admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-06T17:01:01.900139+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-06 17:01:05 +00:00
parent 4137c8140f
commit 51dc23fa5c
97 changed files with 7951 additions and 228 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
CVE-2022/CVE-2022-206xx/CVE-2022-20676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20676",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-04-15T15:15:12.353",
"lastModified": "2023-11-07T03:42:35.840",
"vulnStatus": "Modified",
"lastModified": "2024-03-06T15:24:05.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "d1c1063e-7a18-46af-9102-31f8928bc633",
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -95,7 +95,7 @@
]
},
{
"source": "d1c1063e-7a18-46af-9102-31f8928bc633",
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
@ -114,8 +114,148 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D95E8A-8F0B-44E5-B266-09E10BAAEC55"
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z2:*:*:*:*:*:*:*",
"matchCriteriaId": "46E37204-FC9A-4397-AFA4-9CAC7A116D55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FFA44-9A59-4C20-9D86-C40B68BD5F77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "298C82F9-79A6-4DB7-8432-8B3A6DA39620"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "BDEDC7A0-D031-433B-ABF5-4EC0A43D80CC"
}
]
}

7232
CVE-2022/CVE-2022-209xx/CVE-2022-20920.json
View File

File diff suppressed because it is too large Load Diff

8
CVE-2022/CVE-2022-223xx/CVE-2022-22399.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-22399",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-03-05T20:16:00.620",
"lastModified": "2024-03-05T20:16:00.620",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 222562."
},
{
"lang": "es",
"value": "IBM Aspera Faspex 5.0.0 y 5.0.1 es vulnerable a la inyecci\u00f3n de encabezados HTTP, causada por una validaci\u00f3n incorrecta de la entrada por parte de los encabezados HOST. Esto podr\u00eda permitir a un atacante realizar varios ataques contra el sistema vulnerable, incluido cross-site scripting, envenenamiento de cach\u00e9 o secuestro de sesi\u00f3n. ID de IBM X-Force: 222562."
}
],
"metrics": {

8
CVE-2023/CVE-2023-256xx/CVE-2023-25681.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-25681",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-03-05T20:16:00.857",
"lastModified": "2024-03-05T20:16:00.857",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID: 247033."
},
{
"lang": "es",
"value": "Los usuarios de LDAP en IBM Spectrum Virtualize 8.5 que est\u00e1n configurados para requerir autenticaci\u00f3n multifactor a\u00fan pueden autenticarse en la interfaz CIM utilizando solo el nombre de usuario y la contrase\u00f1a. Esto no afecta a los usuarios locales con MFA configurado ni a los usuarios remotos que se autentican mediante el inicio de sesi\u00f3n \u00fanico. ID de IBM X-Force: 247033."
}
],
"metrics": {

8
CVE-2023/CVE-2023-262xx/CVE-2023-26282.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26282",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-03-05T20:16:01.077",
"lastModified": "2024-03-05T20:16:01.077",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415."
},
{
"lang": "es",
"value": "IBM Watson CP4D Data Stores 4.6.0 a 4.6.3 podr\u00eda permitir que un usuario con acceso f\u00edsico y conocimiento espec\u00edfico del sistema modifique archivos o datos en el sistema. ID de IBM X-Force: 248415."
}
],
"metrics": {

8
CVE-2023/CVE-2023-336xx/CVE-2023-33677.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-33677",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:06.960",
"lastModified": "2024-03-06T01:15:06.960",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at \"?page=items/view&id=*\"."
},
{
"lang": "es",
"value": "Sourcecodester Lost and Found Information System's Version 1.0 es vulnerable a una inyecci\u00f3n SQL no autenticada en \"?page=items/view&id=*\"."
}
],
"metrics": {},

26
CVE-2023/CVE-2023-359xx/CVE-2023-35946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35946",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-30T21:15:09.070",
"lastModified": "2023-07-31T19:15:17.370",
"vulnStatus": "Modified",
"lastModified": "2024-03-06T15:20:18.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -82,9 +82,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradle:gradle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndExcluding": "8.2",
"matchCriteriaId": "AFC239C5-E6F3-4AF6-A7CE-ACCCA46F5080"
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.2.0",
"matchCriteriaId": "8E909D6A-5F91-434F-8506-50CBC384EAB5"
}
]
}
@ -96,21 +96,24 @@
"url": "https://docs.gradle.org/current/userguide/dependency_verification.html",
"source": "security-advisories@github.com",
"tags": [
"Product"
"Product",
"Vendor Advisory"
]
},
{
"url": "https://github.com/gradle/gradle/commit/859eae2b2acf751ae7db3c9ffefe275aa5da0d5d",
"source": "security-advisories@github.com",
"tags": [
"Patch"
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/gradle/gradle/commit/b07e528feb3a5ffa66bdcc358549edd73e4c8a12",
"source": "security-advisories@github.com",
"tags": [
"Patch"
"Patch",
"Third Party Advisory"
]
},
{
@ -118,12 +121,15 @@
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0003/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

15
CVE-2023/CVE-2023-359xx/CVE-2023-35947.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35947",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-30T21:15:09.147",
"lastModified": "2023-08-03T15:15:28.303",
"vulnStatus": "Modified",
"lastModified": "2024-03-06T15:20:24.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -82,9 +82,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradle:gradle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndExcluding": "8.2",
"matchCriteriaId": "AFC239C5-E6F3-4AF6-A7CE-ACCCA46F5080"
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.2.0",
"matchCriteriaId": "8E909D6A-5F91-434F-8506-50CBC384EAB5"
}
]
}
@ -115,7 +115,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0007/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-389xx/CVE-2023-38944.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38944",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T00:15:52.143",
"lastModified": "2024-03-06T00:15:52.143",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01.10_pt allows attackers to bypass the access control and gain complete access to the application via modifying a HTTP header."
},
{
"lang": "es",
"value": "Un problema en el firmware v12.03.01.09_pt de Multilaser RE160V y el firmware v12.03.01.10_pt de Multilaser RE163V permite a los atacantes eludir el control de acceso y obtener acceso completo a la aplicaci\u00f3n modificando un encabezado HTTP."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-389xx/CVE-2023-38945.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38945",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T00:15:52.247",
"lastModified": "2024-03-06T00:15:52.247",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and V12.03.01.09_pt, and Multilaser RE163V v12.03.01.08_pt allows attackers to bypass the access control and gain complete access to the application via supplying a crafted URL."
},
{
"lang": "es",
"value": "Multilaser RE160 v5.07.51_pt_MTL01 y v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt y V12.03.01.09_pt, y Multilaser RE163V v12.03.01.08_pt permiten a los atacantes eludir el control de acceso y obtener acceso completo a la aplicaci\u00f3n mediante el suministro una URL manipulada."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-389xx/CVE-2023-38946.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38946",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T00:15:52.300",
"lastModified": "2024-03-06T00:15:52.300",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Multilaser RE160 firmware v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01 allows attackers to bypass the access control and gain complete access to the application via supplying a crafted cookie."
},
{
"lang": "es",
"value": "Un problema en el firmware v5.07.51_pt_MTL01 y v5.07.52_pt_MTL01 de Multilaser RE160 permite a los atacantes eludir el control de acceso y obtener acceso completo a la aplicaci\u00f3n mediante el suministro de una cookie manipulada."
}
],
"metrics": {},

20
CVE-2023/CVE-2023-422xx/CVE-2023-42282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42282",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T17:15:10.840",
"lastModified": "2024-03-03T00:15:43.820",
"vulnStatus": "Modified",
"lastModified": "2024-03-06T15:26:20.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -62,6 +62,11 @@
"criteria": "cpe:2.3:a:fedorindutny:ip:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "1.1.8",
"matchCriteriaId": "5E811BCA-8109-4EA6-ACCC-7D7A6BCD6BB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedorindutny:ip:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8822A2CE-A9A4-4308-998A-258BF20B355C"
}
]
}
@ -79,11 +84,18 @@
},
{
"url": "https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/bfc3b23f-ddc0-4ee7-afab-223b07115ed3/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description"
]
}
]
}

8
CVE-2023/CVE-2023-424xx/CVE-2023-42445.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42445",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-06T14:15:12.103",
"lastModified": "2024-02-16T15:27:43.323",
"lastModified": "2024-03-06T15:20:29.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -86,9 +86,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradle:gradle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndExcluding": "8.4",
"matchCriteriaId": "E80A7414-4449-4036-B0F9-99FE64928912"
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.4.0",
"matchCriteriaId": "E104EF19-8B72-4A31-B2AC-8312F7C6452F"
}
]
}

8
CVE-2023/CVE-2023-433xx/CVE-2023-43318.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43318",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T00:15:52.347",
"lastModified": "2024-03-06T00:15:52.347",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests."
},
{
"lang": "es",
"value": "TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 permite a los atacantes escalar privilegios mediante la modificaci\u00f3n de los valores 'tid' y 'usrlvl' en las solicitudes GET."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-452xx/CVE-2023-45289.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45289",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.137",
"lastModified": "2024-03-05T23:15:07.137",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded."
},
{
"lang": "es",
"value": "Al seguir una redirecci\u00f3n HTTP a un dominio que no es una coincidencia de subdominio o una coincidencia exacta del dominio inicial, un cliente http.no reenv\u00eda encabezados confidenciales como \"Autorizaci\u00f3n\" o \"Cookie\". Por ejemplo, una redirecci\u00f3n de foo.com a www.foo.com reenviar\u00e1 el encabezado de Autorizaci\u00f3n, pero una redirecci\u00f3n a bar.com no. Una redirecci\u00f3n HTTP creada con fines malintencionados podr\u00eda provocar que se reenv\u00eden inesperadamente encabezados confidenciales."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-452xx/CVE-2023-45290.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45290",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.210",
"lastModified": "2024-03-05T23:15:07.210",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines."
},
{
"lang": "es",
"value": "Al analizar un formulario de varias partes (ya sea expl\u00edcitamente con Request.ParseMultipartForm o impl\u00edcitamente con Request.FormValue, Request.PostFormValue o Request.FormFile), no se aplicaron l\u00edmites en el tama\u00f1o total del formulario analizado a la memoria consumida al leer un solo formulario l\u00ednea. Esto permite que una entrada creada con fines malintencionados que contenga l\u00edneas muy largas provoque la asignaci\u00f3n de cantidades de memoria arbitrariamente grandes, lo que podr\u00eda provocar un agotamiento de la memoria. Con la correcci\u00f3n, la funci\u00f3n ParseMultipartForm ahora limita correctamente el tama\u00f1o m\u00e1ximo de las l\u00edneas del formulario."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-486xx/CVE-2023-48644.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-48644",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T23:15:07.260",
"lastModified": "2024-03-05T23:15:07.260",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en la aplicaci\u00f3n Archibus 4.0.3 para iOS. Existe una vulnerabilidad XSS en la funci\u00f3n de creaci\u00f3n de solicitud de trabajo del m\u00f3dulo de mantenimiento, a trav\u00e9s del campo de descripci\u00f3n. Esto permite a un atacante realizar una acci\u00f3n en nombre del usuario, extraer datos, etc."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-499xx/CVE-2023-49971.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49971",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:07.017",
"lastModified": "2024-03-06T01:15:07.017",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) en Customer Support System v1 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de nombre en /customer_support/index.php?page=customer_list."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-499xx/CVE-2023-49973.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49973",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:07.063",
"lastModified": "2024-03-06T01:15:07.063",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customer_support/index.php?page=customer_list."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) en Customer Support System v1 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de correo electr\u00f3nico en /customer_support/index.php?page=customer_list."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-499xx/CVE-2023-49974.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49974",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:07.103",
"lastModified": "2024-03-06T01:15:07.103",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customer_support/index.php?page=customer_list."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) en Customer Support System v1 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de contacto en /customer_support/index.php?page=customer_list."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-499xx/CVE-2023-49976.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49976",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:07.147",
"lastModified": "2024-03-06T01:15:07.147",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customer_support/index.php?page=new_ticket."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) en Customer Support System v1 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro del asunto en /customer_support/index.php?page=new_ticket."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-499xx/CVE-2023-49977.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49977",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:07.187",
"lastModified": "2024-03-06T01:15:07.187",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customer_support/index.php?page=new_customer."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) en Customer Support System v1 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de direcci\u00f3n en /customer_support/index.php?page=new_customer."
}
],
"metrics": {},

