diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json index a9fdbd3a904..c5738eb3d2a 100644 --- a/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5178", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-01T17:15:11.920", - "lastModified": "2024-03-12T21:15:57.457", + "lastModified": "2024-04-03T14:15:11.910", "vulnStatus": "Modified", "descriptions": [ { @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 8.8, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 2.8, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52637.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52637.json new file mode 100644 index 00000000000..9af5cce4bdb --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52637.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2023-52637", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:51.347", + "lastModified": "2024-04-03T15:15:51.347", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)\n\nLock jsk->sk to prevent UAF when setsockopt(..., SO_J1939_FILTER, ...)\nmodifies jsk->filters while receiving packets.\n\nFollowing trace was seen on affected system:\n ==================================================================\n BUG: KASAN: slab-use-after-free in j1939_sk_recv_match_one+0x1af/0x2d0 [can_j1939]\n Read of size 4 at addr ffff888012144014 by task j1939/350\n\n CPU: 0 PID: 350 Comm: j1939 Tainted: G W OE 6.5.0-rc5 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n print_report+0xd3/0x620\n ? kasan_complete_mode_report_info+0x7d/0x200\n ? j1939_sk_recv_match_one+0x1af/0x2d0 [can_j1939]\n kasan_report+0xc2/0x100\n ? j1939_sk_recv_match_one+0x1af/0x2d0 [can_j1939]\n __asan_load4+0x84/0xb0\n j1939_sk_recv_match_one+0x1af/0x2d0 [can_j1939]\n j1939_sk_recv+0x20b/0x320 [can_j1939]\n ? __kasan_check_write+0x18/0x20\n ? __pfx_j1939_sk_recv+0x10/0x10 [can_j1939]\n ? j1939_simple_recv+0x69/0x280 [can_j1939]\n ? j1939_ac_recv+0x5e/0x310 [can_j1939]\n j1939_can_recv+0x43f/0x580 [can_j1939]\n ? __pfx_j1939_can_recv+0x10/0x10 [can_j1939]\n ? raw_rcv+0x42/0x3c0 [can_raw]\n ? __pfx_j1939_can_recv+0x10/0x10 [can_j1939]\n can_rcv_filter+0x11f/0x350 [can]\n can_receive+0x12f/0x190 [can]\n ? __pfx_can_rcv+0x10/0x10 [can]\n can_rcv+0xdd/0x130 [can]\n ? __pfx_can_rcv+0x10/0x10 [can]\n __netif_receive_skb_one_core+0x13d/0x150\n ? __pfx___netif_receive_skb_one_core+0x10/0x10\n ? __kasan_check_write+0x18/0x20\n ? _raw_spin_lock_irq+0x8c/0xe0\n __netif_receive_skb+0x23/0xb0\n process_backlog+0x107/0x260\n __napi_poll+0x69/0x310\n net_rx_action+0x2a1/0x580\n ? __pfx_net_rx_action+0x10/0x10\n ? __pfx__raw_spin_lock+0x10/0x10\n ? handle_irq_event+0x7d/0xa0\n __do_softirq+0xf3/0x3f8\n do_softirq+0x53/0x80\n \n \n __local_bh_enable_ip+0x6e/0x70\n netif_rx+0x16b/0x180\n can_send+0x32b/0x520 [can]\n ? __pfx_can_send+0x10/0x10 [can]\n ? __check_object_size+0x299/0x410\n raw_sendmsg+0x572/0x6d0 [can_raw]\n ? __pfx_raw_sendmsg+0x10/0x10 [can_raw]\n ? apparmor_socket_sendmsg+0x2f/0x40\n ? __pfx_raw_sendmsg+0x10/0x10 [can_raw]\n sock_sendmsg+0xef/0x100\n sock_write_iter+0x162/0x220\n ? __pfx_sock_write_iter+0x10/0x10\n ? __rtnl_unlock+0x47/0x80\n ? security_file_permission+0x54/0x320\n vfs_write+0x6ba/0x750\n ? __pfx_vfs_write+0x10/0x10\n ? __fget_light+0x1ca/0x1f0\n ? __rcu_read_unlock+0x5b/0x280\n ksys_write+0x143/0x170\n ? __pfx_ksys_write+0x10/0x10\n ? __kasan_check_read+0x15/0x20\n ? fpregs_assert_state_consistent+0x62/0x70\n __x64_sys_write+0x47/0x60\n do_syscall_64+0x60/0x90\n ? do_syscall_64+0x6d/0x90\n ? irqentry_exit+0x3f/0x50\n ? exc_page_fault+0x79/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Allocated by task 348:\n kasan_save_stack+0x2a/0x50\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x1f/0x30\n __kasan_kmalloc+0xb5/0xc0\n __kmalloc_node_track_caller+0x67/0x160\n j1939_sk_setsockopt+0x284/0x450 [can_j1939]\n __sys_setsockopt+0x15c/0x2f0\n __x64_sys_setsockopt+0x6b/0x80\n do_syscall_64+0x60/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Freed by task 349:\n kasan_save_stack+0x2a/0x50\n kasan_set_track+0x29/0x40\n kasan_save_free_info+0x2f/0x50\n __kasan_slab_free+0x12e/0x1c0\n __kmem_cache_free+0x1b9/0x380\n kfree+0x7a/0x120\n j1939_sk_setsockopt+0x3b2/0x450 [can_j1939]\n __sys_setsockopt+0x15c/0x2f0\n __x64_sys_setsockopt+0x6b/0x80\n do_syscall_64+0x60/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/08de58abedf6e69396e1207e4f99ef8904b2b532", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/41ccb5bcbf03f02d820bc6ea8390811859f558f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4dd684d4bb3cd5454e0bf6e2a1bdfbd5c9c872ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/978e50ef8c38dc71bd14d1b0143d554ff5d188ba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/efe7cf828039aedb297c1f9920b638fffee6aabc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f84e7534457dcd7835be743517c35378bb4e7c50", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fc74b9cb789cae061bbca7b203a3842e059f6b5d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52638.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52638.json new file mode 100644 index 00000000000..6f6e32d05dc --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52638.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-52638", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:51.417", + "lastModified": "2024-04-03T15:15:51.417", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: prevent deadlock by changing j1939_socks_lock to rwlock\n\nThe following 3 locks would race against each other, causing the\ndeadlock situation in the Syzbot bug report:\n\n- j1939_socks_lock\n- active_session_list_lock\n- sk_session_queue_lock\n\nA reasonable fix is to change j1939_socks_lock to an rwlock, since in\nthe rare situations where a write lock is required for the linked list\nthat j1939_socks_lock is protecting, the code does not attempt to\nacquire any more locks. This would break the circular lock dependency,\nwhere, for example, the current thread already locks j1939_socks_lock\nand attempts to acquire sk_session_queue_lock, and at the same time,\nanother thread attempts to acquire j1939_socks_lock while holding\nsk_session_queue_lock.\n\nNOTE: This patch along does not fix the unregister_netdevice bug\nreported by Syzbot; instead, it solves a deadlock situation to prepare\nfor one or more further patches to actually fix the Syzbot bug, which\nappears to be a reference counting problem within the j1939 codebase.\n\n[mkl: remove unrelated newline change]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/03358aba991668d3bb2c65b3c82aa32c36851170", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/26dfe112ec2e95fe0099681f6aec33da13c2dd8e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/559b6322f9480bff68cfa98d108991e945a4f284", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6cdedc18ba7b9dacc36466e27e3267d201948c8d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aedda066d717a0b4335d7e0a00b2e3a61e40afcf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52639.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52639.json new file mode 100644 index 00000000000..0c3a16da0a4 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52639.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-52639", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:51.467", + "lastModified": "2024-04-03T15:15:51.467", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: vsie: fix race during shadow creation\n\nRight now it is possible to see gmap->private being zero in\nkvm_s390_vsie_gmap_notifier resulting in a crash. This is due to the\nfact that we add gmap->private == kvm after creation:\n\nstatic int acquire_gmap_shadow(struct kvm_vcpu *vcpu,\n struct vsie_page *vsie_page)\n{\n[...]\n gmap = gmap_shadow(vcpu->arch.gmap, asce, edat);\n if (IS_ERR(gmap))\n return PTR_ERR(gmap);\n gmap->private = vcpu->kvm;\n\nLet children inherit the private field of the parent." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/28bb27824f25f36e5f80229a358d66ee09244082", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5df3b81a567eb565029563f26f374ae3803a1dfc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f5572c0323cf8b4f1f0618178648a25b8fb8a380", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe752331d4b361d43cfd0b89534b4b2176057c32", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5755.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5755.json new file mode 100644 index 00000000000..443fd55d977 --- /dev/null +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5755.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2023-5755", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-04-03T15:15:51.520", + "lastModified": "2024-04-03T15:15:51.520", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: **REJECT** Duplicate of CVE-2023-46784. Please refer to CVE-2023-46784." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6597.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6597.json index 1c29e850ed9..a52344ec45e 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6597.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6597.json @@ -2,12 +2,12 @@ "id": "CVE-2023-6597", "sourceIdentifier": "cna@python.org", "published": "2024-03-19T16:15:08.743", - "lastModified": "2024-03-24T23:15:08.920", + "lastModified": "2024-04-03T15:15:51.783", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.\n" + "value": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.\n" }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0394.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0394.json new file mode 100644 index 00000000000..c6ee3dde350 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0394.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0394", + "sourceIdentifier": "cve@rapid7.com", + "published": "2024-04-03T14:15:13.170", + "lastModified": "2024-04-03T14:15:13.170", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege.