IOCTL expuesto con un problema de control de acceso insuficiente en cg6kwin2k.sys anterior a 2.1.7.0. Al enviar una solicitud IOCTL espec\u00edfica, un usuario sin privilegios de administrador puede realizar E/S en un puerto de hardware o direcci\u00f3n f\u00edsica arbitraria, lo que resulta en el borrado o alteraci\u00f3n del firmware."
     }
   ],
   "metrics": {},

CVE-2024/CVE-2024-301xx/CVE-2024-30187.json

@@ -2,12 +2,16 @@
   "id": "CVE-2024-30187",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-03-25T08:15:36.587",
-  "lastModified": "2024-03-25T08:15:36.587",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-25T13:47:14.087",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Anope before 2.0.15 does not prevent resetting the password of a suspended account."
+    },
+    {
+      "lang": "es",
+      "value": "Anope anterior a 2.0.15 no impide restablecer la contrase\u00f1a de una cuenta suspendida."
     }
   ],
   "metrics": {},

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-03-25T13:00:38.433735+00:00
+2024-03-25T15:00:38.889212+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-03-25T12:15:10.287000+00:00
+2024-03-25T14:15:09.820000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,31 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-242587
+242594
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `11`
+Recently added CVEs: `7`
 
-* [CVE-2022-38057](CVE-2022/CVE-2022-380xx/CVE-2022-38057.json) (`2024-03-25T12:15:08.010`)
-* [CVE-2022-44626](CVE-2022/CVE-2022-446xx/CVE-2022-44626.json) (`2024-03-25T12:15:08.227`)
-* [CVE-2022-45349](CVE-2022/CVE-2022-453xx/CVE-2022-45349.json) (`2024-03-25T12:15:08.503`)
-* [CVE-2022-45351](CVE-2022/CVE-2022-453xx/CVE-2022-45351.json) (`2024-03-25T12:15:08.803`)
-* [CVE-2022-45352](CVE-2022/CVE-2022-453xx/CVE-2022-45352.json) (`2024-03-25T12:15:09.010`)
-* [CVE-2022-45356](CVE-2022/CVE-2022-453xx/CVE-2022-45356.json) (`2024-03-25T12:15:09.210`)
-* [CVE-2022-45851](CVE-2022/CVE-2022-458xx/CVE-2022-45851.json) (`2024-03-25T12:15:09.520`)
-* [CVE-2023-22699](CVE-2023/CVE-2023-226xx/CVE-2023-22699.json) (`2024-03-25T12:15:09.740`)
-* [CVE-2023-25039](CVE-2023/CVE-2023-250xx/CVE-2023-25039.json) (`2024-03-25T12:15:10.027`)
-* [CVE-2023-27608](CVE-2023/CVE-2023-276xx/CVE-2023-27608.json) (`2024-03-25T12:15:10.287`)
-* [CVE-2024-2864](CVE-2024/CVE-2024-28xx/CVE-2024-2864.json) (`2024-03-25T11:15:45.353`)
+* [CVE-2024-25002](CVE-2024/CVE-2024-250xx/CVE-2024-25002.json) (`2024-03-25T14:15:09.343`)
+* [CVE-2024-28386](CVE-2024/CVE-2024-283xx/CVE-2024-28386.json) (`2024-03-25T14:15:09.553`)
+* [CVE-2024-28387](CVE-2024/CVE-2024-283xx/CVE-2024-28387.json) (`2024-03-25T14:15:09.613`)
+* [CVE-2024-28393](CVE-2024/CVE-2024-283xx/CVE-2024-28393.json) (`2024-03-25T14:15:09.663`)
+* [CVE-2024-28434](CVE-2024/CVE-2024-284xx/CVE-2024-28434.json) (`2024-03-25T14:15:09.720`)
+* [CVE-2024-28435](CVE-2024/CVE-2024-284xx/CVE-2024-28435.json) (`2024-03-25T14:15:09.767`)
+* [CVE-2024-2865](CVE-2024/CVE-2024-28xx/CVE-2024-2865.json) (`2024-03-25T14:15:09.820`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `79`
 
-* [CVE-2021-47180](CVE-2021/CVE-2021-471xx/CVE-2021-47180.json) (`2024-03-25T10:15:09.363`)
+* [CVE-2023-30480](CVE-2023/CVE-2023-304xx/CVE-2023-30480.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2023-33923](CVE-2023/CVE-2023-339xx/CVE-2023-33923.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2023-37885](CVE-2023/CVE-2023-378xx/CVE-2023-37885.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2023-37886](CVE-2023/CVE-2023-378xx/CVE-2023-37886.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2023-52159](CVE-2023/CVE-2023-521xx/CVE-2023-52159.json) (`2024-03-25T14:15:09.267`)
+* [CVE-2024-1231](CVE-2024/CVE-2024-12xx/CVE-2024-1231.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-1232](CVE-2024/CVE-2024-12xx/CVE-2024-1232.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-1564](CVE-2024/CVE-2024-15xx/CVE-2024-1564.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-1962](CVE-2024/CVE-2024-19xx/CVE-2024-1962.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-21505](CVE-2024/CVE-2024-215xx/CVE-2024-21505.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-21865](CVE-2024/CVE-2024-218xx/CVE-2024-21865.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-24890](CVE-2024/CVE-2024-248xx/CVE-2024-24890.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-24892](CVE-2024/CVE-2024-248xx/CVE-2024-24892.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-24897](CVE-2024/CVE-2024-248xx/CVE-2024-24897.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-24899](CVE-2024/CVE-2024-248xx/CVE-2024-24899.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-25964](CVE-2024/CVE-2024-259xx/CVE-2024-25964.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-28041](CVE-2024/CVE-2024-280xx/CVE-2024-28041.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-2856](CVE-2024/CVE-2024-28xx/CVE-2024-2856.json) (`2024-03-25T13:15:48.683`)
+* [CVE-2024-2862](CVE-2024/CVE-2024-28xx/CVE-2024-2862.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-2863](CVE-2024/CVE-2024-28xx/CVE-2024-2863.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-2864](CVE-2024/CVE-2024-28xx/CVE-2024-2864.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-29009](CVE-2024/CVE-2024-290xx/CVE-2024-29009.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-29071](CVE-2024/CVE-2024-290xx/CVE-2024-29071.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-29216](CVE-2024/CVE-2024-292xx/CVE-2024-29216.json) (`2024-03-25T13:47:14.087`)
+* [CVE-2024-30187](CVE-2024/CVE-2024-301xx/CVE-2024-30187.json) (`2024-03-25T13:47:14.087`)
 
 
 ## Download and Usage

_state.csv

@@ -159238,7 +159238,7 @@ CVE-2020-3680,0,0,8c1c6b8d5f4d7704e9bf3f9ae4b8143f4d26da3b4ea95adcafe78c8ee378c0
 CVE-2020-3681,0,0,2a27714f9cda4a3b1ca09258288b953b4e59f794e1fb4aae9d87a0e135b0c06d,2020-08-10T18:40:44.703000
 CVE-2020-3682,0,0,24a4348c2423fb50a4d883ab97a98087dac9114a52e3cd5f84438c3d7a885f75,2023-11-07T03:23:01.990000
 CVE-2020-36825,0,0,beef296e9ca6b0a047894781107bf88f271e5c62478ba60a13bb1190d2c6f4ab,2024-03-25T01:51:01.223000
-CVE-2020-36826,0,0,ca0d6ed18a3ad7bbbda7e44867590ed5025ec212526b5230e994ca4b4f444497,2024-03-25T07:15:49.200000