4
CVE-2023/CVE-2023-507xx/CVE-2023-50740.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50740",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-06T14:15:47.407",
"lastModified": "2024-03-06T14:15:47.407",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-525xx/CVE-2023-52583.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52583",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:06.553",
"lastModified": "2024-03-06T07:15:06.553",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix deadlock or deadcode of misusing dget()\n\nThe lock order is incorrect between denty and its parent, we should\nalways make sure that the parent get the lock first.\n\nBut since this deadcode is never used and the parent dir will always\nbe set from the callers, let's just remove it."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ceph: corrige el punto muerto o el c\u00f3digo muerto por uso incorrecto de dget() El orden de bloqueo es incorrecto entre denty y su padre, siempre debemos asegurarnos de que el padre obtenga el bloqueo primero. Pero dado que este c\u00f3digo muerto nunca se usa y el directorio principal siempre ser\u00e1 configurado por quienes llaman, simplemente elimin\u00e9moslo."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52584.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52584",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:07.227",
"lastModified": "2024-03-06T07:15:07.227",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspmi: mediatek: Fix UAF on device remove\n\nThe pmif driver data that contains the clocks is allocated along with\nspmi_controller.\nOn device remove, spmi_controller will be freed first, and then devres\n, including the clocks, will be cleanup.\nThis leads to UAF because putting the clocks will access the clocks in\nthe pmif driver data, which is already freed along with spmi_controller.\n\nThis can be reproduced by enabling DEBUG_TEST_DRIVER_REMOVE and\nbuilding the kernel with KASAN.\n\nFix the UAF issue by using unmanaged clk_bulk_get() and putting the\nclocks before freeing spmi_controller."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: spmi: mediatek: reparar UAF en la eliminaci\u00f3n del dispositivo. Los datos del controlador pmif que contienen los relojes se asignan junto con spmi_controller. Al eliminar el dispositivo, primero se liberar\u00e1 spmi_controller y luego se limpiar\u00e1n los devres, incluidos los relojes. Esto lleva a UAF porque al poner los relojes se acceder\u00e1 a los relojes en los datos del controlador pmif, que ya est\u00e1n liberados junto con spmi_controller. Esto se puede reproducir habilitando DEBUG_TEST_DRIVER_REMOVE y compilando el kernel con KASAN. Solucione el problema de UAF utilizando clk_bulk_get() no administrado y poniendo los relojes antes de liberar spmi_controller."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52585.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52585",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:07.290",
"lastModified": "2024-03-06T07:15:07.290",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()\n\nReturn invalid error code -EINVAL for invalid block id.\n\nFixes the below:\n\ndrivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 amdgpu_ras_query_error_status_helper() error: we previously assumed 'info' could be null (see line 1176)"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: corrige una posible desreferencia NULL en amdgpu_ras_query_error_status_helper() Devuelve un c\u00f3digo de error no v\u00e1lido -EINVAL para una identificaci\u00f3n de bloque no v\u00e1lida. Corrige lo siguiente: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 error amdgpu_ras_query_error_status_helper(): anteriormente asumimos que la 'informaci\u00f3n' podr\u00eda ser nula (consulte la l\u00ednea 1176)"
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52586.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52586",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:07.443",
"lastModified": "2024-03-06T07:15:07.443",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add mutex lock in control vblank irq\n\nAdd a mutex lock to control vblank irq to synchronize vblank\nenable/disable operations happening from different threads to prevent\nrace conditions while registering/unregistering the vblank irq callback.\n\nv4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a\n parameter of dpu_encoder_phys.\n -Switch from atomic refcnt to a simple int counter as mutex has\n now been added\nv3: Mistakenly did not change wording in last version. It is done now.\nv2: Slightly changed wording of commit message\n\nPatchwork: https://patchwork.freedesktop.org/patch/571854/"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm/dpu: agregue un bloqueo mutex en el control vblank irq. Agregue un bloqueo mutex para controlar vblank irq para sincronizar las operaciones de activaci\u00f3n/desactivaci\u00f3n de vblank que ocurren desde diferentes subprocesos para evitar condiciones de ejecuci\u00f3n durante el registro. /anular el registro de la devoluci\u00f3n de llamada vblank irq. v4: -Se elimin\u00f3 vblank_ctl_lock de dpu_encoder_virt, por lo que es solo un par\u00e1metro de dpu_encoder_phys. -Cambiar de refcnt at\u00f3mico a un contador int simple ya que ahora se ha agregado mutex v3: por error no cambi\u00f3 la redacci\u00f3n en la \u00faltima versi\u00f3n. Ya est\u00e1 hecho. v2: redacci\u00f3n ligeramente modificada del mensaje de confirmaci\u00f3n Patchwork: https://patchwork.freedesktop.org/patch/571854/"
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52587.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52587",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:07.633",
"lastModified": "2024-03-06T07:15:07.633",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/ipoib: Fix mcast list locking\n\nReleasing the `priv->lock` while iterating the `priv->multicast_list` in\n`ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to\nremove the items while in the middle of iteration. If the mcast is removed\nwhile the lock was dropped, the for loop spins forever resulting in a hard\nlockup (as was reported on RHEL 4.18.0-372.75.1.el8_6 kernel):\n\n Task A (kworker/u72:2 below) | Task B (kworker/u72:0 below)\n -----------------------------------+-----------------------------------\n ipoib_mcast_join_task(work) | ipoib_ib_dev_flush_light(work)\n spin_lock_irq(&priv->lock) | __ipoib_ib_dev_flush(priv, ...)\n list_for_each_entry(mcast, | ipoib_mcast_dev_flush(dev = priv->dev)\n &priv->multicast_list, list) |\n ipoib_mcast_join(dev, mcast) |\n spin_unlock_irq(&priv->lock) |\n | spin_lock_irqsave(&priv->lock, flags)\n | list_for_each_entry_safe(mcast, tmcast,\n | &priv->multicast_list, list)\n | list_del(&mcast->list);\n | list_add_tail(&mcast->list, &remove_list)\n | spin_unlock_irqrestore(&priv->lock, flags)\n spin_lock_irq(&priv->lock) |\n | ipoib_mcast_remove_list(&remove_list)\n (Here, `mcast` is no longer on the | list_for_each_entry_safe(mcast, tmcast,\n `priv->multicast_list` and we keep | remove_list, list)\n spinning on the `remove_list` of | >>> wait_for_completion(&mcast->done)\n the other thread which is blocked |\n and the list is still valid on |\n it's stack.)\n\nFix this by keeping the lock held and changing to GFP_ATOMIC to prevent\neventual sleeps.\nUnfortunately we could not reproduce the lockup and confirm this fix but\nbased on the code review I think this fix should address such lockups.\n\ncrash> bc 31\nPID: 747 TASK: ff1c6a1a007e8000 CPU: 31 COMMAND: \"kworker/u72:2\"\n--\n [exception RIP: ipoib_mcast_join_task+0x1b1]\n RIP: ffffffffc0944ac1 RSP: ff646f199a8c7e00 RFLAGS: 00000002\n RAX: 0000000000000000 RBX: ff1c6a1a04dc82f8 RCX: 0000000000000000\n work (&priv->mcast_task{,.work})\n RDX: ff1c6a192d60ac68 RSI: 0000000000000286 RDI: ff1c6a1a04dc8000\n &mcast->list\n RBP: ff646f199a8c7e90 R8: ff1c699980019420 R9: ff1c6a1920c9a000\n R10: ff646f199a8c7e00 R11: ff1c6a191a7d9800 R12: ff1c6a192d60ac00\n mcast\n R13: ff1c6a1d82200000 R14: ff1c6a1a04dc8000 R15: ff1c6a1a04dc82d8\n dev priv (&priv->lock) &priv->multicast_list (aka head)\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n--- <NMI exception stack> ---\n #5 [ff646f199a8c7e00] ipoib_mcast_join_task+0x1b1 at ffffffffc0944ac1 [ib_ipoib]\n #6 [ff646f199a8c7e98] process_one_work+0x1a7 at ffffffff9bf10967\n\ncrash> rx ff646f199a8c7e68\nff646f199a8c7e68: ff1c6a1a04dc82f8 <<< work = &priv->mcast_task.work\n\ncrash> list -hO ipoib_dev_priv.multicast_list ff1c6a1a04dc8000\n(empty)\n\ncrash> ipoib_dev_priv.mcast_task.work.func,mcast_mutex.owner.counter ff1c6a1a04dc8000\n mcast_task.work.func = 0xffffffffc0944910 <ipoib_mcast_join_task>,\n mcast_mutex.owner.counter = 0xff1c69998efec000\n\ncrash> b 8\nPID: 8 TASK: ff1c69998efec000 CPU: 33 COMMAND: \"kworker/u72:0\"\n--\n #3 [ff646f1980153d50] wait_for_completion+0x96 at ffffffff9c7d7646\n #4 [ff646f1980153d90] ipoib_mcast_remove_list+0x56 at ffffffffc0944dc6 [ib_ipoib]\n #5 [ff646f1980153de8] ipoib_mcast_dev_flush+0x1a7 at ffffffffc09455a7 [ib_ipoib]\n #6 [ff646f1980153e58] __ipoib_ib_dev_flush+0x1a4 at ffffffffc09431a4 [ib_ipoib]\n #7 [ff\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: IB/ipoib: corrige el bloqueo de la lista mcast Al liberar `priv-&gt;lock` mientras se itera `priv-&gt;multicast_list` en `ipoib_mcast_join_task()`, se abre una ventana para `ipoib_mcast_dev_flush( )` para eliminar los elementos mientras se encuentra en medio de la iteraci\u00f3n. Si se elimina mcast mientras se elimina el bloqueo, el bucle for gira para siempre, lo que resulta en un bloqueo total (como se inform\u00f3 en el kernel RHEL 4.18.0-372.75.1.el8_6): Tarea A (kworker/u72:2 a continuaci\u00f3n) | Tarea B (kworker/u72:0 a continuaci\u00f3n) -----------------------------------+---- ------------------------------- ipoib_mcast_join_task(trabajo) | ipoib_ib_dev_flush_light(trabajo) spin_lock_irq(&amp;priv-&gt;lock) | __ipoib_ib_dev_flush(priv, ...) list_for_each_entry(mcast, | ipoib_mcast_dev_flush(dev = priv-&gt;dev) &amp;priv-&gt;multicast_list, lista) | ipoib_mcast_join(dev, mcast) | spin_unlock_irq(&amp;priv-&gt;bloquear) | | spin_lock_irqsave(&amp;priv-&gt;bloqueo, banderas) | list_for_each_entry_safe(mcast, tmcast, | &amp;priv-&gt;multicast_list, lista) | list_del(&amp;mcast-&gt;lista); | list_add_tail(&amp;mcast-&gt;lista, &amp;remove_list) | spin_unlock_irqrestore(&amp;priv-&gt;bloquear, banderas) spin_lock_irq(&amp;priv-&gt;bloquear) | | ipoib_mcast_remove_list(&amp;remove_list) (Aqu\u00ed, `mcast` ya no est\u00e1 en | list_for_each_entry_safe(mcast, tmcast, `priv-&gt;multicast_list` y seguimos | remove_list, list) girando en `remove_list` de | &gt;&gt;&gt; wait_for_completion(&amp;mcast -&gt;hecho) el otro hilo que est\u00e1 bloqueado | y la lista sigue siendo v\u00e1lida | en su pila.) Solucione este problema manteniendo el bloqueo mantenido y cambiando a GFP_ATOMIC para evitar eventuales suspensiones. Desafortunadamente, no pudimos reproducir el bloqueo y confirmar esta soluci\u00f3n, pero seg\u00fan la revisi\u00f3n del c\u00f3digo, creo que esta soluci\u00f3n deber\u00eda abordar dichos bloqueos. crash&gt; bc 31 PID: 747 TAREA: ff1c6a1a007e8000 CPU: 31 COMANDO: \"kworker/u72:2\" -- [excepci\u00f3n RIP: ipoib_mcast_join_task+0x1b1] RIP: ffffffffc0944ac1 RSP: ff646f199a8c7e00 RFLAGS: 000000 02 RAX: 0000000000000000 RBX: ff1c6a1a04dc82f8 RCX: 00000000000000000 trabajo (&amp;priv-&gt;mcast_task{,.work}) RDX: ff1c6a192d60ac68 RSI: 0000000000000286 RDI: ff1c6a1a04dc8000 &amp;mcast-&gt;list RBP: ff646f199a8c7e90 R8: ff1c699980019420 R9: ff 1c6a1920c9a000 R10: ff646f199a8c7e00 R11: ff1c6a191a7d9800 R12: ff1c6a192d60ac00 mcast R13: ff1c6a1d82200000 R14: ff1c6a1a04dc8000 R15: ff1c6a1a04dc82d8 dev priv (&amp;priv-&gt;lock) &amp;priv-&gt;multicast_list (tambi\u00e9n conocido como head) ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 --- --- #5 [ff646f199a8c7e00] ipoib_mcast_join_task+0x1b1 en ffffff ffc0944ac1 [ ib_ipoib] #6 [ff646f199a8c7e98] Process_one_work+0x1a7 en ffffffff9bf10967 crash&gt; rx ff646f199a8c7e68 ff646f199a8c7e68: ff1c6a1a04dc82f8 &lt;&lt;&lt; work = &amp;priv-&gt;mcast_task.work crash&gt; lista -hO ipoib_dev_priv.multicast_list ff1c6a1a04dc8000 (vac\u00edo) falla&gt; ipoib_dev_priv.mcast_task.work. func,mcast_mutex.owner.counter ff1c6a1a04dc8000 mcast_task.work.func = 0xffffffffc0944910 , mcast_mutex.owner.counter = 0xff1c69998efec000 crash&gt; b 8 PID: 8 TAREA: ff1c69998efec000 CPU: 33 COMANDO: \"kworker/u72:0\" -- #3 [ff646f1980153d50] wait_for_completion+0x96 en ffffffff9c7d7646 #4 [ff646f1980153d90] ipoib_mcast_remove_list+0x56 en ffffffffc0944dc6 [ib_ipoib] #5 [ff646f1980153de8] ipoib_ mcast_dev_flush+0x1a7 en ffffffffc09455a7 [ib_ipoib] #6 [ff646f1980153e58] __ipoib_ib_dev_flush+0x1a4 en ffffffffc09431a4 [ib_ipoib] # 7 [ff ---truncado---"
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52588.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52588",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:07.820",
"lastModified": "2024-03-06T07:15:07.820",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to tag gcing flag on page during block migration\n\nIt needs to add missing gcing flag on page during block migration,\nin order to garantee migrated data be persisted during checkpoint,\notherwise out-of-order persistency between data and node may cause\ndata corruption after SPOR.\n\nSimilar issue was fixed by commit 2d1fe8a86bf5 (\"f2fs: fix to tag\ngcing flag on page during file defragment\")."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: f2fs: correcci\u00f3n para etiquetar el indicador gcing en la p\u00e1gina durante la migraci\u00f3n de bloques. Es necesario agregar el indicador gcing faltante en la p\u00e1gina durante la migraci\u00f3n de bloques, para garantizar que los datos migrados persistan durante el punto de control; de lo contrario, no estar\u00e1n disponibles. La persistencia del orden entre los datos y el nodo puede provocar da\u00f1os en los datos despu\u00e9s de SPOR. Se solucion\u00f3 un problema similar mediante el commit 2d1fe8a86bf5 (\"f2fs: correcci\u00f3n para etiquetar el indicador gcing en la p\u00e1gina durante la desfragmentaci\u00f3n del archivo\")."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52589.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52589",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:08.053",
"lastModified": "2024-03-06T07:15:08.053",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ disable race issue\n\nIn rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the\ninterrupts and then apparently assumes that the interrupt handler won't\nbe running, and proceeds in the stop procedure. This is not the case, as\nthe interrupt handler can already be running, which would lead to the\nISP being disabled while the interrupt handler handling a captured\nframe.\n\nThis brings up two issues: 1) the ISP could be powered off while the\ninterrupt handler is still running and accessing registers, leading to\nboard lockup, and 2) the interrupt handler code and the code that\ndisables the streaming might do things that conflict.\n\nIt is not clear to me if 2) causes a real issue, but 1) can be seen with\na suitable delay (or printk in my case) in the interrupt handler,\nleading to board lockup."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medios: rkisp1: Solucionar el problema de ejecuci\u00f3n de desactivaci\u00f3n de IRQ En rkisp1_isp_stop() y rkisp1_csi_disable() el controlador enmascara las interrupciones y aparentemente asume que el controlador de interrupciones no se ejecutar\u00e1 y contin\u00faa en el procedimiento de parada. Este no es el caso, ya que el controlador de interrupciones puede estar ejecut\u00e1ndose, lo que llevar\u00eda a que el ISP se deshabilite mientras el controlador de interrupciones maneja una trama capturada. Esto plantea dos problemas: 1) el ISP podr\u00eda apagarse mientras el controlador de interrupciones a\u00fan est\u00e1 ejecut\u00e1ndose y accediendo a los registros, lo que provoca el bloqueo de la placa, y 2) el c\u00f3digo del controlador de interrupciones y el c\u00f3digo que deshabilita la transmisi\u00f3n pueden hacer cosas que entren en conflicto. No me queda claro si 2) causa un problema real, pero 1) se puede ver con un retraso adecuado (o printk en mi caso) en el controlador de interrupciones, lo que provoca el bloqueo de la placa."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52590.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52590",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:08.297",
"lastModified": "2024-03-06T07:15:08.297",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change ocfs2 rename code to avoid touching renamed directory if\nits parent does not change as without locking that can corrupt the\nfilesystem."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ocfs2: evite tocar el directorio renombrado si el padre no cambia. El VFS no bloquear\u00e1 el directorio movido si su padre no cambia. Cambie el c\u00f3digo de cambio de nombre de ocfs2 para evitar tocar el directorio renombrado si su padre no cambia sin bloquearlo, lo que puede da\u00f1ar el sistema de archivos."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52591.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52591",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:08.510",
"lastModified": "2024-03-06T07:15:08.510",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: reiserfs: evite tocar el directorio renombrado si el padre no cambia. El VFS no bloquear\u00e1 el directorio movido si su padre no cambia. Cambie el c\u00f3digo de cambio de nombre de reiserfs para evitar tocar el directorio renombrado si su padre no cambia, sin bloquearlo, lo que puede da\u00f1ar el sistema de archivos."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52592.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52592",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:08.733",