\u00a0 The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter where it is set to a path accessible to low-privileged users.\u00a0 The vulnerability has been remediated and fixed in version 4.5.5.\u00a0\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@rapid7.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@rapid7.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://www.rapid7.com/blog/post/2024/04/03/cve-2024-0394-rapid7-minerva-armor-privilege-escalation-fixed/", + "source": "cve@rapid7.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0450.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0450.json index 10e5cf8df89..8de8b3aa9a8 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0450.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0450.json @@ -2,12 +2,12 @@ "id": "CVE-2024-0450", "sourceIdentifier": "cna@python.org", "published": "2024-03-19T16:15:09.180", - "lastModified": "2024-03-24T23:15:09.027", + "lastModified": "2024-04-03T15:15:51.873", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "An issue was found in the CPython `zipfile` module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to \u201cquoted-overlap\u201d zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n" + "value": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to \u201cquoted-overlap\u201d zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n" }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21870.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21870.json new file mode 100644 index 00000000000..cb9160d4973 --- /dev/null +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21870.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21870", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2024-04-03T14:15:13.917", + "lastModified": "2024-04-03T15:15:51.953", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950", + "source": "talos-cna@cisco.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1950", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22178.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22178.json new file mode 100644 index 00000000000..1fd9ac45482 --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22178.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22178", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2024-04-03T14:15:14.543", + "lastModified": "2024-04-03T15:15:52.040", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1951", + "source": "talos-cna@cisco.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1951", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-249xx/CVE-2024-24976.json b/CVE-2024/CVE-2024-249xx/CVE-2024-24976.json new file mode 100644 index 00000000000..53e94d491a8 --- /dev/null +++ b/CVE-2024/CVE-2024-249xx/CVE-2024-24976.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-24976", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2024-04-03T14:15:15.073", + "lastModified": "2024-04-03T15:15:52.127", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-130" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948", + "source": "talos-cna@cisco.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1948", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-265xx/CVE-2024-26584.json b/CVE-2024/CVE-2024-265xx/CVE-2024-26584.json index 9ad228fe1dc..ab3442cf25a 100644 --- a/CVE-2024/CVE-2024-265xx/CVE-2024-26584.json +++ b/CVE-2024/CVE-2024-265xx/CVE-2024-26584.json @@ -2,7 +2,7 @@ "id": "CVE-2024-26584", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-21T15:15:09.420", - "lastModified": "2024-03-11T18:15:18.503", + "lastModified": "2024-04-03T14:15:15.613", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -27,6 +27,10 @@ { "url": "https://git.kernel.org/stable/c/ab6397f072e5097f267abf5cb08a8004e6b17694", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cd1bbca03f3c1d845ce274c0d0a66de8e5929f72", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-265xx/CVE-2024-26585.json b/CVE-2024/CVE-2024-265xx/CVE-2024-26585.json index ac4efab02da..7d6887e859f 100644 --- a/CVE-2024/CVE-2024-265xx/CVE-2024-26585.json +++ b/CVE-2024/CVE-2024-265xx/CVE-2024-26585.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26585", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-21T15:15:09.467", - "lastModified": "2024-03-14T20:18:37.957", - "vulnStatus": "Analyzed", + "lastModified": "2024-04-03T14:15:15.853", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -77,6 +77,10 @@ } ], "references": [ + { + "url": "https://git.kernel.org/stable/c/196f198ca6fce04ba6ce262f5a0e4d567d7d219d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/6db22d6c7a6dc914b12c0469b94eb639b6a8a146", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26642.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26642.json index 5bef711441c..3cf26926ff5 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26642.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26642.json @@ -2,13 +2,16 @@ "id": "CVE-2024-26642", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-21T11:15:28.293", - "lastModified": "2024-03-21T12:58:51.093", + "lastModified": "2024-04-03T14:15:16.193", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nf_tables: no permitir conjuntos an\u00f3nimos con indicador de tiempo de espera Los conjuntos an\u00f3nimos nunca se usan con tiempo de espera del espacio de usuario, rechace esto. La excepci\u00f3n a esta regla es NFT_SET_EVAL para garantizar que los medidores heredados sigan funcionando." } ], "metrics": {}, @@ -16,6 +19,18 @@ { "url": "https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26643.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26643.json index f725e454104..62ad3e20288 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26643.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26643.json @@ -2,20 +2,35 @@ "id": "CVE-2024-26643", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-21T11:15:28.340", - "lastModified": "2024-03-21T12:58:51.093", + "lastModified": "2024-04-03T14:15:16.370", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout\n\nWhile the rhashtable set gc runs asynchronously, a race allows it to\ncollect elements from anonymous sets with timeouts while it is being\nreleased from the commit path.\n\nMingi Cho originally reported this issue in a different path in 6.1.x\nwith a pipapo set with low timeouts which is not possible upstream since\n7395dfacfff6 (\"netfilter: nf_tables: use timestamp to check for set\nelement timeout\").\n\nFix this by setting on the dead flag for anonymous sets to skip async gc\nin this case.\n\nAccording to 08e4c8c5919f (\"netfilter: nf_tables: mark newset as dead on\ntransaction abort\"), Florian plans to accelerate abort path by releasing\nobjects via workqueue, therefore, this sets on the dead flag for abort\npath too." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: marca el conjunto como muerto al desvincular el conjunto an\u00f3nimo con tiempo de espera. Mientras que el conjunto rhashtable gc se ejecuta de forma as\u00edncrona, una ejecuci\u00f3n le permite recopilar elementos de conjuntos an\u00f3nimos con tiempos de espera mientras se libera de la ruta de confirmaci\u00f3n. Mingi Cho inform\u00f3 originalmente este problema en una ruta diferente en 6.1.x con un pipapo configurado con tiempos de espera bajos, lo cual no es posible en sentido ascendente desde 7395dfacfff6 (\"netfilter: nf_tables: use la marca de tiempo para verificar el tiempo de espera del elemento establecido\"). Solucione este problema configurando la bandera muerta para que los conjuntos an\u00f3nimos omitan el gc as\u00edncrono en este caso. Seg\u00fan 08e4c8c5919f (\"netfilter: nf_tables: marcar el nuevo conjunto como muerto al cancelar la transacci\u00f3n\"), Florian planea acelerar la ruta de cancelaci\u00f3n liberando objetos a trav\u00e9s de la cola de trabajo, por lo tanto, esto tambi\u00e9n activa la bandera muerta para la ruta de cancelaci\u00f3n." } ], "metrics": {}, "references": [ + { + "url": "https://git.kernel.org/stable/c/406b0241d0eb598a0b330ab20ae325537d8d8163", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5224afbc30c3ca9ba23e752f0f138729b2c48dd8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/552705a3650bbf46a22b1adedc1b04181490fc36", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b2d6f9a5b1cf968f1eaa71085ceeb09c2cb276b1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26653.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26653.json index bddb637e2a7..feddf52a2b1 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26653.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26653.json @@ -2,19 +2,31 @@ "id": "CVE-2024-26653", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-01T09:15:51.010", - "lastModified": "2024-04-01T12:49:00.877", + "lastModified": "2024-04-03T14:15:16.520", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: misc: ljca: Fix double free in error handling path\n\nWhen auxiliary_device_add() returns error and then calls\nauxiliary_device_uninit(), callback function ljca_auxdev_release\ncalls kfree(auxdev->dev.platform_data) to free the parameter data\nof the function ljca_new_client_device. The callers of\nljca_new_client_device shouldn't call kfree() again\nin the error handling path to free the platform data.\n\nFix this by cleaning up the redundant kfree() in all callers and\nadding kfree() the passed in platform_data on errors which happen\nbefore auxiliary_device_init() succeeds ." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: misc: ljca: corrige el doble libre en la ruta de manejo de errores Cuando auxiliar_device_add() devuelve un error y luego llama a auxiliar_device_uninit(), la funci\u00f3n de devoluci\u00f3n de llamada ljca_auxdev_release llama a kfree(auxdev->dev.platform_data ) para liberar los datos de los par\u00e1metros de la funci\u00f3n ljca_new_client_device. Las personas que llaman a ljca_new_client_device no deber\u00edan volver a llamar a kfree() en la ruta de manejo de errores para liberar los datos de la plataforma. Solucione este problema limpiando el kfree() redundante en todas las personas que llaman y agregando kfree() los datos de plataforma pasados en los errores que ocurren antes de queauxiliar_device_init() tenga \u00e9xito." } ], "metrics": {}, "references": [ + { + "url": "https://git.kernel.org/stable/c/420babea4f1881a7c4ea22a8e218b8c6895d3f21", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/7c9631969287a5366bc8e39cd5abff154b35fb80", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8a9f653cc852677003c23ee8075e3ed8fb4743c9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26654.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26654.json index f36586c7360..7e233616ec3 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26654.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26654.json @@ -2,12 +2,16 @@ "id": "CVE-2024-26654", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-01T09:15:51.063", - "lastModified": "2024-04-01T12:49:00.877", + "lastModified": "2024-04-03T14:15:16.690", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: sh: aica: reorder cleanup operations to avoid UAF bugs\n\nThe dreamcastcard->timer could schedule the spu_dma_work and the\nspu_dma_work could also arm the dreamcastcard->timer.\n\nWhen the snd_pcm_substream is closing, the aica_channel will be\ndeallocated. But it could still be dereferenced in the worker\nthread. The reason is that del_timer() will return directly\nregardless of whether the timer handler is running or not and\nthe worker could be rescheduled in the timer handler. As a result,\nthe UAF bug will happen. The racy situation is shown below:\n\n (Thread 1) | (Thread 2)\nsnd_aicapcm_pcm_close() |\n ... | run_spu_dma() //worker\n | mod_timer()\n flush_work() |\n del_timer() | aica_period_elapsed() //timer\n kfree(dreamcastcard->channel) | schedule_work()\n | run_spu_dma() //worker\n ... | dreamcastcard->channel-> //USE\n\nIn order to mitigate this bug and other possible corner cases,\ncall mod_timer() conditionally in run_spu_dma(), then implement\nPCM sync_stop op to cancel both the timer and worker. The sync_stop\nop will be called from PCM core appropriately when needed." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: sh: aica: reordenar operaciones de limpieza para evitar errores UAF. El dreamcastcard->timer podr\u00eda programar el spu_dma_work y el spu_dma_work tambi\u00e9n podr\u00eda armar el dreamcastcard->timer. Cuando se cierre snd_pcm_substream, se desasignar\u00e1 aica_channel. Pero a\u00fan se podr\u00eda eliminar la referencia en el hilo del trabajador. La raz\u00f3n es que del_timer() regresar\u00e1 directamente independientemente de si el controlador del temporizador se est\u00e1 ejecutando o no y el trabajador podr\u00eda reprogramarse en el controlador del temporizador. Como resultado, se producir\u00e1 el error UAF. La situaci\u00f3n picante se muestra a continuaci\u00f3n: (Thread 1) | (Thread 2) snd_aicapcm_pcm_close() | ... | run_spu_dma() //worker | mod_timer() flush_work() | del_timer() | aica_period_elapsed() //timer kfree(dreamcastcard->channel) | schedule_work() | run_spu_dma() //worker ... | dreamcastcard->channel-> //USE Para mitigar este error y otros posibles casos extremos, llame a mod_timer() condicionalmente en run_spu_dma(), luego implemente la operaci\u00f3n PCM sync_stop para cancelar tanto el temporizador como el trabajador. La operaci\u00f3n sync_stop se llamar\u00e1 desde el n\u00facleo PCM de forma adecuada cuando sea necesario." } ], "metrics": {}, @@ -15,6 +19,22 @@ { "url": "https://git.kernel.org/stable/c/051e0840ffa8ab25554d6b14b62c9ab9e4901457", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3c907bf56905de7d27b329afaf59c2fb35d17b04", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61d4787692c1fccdc268ffa7a891f9c149f50901", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9d66ae0e7bb78b54e1e0525456c6b54e1d132046", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e955e8a7f38a856fc6534ba4e6bffd4d5cc80ac3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26655.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26655.json index 122ce3599f4..53096540754 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26655.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26655.json @@ -2,19 +2,31 @@ "id": "CVE-2024-26655", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-01T15:15:49.910", - "lastModified": "2024-04-01T15:53:18.060", + "lastModified": "2024-04-03T14:15:16.860", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nFix memory leak in posix_clock_open()\n\nIf the clk ops.open() function returns an error, we don't release the\npccontext we allocated for this clock.\n\nRe-organize the code slightly to make it all more obvious." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Reparar la p\u00e9rdida de memoria en posix_clock_open() Si la funci\u00f3n clk ops.open() devuelve un error, no liberamos el contexto de pc que asignamos para este reloj. Reorganice ligeramente el c\u00f3digo para que sea m\u00e1s obvio." } ], "metrics": {}, "references": [ + { + "url": "https://git.kernel.org/stable/c/0200dd7ed2335469955d7e69cc1a6fa7df1f3847", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/5b4cdd9c5676559b8a7c944ac5269b914b8c0bb8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a88649b49523e8cbe95254440d803e38c19d2341", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26656.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26656.json index 0b062555577..2eab71c2857 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26656.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26656.json @@ -2,7 +2,7 @@ "id": "CVE-2024-26656", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-02T07:15:42.760", - "lastModified": "2024-04-02T12:50:42.233", + "lastModified": "2024-04-03T14:15:17.000", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -19,6 +19,18 @@ { "url": "https://git.kernel.org/stable/c/22207fd5c80177b860279653d017474b2812af5e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/22f665ecfd1225afa1309ace623157d12bb9bb0c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af054a5fb24a144f99895afce9519d709891894c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e87e08c94c9541b4e18c4c13f2f605935f512605", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26657.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26657.json index f55ffa9a7e2..fdf1175dae6 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26657.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26657.json @@ -2,7 +2,7 @@ "id": "CVE-2024-26657", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-02T07:15:42.830", - "lastModified": "2024-04-02T12:50:42.233", + "lastModified": "2024-04-03T14:15:17.153", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -16,6 +16,14 @@ ], "metrics": {}, "references": [ + { + "url": "https://git.kernel.org/stable/c/54b5b7275dfdec35812ccce70930cd7c4ee612b2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/74cd204c7afe498aa9dcc3ebf0ecac53d477a429", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/f34e8bb7d6c6626933fe993e03ed59ae85e16abb", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26685.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26685.json new file mode 100644 index 00000000000..ea5235c9f94 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26685.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26685", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.210", + "lastModified": "2024-04-03T15:15:52.210", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential bug in end_buffer_async_write\n\nAccording to a syzbot report, end_buffer_async_write(), which handles the\ncompletion of block device writes, may detect abnormal condition of the\nbuffer async_write flag and cause a BUG_ON failure when using nilfs2.\n\nNilfs2 itself does not use end_buffer_async_write(). But, the async_write\nflag is now used as a marker by commit 7f42ec394156 (\"nilfs2: fix issue\nwith race condition of competition between segments for dirty blocks\") as\na means of resolving double list insertion of dirty blocks in\nnilfs_lookup_dirty_data_buffers() and nilfs_lookup_node_buffers() and the\nresulting crash.\n\nThis modification is safe as long as it is used for file data and b-tree\nnode blocks where the page caches are independent. However, it was\nirrelevant and redundant to also introduce async_write for segment summary\nand super root blocks that share buffers with the backing device. This\nled to the possibility that the BUG_ON check in end_buffer_async_write\nwould fail as described above, if independent writebacks of the backing\ndevice occurred in parallel.\n\nThe use of async_write for segment summary buffers has already been\nremoved in a previous change.\n\nFix this issue by removing the manipulation of the async_write flag for\nthe remaining super root block buffer." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2c3bdba00283a6c7a5b19481a59a730f46063803", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5bc09b397cbf1221f8a8aacb1152650c9195b02b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/626daab3811b772086aef1bf8eed3ffe6f523eff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6589f0f72f8edd1fa11adce4eedbd3615f2e78ab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8fa90634ec3e9cc50f42dd605eec60f2d146ced8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c4a09fdac625e64abe478dcf88bfa20406616928", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d31c8721e816eff5ca6573cc487754f357c093cd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f3e4963566f58726d3265a727116a42b591f6596", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26686.