+CVE-2020-36826,0,1,ef70df6b5da2390ae0accb834fbfb35959fe5003ceb1c6011a48c2abad7d583d,2024-03-25T13:47:14.087000
 CVE-2020-36827,0,0,a6db9cbeae6630d393296ca1c94bea7d65002751fb1c23ce04ca6f82ec820e80,2024-03-25T01:51:01.223000
 CVE-2020-3684,0,0,931f112566786124f7d6fcb2bd46c9dcab315dc8e46c2a552446825ac25c83c4,2020-11-06T16:29:14.480000
 CVE-2020-3685,0,0,d53e7f1d143037625a0e7accdd772a2ca67acd945a19ee6a44795cb898b977ad,2021-01-29T23:46:03.037000
@@ -176985,7 +176985,7 @@ CVE-2021-33627,0,0,8bdeebf568d00cb54a04770023f485c4bfa89f2896b08d3fbb8719faf3b92
 CVE-2021-33629,0,0,e319aecfc02ad238ce49f5abe4d506bb741abff00a1e3b15c2a21c892a0d8967,2021-09-20T12:22:18.847000
 CVE-2021-33630,0,0,c843ad8cf406751a737c42a14131c43598f545deb9cf4265c9101e558c19f33e,2024-02-03T03:15:07.753000
 CVE-2021-33631,0,0,8ab6aa4210a1ecf2c08088a7e0801d08fcbf957a3be31ac7e5134e5c5a7f2898,2024-02-03T03:15:08.760000
-CVE-2021-33632,0,0,2ba3b16134d521ed3c1317590cb601cff3d7583bd4e69480c95ff3d52d996117,2024-03-25T07:15:49.630000
+CVE-2021-33632,0,1,4bfb6f1ffc8b527aa6e58a3e676aaee0dc39850a9085dc1165e55c09204c5af3,2024-03-25T13:47:14.087000
 CVE-2021-33633,0,0,6bd8eaba16051075770bdbf847ddf12fba56a80b09630f11529d2428f7584083,2024-03-25T01:51:01.223000
 CVE-2021-33634,0,0,84cdcfc3f34c5869334daa18c888e18964afaf74db604d2c0ed4b72dff3e52e4,2023-11-08T01:52:34.450000
 CVE-2021-33635,0,0,953b6e5ee4393d94db183a2807197bdb49ef24a6ab740d3f5e8c71defc8e062a,2023-11-08T15:04:19.710000
@@ -186847,51 +186847,51 @@ CVE-2021-47132,0,0,1547d2dc3a369b3f7e76a4c03ab3a2a4cba2c1bffe45a54c111488733e6a6
 CVE-2021-47133,0,0,7b6345e898b3e10a871129b85c8e095f10e5f051f1b15bf60f334c8709116bdd,2024-03-17T22:38:29.433000
 CVE-2021-47134,0,0,8a7c141a2170c4a86e59cf8803a362f8506e9aca7f6918b58c8cce087c1666ed,2024-03-17T22:38:29.433000
 CVE-2021-47135,0,0,a29c3bbac0a96b9549a1fb1c3113013df387a88d8966ee7b2759c5051b5c4adf,2024-03-17T22:38:29.433000
-CVE-2021-47136,0,0,c5cc7c172c3ab19b4918eeff9cf84fada51c5e8c5495dfedbf023c8570deca62,2024-03-25T09:15:07.970000
-CVE-2021-47137,0,0,3a1af434663f120b975d57968ea985dd24f3dec93fd7d8e66c46f89311c226ba,2024-03-25T09:15:08.240000
-CVE-2021-47138,0,0,03ce45819ea147150c329642a098bcb0a4e5d8c6fdbe76088701ece778d11ee6,2024-03-25T09:15:08.427000
-CVE-2021-47139,0,0,2390f6c1f09d90b8b2ae383caba93776c7d1ca5ed7c433f58318bb949b8c8d5d,2024-03-25T09:15:08.603000
-CVE-2021-47140,0,0,9e139787a186a905545e5f5a29dcad31b3810738daeb7d4a413855779a894a5e,2024-03-25T09:15:08.740000
-CVE-2021-47141,0,0,8448a08ae7add3e3db9922183f24361eb5c7a47eae9834c91cb31f85a944d7cb,2024-03-25T09:15:08.790000
-CVE-2021-47142,0,0,6a5e84ee7138ad510be2607b1efdbaa59a5c5e499c2ff8c8db1fbff69b85abf2,2024-03-25T09:15:08.843000
-CVE-2021-47143,0,0,9e5f83cc4c34b2fceab4ba20ec2a95c3c97a12ac15945b06a53115d80361df86,2024-03-25T09:15:08.900000
-CVE-2021-47144,0,0,79b1537bd7e58cc156c316d1648f4dd186a498e23244cbd2e3a8af25b2eb2953,2024-03-25T09:15:08.950000
-CVE-2021-47145,0,0,847a11ac2610401edd6c84e44ce8305069a09140260f31454fa0606ce5c7d1c4,2024-03-25T09:15:08.993000
-CVE-2021-47146,0,0,066189472c2a9bea1ea5591948b4f57b41e75d91a6d41fbb4834813627ff97b0,2024-03-25T09:15:09.047000
-CVE-2021-47147,0,0,af7bac209243b34e52c01f0b1e9740e72fe4e7281ac418b49b4ce4780e57f2d3,2024-03-25T09:15:09.100000
-CVE-2021-47148,0,0,9956f4c154045939f6f667d8d98bbd2e8a88206484a0ef11ce4bbe64bcd045e8,2024-03-25T09:15:09.150000
-CVE-2021-47149,0,0,0dec230cd8ee9e6485497e66aa1d67470945160bb13348b3c0e748edeb45e688,2024-03-25T09:15:09.200000
-CVE-2021-47150,0,0,6c0946cb5bcedc0ed6be6c9c03c968c003d321cf0ff8bf66bef2e3280171e1cc,2024-03-25T09:15:09.257000
-CVE-2021-47151,0,0,ae61df18cd1aadaac5fa52d59faf642c59ef10ec50810c0fa43d53e10e2a5344,2024-03-25T09:15:09.310000
-CVE-2021-47152,0,0,1908eb80ad397ec5a6478c0126f0e53c58d9a32ec86191896b2fa86c5a204e47,2024-03-25T09:15:09.357000
-CVE-2021-47153,0,0,a4c41f26b6b9fbba886387140138ae4273ee90bab286099147138efbe1a2e4ac,2024-03-25T09:15:09.407000
+CVE-2021-47136,0,1,78f97965e5fbe34a223a6f6da11232ac7c4fa7a2e04c821d1f3388759ad94bc6,2024-03-25T13:47:14.087000
+CVE-2021-47137,0,1,6ec9c13685b50d6fe2a48762dd46f291cc93e228b6070534aefb56d74db14467,2024-03-25T13:47:14.087000
+CVE-2021-47138,0,1,1bd7955ec9e8ead26d46f3f3976c1c2cf98884cb84828a6f8bf8784478875c90,2024-03-25T13:47:14.087000
+CVE-2021-47139,0,1,033aebc35d5330b42d9c52e2e5c0a8588b5df12e0df52a329ad2ed6ce577f948,2024-03-25T13:47:14.087000
+CVE-2021-47140,0,1,f3acd6591aa427b53f8d8fe65d507de7bdd707c5d1e0417d46898c732c8d7278,2024-03-25T13:47:14.087000
+CVE-2021-47141,0,1,56d1306be2206a0c915a22ff9fe45c6dce0f08346e250044f2cbdded6edf326d,2024-03-25T13:47:14.087000
+CVE-2021-47142,0,1,272dad240e7a7dc9c5df694b3fd6861946d822a84a0fea29e376e4b899d654e5,2024-03-25T13:47:14.087000
+CVE-2021-47143,0,1,7f623280a6eade062537ebfd040fbd5468ccb5efbc23b42909227b28a9fc72dd,2024-03-25T13:47:14.087000
+CVE-2021-47144,0,1,5f4f396415c24f034a953112679dbb0ea5702d11625dac0c3fe7f7d243967b29,2024-03-25T13:47:14.087000
+CVE-2021-47145,0,1,80ff567a82457c2b3b986fa5914703f680927e508894a6f046d5523dc6ef1541,2024-03-25T13:47:14.087000
+CVE-2021-47146,0,1,b6eb87fe6073a1d0a8db3f16cbd27d66c4392c22781133d159d40f001e3c34c1,2024-03-25T13:47:14.087000
+CVE-2021-47147,0,1,934f70a5fdc53fe9956244a60b84ba327c6551924e0041da373c14ec61a2fbbe,2024-03-25T13:47:14.087000
+CVE-2021-47148,0,1,f07940cffc9448ad96891f64bb0da1266b8c23b6e31b04b3c41cc11d68560be9,2024-03-25T13:47:14.087000
+CVE-2021-47149,0,1,65a75d3df5996a2f5398af99078cebb6dc7cfca0bc34e243a49ff97addd484af,2024-03-25T13:47:14.087000
+CVE-2021-47150,0,1,21a57e7a402fa4ee510c458fb52048d7ef93c28624dcdcef82c708a0e95a539e,2024-03-25T13:47:14.087000
+CVE-2021-47151,0,1,ba0ffd0096de0832cd1505ab46534bfc154d9e302ccf273899ac75356b0a3752,2024-03-25T13:47:14.087000
+CVE-2021-47152,0,1,451f20bcef7af44a1706791888d4ae6c78e0aa3d13a89df6c7e07c1153940459,2024-03-25T13:47:14.087000
+CVE-2021-47153,0,1,5d078fddb6a3a4b659d5f68dc88c5c1c7f6f584ed2c137da6188f984925c979b,2024-03-25T13:47:14.087000
 CVE-2021-47154,0,0,3a1272ded53fce8cc8bddc7c77228a2900106ca806b446074719c09e84ee6b52,2024-03-23T17:15:10.217000
 CVE-2021-47155,0,0,c0a7a97bc396f5ab0374a2fb0aee4ad5d8cee65fdaee7c89734d651655a8599b,2024-03-18T12:38:25.490000
 CVE-2021-47156,0,0,296f10d8deb633a4526261eeba5e15fdbb9698ef1819ea9aada787bdd3dae36a,2024-03-18T12:38:25.490000
 CVE-2021-47157,0,0,319673d3583f829d4d14b5d4679a0a91d267220b68a78141b60d32a491f4cf59,2024-03-18T12:38:25.490000