"lastModified": "2024-03-06T07:15:08.733",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos\n\nAn issue occurred while reading an ELF file in libbpf.c during fuzzing:\n\n\tProgram received signal SIGSEGV, Segmentation fault.\n\t0x0000000000958e97 in bpf_object.collect_prog_relos () at libbpf.c:4206\n\t4206 in libbpf.c\n\t(gdb) bt\n\t#0 0x0000000000958e97 in bpf_object.collect_prog_relos () at libbpf.c:4206\n\t#1 0x000000000094f9d6 in bpf_object.collect_relos () at libbpf.c:6706\n\t#2 0x000000000092bef3 in bpf_object_open () at libbpf.c:7437\n\t#3 0x000000000092c046 in bpf_object.open_mem () at libbpf.c:7497\n\t#4 0x0000000000924afa in LLVMFuzzerTestOneInput () at fuzz/bpf-object-fuzzer.c:16\n\t#5 0x000000000060be11 in testblitz_engine::fuzzer::Fuzzer::run_one ()\n\t#6 0x000000000087ad92 in tracing::span::Span::in_scope ()\n\t#7 0x00000000006078aa in testblitz_engine::fuzzer::util::walkdir ()\n\t#8 0x00000000005f3217 in testblitz_engine::entrypoint::main::{{closure}} ()\n\t#9 0x00000000005f2601 in main ()\n\t(gdb)\n\nscn_data was null at this code(tools/lib/bpf/src/libbpf.c):\n\n\tif (rel->r_offset % BPF_INSN_SZ || rel->r_offset >= scn_data->d_size) {\n\nThe scn_data is derived from the code above:\n\n\tscn = elf_sec_by_idx(obj, sec_idx);\n\tscn_data = elf_sec_data(obj, scn);\n\n\trelo_sec_name = elf_sec_str(obj, shdr->sh_name);\n\tsec_name = elf_sec_name(obj, scn);\n\tif (!relo_sec_name || !sec_name)// don't check whether scn_data is NULL\n\t\treturn -EINVAL;\n\nIn certain special scenarios, such as reading a malformed ELF file,\nit is possible that scn_data may be a null pointer"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: libbpf: corrige la desreferencia del puntero NULL en bpf_object__collect_prog_relos Se produjo un problema al leer un archivo ELF en libbpf.c durante la fuzzing: el programa recibi\u00f3 la se\u00f1al SIGSEGV, falla de segmentaci\u00f3n. 0x0000000000958e97 en bpf_object.collect_prog_relos () en libbpf.c:4206 4206 en libbpf.c (gdb) bt #0 0x0000000000958e97 en bpf_object.collect_prog_relos () en libbpf.c:4206 #1 0x0 00000000094f9d6 en bpf_object.collect_relos () en libbpf.c :6706 #2 0x000000000092bef3 en bpf_object_open () en libbpf.c:7437 #3 0x000000000092c046 en bpf_object.open_mem () en libbpf.c:7497 #4 0x0000000000924afa en LLVMFuzzerTest OneInput () en fuzz/bpf-object-fuzzer.c:16 # 5 0x000000000060be11 en testblitz_engine::fuzzer::Fuzzer::run_one () #6 0x000000000087ad92 en tracing::span::Span::in_scope () #7 0x00000000006078aa en testblitz_engine::fuzzer::util::walkdir () #8 0x00000000005f3217 en testblitz_engine::entrypoint::main::{{closure}} () #9 0x00000000005f2601 en main () (gdb) scn_data era nulo en este c\u00f3digo (tools/lib/bpf/src/libbpf.c): if (rel -&gt;r_offset % BPF_INSN_SZ || rel-&gt;r_offset &gt;= scn_data-&gt;d_size) { Los scn_data se derivan del c\u00f3digo anterior: scn = elf_sec_by_idx(obj, sec_idx); scn_data = elf_sec_data(obj, scn); relo_sec_name = elf_sec_str(obj, shdr-&gt;sh_name); nombre_sec = nombre_sec_elf(obj, scn); if (!relo_sec_name || !sec_name)// no verifica si scn_data es NULL return -EINVAL; En ciertos escenarios especiales, como la lectura de un archivo ELF con formato incorrecto, es posible que scn_data sea un puntero nulo."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52593.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52593",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:08.940",
"lastModified": "2024-03-06T07:15:08.940",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()\n\nSince 'ieee80211_beacon_get()' can return NULL, 'wfx_set_mfp_ap()'\nshould check the return value before examining skb data. So convert\nthe latter to return an appropriate error code and propagate it to\nreturn from 'wfx_start_ap()' as well. Compile tested only."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: wfx: corrige la posible desreferencia del puntero NULL en wfx_set_mfp_ap() Dado que 'ieee80211_beacon_get()' puede devolver NULL, 'wfx_set_mfp_ap()' debe verificar el valor de retorno antes de examinar los datos de skb. As\u00ed que convierta este \u00faltimo para que devuelva un c\u00f3digo de error apropiado y prop\u00e1guelo para que regrese tambi\u00e9n desde 'wfx_start_ap()'. Compilaci\u00f3n probada \u00fanicamente."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52594.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52594",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:09.200",
"lastModified": "2024-03-06T07:15:09.200",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()\n\nFix an array-index-out-of-bounds read in ath9k_htc_txstatus(). The bug\noccurs when txs->cnt, data from a URB provided by a USB device, is\nbigger than the size of the array txs->txstatus, which is\nHTC_MAX_TX_STATUS. WARN_ON() already checks it, but there is no bug\nhandling code after the check. Make the function return if that is the\ncase.\n\nFound by a modified version of syzkaller.\n\nUBSAN: array-index-out-of-bounds in htc_drv_txrx.c\nindex 13 is out of range for type '__wmi_event_txstatus [12]'\nCall Trace:\n ath9k_htc_txstatus\n ath9k_wmi_event_tasklet\n tasklet_action_common\n __do_softirq\n irq_exit_rxu\n sysvec_apic_timer_interrupt"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath9k: corrige una posible lectura de \u00edndice de matriz fuera de los l\u00edmites en ath9k_htc_txstatus(). Corrige una lectura de \u00edndice de matriz fuera de los l\u00edmites en ath9k_htc_txstatus(). El error ocurre cuando txs-&gt;cnt, los datos de una URB proporcionados por un dispositivo USB, son mayores que el tama\u00f1o de la matriz txs-&gt;txstatus, que es HTC_MAX_TX_STATUS. WARN_ON() ya lo verifica, pero no hay ning\u00fan c\u00f3digo de manejo de errores despu\u00e9s de la verificaci\u00f3n. Haga que la funci\u00f3n regrese si ese es el caso. Encontrado por una versi\u00f3n modificada de syzkaller. UBSAN: Array-Index-Of-Bunds en htc_drv_txrx.c El \u00edndice 13 est\u00e1 fuera de rango para el tipo '__WMI_EVENT_TXSTATUS [12]' LLAME TRACE: ATH9K_HTC_TXSTATUS ATH9K_WMI_EVENT_TASKLET_ACTION_ACTION_COMNOMON __DO_SOFTIRQ IRQITITI"
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52595.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52595",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:09.453",
"lastModified": "2024-03-06T07:15:09.453",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rt2x00: restart beacon queue when hardware reset\n\nWhen a hardware reset is triggered, all registers are reset, so all\nqueues are forced to stop in hardware interface. However, mac80211\nwill not automatically stop the queue. If we don't manually stop the\nbeacon queue, the queue will be deadlocked and unable to start again.\nThis patch fixes the issue where Apple devices cannot connect to the\nAP after calling ieee80211_restart_hw()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rt2x00: reinicia la cola de baliza cuando se reinicia el hardware Cuando se activa un reinicio de hardware, todos los registros se reinician, por lo que todas las colas se ven obligadas a detenerse en la interfaz de hardware. Sin embargo, mac80211 no detendr\u00e1 autom\u00e1ticamente la cola. Si no detenemos manualmente la cola de balizas, la cola quedar\u00e1 bloqueada y no podr\u00e1 comenzar de nuevo. Este parche soluciona el problema por el cual los dispositivos Apple no pueden conectarse al AP despu\u00e9s de llamar a ieee80211_restart_hw()."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52596.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52596",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:09.657",
"lastModified": "2024-03-06T07:15:09.657",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysctl: Fix out of bounds access for empty sysctl registers\n\nWhen registering tables to the sysctl subsystem there is a check to see\nif header is a permanently empty directory (used for mounts). This check\nevaluates the first element of the ctl_table. This results in an out of\nbounds evaluation when registering empty directories.\n\nThe function register_sysctl_mount_point now passes a ctl_table of size\n1 instead of size 0. It now relies solely on the type to identify\na permanently empty register.\n\nMake sure that the ctl_table has at least one element before testing for\npermanent emptiness."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: sysctl: corrige el acceso fuera de los l\u00edmites para registros sysctl vac\u00edos. Al registrar tablas en el subsistema sysctl, se verifica si el encabezado es un directorio permanentemente vac\u00edo (usado para montajes). Esta verificaci\u00f3n eval\u00faa el primer elemento de ctl_table. Esto da como resultado una evaluaci\u00f3n fuera de los l\u00edmites al registrar directorios vac\u00edos. La funci\u00f3n Register_sysctl_mount_point ahora pasa un ctl_table de tama\u00f1o 1 en lugar de tama\u00f1o 0. Ahora se basa \u00fanicamente en el tipo para identificar un registro permanentemente vac\u00edo. Aseg\u00farese de que ctl_table tenga al menos un elemento antes de probar el vac\u00edo permanente."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52597.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52597",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:09.827",
"lastModified": "2024-03-06T07:15:09.827",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: fix setting of fpc register\n\nkvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control\n(fpc) register of a guest cpu. The new value is tested for validity by\ntemporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the host process:\nif an interrupt happens while the value is temporarily loaded into the fpc\nregister, and within interrupt context floating point or vector registers\nare used, the current fp/vx registers are saved with save_fpu_regs()\nassuming they belong to user space and will be loaded into fp/vx registers\nwhen returning to user space.\n\ntest_fp_ctl() restores the original user space / host process fpc register\nvalue, however it will be discarded, when returning to user space.\n\nIn result the host process will incorrectly continue to run with the value\nthat was supposed to be used for a guest cpu.\n\nFix this by simply removing the test. There is another test right before\nthe SIE context is entered which will handles invalid values.\n\nThis results in a change of behaviour: invalid values will now be accepted\ninstead of that the ioctl fails with -EINVAL. This seems to be acceptable,\ngiven that this interface is most likely not used anymore, and this is in\naddition the same behaviour implemented with the memory mapped interface\n(replace invalid values with zero) - see sync_regs() in kvm-s390.c."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: KVM: s390: configuraci\u00f3n fija del registro fpc kvm_arch_vcpu_ioctl_set_fpu() permite configurar el registro de control de punto flotante (fpc) de una CPU invitada. Se prueba la validez del nuevo valor carg\u00e1ndolo temporalmente en el registro fpc. Esto puede conducir a la corrupci\u00f3n del registro fpc del proceso host: si ocurre una interrupci\u00f3n mientras el valor se carga temporalmente en el registro fpc, y dentro del contexto de interrupci\u00f3n se utilizan registros de punto flotante o vectoriales, los registros fp/vx actuales se guardan con save_fpu_regs() suponiendo que pertenecen al espacio del usuario y se cargar\u00e1n en los registros fp/vx cuando regresen al espacio del usuario. test_fp_ctl() restaura el valor de registro fpc del proceso de host/espacio de usuario original; sin embargo, se descartar\u00e1 al regresar al espacio de usuario. Como resultado, el proceso del host continuar\u00e1 ejecut\u00e1ndose incorrectamente con el valor que se supon\u00eda que deb\u00eda usarse para una CPU invitada. Solucione este problema simplemente quitando la prueba. Hay otra prueba justo antes de ingresar al contexto SIE que manejar\u00e1 valores no v\u00e1lidos. Esto da como resultado un cambio de comportamiento: ahora se aceptar\u00e1n valores no v\u00e1lidos en lugar de que el ioctl falle con -EINVAL. Esto parece aceptable, dado que lo m\u00e1s probable es que esta interfaz ya no se use y, adem\u00e1s, este es el mismo comportamiento implementado con la interfaz asignada en memoria (reemplace los valores no v\u00e1lidos con cero); consulte sync_regs() en kvm-s390.c."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52598.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52598",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:09.990",
"lastModified": "2024-03-06T07:15:09.990",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ptrace: handle setting of fpc register correctly\n\nIf the content of the floating point control (fpc) register of a traced\nprocess is modified with the ptrace interface the new value is tested for\nvalidity by temporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the tracing process:\nif an interrupt happens while the value is temporarily loaded into the\nfpc register, and within interrupt context floating point or vector\nregisters are used, the current fp/vx registers are saved with\nsave_fpu_regs() assuming they belong to user space and will be loaded into\nfp/vx registers when returning to user space.\n\ntest_fp_ctl() restores the original user space fpc register value, however\nit will be discarded, when returning to user space.\n\nIn result the tracer will incorrectly continue to run with the value that\nwas supposed to be used for the traced process.\n\nFix this by saving fpu register contents with save_fpu_regs() before using\ntest_fp_ctl()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/ptrace: maneja la configuraci\u00f3n del registro fpc correctamente Si el contenido del registro de control de punto flotante (fpc) de un proceso rastreado se modifica con la interfaz ptrace, se prueba el nuevo valor validez carg\u00e1ndolo temporalmente en el registro fpc. Esto puede conducir a la corrupci\u00f3n del registro fpc del proceso de seguimiento: si ocurre una interrupci\u00f3n mientras el valor se carga temporalmente en el registro fpc, y dentro del contexto de interrupci\u00f3n se utilizan registros de punto flotante o vectoriales, los registros fp/vx actuales se guardan con save_fpu_regs() suponiendo que pertenecen al espacio del usuario y se cargar\u00e1n en los registros fp/vx cuando regresen al espacio del usuario. test_fp_ctl() restaura el valor del registro fpc del espacio de usuario original; sin embargo, se descartar\u00e1 al regresar al espacio de usuario. Como resultado, el rastreador continuar\u00e1 ejecut\u00e1ndose incorrectamente con el valor que se supon\u00eda que deb\u00eda usarse para el proceso rastreado. Solucione este problema guardando el contenido del registro fpu con save_fpu_regs() antes de usar test_fp_ctl()."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-525xx/CVE-2023-52599.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52599",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:10.210",
"lastModified": "2024-03-06T07:15:10.210",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in diNewExt\n\n[Syz report]\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:2360:2\nindex -878706688 is out of range for type 'struct iagctl[128]'\nCPU: 1 PID: 5065 Comm: syz-executor282 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348\n diNewExt+0x3cf3/0x4000 fs/jfs/jfs_imap.c:2360\n diAllocExt fs/jfs/jfs_imap.c:1949 [inline]\n diAllocAG+0xbe8/0x1e50 fs/jfs/jfs_imap.c:1666\n diAlloc+0x1d3/0x1760 fs/jfs/jfs_imap.c:1587\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xb90 fs/jfs/namei.c:225\n vfs_mkdir+0x2f1/0x4b0 fs/namei.c:4106\n do_mkdirat+0x264/0x3a0 fs/namei.c:4129\n __do_sys_mkdir fs/namei.c:4149 [inline]\n __se_sys_mkdir fs/namei.c:4147 [inline]\n __x64_sys_mkdir+0x6e/0x80 fs/namei.c:4147\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x45/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fcb7e6a0b57\nCode: ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffd83023038 EFLAGS: 00000286 ORIG_RAX: 0000000000000053\nRAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007fcb7e6a0b57\nRDX: 00000000000a1020 RSI: 00000000000001ff RDI: 0000000020000140\nRBP: 0000000020000140 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000286 R12: 00007ffd830230d0\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n\n[Analysis]\nWhen the agstart is too large, it can cause agno overflow.\n\n[Fix]\nAfter obtaining agno, if the value is invalid, exit the subsequent process.\n\n\nModified the test from agno > MAXAG to agno >= MAXAG based on linux-next\nreport by kernel test robot (Dan Carpenter)."
},
{
"lang": "es",