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26686.json new file mode 100644 index 00000000000..64e1da65440 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26686.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26686", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.263", + "lastModified": "2024-04-03T15:15:52.263", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats\n\nlock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call\ndo_task_stat() at the same time and the process has NR_THREADS, it will\nspin with irqs disabled O(NR_CPUS * NR_THREADS) time.\n\nChange do_task_stat() to use sig->stats_lock to gather the statistics\noutside of ->siglock protected section, in the likely case this code will\nrun lockless." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/27978243f165b44e342f28f449b91327944ea071", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7601df8031fd67310af891897ef6cc0df4209305", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cf4b8c39b9a0bd81c47afc7ef62914a62dd5ec4d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26687.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26687.json new file mode 100644 index 00000000000..9fe5e7c10fd --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26687.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26687", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.313", + "lastModified": "2024-04-03T15:15:52.313", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/events: close evtchn after mapping cleanup\n\nshutdown_pirq and startup_pirq are not taking the\nirq_mapping_update_lock because they can't due to lock inversion. Both\nare called with the irq_desc->lock being taking. The lock order,\nhowever, is first irq_mapping_update_lock and then irq_desc->lock.\n\nThis opens multiple races:\n- shutdown_pirq can be interrupted by a function that allocates an event\n channel:\n\n CPU0 CPU1\n shutdown_pirq {\n xen_evtchn_close(e)\n __startup_pirq {\n EVTCHNOP_bind_pirq\n -> returns just freed evtchn e\n set_evtchn_to_irq(e, irq)\n }\n xen_irq_info_cleanup() {\n set_evtchn_to_irq(e, -1)\n }\n }\n\n Assume here event channel e refers here to the same event channel\n number.\n After this race the evtchn_to_irq mapping for e is invalid (-1).\n\n- __startup_pirq races with __unbind_from_irq in a similar way. Because\n __startup_pirq doesn't take irq_mapping_update_lock it can grab the\n evtchn that __unbind_from_irq is currently freeing and cleaning up. In\n this case even though the event channel is allocated, its mapping can\n be unset in evtchn_to_irq.\n\nThe fix is to first cleanup the mappings and then close the event\nchannel. In this way, when an event channel gets allocated it's\npotential previous evtchn_to_irq mappings are guaranteed to be unset already.\nThis is also the reverse order of the allocation where first the event\nchannel is allocated and then the mappings are setup.\n\nOn a 5.10 kernel prior to commit 3fcdaf3d7634 (\"xen/events: modify internal\n[un]bind interfaces\"), we hit a BUG like the following during probing of NVMe\ndevices. The issue is that during nvme_setup_io_queues, pci_free_irq\nis called for every device which results in a call to shutdown_pirq.\nWith many nvme devices it's therefore likely to hit this race during\nboot because there will be multiple calls to shutdown_pirq and\nstartup_pirq are running potentially in parallel.\n\n ------------[ cut here ]------------\n blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled\n kernel BUG at drivers/xen/events/events_base.c:499!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1\n Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006\n Workqueue: nvme-reset-wq nvme_reset_work\n RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0\n Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00\n RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006\n RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff\n RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? set_affinity_irq+0xdc/0x1c0\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0x90/0x110\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? do_error_trap+0x65/0x80\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? exc_invalid_op+0x4e/0x70\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? asm_exc_invalid_op+0x12/0x20\n ? bind_evtchn_to_cpu+0xdf/0x\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/20980195ec8d2e41653800c45c8c367fa1b1f2b4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/585a344af6bcac222608a158fc2830ff02712af5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9be71aa12afa91dfe457b3fb4a444c42b1ee036b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fa765c4b4aed2d64266b694520ecb025c862c5a9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26688.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26688.json new file mode 100644 index 00000000000..73f2ef334d8 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26688.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2024-26688", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.370", + "lastModified": "2024-04-03T15:15:52.370", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super\n\nWhen configuring a hugetlb filesystem via the fsconfig() syscall, there is\na possible NULL dereference in hugetlbfs_fill_super() caused by assigning\nNULL to ctx->hstate in hugetlbfs_parse_param() when the requested pagesize\nis non valid.\n\nE.g: Taking the following steps:\n\n fd = fsopen(\"hugetlbfs\", FSOPEN_CLOEXEC);\n fsconfig(fd, FSCONFIG_SET_STRING, \"pagesize\", \"1024\", 0);\n fsconfig(fd, FSCONFIG_CMD_CREATE, NULL, NULL, 0);\n\nGiven that the requested \"pagesize\" is invalid, ctxt->hstate will be replaced\nwith NULL, losing its previous value, and we will print an error:\n\n ...\n ...\n case Opt_pagesize:\n ps = memparse(param->string, &rest);\n ctx->hstate = h;\n if (!ctx->hstate) {\n pr_err(\"Unsupported page size %lu MB\\n\", ps / SZ_1M);\n return -EINVAL;\n }\n return 0;\n ...\n ...\n\nThis is a problem because later on, we will dereference ctxt->hstate in\nhugetlbfs_fill_super()\n\n ...\n ...\n sb->s_blocksize = huge_page_size(ctx->hstate);\n ...\n ...\n\nCausing below Oops.\n\nFix this by replacing cxt->hstate value only when then pagesize is known\nto be valid.\n\n kernel: hugetlbfs: Unsupported page size 0 MB\n kernel: BUG: kernel NULL pointer dereference, address: 0000000000000028\n kernel: #PF: supervisor read access in kernel mode\n kernel: #PF: error_code(0x0000) - not-present page\n kernel: PGD 800000010f66c067 P4D 800000010f66c067 PUD 1b22f8067 PMD 0\n kernel: Oops: 0000 [#1] PREEMPT SMP PTI\n kernel: CPU: 4 PID: 5659 Comm: syscall Tainted: G E 6.8.0-rc2-default+ #22 5a47c3fef76212addcc6eb71344aabc35190ae8f\n kernel: Hardware name: Intel Corp. GROVEPORT/GROVEPORT, BIOS GVPRCRB1.86B.0016.D04.1705030402 05/03/2017\n kernel: RIP: 0010:hugetlbfs_fill_super+0xb4/0x1a0\n kernel: Code: 48 8b 3b e8 3e c6 ed ff 48 85 c0 48 89 45 20 0f 84 d6 00 00 00 48 b8 ff ff ff ff ff ff ff 7f 4c 89 e7 49 89 44 24 20 48 8b 03 <8b> 48 28 b8 00 10 00 00 48 d3 e0 49 89 44 24 18 48 8b 03 8b 40 28\n kernel: RSP: 0018:ffffbe9960fcbd48 EFLAGS: 00010246\n kernel: RAX: 0000000000000000 RBX: ffff9af5272ae780 RCX: 0000000000372004\n kernel: RDX: ffffffffffffffff RSI: ffffffffffffffff RDI: ffff9af555e9b000\n kernel: RBP: ffff9af52ee66b00 R08: 0000000000000040 R09: 0000000000370004\n kernel: R10: ffffbe9960fcbd48 R11: 0000000000000040 R12: ffff9af555e9b000\n kernel: R13: ffffffffa66b86c0 R14: ffff9af507d2f400 R15: ffff9af507d2f400\n kernel: FS: 00007ffbc0ba4740(0000) GS:ffff9b0bd7000000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 0000000000000028 CR3: 00000001b1ee0000 CR4: 00000000001506f0\n kernel: Call Trace:\n kernel: \n kernel: ? __die_body+0x1a/0x60\n kernel: ? page_fault_oops+0x16f/0x4a0\n kernel: ? search_bpf_extables+0x65/0x70\n kernel: ? fixup_exception+0x22/0x310\n kernel: ? exc_page_fault+0x69/0x150\n kernel: ? asm_exc_page_fault+0x22/0x30\n kernel: ? __pfx_hugetlbfs_fill_super+0x10/0x10\n kernel: ? hugetlbfs_fill_super+0xb4/0x1a0\n kernel: ? hugetlbfs_fill_super+0x28/0x1a0\n kernel: ? __pfx_hugetlbfs_fill_super+0x10/0x10\n kernel: vfs_get_super+0x40/0xa0\n kernel: ? __pfx_bpf_lsm_capable+0x10/0x10\n kernel: vfs_get_tree+0x25/0xd0\n kernel: vfs_cmd_create+0x64/0xe0\n kernel: __x64_sys_fsconfig+0x395/0x410\n kernel: do_syscall_64+0x80/0x160\n kernel: ? syscall_exit_to_user_mode+0x82/0x240\n kernel: ? do_syscall_64+0x8d/0x160\n kernel: ? syscall_exit_to_user_mode+0x82/0x240\n kernel: ? do_syscall_64+0x8d/0x160\n kernel: ? exc_page_fault+0x69/0x150\n kernel: entry_SYSCALL_64_after_hwframe+0x6e/0x76\n kernel: RIP: 0033:0x7ffbc0cb87c9\n kernel: Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 97 96 0d 00 f7 d8 64 89 01 48\n kernel: RSP: 002b:00007ffc29d2f388 EFLAGS: 00000206 ORIG_RAX: 00000000000001af\n kernel: RAX: fffffffffff\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/13c5a9fb07105557a1fa9efdb4f23d7ef30b7274", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1dde8ef4b7a749ae1bc73617c91775631d167557", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/22850c9950a4e43a67299755d11498f3292d02ff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2e2c07104b4904aed1389a59b25799b95a85b5b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/79d72c68c58784a3e1cd2378669d51bfd0cb7498", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80d852299987a8037be145a94f41874228f1a773", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ec78418801ef7b0c22cd6a30145ec480dd48db39", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26689.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26689.json new file mode 100644 index 00000000000..b3ae8d27129 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26689.