-CVE-2021-47158,0,0,c904ebe751dabd3b7352151f67e3f5f850785ea8ad7e4f28e303fc035e1ddedd,2024-03-25T10:15:07.707000
-CVE-2021-47159,0,0,0e99ee8957ab2bb3264573bdeac6708ced4a2d2943235f568ba70c087f7ab80a,2024-03-25T10:15:08.330000
-CVE-2021-47160,0,0,adb6ce30602e3460eb75a0ed372321277ff85b80ce9bc2ea1278cbb24632c583,2024-03-25T10:15:08.377000
-CVE-2021-47161,0,0,925df9382728c6881e0cd6edd98476b7851c65fb3e34eae79601082da81ca353,2024-03-25T10:15:08.433000
-CVE-2021-47162,0,0,d984028ec0e2290988496f3f13f6b0fc4804bf6ff447f199e3c08a820e0f16e8,2024-03-25T10:15:08.480000
-CVE-2021-47163,0,0,80d78e24c4f3aa8e3f246b514bbd643d3f98aad35523e4b1bed909c877ed672a,2024-03-25T10:15:08.530000
-CVE-2021-47164,0,0,973a1b8aeedb2ad852f42a64032ae77f7e53f8dc1d9b71464de134796c40625a,2024-03-25T10:15:08.577000
-CVE-2021-47165,0,0,53178ae66d1a5392969590b9bda68b8540a53957b59fdf36e2ee60c3ae27c4a4,2024-03-25T10:15:08.620000
-CVE-2021-47166,0,0,226e7b09520963af1c09f1f1c3a98f120c05c4005d3e146bba951e0f9a6c5d03,2024-03-25T10:15:08.667000
-CVE-2021-47167,0,0,c72f48c1ea6fe332a83d033e3b76fa9a9a83e52039ed5002acde0c638b8be58d,2024-03-25T10:15:08.720000
-CVE-2021-47168,0,0,f722a2d11b9b0c08791fdcdd34bad6396c37842c5f5c5c27a4f6f1bde3ab6d16,2024-03-25T10:15:08.773000
-CVE-2021-47169,0,0,c4ac8862f76a6d7d11b5b580530a1ad08d87266b02bdca9afaca2f9a28b668e3,2024-03-25T10:15:08.820000
-CVE-2021-47170,0,0,ea13a402943303cf1825d98dbbe3bcaa1e5225568db8c536dd0e3462daeb81d0,2024-03-25T10:15:08.870000
-CVE-2021-47171,0,0,dcc2b530d28c08b6947b554de4d17ad8d88c1d2d8fbe2941510d71907fd6bde8,2024-03-25T10:15:08.917000
-CVE-2021-47172,0,0,8f4d134b50fa5c3eb3d2c4d2be12d756414fa831eab9763ac93eeb24ea716326,2024-03-25T10:15:08.967000
-CVE-2021-47173,0,0,d3b9d426c2e2398ba44804f6b166208b999f2abcdeb6a3493e6c6b4519f9dccf,2024-03-25T10:15:09.010000
-CVE-2021-47174,0,0,6446967ebeb2f38e87777787646ad3650334f72209d7d1243e5eafd325890d78,2024-03-25T10:15:09.060000
-CVE-2021-47175,0,0,8c93efaf1258a94bbbda89f83d1e2f88e5fe6996aab9786569ef0f1d476e1fd6,2024-03-25T10:15:09.110000
-CVE-2021-47176,0,0,475d87658153c1e2c385b913ee45a3db1906e4e2ac4bcfb5704893b3bc8d21a7,2024-03-25T10:15:09.163000
-CVE-2021-47177,0,0,bd4ce6655f2fb6f48ea155609117afb87fc4137c1a5fcffeb3cf84529a72527e,2024-03-25T10:15:09.213000
-CVE-2021-47178,0,0,41441d873709303b9a9983333a7d8a7fed4fd0dfe05bd92b9f790615440886f4,2024-03-25T10:15:09.267000
-CVE-2021-47179,0,0,da623b3f35c417d12b64aa31fc01976a4857943bf76665c2a64b699ffaa1b914,2024-03-25T10:15:09.317000
-CVE-2021-47180,0,1,9664289eeda45150783bd2d94291d1e2e391408d1e2a5801b0a2862099b8d8d9,2024-03-25T10:15:09.363000
+CVE-2021-47158,0,1,64acf03f965995caac1e4874c31d32464a01a5844eb815adc9e200301d2b4912,2024-03-25T13:47:14.087000
+CVE-2021-47159,0,1,4ab300ca2f5acbc4e88674de500ba8b2f2c6094fe30d756887fad4fc907c2afa,2024-03-25T13:47:14.087000
+CVE-2021-47160,0,1,e9cd458b99fed8ba6ceea1a5df90f0bbdef973c04932e647742ef25d24c8605b,2024-03-25T13:47:14.087000
+CVE-2021-47161,0,1,15e0b50e918bcd53a64719c927820f71a03df4384300f734427881f04d0280f1,2024-03-25T13:47:14.087000
+CVE-2021-47162,0,1,fcc7e7eeb91f5c4e10b8e27cbaf203997edcbab5f891b90e265a0929b4470c68,2024-03-25T13:47:14.087000
+CVE-2021-47163,0,1,8e4bcebda8e8dba0f896f1be4c45e4efa9b09929284864ecd45c1184cbc326e1,2024-03-25T13:47:14.087000
+CVE-2021-47164,0,1,31d32d55484de82a97db3749db34931b5acb033867db64b27ed8ca99618cca94,2024-03-25T13:47:14.087000
+CVE-2021-47165,0,1,d69b73beac52d3b607749a9797524167b46e9ffcf87b692ee84045d9c3cf699f,2024-03-25T13:47:14.087000
+CVE-2021-47166,0,1,30bbc3d856914a16307e2def1b6f70c79550ee4f6277ea6ed0a2d9cf25cd3473,2024-03-25T13:47:14.087000
+CVE-2021-47167,0,1,6a26e20136c3a035ed6e4268c69534901ce67e944a707a3910eb8e55dd2c5be4,2024-03-25T13:47:14.087000
+CVE-2021-47168,0,1,a330412c688b9897ed8b414f3c8331459a4df718794bad127001472890b556ed,2024-03-25T13:47:14.087000
+CVE-2021-47169,0,1,45e244d96072453da0eb4806214deef2ca899ce1ed095ecef78904c70a3e9a22,2024-03-25T13:47:14.087000
+CVE-2021-47170,0,1,863f5a9ac3be46ba5019e8ff18ec675b8168d25311ea474a6fb0103dac51bc64,2024-03-25T13:47:14.087000
+CVE-2021-47171,0,1,8d9b3a496aff581b328a08894037effe87d5ee28ea0de9b6cd6fc47137b35f2f,2024-03-25T13:47:14.087000
+CVE-2021-47172,0,1,d2b08ac5678d10612c00a26b33af0804caa626526128b6dc62190122b1a8851a,2024-03-25T13:47:14.087000
+CVE-2021-47173,0,1,8c473497253c725590428139622bf817f3dca1f99bfba8a6fc82aed0ab9577bc,2024-03-25T13:47:14.087000
+CVE-2021-47174,0,1,b6bbca5c8c41517c60ae5ee69ba3fcb0b1d1c2d2c76661d8503df1766707bd0f,2024-03-25T13:47:14.087000
+CVE-2021-47175,0,1,7eb3c54a8b836edde2ed84e79a028f3c81aff125c948214c00c6f6a9cb149f2e,2024-03-25T13:47:14.087000
+CVE-2021-47176,0,1,9977e7d45537eef0d8951af67f9d79e3cb9bd9471cc4929fa50f67ab7bcd79fb,2024-03-25T13:47:14.087000
+CVE-2021-47177,0,1,17b9c85fef923a6278fd6497872c22e2b4ea493f8584902c2660ab96e360141e,2024-03-25T13:47:14.087000
+CVE-2021-47178,0,1,c25cd96a0a2553c8f47ae9e038b33fa780a313e4781ce8929f4a02b1baa933d2,2024-03-25T13:47:14.087000
+CVE-2021-47179,0,1,ff3384460faa93ef6cdd6cb49f18a46e46bbf25648ffd41213cf7002097a4a24,2024-03-25T13:47:14.087000
+CVE-2021-47180,0,1,afc9fd20c69c989d18f2e23ff0432fb8cf966ef1d2dccd25cb3768f2bf56673b,2024-03-25T13:47:14.087000
 CVE-2022-0001,0,0,eef83f8ee034200b042b5eda26b679b982266672cf1407daf8d9fbe1ba7937b5,2022-08-19T12:28:32.903000
 CVE-2022-0002,0,0,4ba989879ca817729e7cddc36d35dc20834fb13fd71d0cce189890fe2defbd53,2022-08-19T12:28:50.667000
 CVE-2022-0004,0,0,4891f62a2edc2f307dec62ec3f2089232f3fddba4652b7ef635786ed0f8a2286,2022-06-10T20:52:37.810000
@@ -202614,7 +202614,7 @@ CVE-2022-36402,0,0,cd4c9a22123dd1dbcabc45502a159c2d51f817465f3d43d0170449fd0fe63
 CVE-2022-36403,0,0,b23e3701b376a1b8970db3fd78a97ff54f78f5fda043b6d46b374f80a03f96d3,2022-09-15T20:53:13.467000
 CVE-2022-36404,0,0,0e2eada94fb8330868a51533307a14208fbb59c69f5f77c3a3b06f1f42e2931c,2023-11-07T03:49:37.777000
 CVE-2022-36405,0,0,dd89af40003666922d824ebfbee61d6cafe9c67d23000434f791f2f7216aa730,2022-08-26T04:53:54.260000
-CVE-2022-36407,0,0,5148c8a1fbaa4f1d0df72fe3d07b864c4250f04fcbeb9630d977e50a3dc4a884,2024-03-25T06:15:08.450000
+CVE-2022-36407,0,1,a682495e23304277a9e5d642503060e280eb8f32e7dc02b5d080e70fb3a42678,2024-03-25T13:47:14.087000
 CVE-2022-36408,0,0,77c0a7fa049cbc09a58ee74f84cb79a0d147e449f79f197fcae50352e11f0f79,2023-11-07T03:49:38.020000
 CVE-2022-3641,0,0,23bc0f9f7c21185dbb2069c753b0e1fe10878d73a86a27c3dfcf6ef1a5640037,2023-11-07T03:51:34.140000