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: jfs: corrige array-index-out-of-bounds en diNewExt [Informe Syz] UBSAN: array-index-out-of-bounds en fs/jfs/jfs_imap.c: \u00cdndice 2360:2 -878706688 est\u00e1 fuera de rango para el tipo 'struct iagctl[128]' CPU: 1 PID: 5065 Comm: syz-executor282 No contaminado 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2023 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 ubsan_epilogue lib/ubsan.c: 217 [en l\u00ednea] __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348 diNewExt+0x3cf3/0x4000 fs/jfs/jfs_imap.c:2360 diAllocExt fs/jfs/jfs_imap.c:1949 [en l\u00ednea] diAllocAG+0xbe8/0x1 e50 fs/ jfs/jfs_imap.c:1666 diAlloc+0x1d3/0x1760 fs/jfs/jfs_imap.c:1587 ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56 jfs_mkdir+0x1c5/0xb90 fs/jfs/namei.c:225 vfs_m kdir +0x2f1/0x4b0 fs/namei.c:4106 do_mkdirat+0x264/0x3a0 fs/namei.c:4129 __do_sys_mkdir fs/namei.c:4149 [en l\u00ednea] __se_sys_mkdir fs/namei.c:4147 [en l\u00ednea] __x64_sys_mkdir+0x 6e/0x80 fs/namei.c:4147 do_syscall_x64 arch/x86/entry/common.c:51 [en l\u00ednea] do_syscall_64+0x45/0x110 arch/x86/entry/common.c:82 Entry_SYSCALL_64_after_hwframe+0x63/0x6b RIP: 0033:0x7fcb7e6a0b57 C\u00f3digo: ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 53 00 00 00 0f 05 &lt;48&gt; 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffd83023038 EFLAGS: 00000286 ORIG_RAX: 00000000000000053 RAX: ffffffffffffffda RBX: 0000000 0ffffffff RCX: 00007fcb7e6a0b57 RDX: 00000000000a1020 RSI: 00000000000001ff RDI: 0000000020000140 RBP: 0000000020000140 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000286 R12: 00007ffd830230d0 R13: 0000000000000000 R14 : 0000000000000000 R15: 0000000000000000 [An\u00e1lisis] Cuando el agstart es demasiado grande, puede causar un desbordamiento de agno. [Soluci\u00f3n] Despu\u00e9s de obtener agno, si el valor no es v\u00e1lido, salga del proceso posterior. Se modific\u00f3 la prueba de agno &gt; MAXAG a agno &gt;= MAXAG seg\u00fan el informe de Linux-next realizado por el robot de prueba del kernel (Dan Carpenter)."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52600.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52600",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:10.497",
"lastModified": "2024-03-06T07:15:10.497",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix uaf in jfs_evict_inode\n\nWhen the execution of diMount(ipimap) fails, the object ipimap that has been\nreleased may be accessed in diFreeSpecial(). Asynchronous ipimap release occurs\nwhen rcu_core() calls jfs_free_node().\n\nTherefore, when diMount(ipimap) fails, sbi->ipimap should not be initialized as\nipimap."
},
{
"lang": "es",
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: jfs: corrige uaf en jfs_evict_inode Cuando falla la ejecuci\u00f3n de diMount(ipimap), se puede acceder al objeto ipimap que se ha liberado en diFreeSpecial(). La liberaci\u00f3n asincr\u00f3nica de ipimap ocurre cuando rcu_core() llama a jfs_free_node(). Por lo tanto, cuando falla diMount(ipimap), sbi-&gt;ipimap no debe inicializarse como ipimap."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52601.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52601",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:10.680",
"lastModified": "2024-03-06T07:15:10.680",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbAdjTree\n\nCurrently there is a bound check missing in the dbAdjTree while\naccessing the dmt_stree. To add the required check added the bool is_ctl\nwhich is required to determine the size as suggest in the following\ncommit.\nhttps://lore.kernel.org/linux-kernel-mentees/f9475918-2186-49b8-b801-6f0f9e75f4fa@oracle.com/"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: corrige el \u00edndice de matriz fuera de los l\u00edmites en dbAdjTree Actualmente falta una verificaci\u00f3n de los l\u00edmite en dbAdjTree al acceder a dmt_stree. Para agregar la verificaci\u00f3n requerida, se agreg\u00f3 el bool is_ctl que se requiere para determinar el tama\u00f1o como se sugiere en el siguiente commit. https://lore.kernel.org/linux-kernel-mentees/f9475918-2186-49b8-b801-6f0f9e75f4fa@oracle.com/"
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52602.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52602",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:10.883",
"lastModified": "2024-03-06T07:15:10.883",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds Read in dtSearch\n\nCurrently while searching for current page in the sorted entry table\nof the page there is a out of bound access. Added a bound check to fix\nthe error.\n\nDave:\nSet return code to -EIO"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: arreglar slab-out-of-bounds Leer en dtSearch Actualmente, mientras se busca la p\u00e1gina actual en la tabla de entradas ordenadas de la p\u00e1gina, hay un acceso fuera de los l\u00edmites. Se agreg\u00f3 un cheque encuadernado para corregir el error. Dave: establece el c\u00f3digo de retorno en -EIO"
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52603.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52603",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:11.120",
"lastModified": "2024-03-06T07:15:11.120",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUBSAN: array-index-out-of-bounds in dtSplitRoot\n\nSyzkaller reported the following issue:\n\noop0: detected capacity change from 0 to 32768\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dtree.c:1971:9\nindex -2 is out of range for type 'struct dtslot [128]'\nCPU: 0 PID: 3613 Comm: syz-executor270 Not tainted 6.0.0-syzkaller-09423-g493ffd6605b2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:151 [inline]\n __ubsan_handle_out_of_bounds+0xdb/0x130 lib/ubsan.c:283\n dtSplitRoot+0x8d8/0x1900 fs/jfs/jfs_dtree.c:1971\n dtSplitUp fs/jfs/jfs_dtree.c:985 [inline]\n dtInsert+0x1189/0x6b80 fs/jfs/jfs_dtree.c:863\n jfs_mkdir+0x757/0xb00 fs/jfs/namei.c:270\n vfs_mkdir+0x3b3/0x590 fs/namei.c:4013\n do_mkdirat+0x279/0x550 fs/namei.c:4038\n __do_sys_mkdirat fs/namei.c:4053 [inline]\n __se_sys_mkdirat fs/namei.c:4051 [inline]\n __x64_sys_mkdirat+0x85/0x90 fs/namei.c:4051\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fcdc0113fd9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffeb8bc67d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcdc0113fd9\nRDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003\nRBP: 00007fcdc00d37a0 R08: 0000000000000000 R09: 00007fcdc00d37a0\nR10: 00005555559a72c0 R11: 0000000000000246 R12: 00000000f8008000\nR13: 0000000000000000 R14: 00083878000000f8 R15: 0000000000000000\n </TASK>\n\nThe issue is caused when the value of fsi becomes less than -1.\nThe check to break the loop when fsi value becomes -1 is present\nbut syzbot was able to produce value less than -1 which cause the error.\nThis patch simply add the change for the values less than 0.\n\nThe patch is tested via syzbot."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: UBSAN: array-index-out-of-bounds en dtSplitRoot Syzkaller inform\u00f3 el siguiente problema: oop0: se detect\u00f3 un cambio de capacidad de 0 a 32768 UBSAN: array-index-out-of- l\u00edmites en fs/jfs/jfs_dtree.c:1971:9 \u00edndice -2 est\u00e1 fuera de rango para el tipo 'struct dtslot [128]' CPU: 0 PID: 3613 Comm: syz-executor270 No contaminado 6.0.0-syzkaller-09423- g493ffd6605b2 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 22/09/2022 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c: 106 ubsan_epilogue lib/ubsan.c:151 [en l\u00ednea] __ubsan_handle_out_of_bounds+0xdb/0x130 lib/ubsan.c:283 dtSplitRoot+0x8d8/0x1900 fs/jfs/jfs_dtree.c:1971 dtSplitUp fs/jfs/jfs_dtree.c:9 85 [en l\u00ednea ] dtInsert+0x1189/0x6b80 fs/jfs/jfs_dtree.c:863 jfs_mkdir+0x757/0xb00 fs/jfs/namei.c:270 vfs_mkdir+0x3b3/0x590 fs/namei.c:4013 do_mkdirat+0x279/0x550 f s/namei. c:4038 __do_sys_mkdirat fs/namei.c:4053 [en l\u00ednea] __se_sys_mkdirat fs/namei.c:4051 [en l\u00ednea] __x64_sys_mkdirat+0x85/0x90 fs/namei.c:4051 do_syscall_x64 arch/x86/entry/common.c:50 [ inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fcdc0113fd9 C\u00f3digo: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 F7 48 89 D6 48 89 CA 4D 89 C2 4D 89 C8 4C 8B 4C 24 08 0F 05 &lt;48&gt; 3D 01 F0 FF FF 73 01 C3 48 C7 C1 C0 FF FF FF F7 D8 64 89 01 48 RSP: 002B: 00007ffeb8bc67d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 RAX: ffffffffffffffda RBX: 00000000000000000 RCX: 00007fcdc0113fd9 RDX: 00000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 RBP: 00007fcdc00d37a0 R08: 0000000000000000 R09: 00007fcdc00d37a0 R10: 00005555559a72c0 R11: 0000000000000246 R12: 00000000f8008000 R13: 0000000000000000 R14: 00083878000000f8 R15 : 0000000000000000 El problema se produce cuando el valor de fsi es inferior a -1. La verificaci\u00f3n para romper el ciclo cuando el valor fsi se convierte en -1 est\u00e1 presente, pero syzbot pudo producir un valor menor que -1, lo que causa el error. Este parche simplemente agrega el cambio para los valores menores que 0. El parche se prueba a trav\u00e9s de syzbot."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52604.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52604",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:11.347",
"lastModified": "2024-03-06T07:15:11.347",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nFS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree\n\nSyzkaller reported the following issue:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2867:6\nindex 196694 is out of range for type 's8[1365]' (aka 'signed char[1365]')\nCPU: 1 PID: 109 Comm: jfsCommit Not tainted 6.6.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348\n dbAdjTree+0x474/0x4f0 fs/jfs/jfs_dmap.c:2867\n dbJoin+0x210/0x2d0 fs/jfs/jfs_dmap.c:2834\n dbFreeBits+0x4eb/0xda0 fs/jfs/jfs_dmap.c:2331\n dbFreeDmap fs/jfs/jfs_dmap.c:2080 [inline]\n dbFree+0x343/0x650 fs/jfs/jfs_dmap.c:402\n txFreeMap+0x798/0xd50 fs/jfs/jfs_txnmgr.c:2534\n txUpdateMap+0x342/0x9e0\n txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\n jfs_lazycommit+0x47a/0xb70 fs/jfs/jfs_txnmgr.c:2732\n kthread+0x2d3/0x370 kernel/kthread.c:388\n ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n </TASK>\n================================================================================\nKernel panic - not syncing: UBSAN: panic_on_warn set ...\nCPU: 1 PID: 109 Comm: jfsCommit Not tainted 6.6.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n panic+0x30f/0x770 kernel/panic.c:340\n check_panic_on_warn+0x82/0xa0 kernel/panic.c:236\n ubsan_epilogue lib/ubsan.c:223 [inline]\n __ubsan_handle_out_of_bounds+0x13c/0x150 lib/ubsan.c:348\n dbAdjTree+0x474/0x4f0 fs/jfs/jfs_dmap.c:2867\n dbJoin+0x210/0x2d0 fs/jfs/jfs_dmap.c:2834\n dbFreeBits+0x4eb/0xda0 fs/jfs/jfs_dmap.c:2331\n dbFreeDmap fs/jfs/jfs_dmap.c:2080 [inline]\n dbFree+0x343/0x650 fs/jfs/jfs_dmap.c:402\n txFreeMap+0x798/0xd50 fs/jfs/jfs_txnmgr.c:2534\n txUpdateMap+0x342/0x9e0\n txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\n jfs_lazycommit+0x47a/0xb70 fs/jfs/jfs_txnmgr.c:2732\n kthread+0x2d3/0x370 kernel/kthread.c:388\n ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n </TASK>\nKernel Offset: disabled\nRebooting in 86400 seconds..\n\nThe issue is caused when the value of lp becomes greater than\nCTLTREESIZE which is the max size of stree. Adding a simple check\nsolves this issue.\n\nDave:\nAs the function returns a void, good error handling\nwould require a more intrusive code reorganization, so I modified\nOsama's patch at use WARN_ON_ONCE for lack of a cleaner option.\n\nThe patch is tested via syzbot."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: FS:JFS:UBSAN:array-index-out-of-bounds en dbAdjTree Syzkaller inform\u00f3 el siguiente problema: UBSAN: array-index-out-of-bounds en fs/jfs /jfs_dmap.c:2867:6 el \u00edndice 196694 est\u00e1 fuera del rango para el tipo 's8[1365]' (tambi\u00e9n conocido como 'car\u00e1cter firmado[1365]') CPU: 1 PID: 109 Comm: jfsCommit No contaminado 6.6.0-rc3-syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/08/2023 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 ubsan_epilogue lib/ubsan.c:217 [en l\u00ednea] __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348 dbAdjTree+0x474/0x4f0 fs/jfs/jfs_dmap.c:2867 dbJoin+0x210/0x2d0 fs/jfs/jfs _dmap.c: 2834 dbFreeBits+0x4eb/0xda0 fs/jfs/jfs_dmap.c:2331 dbFreeDmap fs/jfs/jfs_dmap.c:2080 [en l\u00ednea] dbFree+0x343/0x650 fs/jfs/jfs_dmap.c:402 txFreeMap+0x798/0xd50 fs/j fs /jfs_txnmgr.c:2534 txUpdateMap+0x342/0x9e0 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [en l\u00ednea] jfs_lazycommit+0x47a/0xb70 fs/jfs/jfs_txnmgr.c:2732 kthread+0x2d3/0x3 70 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 ============== ==================================================== ================ P\u00e1nico del kernel: no se sincroniza: UBSAN: p\u00e1nico_on_warn configurado... CPU: 1 PID: 109 Comm: jfsCommit No contaminado 6.6.0-rc3-syzkaller #0 Hardware nombre: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/08/2023 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 p\u00e1nico+0x30f /0x770 Kernel/Panic.C: 340 check_panic_on_warn+0x82/0xa0 kernel/Panic.c: 236 UBSAN_EPILOGO LIB/UBSAN.C: 223 [Inline] __ubsan_handle_out_of_bounds+0x13c/0x150 LIB/UB/UBSAN.C: 4F0 FS /jfs/jfs_dmap.c:2867 dbJoin+0x210/0x2d0 fs/jfs/jfs_dmap.c:2834 dbFreeBits+0x4eb/0xda0 fs/jfs/jfs_dmap.c:2331 dbFreeDmap fs/jfs/jfs_dmap.c:2080 [en l\u00ednea] dbFree +0x343/0x650 fs/jfs/jfs_dmap.c:402 txFreeMap+0x798/0xd50 fs/jfs/jfs_txnmgr.c:2534 txUpdateMap+0x342/0x9e0 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [en l\u00ednea] jf s_lazycommit+0x47a/0xb70 fs/jfs/jfs_txnmgr.c:2732 kthread+0x2d3/0x370 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64. S:304 Desplazamiento del kernel: deshabilitado Reinicio en 86400 segundos. El problema se produce cuando el valor de lp se vuelve mayor que CTLTREESIZE, que es el tama\u00f1o m\u00e1ximo de stree. Agregar una verificaci\u00f3n simple resuelve este problema. Dave: Como la funci\u00f3n devuelve un valor nulo, un buen manejo de errores requerir\u00eda una reorganizaci\u00f3n del c\u00f3digo m\u00e1s intrusiva, as\u00ed que modifiqu\u00e9 el parche de Osama en use WARN_ON_ONCE por falta de una opci\u00f3n m\u00e1s limpia. El parche se prueba mediante syzbot."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52605.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52605",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:11.560",
"lastModified": "2024-03-06T07:15:11.560",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: extlog: fix NULL pointer dereference check\n\nThe gcc plugin -fanalyzer [1] tries to detect various\npatterns of incorrect behaviour. The tool reports:\n\ndrivers/acpi/acpi_extlog.c: In function \u2018extlog_exit\u2019:\ndrivers/acpi/acpi_extlog.c:307:12: warning: check of \u2018extlog_l1_addr\u2019 for NULL after already dereferencing it [-Wanalyzer-deref-before-check]\n |\n | 306 | ((struct extlog_l1_head *)extlog_l1_addr)->flags &= ~FLAG_OS_OPTIN;\n | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~\n | | |\n | | (1) pointer \u2018extlog_l1_addr\u2019 is dereferenced here\n | 307 | if (extlog_l1_addr)\n | | ~\n | | |\n | | (2) pointer \u2018extlog_l1_addr\u2019 is checked for NULL here but it was already dereferenced at (1)\n |\n\nFix the NULL pointer dereference check in extlog_exit()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: extlog: corrige la verificaci\u00f3n de desreferencia del puntero NULL El complemento gcc -fanalyzer [1] intenta detectar varios patrones de comportamiento incorrecto. La herramienta informa: drivers/acpi/acpi_extlog.c: En funci\u00f3n 'extlog_exit': drivers/acpi/acpi_extlog.c:307:12: advertencia: verificaci\u00f3n de 'extlog_l1_addr' para NULL despu\u00e9s de desreferenciarlo [-Wanalyzer-deref-before -verificar] | | 306 | ((struct extlog_l1_head *)extlog_l1_addr)-&gt;flags &amp;= ~FLAG_OS_OPTIN; | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ | | | | | (1) Aqu\u00ed se elimina la referencia al puntero 'extlog_l1_addr' | 307 | si (extlog_l1_addr) | | ~ | | | | | (2) El puntero 'extlog_l1_addr' est\u00e1 marcado como NULL aqu\u00ed pero ya se elimin\u00f3 la referencia en (1) | Corrija la verificaci\u00f3n de desreferencia del puntero NULL en extlog_exit()."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52606.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52606",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:11.750",
"lastModified": "2024-03-06T07:15:11.750",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/lib: Validate size for vector operations\n\nSome of the fp/vmx code in sstep.c assume a certain maximum size for the\ninstructions being emulated. The size of those operations however is\ndetermined separately in analyse_instr().\n\nAdd a check to validate the assumption on the maximum size of the\noperations, so as to prevent any unintended kernel stack corruption."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powerpc/lib: validar tama\u00f1o para operaciones vectoriales Parte del c\u00f3digo fp/vmx en sstep.c asume un cierto tama\u00f1o m\u00e1ximo para las instrucciones que se emula. Sin embargo, el tama\u00f1o de esas operaciones se determina por separado en analyse_instr(). Agregue una verificaci\u00f3n para validar la suposici\u00f3n sobre el tama\u00f1o m\u00e1ximo de las operaciones, a fin de evitar da\u00f1os no deseados en la pila del kernel."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-526xx/CVE-2023-52607.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52607",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:11.970",
"lastModified": "2024-03-06T07:15:11.970",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: powerpc/mm: corrige la desreferencia del puntero nulo en pgtable_cache_add kasprintf() devuelve un puntero a la memoria asignada din\u00e1micamente que puede ser NULL en caso de falla. Aseg\u00farese de que la asignaci\u00f3n se haya realizado correctamente comprobando la validez del puntero."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-12xx/CVE-2024-1220.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1220",
"sourceIdentifier": "psirt@moxa.com",
"published": "2024-03-06T02:15:44.810",
"lastModified": "2024-03-06T02:15:44.810",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.\n\n"
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el servidor web integrado en la versi\u00f3n 2.3 y anteriores del firmware de la serie Moxa NPort W2150A/W2250A permite a un atacante remoto explotar la vulnerabilidad enviando un payload manipulado al servicio web. La explotaci\u00f3n exitosa de la vulnerabilidad podr\u00eda resultar en la denegaci\u00f3n del servicio."
}
],
"metrics": {