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26689", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.427", + "lastModified": "2024-04-03T15:15:52.427", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: prevent use-after-free in encode_cap_msg()\n\nIn fs/ceph/caps.c, in encode_cap_msg(), \"use after free\" error was\ncaught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This\nimplies before the refcount could be increment here, it was freed.\n\nIn same file, in \"handle_cap_grant()\" refcount is decremented by this\nline - 'ceph_buffer_put(ci->i_xattrs.blob);'. It appears that a race\noccurred and resource was freed by the latter line before the former\nline could increment it.\n\nencode_cap_msg() is called by __send_cap() and __send_cap() is called by\nceph_check_caps() after calling __prep_cap(). __prep_cap() is where\narg->xattr_buf is assigned to ci->i_xattrs.blob. This is the spot where\nthe refcount must be increased to prevent \"use after free\" error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/70e329b440762390258a6fe8c0de93c9fdd56c77", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7958c1bf5b03c6f1f58e724dbdec93f8f60b96fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8180d0c27b93a6eb60da1b08ea079e3926328214", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ae20db45e482303a20e56f2db667a9d9c54ac7e7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cda4672da1c26835dcbd7aec2bfed954eda9b5ef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f3f98d7d84b31828004545e29fd7262b9f444139", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26690.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26690.json new file mode 100644 index 00000000000..b6f3d162e31 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26690.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26690", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.487", + "lastModified": "2024-04-03T15:15:52.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: protect updates of 64-bit statistics counters\n\nAs explained by a comment in , write side of struct\nu64_stats_sync must ensure mutual exclusion, or one seqcount update could\nbe lost on 32-bit platforms, thus blocking readers forever. Such lockups\nhave been observed in real world after stmmac_xmit() on one CPU raced with\nstmmac_napi_poll_tx() on another CPU.\n\nTo fix the issue without introducing a new lock, split the statics into\nthree parts:\n\n1. fields updated only under the tx queue lock,\n2. fields updated only during NAPI poll,\n3. fields updated only from interrupt context,\n\nUpdates to fields in the first two groups are already serialized through\nother locks. It is sufficient to split the existing struct u64_stats_sync\nso that each group has its own.\n\nNote that tx_set_ic_bit is updated from both contexts. Split this counter\nso that each context gets its own, and calculate their sum to get the total\nvalue in stmmac_get_ethtool_stats().\n\nFor the third group, multiple interrupts may be processed by different CPUs\nat the same time, but interrupts on the same CPU will not nest. Move fields\nfrom this group to a newly created per-cpu struct stmmac_pcpu_stats." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/38cc3c6dcc09dc3a1800b5ec22aef643ca11eab8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9680b2ab54ba8d72581100e8c45471306101836e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6af0f082a4b87b99ad033003be2a904a1791b3f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json new file mode 100644 index 00000000000..79eff0b87d9 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26691", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.550", + "lastModified": "2024-04-03T15:15:52.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix circular locking dependency\n\nThe rule inside kvm enforces that the vcpu->mutex is taken *inside*\nkvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires\nthe kvm->lock while already holding the vcpu->mutex lock from\nkvm_vcpu_ioctl(). Avoid the circular locking dependency altogether by\nprotecting the hyp vm handle with the config_lock, much like we already\ndo for other forms of VM-scoped data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/10c02aad111df02088d1a81792a709f6a7eca6cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3ab1c40a1e915e350d9181a4603af393141970cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3d16cebf01127f459dcfeb79ed77bd68b124c228", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26692.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26692.json new file mode 100644 index 00000000000..a73eeaf9dff --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26692.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26692", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.610", + "lastModified": "2024-04-03T15:15:52.610", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Fix regression in writes when non-standard maximum write size negotiated\n\nThe conversion to netfs in the 6.3 kernel caused a regression when\nmaximum write size is set by the server to an unexpected value which is\nnot a multiple of 4096 (similarly if the user overrides the maximum\nwrite size by setting mount parm \"wsize\", but sets it to a value that\nis not a multiple of 4096). When negotiated write size is not a\nmultiple of 4096 the netfs code can skip the end of the final\npage when doing large sequential writes, causing data corruption.\n\nThis section of code is being rewritten/removed due to a large\nnetfs change, but until that point (ie for the 6.3 kernel until now)\nwe can not support non-standard maximum write sizes.\n\nAdd a warning if a user specifies a wsize on mount that is not\na multiple of 4096 (and round down), also add a change where we\nround down the maximum write size if the server negotiates a value\nthat is not a multiple of 4096 (we also have to check to make sure that\nwe do not round it down to zero)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4145ccff546ea868428b3e0fe6818c6261b574a9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4860abb91f3d7fbaf8147d54782149bb1fc45892", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/63c35afd50e28b49c5b75542045a8c42b696dab9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26693.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26693.json new file mode 100644 index 00000000000..29dd6d825a0 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26693.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26693", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.667", + "lastModified": "2024-04-03T15:15:52.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix a crash when we run out of stations\n\nA DoS tool that injects loads of authentication frames made our AP\ncrash. The iwl_mvm_is_dup() function couldn't find the per-queue\ndup_data which was not allocated.\n\nThe root cause for that is that we ran out of stations in the firmware\nand we didn't really add the station to the firmware, yet we didn't\nreturn an error to mac80211.\nMac80211 was thinking that we have the station and because of that,\nsta_info::uploaded was set to 1. This allowed\nieee80211_find_sta_by_ifaddr() to return a valid station object, but\nthat ieee80211_sta didn't have any iwl_mvm_sta object initialized and\nthat caused the crash mentioned earlier when we got Rx on that station." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00f4eb31b8193f6070ce24df636883f9c104ca95", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7198383ef2debe748118996f627452281cf27d7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c12f0f4d4caf23b1bfdc2602b6b70d56bdcd6aa7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26694.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26694.json new file mode 100644 index 00000000000..58e5958b30a --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26694.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26694", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.717", + "lastModified": "2024-04-03T15:15:52.717", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix double-free bug\n\nThe storage for the TLV PC register data wasn't done like all\nthe other storage in the drv->fw area, which is cleared at the\nend of deallocation. Therefore, the freeing must also be done\ndifferently, explicitly NULL'ing it out after the free, since\notherwise there's a nasty double-free bug here if a file fails\nto load after this has been parsed, and we get another free\nlater (e.g. because no other file exists.) Fix that by adding\nthe missing NULL assignment." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/353d321f63f7dbfc9ef58498cc732c9fe886a596", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab9d4bb9a1892439b3123fc52b19e32b9cdf80ad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d24eb9a27bea8fe5237fa71be274391d9d51eff2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26695.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26695.json new file mode 100644 index 00000000000..df10f886873 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26695.