 CVE-2022-36412,0,0,4c1b1901da276377c5d63bc3f01ef6aff399c6c26251d1771d2834e87643fc4b,2022-08-02T20:05:11.337000
@@ -203819,7 +203819,7 @@ CVE-2022-38051,0,0,39391a949e16f7e8ff7d6e4583226fb836711fd2e148c8c19f3022ffe8244
 CVE-2022-38053,0,0,61166011bde9f7667ddb3391d32da1cf0ed70e74bb672a8e26c8223c4c0d8fe4,2023-12-20T20:15:17.617000
 CVE-2022-38054,0,0,9b3cf5672cd9e3ce3bdf89c0267c7050c9ccba5e432f9cd59ba0d77c438e1889,2022-09-09T13:46:53.483000
 CVE-2022-38056,0,0,1875a6f54eaf2a1b9e27030f68fb8e642d8b9dd6f15bd28c9ec1cfdeaf54c477,2023-03-06T18:40:40.143000
-CVE-2022-38057,1,1,834f65f33918241ff21a5f4aa2cfd8b459b76fc229f4bea09a426897de70b1dd,2024-03-25T12:15:08.010000
+CVE-2022-38057,0,1,0e52e2a553e0769b0e42caea149174f2ad15943751dd635bfc72a4b0bcbb9f1f,2024-03-25T13:47:14.087000
 CVE-2022-38058,0,0,b0bbf17c47c54f0617a52fb4d535c3b9ee1345bd07c6b6d67bd1edce6ce32b32,2023-07-21T19:51:54.410000
 CVE-2022-38059,0,0,b38e7839fd37b3fce84a7df89b6a062709e1377f282ac18ca6820d3620b0f66f,2022-09-10T03:37:49.763000
 CVE-2022-3806,0,0,9ff27a8b69bae670f16b01d438fd4442e10b7a7f65e3389582d9a8bea3022300,2023-02-02T14:10:37.720000
@@ -208762,7 +208762,7 @@ CVE-2022-44622,0,0,dc44721ce0789c402c7a5b3d80bd4050c8545a40ca86432fa008f64dd334e
 CVE-2022-44623,0,0,675993d31f0f9762b668847ddebb2e81bcae76c9ce5badb219b34dcfa01bc461,2022-11-03T19:50:38.823000
 CVE-2022-44624,0,0,832dbd9183ae590b29b3f1d85516792fbb3a0e2364114a33353fc735be3361cf,2022-11-03T19:44:56.043000
 CVE-2022-44625,0,0,435ea56896190b5d13c874e3261a1c9d632c36abc688001065379455e0e4aa64,2023-04-21T02:26:30.193000
-CVE-2022-44626,1,1,5791541712b492e6960d72d7e6450ea8f4296fb4d852cc2a15814cafcf5abf6a,2024-03-25T12:15:08.227000
+CVE-2022-44626,0,1,ad2e7e1646321d02b253f024daa83f800f910b2a53d0ace2130ea04c3523ae94,2024-03-25T13:47:14.087000
 CVE-2022-44627,0,0,0b85fd3b611eea83df0b0770b23995bdf97aea19fe1e62bc2952a2f7487c6e6d,2022-11-04T13:06:15.823000
 CVE-2022-44628,0,0,83efca7f0b081f396cde4a8206249dc640ba1512ce58992df96775d3ee537d63,2022-11-04T15:10:02.997000
 CVE-2022-44629,0,0,e7a049bee5a2f3469dc8b884397d057a67e1269ad177ae77829257d77d21481a,2023-08-11T17:50:23.810000
@@ -209184,14 +209184,14 @@ CVE-2022-45338,0,0,bc399bac2ef3c84fe6093c601841453c2ee2a5039f3609bb49a3e44bcaedb
 CVE-2022-45343,0,0,a8429c5451609d4042fd94afde4017bc121da4e6d53d8672a6df3a770becb4b0,2023-05-27T04:15:22.513000
 CVE-2022-45347,0,0,4ebaabb200f5f45160f8578f0d6668828e08266d0b7fc1108f37e564c9a63189,2022-12-29T20:05:34.053000
 CVE-2022-45348,0,0,ddcf98fd21851c5f9626980b8a2ecdde5c52e3a032b0784272d68367601a763d,2023-11-15T02:22:44.767000
-CVE-2022-45349,1,1,3b66b55f585fc7df021aee82345844b2cac8eb561029b37ce9667dee2ea7f3b7,2024-03-25T12:15:08.503000
+CVE-2022-45349,0,1,69d72bfb480e3e64b8d4aa045f0ae80081dcacf33182cbe2365c753bf25e5474,2024-03-25T13:47:14.087000
 CVE-2022-45350,0,0,001c0b63d7cbeeb9899a017c50818e14dd2e9a846da17ce2a2d9ec9db79aa04f,2023-11-15T13:10:15.490000
-CVE-2022-45351,1,1,f71a395f2d29e0af77239041ee71d11743d5595a747ef4813483773f7d4bde84,2024-03-25T12:15:08.803000
-CVE-2022-45352,1,1,1102dbe5abeb13c58bfc0210ab9d627a86e7a5af7277b730127177959e0bf16e,2024-03-25T12:15:09.010000
+CVE-2022-45351,0,1,4bba2c6c859dd3d9584dc49686d8fbfa985446c47074b05f31f09d44ce4d377b,2024-03-25T13:47:14.087000
+CVE-2022-45352,0,1,67a0910c6639dafa142d7a5d366cc00ffbebb5c52438a2037cb9a35f944e05e7,2024-03-25T13:47:14.087000
 CVE-2022-45353,0,0,9bee8192f1afc835a90b7b3bbc0bcf87f07675e32c18608689146fd40b7bf1af,2023-11-07T03:54:41.377000
 CVE-2022-45354,0,0,81830274c88dad775e63b4491d418e7de59308ddcc798e5e8843ccecb9b1ed88,2024-01-11T19:57:20.993000
 CVE-2022-45355,0,0,6ac1fbb21e600f2efc6068b331666034be634aa9270b9fe44ecd676f0655a68a,2023-11-07T03:54:41.470000
-CVE-2022-45356,1,1,4c49fabdeef41716a6671ac4c3b93040a98e62de68dbf8e2843e41ad0f3748a5,2024-03-25T12:15:09.210000
+CVE-2022-45356,0,1,8664194e3c629b0298eb8501ade52857c221fd97f3abe91c6b290778b51a1b0a,2024-03-25T13:47:14.087000
 CVE-2022-45357,0,0,f25218f3f162788882b588f2f1855c25b71a4d3088f733021363133f0ad8c44a,2023-11-13T19:32:50.123000
 CVE-2022-45358,0,0,321bffe7e95638dd588ee88350e299889d401c72f8e697a2f7c44f28ffde2c29,2023-04-21T17:32:07.110000
 CVE-2022-45359,0,0,320505a57e130d109aec5b3bb557aa863c0be0812f74f390c203102bd370d19d,2023-11-07T03:54:41.697000
@@ -209555,7 +209555,7 @@ CVE-2022-45846,0,0,8180d177894fabd765bd35647192f753aa5e8efd68ae118429536372bad29
 CVE-2022-45848,0,0,fad62e623651689ae95e2fc4f689ac1b8448d31b314d8c49c68285751fad7661,2023-11-07T03:54:53.547000
 CVE-2022-45849,0,0,705787250de6f0b2626b38d25516ea3dba7bf004e02dd10b4c9840c8901ce7b4,2023-04-21T04:17:06.770000
 CVE-2022-4585,0,0,dfc84e49b205895cb267e11431be1f335d9b1de0cfd68ee1a905558e4e7037c6,2023-11-07T03:58:14.437000
-CVE-2022-45851,1,1,fc605ee0797ad99bb45de35823a998bec630688150f05908c85f21b73ef032f7,2024-03-25T12:15:09.520000
+CVE-2022-45851,0,1,80078b09ee2a9eebdd034cc3ededb281f2a77de1b2547697f076a70ddfde8399,2024-03-25T13:47:14.087000
 CVE-2022-45853,0,0,fc8f66497a5aebf5a2d6a755374803f0af75997c59314b93674e665f98c4d020,2023-06-06T21:08:54.183000
 CVE-2022-45854,0,0,c0c991c3df2ed583f17ab83c166d3e6296ee3bf7d8d6af1cce15d8ec9c943587,2023-12-29T07:15:10.010000
 CVE-2022-45855,0,0,5cdca6b719b764ef537b9eac6c391b7ed63cba5fb7949dc2e039f51246d9ad85,2023-07-20T01:19:07.767000
@@ -215758,7 +215758,7 @@ CVE-2023-22694,0,0,0425d60ad3bd1573eb18ed785244f1e5a2b12f44accc09f5c53fbffc68bab
 CVE-2023-22695,0,0,cf481a75174e37d20ad7b0c7e31e7cc63edcdf9611a56f7692bbd3df17f0220b,2023-07-12T23:33:53.107000
 CVE-2023-22696,0,0,95bca6947a25a61c550f8c55e56adb15c67543d3b3f4c78f74f1151a1f2edee8,2023-05-16T21:25:22.240000
 CVE-2023-22698,0,0,e68e3eff8adeff9f8fae56dd98d7079318db6769ee3e0dbb68b34a1ac7a79c78,2023-04-28T03:44:28.200000
-CVE-2023-22699,1,1,caf0ec9c496314a2e9e2ae99560cfbf5289bec3ec74cabd4e47bcc26d8cfaee7,2024-03-25T12:15:09.740000
+CVE-2023-22699,0,1,f8d40b37db294869653e83587c3ad83404352654fccf59bf92a70bbf5832eaa8,2024-03-25T13:47:14.087000
 CVE-2023-2270,0,0,484771878d8e8782d3270464f6e783ed03c811f103e548b12d29f8123d86f325,2023-06-30T00:08:10.847000
 CVE-2023-22700,0,0,96cbb6146da4bcb8dc1b95326488c6a69789d1d416d9a460042b246094f2b823,2023-11-07T04:07:15.027000
 CVE-2023-22702,0,0,eb1dc233e415be72b8fb212904473754e26075d713815e9c352da204dc47ccdf,2023-11-07T04:07:15.113000