4
CVE-2024/CVE-2024-12xx/CVE-2024-1224.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1224",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2024-03-06T12:15:45.090",
"lastModified": "2024-03-06T12:15:45.090",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-13xx/CVE-2024-1356.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1356",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:07.593",
"lastModified": "2024-03-05T21:15:07.593",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n"
},
{
"lang": "es",
"value": "Existen vulnerabilidades de inyecci\u00f3n de comandos autenticadas en la interfaz de l\u00ednea de comandos de ArubaOS. La explotaci\u00f3n exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el sistema operativo subyacente."
}
],
"metrics": {

7
CVE-2024/CVE-2024-13xx/CVE-2024-1374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1374",
"sourceIdentifier": "product-cna@github.com",
"published": "2024-02-13T19:15:10.497",
"lastModified": "2024-03-01T22:59:15.660",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-03-06T15:26:34.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -90,9 +90,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.8.15",
"matchCriteriaId": "11EC6131-80F0-4B30-9DC8-AEB3C06C3075"
"matchCriteriaId": "DC6BA1DD-5194-4738-B23D-07FCEAFFB3DF"
},
{
"vulnerable": true,

8
CVE-2024/CVE-2024-17xx/CVE-2024-1760.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1760",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-06T06:15:49.903",
"lastModified": "2024-03-06T06:15:49.903",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.6.20. This is due to missing or incorrect nonce validation on the ssa_factory_reset() function. This makes it possible for unauthenticated attackers to reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 1.6.6.20 incluida. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en la funci\u00f3n ssa_factory_reset(). Esto hace posible que atacantes no autenticados restablezcan la configuraci\u00f3n del complemento mediante una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1764.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1764",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-05T22:15:46.947",
"lastModified": "2024-03-05T22:15:46.947",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances\n\n\n"
},
{
"lang": "es",
"value": "La gesti\u00f3n inadecuada de privilegios en el m\u00f3dulo de elevaci\u00f3n Justo a tiempo (JIT) en Devolutions Server 2023.3.14.0 y versiones anteriores permite que un usuario contin\u00fae usando el privilegio elevado incluso despu\u00e9s de su vencimiento en circunstancias espec\u00edficas."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-17xx/CVE-2024-1771.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1771",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-06T06:15:50.293",
"lastModified": "2024-03-06T06:15:50.293",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Total theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the total_order_sections() function in all versions up to, and including, 2.1.59. This makes it possible for authenticated attackers, with subscriber-level access and above, to repeat sections on the homepage."
},
{
"lang": "es",
"value": "El tema Total para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n total_order_sections() en todas las versiones hasta la 2.1.59 incluida. Esto hace posible que los atacantes autenticados, con acceso de nivel de suscriptor y superior, repitan secciones en la p\u00e1gina de inicio."
}
],
"metrics": {

8
CVE-2024/CVE-2024-18xx/CVE-2024-1898.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1898",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-05T22:15:47.020",
"lastModified": "2024-03-05T22:15:47.020",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notifications settings configured by an administrator.\n\n\n"
},
{
"lang": "es",
"value": "El control de acceso inadecuado en la funci\u00f3n de notificaci\u00f3n en Devolutions Server 2023.3.14.0 y versiones anteriores permite que un usuario con pocos privilegios cambie la configuraci\u00f3n de notificaciones configurada por un administrador."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-19xx/CVE-2024-1900.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1900",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-05T22:15:47.060",
"lastModified": "2024-03-05T22:15:47.060",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper session management in the identity provider authentication flow in Devolutions Server 2023.3.14.0 and earlier allows an authenticated user via an identity provider to stay authenticated after his user is disabled or deleted in the identity provider such as Okta or Microsoft O365. \n\nThe user will stay authenticated until the Devolutions Server token expiration."
},
{
"lang": "es",
"value": "La gesti\u00f3n inadecuada de la sesi\u00f3n en el flujo de autenticaci\u00f3n del proveedor de identidad en Devolutions Server 2023.3.14.0 y versiones anteriores permite que un usuario autenticado a trav\u00e9s de un proveedor de identidad permanezca autenticado despu\u00e9s de que su usuario se deshabilite o elimine en el proveedor de identidad, como Okta o Microsoft O365. El usuario permanecer\u00e1 autenticado hasta que caduque el token del servidor Devolutions."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-19xx/CVE-2024-1901.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1901",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-05T22:15:47.103",
"lastModified": "2024-03-05T22:15:47.103",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Denial of service in PAM password rotation during the check-in process in Devolutions Server 2023.3.14.0 allows an authenticated user with specific PAM permissions to make PAM credentials unavailable.\n\n\n"
},
{
"lang": "es",
"value": "La denegaci\u00f3n de servicio en la rotaci\u00f3n de contrase\u00f1as de PAM durante el proceso de registro en Devolutions Server 2023.3.14.0 permite que un usuario autenticado con permisos de PAM espec\u00edficos haga que las credenciales de PAM no est\u00e9n disponibles."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-19xx/CVE-2024-1989.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1989",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-06T06:15:50.467",
"lastModified": "2024-03-06T06:15:50.467",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Social Sharing Plugin \u2013 Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Sassy_Social_Share' shortcode in all versions up to, and including, 3.3.58 due to insufficient input sanitization and output escaping on user supplied attributes such as 'url'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Social Sharing Plugin \u2013 Sassy Social Share para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo corto 'Sassy_Social_Share' del complemento en todas las versiones hasta la 3.3.58 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. como \"URL\". Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

4
CVE-2024/CVE-2024-20xx/CVE-2024-2005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2005",
"sourceIdentifier": "7bd90cf1-1651-495e-9ae8-9415fb3c9feb",
"published": "2024-03-06T12:15:45.827",
"lastModified": "2024-03-06T12:15:45.827",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-20xx/CVE-2024-2055.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2055",
"sourceIdentifier": "cve@takeonme.org",
"published": "2024-03-05T20:16:01.617",
"lastModified": "2024-03-05T20:16:01.617",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The \"Rich Filemanager\" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user."
},
{
"lang": "es",
"value": "La funci\u00f3n \"Rich Filemanager\" de Artica Proxy proporciona una interfaz basada en web para capacidades de administraci\u00f3n de archivos. Cuando la funci\u00f3n est\u00e1 habilitada, no requiere autenticaci\u00f3n de forma predeterminada y se ejecuta como usuario ra\u00edz."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-20xx/CVE-2024-2056.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2056",
"sourceIdentifier": "cve@takeonme.org",
"published": "2024-03-05T20:16:01.703",
"lastModified": "2024-03-05T20:16:01.703",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the \"tailon\" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed."
},
{
"lang": "es",
"value": "Los servicios que se est\u00e1n ejecutando y vinculados a la interfaz de bucle invertido en Artica Proxy son accesibles a trav\u00e9s del servicio de proxy. En particular, el servicio \"tailon\" se est\u00e1 ejecutando, ejecut\u00e1ndose como usuario root, est\u00e1 vinculado a la interfaz loopback y est\u00e1 escuchando en el puerto TCP 7050. Los problemas de seguridad asociados con la exposici\u00f3n de este servicio de red est\u00e1n documentados en el repositorio de GitHub \"tailon\" de gvalkov. Utilizando el servicio Tailon, se puede ver el contenido de cualquier archivo en Artica Proxy."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-21xx/CVE-2024-2179.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-2179",
"sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"published": "2024-03-05T21:15:09.100",
"lastModified": "2024-03-05T21:15:09.100",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Name field which might be executed when users visit the affected page. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 2.2 with a vector of AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N Concrete versions below 9 do not include group types so they are not affected by this vulnerability. Thanks Luca Fuda for reporting.\n"
},
{
"lang": "es",
"value": "La versi\u00f3n 9 de Concrete CMS anterior a la 9.2.7 es vulnerable a XSS almacenado a trav\u00e9s del campo Nombre de un tipo de grupo, ya que no hay validaci\u00f3n suficiente de los datos proporcionados por el administrador para ese campo. Un administrador deshonesto podr\u00eda inyectar c\u00f3digo malicioso en el campo Nombre que podr\u00eda ejecutarse cuando los usuarios visitan la p\u00e1gina afectada. El equipo de seguridad de Concrete CMS le dio a esta vulnerabilidad una puntuaci\u00f3n CVSS v3.1 de 2.2 con un vector de AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A: N Las versiones concretas inferiores a 9 no incluyen tipos de grupos, por lo que no se ven afectados por esta vulnerabilidad. Gracias a Luca Fuda por informar."
}
],
"metrics": {