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26695", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.770", + "lastModified": "2024-04-03T15:15:52.770", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked\n\nThe SEV platform device can be shutdown with a null psp_master,\ne.g., using DEBUG_TEST_DRIVER_REMOVE. Found using KASAN:\n\n[ 137.148210] ccp 0000:23:00.1: enabling device (0000 -> 0002)\n[ 137.162647] ccp 0000:23:00.1: no command queues available\n[ 137.170598] ccp 0000:23:00.1: sev enabled\n[ 137.174645] ccp 0000:23:00.1: psp enabled\n[ 137.178890] general protection fault, probably for non-canonical address 0xdffffc000000001e: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 137.182693] KASAN: null-ptr-deref in range [0x00000000000000f0-0x00000000000000f7]\n[ 137.182693] CPU: 93 PID: 1 Comm: swapper/0 Not tainted 6.8.0-rc1+ #311\n[ 137.182693] RIP: 0010:__sev_platform_shutdown_locked+0x51/0x180\n[ 137.182693] Code: 08 80 3c 08 00 0f 85 0e 01 00 00 48 8b 1d 67 b6 01 08 48 b8 00 00 00 00 00 fc ff df 48 8d bb f0 00 00 00 48 89 f9 48 c1 e9 03 <80> 3c 01 00 0f 85 fe 00 00 00 48 8b 9b f0 00 00 00 48 85 db 74 2c\n[ 137.182693] RSP: 0018:ffffc900000cf9b0 EFLAGS: 00010216\n[ 137.182693] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 000000000000001e\n[ 137.182693] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00000000000000f0\n[ 137.182693] RBP: ffffc900000cf9c8 R08: 0000000000000000 R09: fffffbfff58f5a66\n[ 137.182693] R10: ffffc900000cf9c8 R11: ffffffffac7ad32f R12: ffff8881e5052c28\n[ 137.182693] R13: ffff8881e5052c28 R14: ffff8881758e43e8 R15: ffffffffac64abf8\n[ 137.182693] FS: 0000000000000000(0000) GS:ffff889de7000000(0000) knlGS:0000000000000000\n[ 137.182693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 137.182693] CR2: 0000000000000000 CR3: 0000001cf7c7e000 CR4: 0000000000350ef0\n[ 137.182693] Call Trace:\n[ 137.182693] \n[ 137.182693] ? show_regs+0x6c/0x80\n[ 137.182693] ? __die_body+0x24/0x70\n[ 137.182693] ? die_addr+0x4b/0x80\n[ 137.182693] ? exc_general_protection+0x126/0x230\n[ 137.182693] ? asm_exc_general_protection+0x2b/0x30\n[ 137.182693] ? __sev_platform_shutdown_locked+0x51/0x180\n[ 137.182693] sev_firmware_shutdown.isra.0+0x1e/0x80\n[ 137.182693] sev_dev_destroy+0x49/0x100\n[ 137.182693] psp_dev_destroy+0x47/0xb0\n[ 137.182693] sp_destroy+0xbb/0x240\n[ 137.182693] sp_pci_remove+0x45/0x60\n[ 137.182693] pci_device_remove+0xaa/0x1d0\n[ 137.182693] device_remove+0xc7/0x170\n[ 137.182693] really_probe+0x374/0xbe0\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] __driver_probe_device+0x199/0x460\n[ 137.182693] driver_probe_device+0x4e/0xd0\n[ 137.182693] __driver_attach+0x191/0x3d0\n[ 137.182693] ? __pfx___driver_attach+0x10/0x10\n[ 137.182693] bus_for_each_dev+0x100/0x190\n[ 137.182693] ? __pfx_bus_for_each_dev+0x10/0x10\n[ 137.182693] ? __kasan_check_read+0x15/0x20\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] ? _raw_spin_unlock+0x27/0x50\n[ 137.182693] driver_attach+0x41/0x60\n[ 137.182693] bus_add_driver+0x2a8/0x580\n[ 137.182693] driver_register+0x141/0x480\n[ 137.182693] __pci_register_driver+0x1d6/0x2a0\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] ? esrt_sysfs_init+0x1cd/0x5d0\n[ 137.182693] ? __pfx_sp_mod_init+0x10/0x10\n[ 137.182693] sp_pci_init+0x22/0x30\n[ 137.182693] sp_mod_init+0x14/0x30\n[ 137.182693] ? __pfx_sp_mod_init+0x10/0x10\n[ 137.182693] do_one_initcall+0xd1/0x470\n[ 137.182693] ? __pfx_do_one_initcall+0x10/0x10\n[ 137.182693] ? parameq+0x80/0xf0\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] ? __kmalloc+0x3b0/0x4e0\n[ 137.182693] ? kernel_init_freeable+0x92d/0x1050\n[ 137.182693] ? kasan_populate_vmalloc_pte+0x171/0x190\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] kernel_init_freeable+0xa64/0x1050\n[ 137.182693] ? __pfx_kernel_init+0x10/0x10\n[ 137.182693] kernel_init+0x24/0x160\n[ 137.182693] ? __switch_to_asm+0x3e/0x70\n[ 137.182693] ret_from_fork+0x40/0x80\n[ 137.182693] ? __pfx_kernel_init+0x1\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/58054faf3bd29cd0b949b77efcb6157f66f401ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7535ec350a5f09b5756a7607f5582913f21200f4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8731fe001a60581794ed9cf65da8cd304846a6fb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/88aa493f393d2ee38ac140e1f6ac1881346e85d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b5909f197f3b26aebedca7d8ac7b688fd993a266", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ccb88e9549e7cfd8bcd511c538f437e20026e983", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26696.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26696.json new file mode 100644 index 00000000000..5bfa8b7bb1d --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26696.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26696", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.830", + "lastModified": "2024-04-03T15:15:52.830", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix hang in nilfs_lookup_dirty_data_buffers()\n\nSyzbot reported a hang issue in migrate_pages_batch() called by mbind()\nand nilfs_lookup_dirty_data_buffers() called in the log writer of nilfs2.\n\nWhile migrate_pages_batch() locks a folio and waits for the writeback to\ncomplete, the log writer thread that should bring the writeback to\ncompletion picks up the folio being written back in\nnilfs_lookup_dirty_data_buffers() that it calls for subsequent log\ncreation and was trying to lock the folio. Thus causing a deadlock.\n\nIn the first place, it is unexpected that folios/pages in the middle of\nwriteback will be updated and become dirty. Nilfs2 adds a checksum to\nverify the validity of the log being written and uses it for recovery at\nmount, so data changes during writeback are suppressed. Since this is\nbroken, an unclean shutdown could potentially cause recovery to fail.\n\nInvestigation revealed that the root cause is that the wait for writeback\ncompletion in nilfs_page_mkwrite() is conditional, and if the backing\ndevice does not require stable writes, data may be modified without\nwaiting.\n\nFix these issues by making nilfs_page_mkwrite() wait for writeback to\nfinish regardless of the stable write requirement of the backing device." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/228742b2ddfb99dfd71e5a307e6088ab6836272e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/38296afe3c6ee07319e01bb249aa4bb47c07b534", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7e9b622bd0748cc104d66535b76d9b3535f9dc0f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8494ba2c9ea00a54d5b50e69b22c55a8958bce32", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/862ee4422c38be5c249844a684b00d0dbe9d1e46", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/98a4026b22ff440c7f47056481bcbbe442f607d6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e38585401d464578d30f5868ff4ca54475c34f7d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ea5ddbc11613b55e5128c85f57b08f907abd9b28", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26697.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26697.json new file mode 100644 index 00000000000..dc835fc9a23 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26697.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26697", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.880", + "lastModified": "2024-04-03T15:15:52.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix data corruption in dsync block recovery for small block sizes\n\nThe helper function nilfs_recovery_copy_block() of\nnilfs_recovery_dsync_blocks(), which recovers data from logs created by\ndata sync writes during a mount after an unclean shutdown, incorrectly\ncalculates the on-page offset when copying repair data to the file's page\ncache. In environments where the block size is smaller than the page\nsize, this flaw can cause data corruption and leak uninitialized memory\nbytes during the recovery process.\n\nFix these issues by correcting this byte offset calculation on the page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/120f7fa2008e3bd8b7680b4ab5df942decf60fd5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2000016bab499074e6248ea85aeea7dd762355d9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2e1480538ef60bfee5473dfe02b1ecbaf1a4aa0d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/364a66be2abdcd4fd426ffa44d9b8f40aafb3caa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5278c3eb6bf5896417572b52adb6be9d26e92f65", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/67b8bcbaed4777871bb0dcc888fb02a614a98ab1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9c9c68d64fd3284f7097ed6ae057c8441f39fcd3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a6efe6dbaaf504f5b3f8a5c3f711fe54e7dda0ba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26698.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26698.json new file mode 100644 index 00000000000..005054e48f1 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26698.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26698", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.933", + "lastModified": "2024-04-03T15:15:52.933", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhv_netvsc: Fix race condition between netvsc_probe and netvsc_remove\n\nIn commit ac5047671758 (\"hv_netvsc: Disable NAPI before closing the\nVMBus channel\"), napi_disable was getting called for all channels,\nincluding all subchannels without confirming if they are enabled or not.\n\nThis caused hv_netvsc getting hung at napi_disable, when netvsc_probe()\nhas finished running but nvdev->subchan_work has not started yet.\nnetvsc_subchan_work() -> rndis_set_subchannel() has not created the\nsub-channels and because of that netvsc_sc_open() is not running.\nnetvsc_remove() calls cancel_work_sync(&nvdev->subchan_work), for which\nnetvsc_subchan_work did not run.\n\nnetif_napi_add() sets the bit NAPI_STATE_SCHED because it ensures NAPI\ncannot be scheduled. Then netvsc_sc_open() -> napi_enable will clear the\nNAPIF_STATE_SCHED bit, so it can be scheduled. napi_disable() does the\nopposite.\n\nNow during netvsc_device_remove(), when napi_disable is called for those\nsubchannels, napi_disable gets stuck on infinite msleep.\n\nThis fix addresses this problem by ensuring that napi_disable() is not\ngetting called for non-enabled NAPI struct.\nBut netif_napi_del() is still necessary for these non-enabled NAPI struct\nfor cleanup purpose.