@@ -217548,7 +217548,7 @@ CVE-2023-25033,0,0,f4de5bbb473f2eaa720015ae591abe2c0cbe5606c663994f4400beb3cb66b
 CVE-2023-25034,0,0,68e7b508704a7da2d67b5b4a3572d5d54e269aa3009260f7f1d5f7cd5da147ec,2023-06-01T15:23:00.853000
 CVE-2023-25036,0,0,75e2db2b5c1a53171724fc65abc3e2523989b7934e226225b643ac92b8785572,2023-07-26T00:31:35.797000
 CVE-2023-25038,0,0,f35ac6d1df24c8f6db9ad8e12dcd2327ef5b52f3df45672acceb49c5e84f3120,2023-06-01T15:23:33.407000
-CVE-2023-25039,1,1,532c859ee8b3652fff329b83dfb27d7ad35da5779298a508bfb53ccb96ecbd3e,2024-03-25T12:15:10.027000
+CVE-2023-25039,0,1,b1a5616ba3dd7b8c81f3e7f2090868ff84f282d78a41998c23f72a95d20399e3,2024-03-25T13:47:14.087000
 CVE-2023-2504,0,0,541c247c67b942c437e88bcbdb608ca68500864f9322acf534baf8687b341709,2023-05-31T14:07:28.177000
 CVE-2023-25040,0,0,7478d76b5f70c1616b71b3fa2572efebaceb238ea1619cce68294599908165f7,2023-11-07T04:08:48.720000
 CVE-2023-25041,0,0,1857972ea5180e9133fdda565774ba56f3ecd547dc5ae13932333135065e607f,2023-11-07T04:08:48.790000
@@ -219470,7 +219470,7 @@ CVE-2023-27603,0,0,fe3bc0c1ac45dd7a42228215c241ed70be535c184fac7a7dd1e2add3ac99b
 CVE-2023-27604,0,0,3858a72c8fcc9cb75777bdd76bc7f6286327cf694bca0a9feb0539a4e637062e,2023-09-01T17:11:03.007000
 CVE-2023-27605,0,0,94edbe7a0b48bd092aaf1666520540071a63c73b91c8b76dd0b88487a78befc1,2023-11-10T04:20:00.893000
 CVE-2023-27606,0,0,30235a67c2a712c8fd0803d38a7257beaf0ef84b3c2088caade759d6a478aa8a,2023-07-26T01:18:52.087000
-CVE-2023-27608,1,1,2ef73bdd9be9fd5897bb7f4b5f8e13023d749337eb3f212b6477e8726a98be9d,2024-03-25T12:15:10.287000
+CVE-2023-27608,0,1,3b36fea647d7a4d8a7f73784a7fa34ddda249e92fa881401335ecd816fda53da,2024-03-25T13:47:14.087000
 CVE-2023-2761,0,0,fbcf7ac8468f75f3dfa3f4e2e63b95bb6af7b8fb5619b2e659b6fe57cacf7480,2023-11-07T04:13:16.437000
 CVE-2023-27610,0,0,b01ada77b54956c5d30c9fd3f0f711e30602f0b3a21e8a0882098033c43faeba,2023-04-25T19:50:17.680000
 CVE-2023-27611,0,0,bea86a9ad28a065fff6d4c1d08209f3eb78134b36cfd4f78d7c9830c771875fe,2023-11-17T19:50:57.180000
@@ -221652,7 +221652,7 @@ CVE-2023-30475,0,0,bede67a2c91720beed8fdee408ab00ccdaa474afdec47f5ef2be36acef19f
 CVE-2023-30477,0,0,d69eddef72f68ba8e96f1147007db3251159080847d2994901f2012e00e63410,2023-08-18T20:22:15.393000
 CVE-2023-30478,0,0,d1e23df19c34137c76f4da4568d0fb41f5d42a1452f991214d1257568d9f2cc3,2023-11-15T18:57:55.753000
 CVE-2023-3048,0,0,a4db9701395612acd25a3b55fcd8b02353d9b652beb9321c7ada48f18c5f5932,2023-08-02T16:43:11.387000
-CVE-2023-30480,0,0,c2079ddddf4ee066adcffd16d0843e452cb22416a93df97620edaeef8a6d68a3,2024-03-25T05:15:49.560000
+CVE-2023-30480,0,1,347ab21ae80de10b5773df08d2410e1cbe6049e82cbd999e2029b510d0ceb4a2,2024-03-25T13:47:14.087000
 CVE-2023-30481,0,0,48371dc2b2c1067521267da0eb023c332294e730329799382e90d38afca35c2d,2023-08-15T19:46:50.283000
 CVE-2023-30482,0,0,4d5e027d79ec412574cb492d02ae457987815db6915cd2a5cbebf0a3a3ce6e9e,2023-08-10T03:49:54.720000
 CVE-2023-30483,0,0,c2a086f804a35279adb7d8b0778bf2f406d19ac60340b0f60b94ac68cbce489d,2023-08-18T20:15:34.683000
@@ -224257,7 +224257,7 @@ CVE-2023-33919,0,0,a9848999533d2672cf87d3c4c4079309b912a451f0227589f7eee4d64b842
 CVE-2023-3392,0,0,ccfc4d3cb4472586b1ef254d78c33838614fd17466a3724a7a63ce97644d334e,2023-11-07T04:18:40.383000
 CVE-2023-33920,0,0,071e18d64554b17ef528a1999d536c21732eff3e8fb740e75f8fbffe97efb5e9,2023-07-11T18:15:16.023000
 CVE-2023-33921,0,0,07b7199a0555d54698c588bd945cb4f829d2d6b7fec6496985dc3dcb69d6ae56,2023-07-11T18:15:16.093000
-CVE-2023-33923,0,0,b92b957e2b62b052a7c311bb905dc09954f7f7d12ffe1b7a95ff8969fbd6d9b1,2024-03-25T05:15:49.837000
+CVE-2023-33923,0,1,87491f14180ff1d0de16737c8ccc27a8692dee7770febbceaa74763074498c1b,2024-03-25T13:47:14.087000
 CVE-2023-33924,0,0,a5b0e676ebd31ef3759fb5a3e9911dccf1478b72362d03c97080af175c5d809e,2023-11-10T04:20:06.593000
 CVE-2023-33925,0,0,c42f81d1bfad7e419d5046a47d2374921aa1062d71184ab920b23bb409c96e83,2023-07-31T18:01:18.173000
 CVE-2023-33926,0,0,95717b1510de11119d7fa549f015717a62c4a2bbf02b810120ef1f15efe909df,2023-06-02T18:26:01.523000
@@ -226834,8 +226834,8 @@ CVE-2023-37878,0,0,a4e2dd25e5ad38362ce3c7ca2fadd6a34e46a583d8effe15f39a8e4940cc2
 CVE-2023-37879,0,0,86a6b1d7f1883978cc3843188177d7095a18e85ad53048709b6086a535dbcb1b,2023-09-15T00:06:08.927000
 CVE-2023-3788,0,0,64b17acd86ba20962723ca38459ac85ae05d9a4bc05498414f2ac23ea1d248ca,2024-03-21T02:48:44.010000
 CVE-2023-37881,0,0,cae5463150498c44ff45f37dfb9aec390e167b85ed45c649b785adeb9f246f28,2023-09-15T00:08:18.483000
-CVE-2023-37885,0,0,8c18fc662fd47a0c5b69346414f53d13a1320293746ad89f32f34d6415d2ec34,2024-03-25T05:15:50.047000
-CVE-2023-37886,0,0,0b3a8cf0504874e28105a751162dc874d4b2cc9fcfca9855e9fa7c4b8227e937,2024-03-25T05:15:50.237000
+CVE-2023-37885,0,1,fa4255c3d887d04eb743ccedc55ac7712466807c3d81b7745d9477f576604499,2024-03-25T13:47:14.087000
+CVE-2023-37886,0,1,203d63779828aebf57a051a984eff11264714624e5724a3709bdc3c6574dc051,2024-03-25T13:47:14.087000
 CVE-2023-37889,0,0,f5527f12ff3bf5c9caaf1af08dd16b1e9b339cca1532a9dd3526c4eb618bb68f,2023-07-26T03:25:27.417000
 CVE-2023-3789,0,0,248c83f140a25d7bb13d63447a5f18ec0fc3bec745f2e8da0bfc64a4853b0239,2024-03-21T02:48:44.113000
 CVE-2023-37890,0,0,7512e2aff79e6402f50d8746713563b06b9c0fd4adca4ea3e413d786e8378cae,2023-12-06T00:40:24.507000
@@ -235846,7 +235846,7 @@ CVE-2023-52152,0,0,e56fa2d2c1e141f8041fc8c88a612bb4ba95742ec4640f573ab4ba7b04743
 CVE-2023-52153,0,0,0c2ecbcd7f13f6c7a2e779421c57cd39c3bb12a281b05ae9cded4398a2a9234b,2024-02-22T19:07:27.197000
 CVE-2023-52154,0,0,4fcc7827557b88433f869eead3b4c25d57fe62a3f5aad2c73cc5b9f30781be75,2024-02-22T19:07:27.197000
 CVE-2023-52155,0,0,2d124c7a3937e95fe09338bcde4297ee381aa5672d319a6218dc245e972781e4,2024-02-22T19:07:27.197000
-CVE-2023-52159,0,0,bf255e378f9b666383496e609984d7412256d835b7aea05fa60df8bfc8b578fa,2024-03-18T12:38:25.490000
+CVE-2023-52159,0,1,9bf34263569cd9396d2193ed479c2125f1050e109a79c5640609380e6e4e5cf8,2024-03-25T14:15:09.267000
 CVE-2023-52160,0,0,26d003b98163e2d30bad3b1985c8060a1ba805b634cf011a494792cd39c5f541,2024-03-10T04:15:06.897000
 CVE-2023-52161,0,0,4de9257ef3be21964b4728d6cd7db6e1764586b6317dd49dcb16510f88bf11fe,2024-03-23T03:15:10.210000
 CVE-2023-5217,0,0,eb72b7bf45cf830e8dfea06ca9df4012d36de44c17fe08c39232c1c398d1ba15,2024-02-15T02:00:01.650000
@@ -238737,8 +238737,8 @@ CVE-2024-1224,0,0,f5377a59802b4c28898eed36128680d24ab17fb508c502610abb50cb4d44c2