8
CVE-2024/CVE-2024-228xx/CVE-2024-22889.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-22889",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T00:15:52.633",
"lastModified": "2024-03-06T00:15:52.633",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request."
},
{
"lang": "es",
"value": "Debido al control de acceso incorrecto en la versi\u00f3n v6.0.9 de Plone, los atacantes remotos pueden ver y enumerar todos los archivos alojados en el sitio web mediante el env\u00edo de una solicitud manipulada."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-22xx/CVE-2024-2211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2211",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-06T11:15:07.233",
"lastModified": "2024-03-06T11:15:07.233",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-232xx/CVE-2024-23225.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23225",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-05T20:16:01.370",
"lastModified": "2024-03-05T20:16:01.370",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en iOS 16.7.6 y iPadOS 16.7.6, iOS 17.4 y iPadOS 17.4. Un atacante con capacidad arbitraria de lectura y escritura del kernel puede eludir las protecciones de la memoria del kernel. Apple tiene conocimiento de un informe que indica que este problema puede haber sido aprovechado."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-232xx/CVE-2024-23243.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23243",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-05T20:16:01.450",
"lastModified": "2024-03-05T20:16:01.450",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4. An app may be able to read sensitive location information."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en iOS 17.4 y iPadOS 17.4. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de ubicaci\u00f3n."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-232xx/CVE-2024-23256.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23256",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-05T20:16:01.503",
"lastModified": "2024-03-05T20:16:01.503",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4. A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled."
},
{
"lang": "es",
"value": "Se abord\u00f3 una cuesti\u00f3n de l\u00f3gica con una mejor gesti\u00f3n de estado. Este problema se solucion\u00f3 en iOS 17.4 y iPadOS 17.4. Las pesta\u00f1as bloqueadas de un usuario pueden ser visibles brevemente al cambiar de grupo de pesta\u00f1as cuando la navegaci\u00f3n privada bloqueada est\u00e1 habilitada."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-232xx/CVE-2024-23296.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23296",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-05T20:16:01.553",
"lastModified": "2024-03-05T20:16:01.553",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en iOS 17.4 y iPadOS 17.4. Un atacante con capacidad arbitraria de lectura y escritura del kernel puede eludir las protecciones de la memoria del kernel. Apple tiene conocimiento de un informe que indica que este problema puede haber sido aprovechado."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-242xx/CVE-2024-24275.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24275",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T23:15:07.520",
"lastModified": "2024-03-05T23:15:07.520",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function."
},
{
"lang": "es",
"value": "Vulnerabilidad de cross-site scripting en el cliente de escritorio Teamwire Windows v.2.0.1 a v.2.4.0 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulada para la funci\u00f3n de b\u00fasqueda global."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-242xx/CVE-2024-24276.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24276",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T23:15:07.583",
"lastModified": "2024-03-05T23:15:07.583",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the chat name, message preview, username and group name components."
},
{
"lang": "es",
"value": "Vulnerabilidad de cross-site scripting (XSS) en el cliente de escritorio Teamwire Windows v.2.0.1 a v.2.4.0 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulada para los componentes de nombre de chat, vista previa de mensaje, nombre de usuario y nombre de grupo."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-242xx/CVE-2024-24278.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24278",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T23:15:07.633",
"lastModified": "2024-03-05T23:15:07.633",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the message function."
},
{
"lang": "es",
"value": "Un problema en el cliente de escritorio Teamwire Windows v.2.0.1 a v.2.4.0 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipula para la funci\u00f3n de mensaje."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-247xx/CVE-2024-24783.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24783",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.683",
"lastModified": "2024-03-05T23:15:07.683",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates."
},
{
"lang": "es",
"value": "La verificaci\u00f3n de una cadena de certificados que contiene un certificado con un algoritmo de clave p\u00fablica desconocido provocar\u00e1 que Certificate.Verify entre en p\u00e1nico. Esto afecta a todos los clientes cripto/tls y a los servidores que configuran Config.ClientAuth en VerifyClientCertIfGiven o RequireAndVerifyClientCert. El comportamiento predeterminado es que los servidores TLS no verifiquen los certificados de los clientes."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-247xx/CVE-2024-24784.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24784",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.733",
"lastModified": "2024-03-05T23:15:07.733",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers."
},
{
"lang": "es",
"value": "La funci\u00f3n ParseAddressList controla incorrectamente los comentarios (texto entre par\u00e9ntesis) dentro de los nombres para mostrar. Dado que se trata de una desalineaci\u00f3n con los analizadores de direcciones conformes, puede dar lugar a que los programas que utilizan diferentes analizadores tomen diferentes decisiones de confianza."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-247xx/CVE-2024-24785.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24785",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.777",
"lastModified": "2024-03-05T23:15:07.777",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates."
},
{
"lang": "es",
"value": "Si los errores devueltos por los m\u00e9todos MarshalJSON contienen datos controlados por el usuario, se pueden usar para romper el comportamiento de escape autom\u00e1tico contextual del paquete html/template, permitiendo acciones posteriores para inyectar contenido inesperado en las plantillas."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-247xx/CVE-2024-24786.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-24786",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.820",
"lastModified": "2024-03-05T23:15:07.820",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set."
},
{
"lang": "es",
"value": "La funci\u00f3n protojson.Unmarshal puede entrar en un bucle infinito al descomponer ciertas formas de JSON no v\u00e1lido. Esta condici\u00f3n puede ocurrir al descomponer en un mensaje que contiene un valor google.protobuf.Any, o cuando la opci\u00f3n UnmarshalOptions.DiscardUnknown est\u00e1 configurada."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-251xx/CVE-2024-25102.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25102",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2024-03-06T12:15:45.327",
"lastModified": "2024-03-06T12:15:45.327",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-251xx/CVE-2024-25103.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25103",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2024-03-06T12:15:45.523",
"lastModified": "2024-03-06T12:15:45.523",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-256xx/CVE-2024-25611.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25611",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:07.887",
"lastModified": "2024-03-05T21:15:07.887",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n"
},
{
"lang": "es",
"value": "Existen vulnerabilidades de inyecci\u00f3n de comandos autenticadas en la interfaz de l\u00ednea de comandos de ArubaOS. La explotaci\u00f3n exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el sistema operativo subyacente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-256xx/CVE-2024-25612.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25612",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:08.133",
"lastModified": "2024-03-05T21:15:08.133",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n"
},
{
"lang": "es",
"value": "Existen vulnerabilidades de inyecci\u00f3n de comandos autenticadas en la interfaz de l\u00ednea de comandos de ArubaOS. La explotaci\u00f3n exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el sistema operativo subyacente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-256xx/CVE-2024-25613.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25613",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:08.307",
"lastModified": "2024-03-05T21:15:08.307",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n"
},
{
"lang": "es",
"value": "Existen vulnerabilidades de inyecci\u00f3n de comandos autenticadas en la interfaz de l\u00ednea de comandos de ArubaOS. La explotaci\u00f3n exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el sistema operativo subyacente."
}
],
"metrics": {

8
CVE-2024/CVE-2024-256xx/CVE-2024-25614.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25614",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:08.473",
"lastModified": "2024-03-05T21:15:08.473",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the integrity of the controller. \n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de eliminaci\u00f3n de archivos arbitraria en la CLI utilizada por ArubaOS. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de eliminar archivos arbitrarios en el sistema operativo subyacente, lo que podr\u00eda provocar condiciones de denegaci\u00f3n de servicio y afectar la integridad del controlador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-256xx/CVE-2024-25615.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25615",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:08.637",
"lastModified": "2024-03-05T21:15:08.637",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": " An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio (DoS) no autenticada en el servicio Spectrum al que se accede a trav\u00e9s del protocolo PAPI en ArubaOS 8.x. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir el funcionamiento normal del servicio afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-256xx/CVE-2024-25616.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25616",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:08.807",
"lastModified": "2024-03-05T21:15:08.807",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers.\n\n"
},
{
"lang": "es",
"value": "Aruba ha identificado ciertas configuraciones de ArubaOS que pueden conducir a la divulgaci\u00f3n parcial de informaci\u00f3n confidencial en el proceso de negociaci\u00f3n IKE_AUTH. Los escenarios en los que puede ocurrir la divulgaci\u00f3n de informaci\u00f3n potencialmente confidencial son complejos y dependen de factores que escapan al control de los atacantes."
}
],
"metrics": {

8
CVE-2024/CVE-2024-258xx/CVE-2024-25817.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25817",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T00:15:52.703",
"lastModified": "2024-03-06T00:15:52.703",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en eza anterior a la versi\u00f3n 0.18.2, permite a atacantes locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de los componentes .git/HEAD, .git/refs y .git/objects."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-258xx/CVE-2024-25858.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-25858",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T21:15:09.030",
"lastModified": "2024-03-05T21:15:09.030",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands."
},
{
"lang": "es",
"value": "En Foxit PDF Reader anterior a 2024.1 y PDF Editor anterior a 2024.1, la ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de JavaScript podr\u00eda ocurrir debido a un mensaje emergente no optimizado para que los usuarios revisen los par\u00e1metros de los comandos."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-265xx/CVE-2024-26580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26580",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-06T12:15:45.743",
"lastModified": "2024-03-06T12:15:45.743",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-266xx/CVE-2024-26623.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-26623",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:12.173",
"lastModified": "2024-03-06T07:15:12.173",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent race issues involving the adminq\n\nThere are multiple paths that can result in using the pdsc's\nadminq.\n\n[1] pdsc_adminq_isr and the resulting work from queue_work(),\n i.e. pdsc_work_thread()->pdsc_process_adminq()\n\n[2] pdsc_adminq_post()\n\nWhen the device goes through reset via PCIe reset and/or\na fw_down/fw_up cycle due to bad PCIe state or bad device\nstate the adminq is destroyed and recreated.\n\nA NULL pointer dereference can happen if [1] or [2] happens\nafter the adminq is already destroyed.\n\nIn order to fix this, add some further state checks and\nimplement reference counting for adminq uses. Reference\ncounting was used because multiple threads can attempt to\naccess the adminq at the same time via [1] or [2]. Additionally,\nmultiple clients (i.e. pds-vfio-pci) can be using [2]\nat the same time.\n\nThe adminq_refcnt is initialized to 1 when the adminq has been\nallocated and is ready to use. Users/clients of the adminq\n(i.e. [1] and [2]) will increment the refcnt when they are using\nthe adminq. When the driver goes into a fw_down cycle it will\nset the PDSC_S_FW_DEAD bit and then wait for the adminq_refcnt\nto hit 1. Setting the PDSC_S_FW_DEAD before waiting will prevent\nany further adminq_refcnt increments. Waiting for the\nadminq_refcnt to hit 1 allows for any current users of the adminq\nto finish before the driver frees the adminq. Once the\nadminq_refcnt hits 1 the driver clears the refcnt to signify that\nthe adminq is deleted and cannot be used. On the fw_up cycle the\ndriver will once again initialize the adminq_refcnt to 1 allowing\nthe adminq to be used again."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pds_core: evita problemas de ejecuci\u00f3n relacionados con adminq. Hay varias rutas que pueden resultar en el uso de adminq de pdsc. [1] pdsc_adminq_isr y el trabajo resultante de queue_work(), es decir, pdsc_work_thread()-&gt;pdsc_process_adminq() [2] pdsc_adminq_post() Cuando el dispositivo se reinicia mediante reinicio de PCIe y/o un ciclo fw_down/fw_up debido a un estado incorrecto de PCIe o mal estado del dispositivo, adminq se destruye y se vuelve a crear. Puede ocurrir una desreferencia de puntero NULL si [1] o [2] ocurre despu\u00e9s de que adminq ya est\u00e9 destruido. Para solucionar este problema, agregue algunas comprobaciones de estado adicionales e implemente el recuento de referencias para usos de adminq. Se utiliz\u00f3 el recuento de referencias porque varios subprocesos pueden intentar acceder a adminq al mismo tiempo a trav\u00e9s de [1] o [2]. Adem\u00e1s, varios clientes (es decir, pds-vfio-pci) pueden utilizar [2] al mismo tiempo. adminq_refcnt se inicializa en 1 cuando adminq se ha asignado y est\u00e1 listo para usar. Los usuarios/clientes de adminq (es decir, [1] y [2]) incrementar\u00e1n el refcnt cuando utilicen adminq. Cuando el controlador entra en un ciclo fw_down, establecer\u00e1 el bit PDSC_S_FW_DEAD y luego esperar\u00e1 a que adminq_refcnt llegue a 1. Configurar PDSC_S_FW_DEAD antes de esperar evitar\u00e1 m\u00e1s incrementos de adminq_refcnt. Esperar a que adminq_refcnt llegue a 1 permite que cualquier usuario actual de adminq finalice antes de que el controlador libere adminq. Una vez que adminq_refcnt llega a 1, el controlador borra el refcnt para indicar que adminq se elimina y no se puede utilizar. En el ciclo fw_up, el controlador inicializar\u00e1 una vez m\u00e1s adminq_refcnt en 1, lo que permitir\u00e1 utilizar adminq nuevamente."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-266xx/CVE-2024-26624.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-26624",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:12.360",
"lastModified": "2024-03-06T07:15:12.360",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix lockdep positive in sk_diag_dump_icons()\n\nsyzbot reported a lockdep splat [1].\n\nBlamed commit hinted about the possible lockdep\nviolation, and code used unix_state_lock_nested()\nin an attempt to silence lockdep.\n\nIt is not sufficient, because unix_state_lock_nested()\nis already used from unix_state_double_lock().\n\nWe need to use a separate subclass.\n\nThis patch adds a distinct enumeration to make things\nmore explicit.\n\nAlso use swap() in unix_state_double_lock() as a clean up.\n\nv2: add a missing inline keyword to unix_state_lock_nested()\n\n[1]\nWARNING: possible circular locking dependency detected\n6.8.0-rc1-syzkaller-00356-g8a696a29c690 #0 Not tainted\n\nsyz-executor.1/2542 is trying to acquire lock:\n ffff88808b5df9e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: skb_queue_tail+0x36/0x120 net/core/skbuff.c:3863\n\nbut task is already holding lock:\n ffff88808b5dfe70 (&u->lock/1){+.+.}-{2:2}, at: unix_dgram_sendmsg+0xfc7/0x2200 net/unix/af_unix.c:2089\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-> #1 (&u->lock/1){+.+.}-{2:2}:\n lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754\n _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378\n sk_diag_dump_icons net/unix/diag.c:87 [inline]\n sk_diag_fill+0x6ea/0xfe0 net/unix/diag.c:157\n sk_diag_dump net/unix/diag.c:196 [inline]\n unix_diag_dump+0x3e9/0x630 net/unix/diag.c:220\n netlink_dump+0x5c1/0xcd0 net/netlink/af_netlink.c:2264\n __netlink_dump_start+0x5d7/0x780 net/netlink/af_netlink.c:2370\n netlink_dump_start include/linux/netlink.h:338 [inline]\n unix_diag_handler_dump+0x1c3/0x8f0 net/unix/diag.c:319\n sock_diag_rcv_msg+0xe3/0x400\n netlink_rcv_skb+0x1df/0x430 net/netlink/af_netlink.c:2543\n sock_diag_rcv+0x2a/0x40 net/core/sock_diag.c:280\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7e6/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa37/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_write_iter+0x39a/0x520 net/socket.c:1160\n call_write_iter include/linux/fs.h:2085 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xa74/0xca0 fs/read_write.c:590\n ksys_write+0x1a0/0x2c0 fs/read_write.c:643\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\n-> #0 (rlock-AF_UNIX){+.+.}-{2:2}:\n check_prev_add kernel/locking/lockdep.c:3134 [inline]\n check_prevs_add kernel/locking/lockdep.c:3253 [inline]\n validate_chain+0x1909/0x5ab0 kernel/locking/lockdep.c:3869\n __lock_acquire+0x1345/0x1fd0 kernel/locking/lockdep.c:5137\n lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162\n skb_queue_tail+0x36/0x120 net/core/skbuff.c:3863\n unix_dgram_sendmsg+0x15d9/0x2200 net/unix/af_unix.c:2112\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x592/0x890 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmmsg+0x3b2/0x730 net/socket.c:2724\n __do_sys_sendmmsg net/socket.c:2753 [inline]\n __se_sys_sendmmsg net/socket.c:2750 [inline]\n __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2750\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 \n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: af_unix: corrige el bloqueo positivo en sk_diag_dump_icons() syzbot inform\u00f3 un bloqueo del bloqueo [1]. La confirmaci\u00f3n culpada insinu\u00f3 la posible violaci\u00f3n de lockdep y el c\u00f3digo us\u00f3 unix_state_lock_nested() en un intento de silenciar lockdep. No es suficiente, porque unix_state_lock_nested() ya se usa desde unix_state_double_lock(). Necesitamos usar una subclase separada. Este parche agrega una enumeraci\u00f3n distinta para hacer las cosas m\u00e1s expl\u00edcitas. Utilice tambi\u00e9n swap() en unix_state_double_lock() como limpieza. v2: agregue una palabra clave en l\u00ednea faltante a unix_state_lock_nested() [1] ADVERTENCIA: se detect\u00f3 posible dependencia de bloqueo circular 6.8.0-rc1-syzkaller-00356-g8a696a29c690 #0 No contaminado syz-executor.1/2542 est\u00e1 intentando adquirir el bloqueo: ffff88808b5df9e8 (rlock-AF_UNIX){+.+.}-{2:2}, en: skb_queue_tail+0x36/0x120 net/core/skbuff.c:3863 pero la tarea ya mantiene el bloqueo: ffff88808b5dfe70 (&amp;u-&gt;lock/1) {+.+.}-{2:2}, en: unix_dgram_sendmsg+0xfc7/0x2200 net/unix/af_unix.c:2089 cuyo bloqueo ya depende del nuevo bloqueo. la cadena de dependencia existente (en orden inverso) es: -&gt; #1 (&amp;u-&gt;lock/1){+.+.}-{2:2}: lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378 sk_diag_dump_icons net/unix/diag.c:87 [en l\u00ednea] sk_diag_fill+0x6ea/0xfe0 net/unix/diag.c:157 sk_diag_dump net/unix/diag.c: 196 [en l\u00ednea] unix_diag_dump+0x3e9/0x630 net/unix/diag.c:220 netlink_dump+0x5c1/0xcd0 net/netlink/af_netlink.c:2264 __netlink_dump_start+0x5d7/0x780 net/netlink/af_netlink.c:2370 netlink_dump_start include/linux /netlink.h:338 [en l\u00ednea] unix_diag_handler_dump+0x1c3/0x8f0 net/unix/diag.c:319 sock_diag_rcv_msg+0xe3/0x400 netlink_rcv_skb+0x1df/0x430 net/netlink/af_netlink.c:2543 sock_diag_rcv+0x2a/0x 40 neto/n\u00facleo /sock_diag.c:280 netlink_unicast_kernel net/netlink/af_netlink.c:1341 [en l\u00ednea] netlink_unicast+0x7e6/0x980 net/netlink/af_netlink.c:1367 netlink_sendmsg+0xa37/0xd70 net/netlink/af_netlink.c:1908 sock_sendmsg_nosec net/ socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] sock_write_iter+0x39a/0x520 net/socket.c:1160 call_write_iter include/linux/fs.h:2085 [en l\u00ednea] new_sync_write fs/read_write.c :497 [en l\u00ednea] vfs_write+0xa74/0xca0 fs/read_write.c:590 ksys_write+0x1a0/0x2c0 fs/read_write.c:643 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf5/0x230 arch /x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b -&gt; #0 (rlock-AF_UNIX){+.+.}-{2:2}: check_prev_add kernel/locking/lockdep.c:3134 [en l\u00ednea] check_prevs_add kernel/locking/lockdep.c:3253 [en l\u00ednea] validar_chain+0x1909/0x5ab0 kernel/locking/lockdep.c:3869 __lock_acquire+0x1345/0x1fd0 kernel/locking/lockdep.c:5137 lock_acquire+0x1e3/0x530 kernel/locking/ lockdep.c:5754 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [en l\u00ednea] _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162 skb_queue_tail+0x36/0x120 net/core/skbuff.c:3863 unix_dgram_send mensaje+0x15d9/ 0x2200 net/unix/af_unix.c:2112 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] ____sys_sendmsg+0x592/0x890 net/socket.c:2584 ___sys_sendmsg net/socket.c :2638 [en l\u00ednea] __sys_sendmmsg+0x3b2/0x730 net/socket.c:2724 __do_sys_sendmmsg net/socket.c:2753 [en l\u00ednea] __se_sys_sendmmsg net/socket.c:2750 [en l\u00ednea] __x64_sys_sendmmsg+0xa0/0xb0 net /socket.c: 2750 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x230 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: Posible escenario de bloqueo inseguro : CPU0 ---truncado---"
}
],
"metrics": {},