 CVE-2024-1225,0,0,782854c0420f5e0e86e0a815755aa2af6a726af9238c63403507a49ecc6170c7,2024-03-21T02:51:38.897000
 CVE-2024-1226,0,0,866d071ad8625704064a7fde58b7b8a2a90c5873a4eb7f372776142f1a28cf32,2024-03-12T16:02:33.900000
 CVE-2024-1227,0,0,64f5d4ef0a213262037d71235b7e71294b2ff46719cfe02f58025fc218002443,2024-03-12T16:02:33.900000
-CVE-2024-1231,0,0,4d41f9fca07700fdbb980bab0efac8e1b3cf28de57e31ff6017ec59ed0f3eaed,2024-03-25T05:15:50.443000
-CVE-2024-1232,0,0,918b67ffe3a05b409567babf04596ed5220d1ebdf16fba693b491d41e998bb86,2024-03-25T05:15:50.507000
+CVE-2024-1231,0,1,3fff2a2694f3a2890eda32488c438fe0ab80785883b0aefb67199c2eabc0d967,2024-03-25T13:47:14.087000
+CVE-2024-1232,0,1,81ffaff2fe8cf56a0d46a46e2b9143fea880c36e9a04adedcc45af5366b69d08,2024-03-25T13:47:14.087000
 CVE-2024-1234,0,0,45df76259910e35fabad8b84114cbc9dc54b79b27a3f5264b87abe65e748e621,2024-03-13T18:16:18.563000
 CVE-2024-1235,0,0,bd3111aea128fd790d8e4dcd61b3806ac7cc01e876f9c218beaf77957a9d5d7b,2024-02-29T13:49:29.390000
 CVE-2024-1236,0,0,7018028a282921e4202e93cd9b915a62e29eb4b99c0b29d7f7e92ea4f0c33ed4,2024-02-29T13:49:29.390000
@@ -238962,7 +238962,7 @@ CVE-2024-1557,0,0,1a67b418493f32bc82813fc6466eac54c34c0ed438e8d0106cabd8849aa7af
 CVE-2024-1559,0,0,7267a9d4f0fdc8e6beebb6576542d2139b43547409ac8db00ae3f081eb5efbe3,2024-02-20T19:50:53.960000
 CVE-2024-1562,0,0,19bad0af1c61f457a105e66f4eeb0fde8d2d444a29c6c496b32c177adc1d4546,2024-02-22T19:07:37.840000
 CVE-2024-1563,0,0,0241fa84566eee793d442fcc075b8fab13af42dc4517b770b4a50442b28ad077,2024-02-22T19:07:27.197000
-CVE-2024-1564,0,0,58e9c7ced7ae4a2ee1ba45d52b164236575ad4f340d6ccea97c854340eabcdcb,2024-03-25T05:15:50.557000
+CVE-2024-1564,0,1,84875cf797fa64328b336ae33772e46886c72657e3c983b9d184a2a3d50ffd3e,2024-03-25T13:47:14.087000
 CVE-2024-1566,0,0,fae18125d42af6480c1fb49e1e6428a52d2bf4f1074f21a5dfe482b2c8d87086,2024-02-28T14:06:45.783000
 CVE-2024-1568,0,0,03adf0f94bdba0662cb278cdaa3b54a5cd3ae08b3ef89a1e89169605096fa6c9,2024-02-28T14:06:45.783000
 CVE-2024-1570,0,0,fa96633d08cf4f7a9a083fffefdd325991610013e77e1890328cb3b85d75e300,2024-02-29T13:49:29.390000
@@ -239181,7 +239181,7 @@ CVE-2024-1951,0,0,6f53c63bb13d7d4b26a6ea73367658c4321e9a09c9e4edd0413bbd0b446722
 CVE-2024-1952,0,0,77b1cce9f18d790f2100b6f0712fc82626f15c16d8f6388b079b51c3d9093920,2024-02-29T13:49:29.390000
 CVE-2024-1953,0,0,b2843cd4a818ab7c1fbc9e58e5576ea1803047be6869535b4657953931e2b5f3,2024-02-29T13:49:29.390000
 CVE-2024-1954,0,0,c10d0b9f29284ab216e31016c86a480f8df3290b94c5a722b2056c973f10467f,2024-02-28T14:06:45.783000
-CVE-2024-1962,0,0,64a3f9034c897b34c19e2a78a3b85984a52878fd4ccd032e900f3461ad394496,2024-03-25T05:15:50.610000
+CVE-2024-1962,0,1,8c71ccd644902c0f670c27728543c4472e05aeb359cd7fb7b0615991cb743fd6,2024-03-25T13:47:14.087000
 CVE-2024-1965,0,0,53b8948dc1992d8ed8a6fb1de9b8b2c61bce73181655f1de36932a04b4a837af,2024-02-28T14:06:45.783000
 CVE-2024-1970,0,0,39fa0035c7ed860f094608be440d277527e52ee84a277da973b7d8bb611f3d74,2024-03-21T02:51:49.893000
 CVE-2024-1971,0,0,c720c5130c723fdef5c778fd61fbd06c8a83fec33b47a060c56fb7b16a106079,2024-03-21T02:51:49.963000
@@ -239703,7 +239703,7 @@ CVE-2024-21501,0,0,130609650a6eb4f8bc8998fc23ffe06266af91576d81d0c32d1798485b0b5
 CVE-2024-21502,0,0,253b7cd8cd65099448332976329a521bac2b28af5e046192a7c42ab6af135b17,2024-02-26T13:42:22.567000
 CVE-2024-21503,0,0,dbde89ae4e130de7b3da2486efecec01760e430d7d72c91a7a50092dd8618341,2024-03-19T13:26:46
 CVE-2024-21504,0,0,49e3dd2437933564763de1c9017a71fc9b864133b3b4959dcdb8b06a9a352074,2024-03-19T13:26:46
-CVE-2024-21505,0,0,4afab2e976f2ce57ce2eb9528bd4ba52c077538276568a58f5fd28dcc335d0fc,2024-03-25T05:15:50.663000
+CVE-2024-21505,0,1,790ab171c9e46ac93718d1bb5680fe990f4ed1edc4d489f5e4dab09077e05267,2024-03-25T13:47:14.087000
 CVE-2024-2151,0,0,b4c520dc443e979972b095e4f9ba09bde57052966660eb00e8c0aa2b1c9ade1e,2024-03-21T02:52:29.870000
 CVE-2024-2152,0,0,4bfe3f7bc14699b421a7a0f9bc85962ffd34e6a6e1d85163131b69474bba96fa,2024-03-21T02:52:29.957000
 CVE-2024-2153,0,0,02428874b3ffc5fe05eea22cff6ad69d459851968493521d82646fa179e8ec97,2024-03-21T02:52:30.037000
@@ -239855,7 +239855,7 @@ CVE-2024-21851,0,0,854dd5d2aabc832591989b715d43ec08aeafe79b0e7fb2b7b8e58485d7298
 CVE-2024-21852,0,0,3082fd3c592fa6da1ceb030e60633f5be1a3b7d2adb2434a27465175a4927608,2024-02-07T17:15:05.653000
 CVE-2024-21860,0,0,9745cb77a8de410a197a8548750acfeec47533851fdeac14642298bec1ba6b31,2024-02-07T18:23:16.470000
 CVE-2024-21863,0,0,271dac2898e305fa77d04d20ca85b0dae0a5a0857bbfa85084510f677962f58a,2024-02-07T18:23:11.090000
-CVE-2024-21865,0,0,2f2622d937cd3f4b9a326ddda21e037e6d107826db1dda91aca406c7d12fb4cc,2024-03-25T05:15:50.863000
+CVE-2024-21865,0,1,7a0c150742a363fb7b1bfb201c6089eca71d87169fcff3d08a3aee9d2d9b45ea,2024-03-25T13:47:14.087000
 CVE-2024-21866,0,0,e7c03b05e2d3f94b4b523aca377b349190d980e16c741cbf713751bf3c07dcf0,2024-02-07T17:27:52.793000
 CVE-2024-21869,0,0,48ec62155fd9a810461dcd57893eff3c63fc7d7992b6dd94f9f3d8f38382a25c,2024-02-07T17:29:50.927000
 CVE-2024-21875,0,0,8d4925e22ef735a1eb9bad6264e6f33c2cafe0b7aaba00ae03cfb62fe8c61764,2024-02-11T22:29:15.837000
@@ -241141,10 +241141,10 @@ CVE-2024-24886,0,0,040a0013f85a73849a5e9e87e8cb23eb11fbc2fee3776455c71d53478d5c4
 CVE-2024-24887,0,0,51bb971aeec0ed957f12ca5afaba185f88497169dd14d4b58764bb6f0fa78b3d,2024-02-12T14:19:54.330000
 CVE-2024-24889,0,0,160e344fd60146726ab8e77aa791f12196b0392022f8c6908394fea561203d9c,2024-02-12T14:20:03.287000
 CVE-2024-2489,0,0,4e95d905ea6a2ba11bd976b813a231317b98c2c6b26ce46b50db8b2fdc95b690,2024-03-21T02:52:35.283000
-CVE-2024-24890,0,0,cf108f6725cae53ea976bc105afe548a956ccbbb900bae2ac49151d5d7b6f8ca,2024-03-25T07:15:49.903000
-CVE-2024-24892,0,0,4a314bb05c52cb75e4d02b171f1f7a1cc53f7b8abe877cc0cc83b63cbb11bccd,2024-03-25T07:15:50.133000
-CVE-2024-24897,0,0,1a765c0027fc9c758a6d3d7578ba413c8aec7f468cc43997a24903c135975718,2024-03-25T07:15:50.350000
-CVE-2024-24899,0,0,e332ca0c21f1e94209fd7d1d405d8ce17ac0752509fd4e99c38f63014690f6c0,2024-03-25T07:15:50.560000
+CVE-2024-24890,0,1,476cd77466eb47d427e638860bf0112b952ffdf5be73565687494243bfb94415,2024-03-25T13:47:14.087000
+CVE-2024-24892,0,1,e3df7d8086cf077400503ee3febd179700dd55abddaf1f2aed03d8c728d62974,2024-03-25T13:47:14.087000
+CVE-2024-24897,0,1,a16b4f7aca38d40ccfb500ada0dacc535162c46a570f0990a1d14319a13e4a55,2024-03-25T13:47:14.087000
+CVE-2024-24899,0,1,6fbc4151d83a12edbae06afd3aac16f11a6c1a7b16646074811417dd7b55e116,2024-03-25T13:47:14.087000
 CVE-2024-2490,0,0,6c9ff046c7763e5eca53e65a9a43d2b6fd8f4493fbf8865df9ee92a746089b81,2024-03-21T02:52:35.380000
 CVE-2024-24900,0,0,78084b8a525a74146f1a3d21441f9130184d0ec88af68fc99068c40e48da1545,2024-03-01T14:04:04.827000
 CVE-2024-24901,0,0,9e041e0c5e68c2bedc98b95ae11c81b17f7982f78f6dd79805adbe04641e3e86,2024-03-04T15:35:25.673000
@@ -241189,6 +241189,7 @@ CVE-2024-24989,0,0,39be90963d0952b8475635420a2f64ca0893f9b2941aa846029d2a39bd57b
 CVE-2024-24990,0,0,f549c5a0bfcab6df0ca6e0a5d66e4c65b77814eac3b9adbe63217da37b030524,2024-02-14T18:04:45.380000
 CVE-2024-2500,0,0,f5c841f144cdfe7169c1d4e3da08b5dd9b9f87140741671656f61d60bd0ec54e,2024-03-22T12:45:36.130000
 CVE-2024-25001,0,0,c1f11a8c76d43265d10cf34f1d6db6525f3220be11629d1b39a2f52375286f02,2024-02-02T09:15:37.527000
+CVE-2024-25002,1,1,8f2188f14fbb58b8fb7f6008ebe89e3aee123603c7484600efa38f30517f50c5,2024-03-25T14:15:09.343000
 CVE-2024-25003,0,0,81fc44567692de3ff8c7fc733c0c0e2d235894df02bbd6e47e58282e052331c4,2024-02-14T20:15:45.910000
 CVE-2024-25004,0,0,7a3e97355ce2dbcf95cced55d21b2139e157cf3c2ca72e6e2fce6c561e1f0059,2024-02-14T20:15:45.980000
 CVE-2024-25006,0,0,c414b5ce0a5aca9d12e72e07e5e6c8a1c9166fcb862e4319cd46e89cdea2dabd,2024-02-29T13:49:29.390000
@@ -241605,7 +241606,7 @@ CVE-2024-25942,0,0,f61fbc9a4d226989af6c7dbccbce6eac1bf08e9ecba7753f027f3c66eedf1
 CVE-2024-2595,0,0,2deb54d18ba7636df2c2b5e2f14f094eeefaa5b876ae68e9d3b6166f648310d6,2024-03-18T19:40:00.173000
 CVE-2024-25951,0,0,4cab9db546da1535e7f7aa83987aad28b8aa7aeb3328d636aa2cd78c27a2b2c1,2024-03-11T01:32:39.697000
 CVE-2024-2596,0,0,978865da9be9e1fb873a9c434a053f33d1f0c5219abdf12becebd1212242ea79,2024-03-18T19:40:00.173000
-CVE-2024-25964,0,0,c5c783693b15a02e31c22d8d68955a964bebe70921cf8eb09522465b28e29d07,2024-03-25T09:15:09.477000
+CVE-2024-25964,0,1,b5ec0f6d98c78318f65547134d8b33b81ca3c6769a2c110d8679aa993806ef56,2024-03-25T13:47:14.087000
 CVE-2024-2597,0,0,822c3604000d58768ff79975222ee5716f9ff927beed042444c7c308ac1b28bf,2024-03-18T19:40:00.173000
 CVE-2024-25972,0,0,03be68c424c2117dfe63b169d17d7f8ada85eec42d35f349ee6876cb9f658b31,2024-03-01T14:04:04.827000
 CVE-2024-25973,0,0,fca2cd3fc869e318a8dbf83dd06094ef0c34286b7d421da7c64a9a5612af38b9,2024-02-21T07:15:58.040000
@@ -242221,7 +242222,7 @@ CVE-2024-27998,0,0,325b1a8419d02931fcb08c1286afe5c33e53c5bf8527e201a365155e36091
 CVE-2024-28029,0,0,781afd937b61df54fd314f4ba8460c1b1f1017ea2f6e7c3cf626f19494a3effc,2024-03-22T12:45:36.130000
 CVE-2024-28039,0,0,9ef35c96ff38e007b2fd4f37c3f1f5b6d35461c4eaa69f2b36faccd438b26411,2024-03-18T12:38:25.490000
 CVE-2024-28040,0,0,92dbc878ad6b57fc9235f8005b7929f517428204d8ea6a98b01d4757cc97218d,2024-03-22T12:45:36.130000
-CVE-2024-28041,0,0,59807976102f13a9003096ac2fc2808996648454b902aebc5b12eeccd01d28c5,2024-03-25T04:15:08.880000
+CVE-2024-28041,0,1,4d284a807f7da2d3fcf5f7c7ae19f2272c31bf9662bccbca7ea6b863e800e974,2024-03-25T13:47:14.087000
 CVE-2024-28045,0,0,f398328ae0e32872e31247004b322ba0fa2d2bf6f860a8ec81e7f59b3326d256,2024-03-22T12:45:36.130000
 CVE-2024-2805,0,0,fa896267355e8bee60ef45369bdd61a50def95efdfa5e824724b711a08ae74dc,2024-03-22T12:45:36.130000
 CVE-2024-28053,0,0,e281ed045d826247c32c0ccef204d2c431b80f755e75c928bfd444d7e8497772,2024-03-15T12:53:06.423000
@@ -242347,11 +242348,14 @@ CVE-2024-28340,0,0,89775fa07d73d115a7392603111ecb04f65799be74b8d41063e67ed0eb97d
 CVE-2024-28353,0,0,775baedd795797f490e1b1e6993861f73b147b03ab9192dc45c3991e71d0561e,2024-03-15T12:53:06.423000
 CVE-2024-28354,0,0,74fe43ef76c1dcca1e1b1c82fba189337e4897b537fbb6f698402ef41ffa3ffa,2024-03-15T12:53:06.423000
 CVE-2024-28383,0,0,4ebb5b688ac785b11132be45898bb9d7934c49dcd0ae78bf745a27cbe4cf3c09,2024-03-14T14:21:20.217000
+CVE-2024-28386,1,1,19fb35bf4ebe7684e4835743e9a4c0cc394f0a3b3b94345c7f223712594bce3c,2024-03-25T14:15:09.553000
+CVE-2024-28387,1,1,b96a41d5c87236e0eb87b4e46691790deec449480d3f932093f4739777929fc1,2024-03-25T14:15:09.613000
 CVE-2024-28388,0,0,f20800f07aee245fbf5408ead00cec9bf5c1f6fde0c58ac0833a4f3740a134d7,2024-03-14T12:52:09.877000
 CVE-2024-28389,0,0,9eaf1124ddb0a3a3ae80c77d4aefc621f6554d40eb2d1ace25ea97ab3160fa23,2024-03-20T13:00:16.367000
 CVE-2024-28390,0,0,c59fe44ce5898e034e8253a1c3bd017a5eae7c1708d584b45d3cdcaf6b6ab3d0,2024-03-14T12:52:09.877000
 CVE-2024-28391,0,0,b1444c24f7ecf1ab52e2ae0fbb735e6665eab4acbe77c214aa4859db21cb1963,2024-03-14T12:52:09.877000
 CVE-2024-28392,0,0,5824697cb412e64caabb20f46b93c113a811b02735a0ef2ece011572dc931f0d,2024-03-20T17:18:26.603000
+CVE-2024-28393,1,1,d546e1f0f1a4d5b6b553be6cd9731109395d77579d783cc516c764d30ae02be6,2024-03-25T14:15:09.663000
 CVE-2024-28394,0,0,7b7c71f70fc86e156ee622c2aab05b674f709564f0b4dba84356298515e5d39a,2024-03-20T13:00:16.367000
 CVE-2024-28395,0,0,450e393563212755ca94eeada3a489d2f9d03e64b597e236d80dc99d860cbbe2,2024-03-20T17:18:26.603000
 CVE-2024-28396,0,0,e2e5ec394ca570d1a0e7ca873049e09f9ea87c9a858dde784a7ae9cd510f7e8a,2024-03-20T17:18:26.603000
@@ -242367,6 +242371,8 @@ CVE-2024-28429,0,0,caaa64487b84149266e9e941a72e13f93e6070c94b1fe7355fb56db4eb5b2
 CVE-2024-28430,0,0,bf34fb49e742ebf9176808c1e05b7467ed1662a29a5c18afe29f976454928e37,2024-03-13T14:28:45.217000
 CVE-2024-28431,0,0,148c6be422e12f315897bdd57f5208c74e8137e452c7019eafe29f97f527c418,2024-03-13T14:28:45.217000
 CVE-2024-28432,0,0,4bc8c3df18623e8712ef966fb24c80f6754436b2eb6a0c14d5d3c56f5a161090,2024-03-13T14:28:45.217000
+CVE-2024-28434,1,1,96acd8898e6f1447b7e441c10fdfd6a843b93873c0b29f594249f8c794346b53,2024-03-25T14:15:09.720000
+CVE-2024-28435,1,1,f8a6d96c1761c6f3476b99df2b689b204e1c6bb99f5c660c36fed0db8ff85a3e,2024-03-25T14:15:09.767000
 CVE-2024-28441,0,0,5f38f329aa34d3551b4435a62b00ae0d72806d981cac257e26fcd8895c19c6be,2024-03-22T12:45:36.130000
 CVE-2024-28446,0,0,e3b0d814ee24ce9a2740eda808696f714c3071d6722fa7bd76f62923d12a194d,2024-03-19T13:26:46
 CVE-2024-28447,0,0,729795bf39bd106c71b5b798b10fa8f526cc5d6a6eb2785b0edfa8459a535a4c,2024-03-19T13:26:46
@@ -242384,7 +242390,7 @@ CVE-2024-2855,0,0,9367a2be041d1875b4d6e12e2ab98f96faac0e6a784b61ad3f549bbfd82c99
 CVE-2024-28550,0,0,55b413fc03c0e6dbaa5c4b6ccf0c8e244ea995bce860e043c8086ce78f470aae,2024-03-18T19:40:00.173000
 CVE-2024-28553,0,0,f74a5d2edd657e610cfc2b884ed1530d128afd106cc0a285c1f4868830f65cd2,2024-03-21T20:58:52.357000