4
CVE-2024/CVE-2024-266xx/CVE-2024-26625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26625",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:12.587",
"lastModified": "2024-03-06T07:15:12.587",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-266xx/CVE-2024-26626.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-26626",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:12.810",
"lastModified": "2024-03-06T07:15:12.810",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: fix kernel panic when forwarding mcast packets\n\nThe stacktrace was:\n[ 86.305548] BUG: kernel NULL pointer dereference, address: 0000000000000092\n[ 86.306815] #PF: supervisor read access in kernel mode\n[ 86.307717] #PF: error_code(0x0000) - not-present page\n[ 86.308624] PGD 0 P4D 0\n[ 86.309091] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 86.309883] CPU: 2 PID: 3139 Comm: pimd Tainted: G U 6.8.0-6wind-knet #1\n[ 86.311027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.11.1-0-g0551a4be2c-prebuilt.qemu-project.org 04/01/2014\n[ 86.312728] RIP: 0010:ip_mr_forward (/build/work/knet/net/ipv4/ipmr.c:1985)\n[ 86.313399] Code: f9 1f 0f 87 85 03 00 00 48 8d 04 5b 48 8d 04 83 49 8d 44 c5 00 48 8b 40 70 48 39 c2 0f 84 d9 00 00 00 49 8b 46 58 48 83 e0 fe <80> b8 92 00 00 00 00 0f 84 55 ff ff ff 49 83 47 38 01 45 85 e4 0f\n[ 86.316565] RSP: 0018:ffffad21c0583ae0 EFLAGS: 00010246\n[ 86.317497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 86.318596] RDX: ffff9559cb46c000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 86.319627] RBP: ffffad21c0583b30 R08: 0000000000000000 R09: 0000000000000000\n[ 86.320650] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001\n[ 86.321672] R13: ffff9559c093a000 R14: ffff9559cc00b800 R15: ffff9559c09c1d80\n[ 86.322873] FS: 00007f85db661980(0000) GS:ffff955a79d00000(0000) knlGS:0000000000000000\n[ 86.324291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 86.325314] CR2: 0000000000000092 CR3: 000000002f13a000 CR4: 0000000000350ef0\n[ 86.326589] Call Trace:\n[ 86.327036] <TASK>\n[ 86.327434] ? show_regs (/build/work/knet/arch/x86/kernel/dumpstack.c:479)\n[ 86.328049] ? __die (/build/work/knet/arch/x86/kernel/dumpstack.c:421 /build/work/knet/arch/x86/kernel/dumpstack.c:434)\n[ 86.328508] ? page_fault_oops (/build/work/knet/arch/x86/mm/fault.c:707)\n[ 86.329107] ? do_user_addr_fault (/build/work/knet/arch/x86/mm/fault.c:1264)\n[ 86.329756] ? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223)\n[ 86.330350] ? __irq_work_queue_local (/build/work/knet/kernel/irq_work.c:111 (discriminator 1))\n[ 86.331013] ? exc_page_fault (/build/work/knet/./arch/x86/include/asm/paravirt.h:693 /build/work/knet/arch/x86/mm/fault.c:1515 /build/work/knet/arch/x86/mm/fault.c:1563)\n[ 86.331702] ? asm_exc_page_fault (/build/work/knet/./arch/x86/include/asm/idtentry.h:570)\n[ 86.332468] ? ip_mr_forward (/build/work/knet/net/ipv4/ipmr.c:1985)\n[ 86.333183] ? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223)\n[ 86.333920] ipmr_mfc_add (/build/work/knet/./include/linux/rcupdate.h:782 /build/work/knet/net/ipv4/ipmr.c:1009 /build/work/knet/net/ipv4/ipmr.c:1273)\n[ 86.334583] ? __pfx_ipmr_hash_cmp (/build/work/knet/net/ipv4/ipmr.c:363)\n[ 86.335357] ip_mroute_setsockopt (/build/work/knet/net/ipv4/ipmr.c:1470)\n[ 86.336135] ? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223)\n[ 86.336854] ? ip_mroute_setsockopt (/build/work/knet/net/ipv4/ipmr.c:1470)\n[ 86.337679] do_ip_setsockopt (/build/work/knet/net/ipv4/ip_sockglue.c:944)\n[ 86.338408] ? __pfx_unix_stream_read_actor (/build/work/knet/net/unix/af_unix.c:2862)\n[ 86.339232] ? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223)\n[ 86.339809] ? aa_sk_perm (/build/work/knet/security/apparmor/include/cred.h:153 /build/work/knet/security/apparmor/net.c:181)\n[ 86.340342] ip_setsockopt (/build/work/knet/net/ipv4/ip_sockglue.c:1415)\n[ 86.340859] raw_setsockopt (/build/work/knet/net/ipv4/raw.c:836)\n[ 86.341408] ? security_socket_setsockopt (/build/work/knet/security/security.c:4561 (discriminator 13))\n[ 86.342116] sock_common_setsockopt (/build/work/knet/net/core/sock.c:3716)\n[ 86.342747] do_sock_setsockopt (/build/work/knet/net/socket.c:2313)\n[ 86.343363] __sys_setsockopt (/build/work/knet/./include/linux/file.h:32 /build/work/kn\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ipmr: corrige el p\u00e1nico del kernel al reenviar paquetes mcast El stacktrace fue: [86.305548] ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000092 [86.306815] #PF: acceso de lectura del supervisor en modo kernel [ 86.307717] #PF: error_code(0x0000) - p\u00e1gina no presente [ 86.308624] PGD 0 P4D 0 [ 86.309091] Ups: 0000 [#1] PREEMPT SMP NOPTI [ 86.309883] CPU: 2 PID: 3139 Comm: pimd Contaminado: GU 6.8.0-6wind-knet #1 [ 86.311027] Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS rel-1.11.1-0-g0551a4be2c-prebuilt.qemu-project.org 01/04/2014 [ 86.312728] RIP: 0010:ip_mr_forward (/build/work/knet/net/ipv4/ipmr.c:1985) [86.313399] C\u00f3digo: f9 1f 0f 87 85 03 00 00 48 8d 04 5b 48 8d 04 83 49 8d 44 c 5 00 48 8b 40 70 48 39 c2 0f 84 d9 00 00 00 49 8b 46 58 48 83 e0 fe &lt;80&gt; b8 92 00 00 00 00 0f 84 55 ff ff 49 83 47 38 01 45 85 e4 0f [ 86.316565] RSP : 0018:ffffad21c0583ae0 EFLAGS: 00010246 [ 86.317497] RAX: 0000000000000000 RBX: 00000000000000000 RCX: 00000000000000000 [ 86.318596] RDX: ff ff9559cb46c000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.319627] RBP: ffffad21c0583b30 R08: 00000000000000000 R09: 00000000000000000 [ 86.320650] R10: 0000000000000000 R11 : 0000000000000000 R12: 00000000000000001 [ 86.321672] R13: ffff9559c093a000 R14: ffff9559cc00b800 R15: ffff9559c09c1d80 [ 86.322873] FS: 0 0007f85db661980(0000) GS:ffff955a79d00000(0000) knlGS:0000000000000000 [ 86.324291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [86.325314] CR2: 0000000000000092 CR3: 000000002f13a000 CR4: 0000000000350ef0 [86.326589] Seguimiento de llamadas: [86.327036] [86.327434] ? show_regs (/build/work/knet/arch/x86/kernel/dumpstack.c:479) [86.328049]? __die (/build/work/knet/arch/x86/kernel/dumpstack.c:421 /build/work/knet/arch/x86/kernel/dumpstack.c:434) [86.328508] ? page_fault_oops (/build/work/knet/arch/x86/mm/fault.c:707) [86.329107]? do_user_addr_fault (/build/work/knet/arch/x86/mm/fault.c:1264) [86.329756]? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223) [86.330350]? __irq_work_queue_local (/build/work/knet/kernel/irq_work.c:111 (discriminador 1)) [86.331013]? exc_page_fault (/build/work/knet/./arch/x86/include/asm/paravirt.h:693 /build/work/knet/arch/x86/mm/fault.c:1515 /build/work/knet/arch /x86/mm/fault.c:1563) [86.331702]? asm_exc_page_fault (/build/work/knet/./arch/x86/include/asm/idtentry.h:570) [86.332468]? ip_mr_forward (/build/work/knet/net/ipv4/ipmr.c:1985) [86.333183]? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223) [ 86.333920] ipmr_mfc_add (/build/work/knet/./include/linux/rcupdate.h:782 /build/work/knet /net/ipv4/ipmr.c:1009 /build/work/knet/net/ipv4/ipmr.c:1273) [86.334583]? __pfx_ipmr_hash_cmp (/build/work/knet/net/ipv4/ipmr.c:363) [ 86.335357] ip_mroute_setsockopt (/build/work/knet/net/ipv4/ipmr.c:1470) [ 86.336135] ? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223) [86.336854]? ip_mroute_setsockopt (/build/work/knet/net/ipv4/ipmr.c:1470) [ 86.337679] do_ip_setsockopt (/build/work/knet/net/ipv4/ip_sockglue.c:944) [ 86.338408] ? __pfx_unix_stream_read_actor (/build/work/knet/net/unix/af_unix.c:2862) [86.339232]? srso_return_thunk (/build/work/knet/arch/x86/lib/retpoline.S:223) [86.339809]? aa_sk_perm (/build/work/knet/security/apparmor/include/cred.h:153 /build/work/knet/security/apparmor/net.c:181) [ 86.340342] ip_setsockopt (/build/work/knet/net /ipv4/ip_sockglue.c:1415) [86.340859] raw_setsockopt (/build/work/knet/net/ipv4/raw.c:836) [86.341408] ? security_socket_setsockopt (/build/work/knet/security/security.c:4561 (discriminador 13)) [ 86.342116] sock_common_setsockopt (/build/work/knet/net/core/sock.c:3716) [ 86.342747] do_sock_setsockopt (/build /work/knet/net/socket.c:2313) [ 86.343363] __sys_setsockopt (/build/work/knet/./include/linux/file.h:32 /build/work/kn ---truncado---"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-266xx/CVE-2024-26627.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-26627",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:12.973",
"lastModified": "2024-03-06T07:15:12.973",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Move scsi_host_busy() out of host lock for waking up EH handler\n\nInside scsi_eh_wakeup(), scsi_host_busy() is called & checked with host\nlock every time for deciding if error handler kthread needs to be waken up.\n\nThis can be too heavy in case of recovery, such as:\n\n - N hardware queues\n\n - queue depth is M for each hardware queue\n\n - each scsi_host_busy() iterates over (N * M) tag/requests\n\nIf recovery is triggered in case that all requests are in-flight, each\nscsi_eh_wakeup() is strictly serialized, when scsi_eh_wakeup() is called\nfor the last in-flight request, scsi_host_busy() has been run for (N * M -\n1) times, and request has been iterated for (N*M - 1) * (N * M) times.\n\nIf both N and M are big enough, hard lockup can be triggered on acquiring\nhost lock, and it is observed on mpi3mr(128 hw queues, queue depth 8169).\n\nFix the issue by calling scsi_host_busy() outside the host lock. We don't\nneed the host lock for getting busy count because host the lock never\ncovers that.\n\n[mkp: Drop unnecessary 'busy' variables pointed out by Bart]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: core: Saque scsi_host_busy() del bloqueo del host para activar el controlador EH Dentro de scsi_eh_wakeup(), se llama a scsi_host_busy() y se verifica con el bloqueo del host cada vez para decidir si se produce un error. Es necesario activar el controlador kthread. Esto puede ser demasiado pesado en caso de recuperaci\u00f3n, como por ejemplo: - N colas de hardware - la profundidad de la cola es M para cada cola de hardware - cada scsi_host_busy() itera sobre (N * M) etiquetas/solicitudes Si la recuperaci\u00f3n se activa en caso de que todas las solicitudes est\u00e1n en curso, cada scsi_eh_wakeup() est\u00e1 estrictamente serializado, cuando se llama a scsi_eh_wakeup() para la \u00faltima solicitud en curso, scsi_host_busy() se ha ejecutado (N * M - 1) veces y la solicitud se ha iterado durante ( N*M - 1) * (N * M) veces. Si tanto N como M son lo suficientemente grandes, se puede activar un bloqueo duro al adquirir el bloqueo del host, y se observa en mpi3mr (128 colas hw, profundidad de cola 8169). Solucione el problema llamando a scsi_host_busy() fuera del bloqueo del host. No necesitamos el bloqueo del host para obtener el recuento de ocupaci\u00f3n porque el bloqueo del host nunca cubre eso. [mkp: elimine las variables 'ocupadas' innecesarias se\u00f1aladas por Bart]"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-266xx/CVE-2024-26628.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-26628",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:13.173",
"lastModified": "2024-03-06T07:15:13.173",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix lock dependency warning\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.5.0-kfd-fkuehlin #276 Not tainted\n------------------------------------------------------\nkworker/8:2/2676 is trying to acquire lock:\nffff9435aae95c88 ((work_completion)(&svm_bo->eviction_work)){+.+.}-{0:0}, at: __flush_work+0x52/0x550\n\nbut task is already holding lock:\nffff9435cd8e1720 (&svms->lock){+.+.}-{3:3}, at: svm_range_deferred_list_work+0xe8/0x340 [amdgpu]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-> #2 (&svms->lock){+.+.}-{3:3}:\n __mutex_lock+0x97/0xd30\n kfd_ioctl_alloc_memory_of_gpu+0x6d/0x3c0 [amdgpu]\n kfd_ioctl+0x1b2/0x5d0 [amdgpu]\n __x64_sys_ioctl+0x86/0xc0\n do_syscall_64+0x39/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n-> #1 (&mm->mmap_lock){++++}-{3:3}:\n down_read+0x42/0x160\n svm_range_evict_svm_bo_worker+0x8b/0x340 [amdgpu]\n process_one_work+0x27a/0x540\n worker_thread+0x53/0x3e0\n kthread+0xeb/0x120\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x11/0x20\n\n-> #0 ((work_completion)(&svm_bo->eviction_work)){+.+.}-{0:0}:\n __lock_acquire+0x1426/0x2200\n lock_acquire+0xc1/0x2b0\n __flush_work+0x80/0x550\n __cancel_work_timer+0x109/0x190\n svm_range_bo_release+0xdc/0x1c0 [amdgpu]\n svm_range_free+0x175/0x180 [amdgpu]\n svm_range_deferred_list_work+0x15d/0x340 [amdgpu]\n process_one_work+0x27a/0x540\n worker_thread+0x53/0x3e0\n kthread+0xeb/0x120\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x11/0x20\n\nother info that might help us debug this:\n\nChain exists of:\n (work_completion)(&svm_bo->eviction_work) --> &mm->mmap_lock --> &svms->lock\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(&svms->lock);\n lock(&mm->mmap_lock);\n lock(&svms->lock);\n lock((work_completion)(&svm_bo->eviction_work));\n\nI believe this cannot really lead to a deadlock in practice, because\nsvm_range_evict_svm_bo_worker only takes the mmap_read_lock if the BO\nrefcount is non-0. That means it's impossible that svm_range_bo_release\nis running concurrently. However, there is no good way to annotate this.\n\nTo avoid the problem, take a BO reference in\nsvm_range_schedule_evict_svm_bo instead of in the worker. That way it's\nimpossible for a BO to get freed while eviction work is pending and the\ncancel_work_sync call in svm_range_bo_release can be eliminated.\n\nv2: Use svm_bo_ref_unless_zero and explained why that's safe. Also\nremoved redundant checks that are already done in\namdkfd_fence_enable_signaling."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: Reparar advertencia de dependencia de bloqueo =============================== ======================== ADVERTENCIA: posible dependencia de bloqueo circular detectada 6.5.0-kfd-fkuehlin #276 No contaminado -------- ---------------------------------------------- ktrabajador/8: 2/2676 est\u00e1 intentando adquirir el bloqueo: ffff9435aae95c88 ((work_completion)(&amp;svm_bo-&gt;eviction_work)){+.+.}-{0:0}, en: __flush_work+0x52/0x550 pero la tarea ya mantiene el bloqueo: ffff9435cd8e1720 ( &amp;svms-&gt;lock){+.+.}-{3:3}, en: svm_range_deferred_list_work+0xe8/0x340 [amdgpu] cuyo bloqueo ya depende del nuevo bloqueo. la cadena de dependencia existente (en orden inverso) es: -&gt; #2 (&amp;svms-&gt;lock){+.+.}-{3:3}: __mutex_lock+0x97/0xd30 kfd_ioctl_alloc_memory_of_gpu+0x6d/0x3c0 [amdgpu] kfd_ioctl+0x1b2 /0x5d0 [amdgpu] __x64_sys_ioctl+0x86/0xc0 do_syscall_64+0x39/0x80 Entry_SYSCALL_64_after_hwframe+0x63/0xcd -&gt; #1 (&amp;mm-&gt;mmap_lock){++++}-{3:3}: down_read+0x42/0x160 svm_range_evi ct_svm_bo_worker+ 0x8b/0x340 [amdgpu] proceso_one_work+0x27a/0x540 trabajador_thread+0x53/0x3e0 kthread+0xeb/0x120 ret_from_fork+0x31/0x50 ret_from_fork_asm+0x11/0x20 -&gt; #0 ((work_completion)(&amp;svm_bo-&gt;eviction_work) ){+.+ .}-{0:0}: __lock_acquire+0x1426/0x2200 lock_acquire+0xc1/0x2b0 __flush_work+0x80/0x550 __cancel_work_timer+0x109/0x190 svm_range_bo_release+0xdc/0x1c0 [amdgpu] svm_range_free+0x175 /0x180 [amdgpu] svm_range_deferred_list_work+0x15d/0x340 [amdgpu] Process_one_work+0x27a/0x540 trabajador_thread+0x53/0x3e0 kthread+0xeb/0x120 ret_from_fork+0x31/0x50 ret_from_fork_asm+0x11/0x20 otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: Existe cadena de: (work_completion)(&amp;svm_bo-&gt;eviction_work) --&gt; &amp;mm-&gt;mmap_lock --&gt; &amp;svms-&gt;lock Posible escenario de bloqueo inseguro: CPU0 CPU1 ---- ---- lock(&amp;svms-&gt;lock); bloquear(&amp;mm-&gt;mmap_lock); bloquear(&amp;svms-&gt;bloquear); lock((work_completion)(&amp;svm_bo-&gt;eviction_work)); Creo que esto realmente no puede llevar a un punto muerto en la pr\u00e1ctica, porque svm_range_evict_svm_bo_worker solo toma mmap_read_lock si el recuento de BO no es 0. Eso significa que es imposible que svm_range_bo_release se est\u00e9 ejecutando al mismo tiempo. Sin embargo, no existe una buena forma de anotar esto. Para evitar el problema, tome una referencia de BO en svm_range_schedule_evict_svm_bo en lugar de en el trabajador. De esa manera, es imposible que un BO sea liberado mientras el trabajo de desalojo est\u00e1 pendiente y la llamada cancel_work_sync en svm_range_bo_release puede eliminarse. v2: Use svm_bo_ref_unless_zero y explic\u00f3 por qu\u00e9 es seguro. Tambi\u00e9n se eliminaron las comprobaciones redundantes que ya se realizan en amdkfd_fence_enable_signaling."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-272xx/CVE-2024-27278.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-27278",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-03-06T00:15:52.817",
"lastModified": "2024-03-06T00:15:52.817",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "OpenPNE Plugin \"opTimelinePlugin\" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users."
},
{
"lang": "es",
"value": "El complemento OpenPNE \"opTimelinePlugin\" 1.2.11 y versiones anteriores contiene una vulnerabilidad de cross-site scripting. En el sitio que utiliza el producto afectado, cuando un usuario configura el perfil con alg\u00fan contenido malicioso, se puede ejecutar un script arbitrario en los navegadores web de otros usuarios."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-277xx/CVE-2024-27764.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-27764",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T23:15:07.993",
"lastModified": "2024-03-05T23:15:07.993",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component."
},
{
"lang": "es",
"value": "Un problema en Jeewms v.3.7 y anteriores permite a un atacante remoto escalar privilegios a trav\u00e9s del componente AuthInterceptor."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-277xx/CVE-2024-27765.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-27765",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T23:15:08.050",
"lastModified": "2024-03-05T23:15:08.050",
"vulnStatus": "Received",
"lastModified": "2024-03-06T15:18:08.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Directory Traversal en Jeewms v.3.7 y anteriores permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del componente cgformTemplateController."
}
],
"metrics": {},

39
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-03-06T15:16:46.191626+00:00
2024-03-06T17:01:01.900139+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-03-06T14:15:48.343000+00:00
2024-03-06T15:26:34.817000+00:00
```
### Last Data Feed Release
@ -34,20 +34,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `0`
* [CVE-2023-50740](CVE-2023/CVE-2023-507xx/CVE-2023-50740.json) (`2024-03-06T14:15:47.407`)
### CVEs modified in the last Commit
Recently modified CVEs: `5`
Recently modified CVEs: `96`
* [CVE-2024-21484](CVE-2024/CVE-2024-214xx/CVE-2024-21484.json) (`2024-03-06T14:15:47.533`)
* [CVE-2024-21485](CVE-2024/CVE-2024-214xx/CVE-2024-21485.json) (`2024-03-06T14:15:47.760`)
* [CVE-2024-21490](CVE-2024/CVE-2024-214xx/CVE-2024-21490.json) (`2024-03-06T14:15:47.900`)
* [CVE-2024-21491](CVE-2024/CVE-2024-214xx/CVE-2024-21491.json) (`2024-03-06T14:15:48.020`)
* [CVE-2024-21501](CVE-2024/CVE-2024-215xx/CVE-2024-21501.json) (`2024-03-06T14:15:48.343`)
* [CVE-2024-24784](CVE-2024/CVE-2024-247xx/CVE-2024-24784.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-24785](CVE-2024/CVE-2024-247xx/CVE-2024-24785.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-24786](CVE-2024/CVE-2024-247xx/CVE-2024-24786.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-27764](CVE-2024/CVE-2024-277xx/CVE-2024-27764.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-27765](CVE-2024/CVE-2024-277xx/CVE-2024-27765.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-22889](CVE-2024/CVE-2024-228xx/CVE-2024-22889.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-25817](CVE-2024/CVE-2024-258xx/CVE-2024-25817.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-27278](CVE-2024/CVE-2024-272xx/CVE-2024-27278.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-1220](CVE-2024/CVE-2024-12xx/CVE-2024-1220.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-1760](CVE-2024/CVE-2024-17xx/CVE-2024-1760.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-1771](CVE-2024/CVE-2024-17xx/CVE-2024-1771.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-1989](CVE-2024/CVE-2024-19xx/CVE-2024-1989.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26623](CVE-2024/CVE-2024-266xx/CVE-2024-26623.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26624](CVE-2024/CVE-2024-266xx/CVE-2024-26624.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26625](CVE-2024/CVE-2024-266xx/CVE-2024-26625.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26626](CVE-2024/CVE-2024-266xx/CVE-2024-26626.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26627](CVE-2024/CVE-2024-266xx/CVE-2024-26627.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26628](CVE-2024/CVE-2024-266xx/CVE-2024-26628.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-2211](CVE-2024/CVE-2024-22xx/CVE-2024-2211.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-1224](CVE-2024/CVE-2024-12xx/CVE-2024-1224.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-25102](CVE-2024/CVE-2024-251xx/CVE-2024-25102.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-25103](CVE-2024/CVE-2024-251xx/CVE-2024-25103.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-26580](CVE-2024/CVE-2024-265xx/CVE-2024-26580.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-2005](CVE-2024/CVE-2024-20xx/CVE-2024-2005.json) (`2024-03-06T15:18:08.093`)
* [CVE-2024-1374](CVE-2024/CVE-2024-13xx/CVE-2024-1374.json) (`2024-03-06T15:26:34.817`)
## Download and Usage