 CVE-2024-28559,0,0,0614f972b1018fef175a5be020062e1808da1307fa27e18c6ccd6df48da36c98,2024-03-22T12:45:36.130000
-CVE-2024-2856,0,0,eddb91758210745f9e3e2638fe1d3c81f9569ee968d9555928a7ef439550b2a8,2024-03-25T01:51:01.223000
+CVE-2024-2856,0,1,cb00da3fb9254af6bbe6b18cd7c33f437a2aab591db3f2f27b5ac1ec1c4d9927,2024-03-25T13:15:48.683000
 CVE-2024-28560,0,0,71f09d4b510ed852efc3bf9ad75f579a4bfcb9f31e97c96f2bbf400031737ddc,2024-03-22T12:45:36.130000
 CVE-2024-28562,0,0,91433a4c4f462713402770533ad7f25e56b67cc00fab70587df3692124b0273d,2024-03-20T13:00:16.367000
 CVE-2024-28563,0,0,a656ef0aa8710291541ea7c711ec135274e970f2c247f821eefbeaee78f8b4d1,2024-03-20T13:00:16.367000
@@ -242411,13 +242417,14 @@ CVE-2024-28583,0,0,7f3ab6d4f4ab97c0265937ef4d115a2fa3e5739f0ab5531555f42d21c39d5
 CVE-2024-28584,0,0,30acc0576141383424b25d4ae09660ec9df2b394d12270056a0fa465700d0ad8,2024-03-20T13:00:16.367000
 CVE-2024-28593,0,0,3589e0bd6bcc642b0735aaa1e50dd022f336ec4dcb26e9d3f97bf8fabcebcecc,2024-03-22T15:34:43.663000
 CVE-2024-28595,0,0,ef113c40b1e587c7577ee3cf38a094a31c4af04143b7a8e19edb798f98163070,2024-03-20T13:00:16.367000
-CVE-2024-2862,0,0,8b2c408a899b9f16e8fbf1f1249d39bdbb2f8c2017988e5121158c8237c20be4,2024-03-25T07:15:50.807000
+CVE-2024-2862,0,1,a714f5e8cb944f65576648fcdb042cca021906895d812cc8cb0301d4fdfba94b,2024-03-25T13:47:14.087000
 CVE-2024-28623,0,0,81bda7f177219bd08e3dc69b11f4157e89434624cca7692be3ee54e609ec67e1,2024-03-13T12:33:51.697000
-CVE-2024-2863,0,0,db6741b04f903da44f9cc12a6814fefba2a59ca81a944ffead42a7fd4848bdd0,2024-03-25T07:15:51.030000
+CVE-2024-2863,0,1,a0abc0f7c14521978f0dc43ba564a7b82984dfb54a3b3c1d89a63d2a160daf96,2024-03-25T13:47:14.087000
 CVE-2024-28635,0,0,d3f3d3690d01bcfc91eb9dfdfd9a92b03dff519910b05913325a10a9c4021eed,2024-03-21T12:58:51.093000
 CVE-2024-28639,0,0,65b6cc24aec9a674f46be0a6c94505e2c7d05841a4bfe3502d5fda7aeef1bb10,2024-03-17T22:38:29.433000
-CVE-2024-2864,1,1,6949e8d71d9cb7d21793711dd9b54e052c902a146a5c40596b58e0b64d90948b,2024-03-25T11:15:45.353000
+CVE-2024-2864,0,1,1aedd87fc58891bfced0cf84913cc38a985cc16fc422e05e5d28bea02686210b,2024-03-25T13:47:14.087000
 CVE-2024-28640,0,0,4638853aab609ad18ecf14a253484e06d3dd9c01ac64e17450313f99da2ea4d6,2024-03-17T22:38:29.433000
+CVE-2024-2865,1,1,5eedef41337dc4e95df84cc0ac6cfd4f706c012cc4ed091279277e9779ac12e2,2024-03-25T14:15:09.820000
 CVE-2024-28662,0,0,69ece6d6842931df6f24b49f57aa09e3d2ee5159729500803e8b5fa3837da086,2024-03-14T12:52:16.723000
 CVE-2024-28665,0,0,15ff1802f077648abfb71685745562ccf344af547e52cbd5425e81cbe36cae7e,2024-03-13T14:28:45.217000
 CVE-2024-28666,0,0,5e800cca159186be28f29e1824df7439f0dc92c267c794010b9aa154f3d0c123,2024-03-13T14:28:45.217000
@@ -242468,7 +242475,7 @@ CVE-2024-28865,0,0,346bb195552b29118071ab302fbe331daaaa3a5da7b31ab976886613f922d
 CVE-2024-28868,0,0,4e3489f3c96f97bc271ff7282115c7f5d25e2aa392efe0c1c5842c72ee9986bf,2024-03-21T12:58:51.093000
 CVE-2024-28891,0,0,0aa614d18123b6bc2c76e9c8b5d356a2e7d71bba766bbf9db36fdc818df4c91d,2024-03-22T12:45:36.130000
 CVE-2024-28916,0,0,3588de3801d3f24953276fa6b57f2d684fb38fc8b3ed3ad7d8613e127e6022b7,2024-03-21T12:58:51.093000
-CVE-2024-29009,0,0,c4f75cedb8d2d860f5dc600206428b0b7e7e2af0fbdcd17c8c19cb3292d4f4de,2024-03-25T05:15:50.913000
+CVE-2024-29009,0,1,e428945e790b35d2116d11f320908f919961bf6f75e41d300d21cf55f5bcc19c,2024-03-25T13:47:14.087000
 CVE-2024-29018,0,0,996b521b7d9365d8d41596984cc4ea0a166d70f0fc41d183b4857a8a3632cdd4,2024-03-21T12:58:51.093000
 CVE-2024-29026,0,0,ae12b0436e3ecdf28001034b69d1ac66de23f0f8b6b646a25aa4e89d5c652db8,2024-03-21T12:58:51.093000
 CVE-2024-29027,0,0,0443c0a5c3d136c6828a405e5e82a90c05a4f9edd7fbc1d30ba3bd5c5a4c0f72,2024-03-20T13:00:16.367000
@@ -242481,7 +242488,7 @@ CVE-2024-29037,0,0,522cff780a141ed0cb980da4de92689da8f883cb35906d0c7290ad955ce6a
 CVE-2024-29042,0,0,94be04c88512f8801f1a0b7e8a0fe44bc1e2661493f643835e5309c09e2ba389,2024-03-22T19:02:10.300000
 CVE-2024-29057,0,0,5379d761bccbf172fdadee53a3a70afabe4e78f596cff935812d1693f9dc77df,2024-03-25T01:51:01.223000
 CVE-2024-29059,0,0,18e37be1e0df9e20dcfce0ba40125ed6c1baf91c43e1478b2c45015a443784c5,2024-03-25T01:51:01.223000
-CVE-2024-29071,0,0,c9cd543875a8a0e24e63349def42f6a3c92c99ec419dacb8612c4a6bf17018e4,2024-03-25T04:15:09.017000
+CVE-2024-29071,0,1,5ff903755374c23b025a98d3cc2b0f06ea188aa4151e3658c02fd385bc8b4fa8,2024-03-25T13:47:14.087000
 CVE-2024-29089,0,0,e5fbae925c9da8d587d9573cbc1c34db123c4510c1c1616d472538493a08c59e,2024-03-20T13:00:16.367000
 CVE-2024-29091,0,0,b1cb764a2082d02939e32c22f722543dd831cf608e6c39b51eb933f990788962,2024-03-20T13:00:16.367000
 CVE-2024-29092,0,0,beafae19b6703c9fc1f01dec7ad304174a985adb5a44a4613a96bd5d1cef6a8d,2024-03-20T13:00:16.367000
@@ -242543,7 +242550,7 @@ CVE-2024-29187,0,0,b20c442660011aa9a00d748e283e3cff30d410ce48e3d079b901e0f36dcc6
 CVE-2024-29188,0,0,a88946c34860ffe9844c033cf176d3b0a07d4a26b7808112b8bd0f05131d96e8,2024-03-25T01:51:01.223000
 CVE-2024-29190,0,0,06fd81282a65c29bad2a807438b949724256368bd8f788b06f116f9ca54b17a0,2024-03-25T01:51:01.223000
 CVE-2024-29194,0,0,61bcf80dc8c33623e289063809985cd69cc66b52cb236ef7d952a2c24a0c4127,2024-03-25T01:51:01.223000
-CVE-2024-29216,0,0,6470edb0c5f3717e4f2ce9913f2a85353d5e4ce9126437a0527896cb88e4bacf,2024-03-25T07:15:50.750000
+CVE-2024-29216,0,1,59c06798795d05e391cdd301154441d31362295e800c3b46a2b7bd83a3e2dbc0,2024-03-25T13:47:14.087000
 CVE-2024-29243,0,0,80b3eab65af2d9fbeb7b6048e074697688a19de63e1138c377d0b826523dd7db,2024-03-21T15:24:35.093000
 CVE-2024-29244,0,0,ab4dadc4ff7b45a2c285edb922de956bae0828f007627c62339f15145e95a7b7,2024-03-21T15:24:35.093000
 CVE-2024-29271,0,0,86d82853285296d2653b2954b1f865b89755729787a00c9a08bf8b4da2a10347,2024-03-22T12:45:36.130000
@@ -242585,4 +242592,4 @@ CVE-2024-29943,0,0,39d573a490fc5d2b219e8af270d3feeff9aa72e4341ddd52f10b0ddfa677f
 CVE-2024-29944,0,0,ca73c86aa90858e489f00f7276bc4b89981cc800e753e2418a893b48aedeba4f,2024-03-22T17:15:09.043000
 CVE-2024-30156,0,0,aff0cd27a6d4ebd55e03f44f61cc23ee9163e094843acbac5af736e684ab9391,2024-03-25T01:51:01.223000
 CVE-2024-30161,0,0,f6d00094643508d05d1e5626fca4ef83c82ab69ba4696adb329c49eff6d0ab4a,2024-03-25T01:51:01.223000
-CVE-2024-30187,0,0,df4bdb8d7f45147066b54a97af1ac4270d14fc2e7222a5f128ae9c60e0e5a015,2024-03-25T08:15:36.587000
+CVE-2024-30187,0,1,f8d37ff5304c8d102184c9586047a497264eab63488a1192b60bf85807ce2976,2024-03-25T13:47:14.087000