\n\nCall trace:\n[ 654.559417] task:modprobe state:D stack: 0 pid: 2321 ppid: 1091 flags:0x00004002\n[ 654.568030] Call Trace:\n[ 654.571221] \n[ 654.573790] __schedule+0x2d6/0x960\n[ 654.577733] schedule+0x69/0xf0\n[ 654.581214] schedule_timeout+0x87/0x140\n[ 654.585463] ? __bpf_trace_tick_stop+0x20/0x20\n[ 654.590291] msleep+0x2d/0x40\n[ 654.593625] napi_disable+0x2b/0x80\n[ 654.597437] netvsc_device_remove+0x8a/0x1f0 [hv_netvsc]\n[ 654.603935] rndis_filter_device_remove+0x194/0x1c0 [hv_netvsc]\n[ 654.611101] ? do_wait_intr+0xb0/0xb0\n[ 654.615753] netvsc_remove+0x7c/0x120 [hv_netvsc]\n[ 654.621675] vmbus_remove+0x27/0x40 [hv_vmbus]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e8875de9dad12805ff66e92cd5edea6a421f1cd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/22a77c0f5b8233237731df3288d067af51a2fd7b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/48a8ccccffbae10c91d31fc872db5c31aba07518", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7656372ae190e54e8c8cf1039725a5ea59fdf84a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9ec807e7b6f5fcf9499f3baa69f254bb239a847f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e0526ec5360a48ad3ab2e26e802b0532302a7e11", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json new file mode 100644 index 00000000000..4665bb79e40 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-26699", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:52.980", + "lastModified": "2024-04-03T15:15:52.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr\n\n[Why]\nThere is a potential memory access violation while\niterating through array of dcn35 clks.\n\n[How]\nLimit iteration per array size." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/46806e59a87790760870d216f54951a5b4d545bc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ca400d8e0c1c9d79c08dfb6b7f966e26c8cae7fb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26700.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26700.json new file mode 100644 index 00000000000..e936fc6846f --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26700.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26700", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.030", + "lastModified": "2024-04-03T15:15:53.030", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix MST Null Ptr for RV\n\nThe change try to fix below error specific to RV platform:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2\nHardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022\nRIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\nCode: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>\nRSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\nRDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\nRBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\nR10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\nR13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\nFS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0\nCall Trace:\n \n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? plist_add+0xbe/0x100\n ? exc_page_fault+0x7c/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n drm_atomic_check_only+0x5c5/0xa40\n drm_mode_atomic_ioctl+0x76e/0xbc0\n ? _copy_to_user+0x25/0x30\n ? drm_ioctl+0x296/0x4b0\n ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n drm_ioctl_kernel+0xcd/0x170\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n amdgpu_drm_ioctl+0x4e/0x90 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x60/0x90\n ? do_syscall_64+0x6c/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7f4dad17f76f\nCode: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c>\nRSP: 002b:00007ffd9ae859f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055e255a55900 RCX: 00007f4dad17f76f\nRDX: 00007ffd9ae85a90 RSI: 00000000c03864bc RDI: 000000000000000b\nRBP: 00007ffd9ae85a90 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000000 R11: 0000000000000246 R12: 00000000c03864bc\nR13: 000000000000000b R14: 000055e255a7fc60 R15: 000055e255a01eb0\n \nModules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device ccm cmac algif_hash algif_skcipher af_alg joydev mousedev bnep >\n typec libphy k10temp ipmi_msghandler roles i2c_scmi acpi_cpufreq mac_hid nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_mas>\nCR2: 0000000000000008\n---[ end trace 0000000000000000 ]---\nRIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\nCode: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>\nRSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\nRDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\nRBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\nR10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\nR13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\nFS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/01d992088dce3945f70f49f34b0b911c5213c238", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5cd7185d2db76c42a9b7e69adad9591d9fca093f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7407c61f43b66e90ad127d0cdd13cbc9d87141a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6a7df96facdcf5b1f71eb3ec26f2f9f6ad61e57", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26702.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26702.json new file mode 100644 index 00000000000..196b52507aa --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26702.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2024-26702", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.087", + "lastModified": "2024-04-03T15:15:53.087", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC\n\nRecently, we encounter kernel crash in function rm3100_common_probe\ncaused by out of bound access of array rm3100_samp_rates (because of\nunderlying hardware failures). Add boundary check to prevent out of\nbound access." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/176256ff8abff29335ecff905a09fb49e8dcf513", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1d8c67e94e9e977603473a543d4f322cf2c4aa01", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/36a49290d7e6d554020057a409747a092b1d3b56", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/57d05dbbcd0b3dc0c252103b43012eef5d6430d1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7200170e88e3ec54d9e9c63f07514c3cead11481", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/792595bab4925aa06532a14dd256db523eb4fa5e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8d5838a473e8e6d812257c69745f5920e4924a60", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26703.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26703.json new file mode 100644 index 00000000000..43f6d89a5b1 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26703.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26703", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.140", + "lastModified": "2024-04-03T15:15:53.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Move hrtimer_init to timerlat_fd open()\n\nCurrently, the timerlat's hrtimer is initialized at the first read of\ntimerlat_fd, and destroyed at close(). It works, but it causes an error\nif the user program open() and close() the file without reading.\n\nHere's an example:\n\n # echo NO_OSNOISE_WORKLOAD > /sys/kernel/debug/tracing/osnoise/options\n # echo timerlat > /sys/kernel/debug/tracing/current_tracer\n\n # cat < ./timerlat_load.py\n # !/usr/bin/env python3\n\n timerlat_fd = open(\"/sys/kernel/tracing/osnoise/per_cpu/cpu0/timerlat_fd\", 'r')\n timerlat_fd.close();\n EOF\n\n # ./taskset -c 0 ./timerlat_load.py\n\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 2673 Comm: python3 Not tainted 6.6.13-200.fc39.x86_64 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 04/01/2014\n RIP: 0010:hrtimer_active+0xd/0x50\n Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 48 8b 57 30 <8b> 42 10 a8 01 74 09 f3 90 8b 42 10 a8 01 75 f7 80 7f 38 00 75 1d\n RSP: 0018:ffffb031009b7e10 EFLAGS: 00010286\n RAX: 000000000002db00 RBX: ffff9118f786db08 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9117a0e64400 RDI: ffff9118f786db08\n RBP: ffff9118f786db80 R08: ffff9117a0ddd420 R09: ffff9117804d4f70\n R10: 0000000000000000 R11: 0000000000000000 R12: ffff9118f786db08\n R13: ffff91178fdd5e20 R14: ffff9117840978c0 R15: 0000000000000000\n FS: 00007f2ffbab1740(0000) GS:ffff9118f7840000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000010 CR3: 00000001b402e000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? srso_alias_return_thunk+0x5/0x7f\n ? avc_has_extended_perms+0x237/0x520\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? hrtimer_active+0xd/0x50\n hrtimer_cancel+0x15/0x40\n timerlat_fd_release+0x48/0xe0\n __fput+0xf5/0x290\n __x64_sys_close+0x3d/0x80\n do_syscall_64+0x60/0x90\n ? srso_alias_return_thunk+0x5/0x7f\n ? __x64_sys_ioctl+0x72/0xd0\n ? srso_alias_return_thunk+0x5/0x7f\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_syscall_64+0x6c/0x90\n ? srso_alias_return_thunk+0x5/0x7f\n ? exit_to_user_mode_prepare+0x142/0x1f0\n ? srso_alias_return_thunk+0x5/0x7f\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_syscall_64+0x6c/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f2ffb321594\n Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 cd 0d 00 00 74 13 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3c c3 0f 1f 00 55 48 89 e5 48 83 ec 10 89 7d\n RSP: 002b:00007ffe8d8eef18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003\n RAX: ffffffffffffffda RBX: 00007f2ffba4e668 RCX: 00007f2ffb321594\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\n RBP: 00007ffe8d8eef40 R08: 0000000000000000 R09: 0000000000000000\n R10: 55c926e3167eae79 R11: 0000000000000202 R12: 0000000000000003\n R13: 00007ffe8d8ef030 R14: 0000000000000000 R15: 00007f2ffba4e668\n \n CR2: 0000000000000010\n ---[ end trace 0000000000000000 ]---\n\nMove hrtimer_init to timerlat_fd open() to avoid this problem." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1389358bb008e7625942846e9f03554319b7fecc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2354d29986ebd138f89c2b73fecf8237e0a4ad6b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f703935fdb559642d85b2088442ee55a557ae6d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26704.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26704.json new file mode 100644 index 00000000000..67e61dfb8d6 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26704.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26704", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.193", + "lastModified": "2024-04-03T15:15:53.193", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/185eab30486ba3e7bf8b9c2e049c79a06ffd2bc1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2883940b19c38d5884c8626483811acf4d7e148f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/55583e899a5357308274601364741a83e78d6ac4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/559ddacb90da1d8786dd8ec4fd76bbfa404eaef6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/afba9d11320dad5ce222ac8964caf64b7b4bedb1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/afbcad9ae7d6d11608399188f03a837451b6b3a1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b4fbb89d722cbb16beaaea234b7230faaaf68c71", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d033a555d9a1cf53dbf3301af7199cc4a4c8f537", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26705.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26705.json new file mode 100644 index 00000000000..50e2ee7e238 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26705.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26705", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.243", + "lastModified": "2024-04-03T15:15:53.243", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: BTLB: Fix crash when setting up BTLB at CPU bringup\n\nWhen using hotplug and bringing up a 32-bit CPU, ask the firmware about the\nBTLB information to set up the static (block) TLB entries.\n\nFor that write access to the static btlb_info struct is needed, but\nsince it is marked __ro_after_init the kernel segfaults with missing\nwrite permissions.\n\nFix the crash by dropping the __ro_after_init annotation." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/54944f45470af5965fb9c28cf962ec30f38a8f5b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/913b9d443a0180cf0de3548f1ab3149378998486", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa52be55276614d33f22fbe7da36c40d6432d10b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26706.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26706.json new file mode 100644 index 00000000000..27421b844e8 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26706.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26706", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.293", + "lastModified": "2024-04-03T15:15:53.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: Fix random data corruption from exception handler\n\nThe current exception handler implementation, which assists when accessing\nuser space memory, may exhibit random data corruption if the compiler decides\nto use a different register than the specified register %r29 (defined in\nASM_EXCEPTIONTABLE_REG) for the error code. If the compiler choose another\nregister, the fault handler will nevertheless store -EFAULT into %r29 and thus\ntrash whatever this register is used for.\nLooking at the assembly I found that this happens sometimes in emulate_ldd().\n\nTo solve the issue, the easiest solution would be if it somehow is\npossible to tell the fault handler which register is used to hold the error\ncode. Using %0 or %1 in the inline assembly is not posssible as it will show\nup as e.g. %r29 (with the \"%r\" prefix), which the GNU assembler can not\nconvert to an integer.\n\nThis patch takes another, better and more flexible approach:\nWe extend the __ex_table (which is out of the execution path) by one 32-word.\nIn this word we tell the compiler to insert the assembler instruction\n\"or %r0,%r0,%reg\", where %reg references the register which the compiler\nchoosed for the error return code.\nIn case of an access failure, the fault handler finds the __ex_table entry and\ncan examine the opcode. The used register is encoded in the lowest 5 bits, and\nthe fault handler can then store -EFAULT into this register.\n\nSince we extend the __ex_table to 3 words we can't use the BUILDTIME_TABLE_SORT\nconfig option any longer." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/23027309b099ffc4efca5477009a11dccbdae592", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b1d72395635af45410b66cc4c4ab37a12c4a831", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ce31d79aa1f13a2345791f84935281a2c194e003", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fa69a8063f8b27f3c7434a0d4f464a76a62f24d2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26707.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26707.json new file mode 100644 index 00000000000..2a611e58c90 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26707.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26707", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.340", + "lastModified": "2024-04-03T15:15:53.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()\n\nSyzkaller reported [1] hitting a warning after failing to allocate\nresources for skb in hsr_init_skb(). Since a WARN_ONCE() call will\nnot help much in this case, it might be prudent to switch to\nnetdev_warn_once(). At the very least it will suppress syzkaller\nreports such as [1].\n\nJust in case, use netdev_warn_once() in send_prp_supervision_frame()\nfor similar reasons.\n\n[1]\nHSR: Could not send supervision frame\nWARNING: CPU: 1 PID: 85 at net/hsr/hsr_device.c:294 send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294\nRIP: 0010:send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294\n...\nCall Trace:\n \n hsr_announce+0x114/0x370 net/hsr/hsr_device.c:382\n call_timer_fn+0x193/0x590 kernel/time/timer.c:1700\n expire_timers kernel/time/timer.c:1751 [inline]\n __run_timers+0x764/0xb20 kernel/time/timer.c:2022\n run_timer_softirq+0x58/0xd0 kernel/time/timer.c:2035\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n invoke_softirq kernel/softirq.c:427 [inline]\n __irq_exit_rcu kernel/softirq.c:632 [inline]\n irq_exit_rcu+0xb7/0x120 kernel/softirq.c:644\n sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1076\n \n \n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649\n...\n\nThis issue is also found in older kernels (at least up to 5.10)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0d8011a878fdf96123bc0d6a12e2fe7ced5fddfb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/37e8c97e539015637cb920d3e6f1e404f707a06e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/547545e50c913861219947ce490c68a1776b9b51", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/56440799fc4621c279df16176f83a995d056023a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/923dea2a7ea9e1ef5ac4031fba461c1cc92e32b8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/de769423b2f053182a41317c4db5a927e90622a0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26708.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26708.json new file mode 100644 index 00000000000..edebd57dce3 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26708.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26708", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.390", + "lastModified": "2024-04-03T15:15:53.390", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: really cope with fastopen race\n\nFastopen and PM-trigger subflow shutdown can race, as reported by\nsyzkaller.\n\nIn my first attempt to close such race, I missed the fact that\nthe subflow status can change again before the subflow_state_change\ncallback is invoked.\n\nAddress the issue additionally copying with all the states directly\nreachable from TCP_FIN_WAIT1." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/337cebbd850f94147cee05252778f8f78b8c337f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4bfe217e075d04e63c092df9d40c608e598c2ef2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e158fb9679d15a2317ec13b4f6301bd26265df2f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26709.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26709.json new file mode 100644 index 00000000000..aea30aaaa6f --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26709.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-26709", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.440", + "lastModified": "2024-04-03T15:15:53.440", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/iommu: Fix the missing iommu_group_put() during platform domain attach\n\nThe function spapr_tce_platform_iommu_attach_dev() is missing to call\niommu_group_put() when the domain is already set. This refcount leak\nshows up with BUG_ON() during DLPAR remove operation as:\n\n KernelBug: Kernel bug in state 'None': kernel BUG at arch/powerpc/platforms/pseries/iommu.c:100!\n Oops: Exception in kernel mode, sig: 5 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=8192 NUMA pSeries\n \n Hardware name: IBM,9080-HEX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NH1060_016) hv:phyp pSeries\n NIP: c0000000000ff4d4 LR: c0000000000ff4cc CTR: 0000000000000000\n REGS: c0000013aed5f840 TRAP: 0700 Tainted: G I (6.8.0-rc3-autotest-g99bd3cb0d12e)\n MSR: 8000000000029033 CR: 44002402 XER: 20040000\n CFAR: c000000000a0d170 IRQMASK: 0\n ...\n NIP iommu_reconfig_notifier+0x94/0x200\n LR iommu_reconfig_notifier+0x8c/0x200\n Call Trace:\n iommu_reconfig_notifier+0x8c/0x200 (unreliable)\n notifier_call_chain+0xb8/0x19c\n blocking_notifier_call_chain+0x64/0x98\n of_reconfig_notify+0x44/0xdc\n of_detach_node+0x78/0xb0\n ofdt_write.part.0+0x86c/0xbb8\n proc_reg_write+0xf4/0x150\n vfs_write+0xf8/0x488\n ksys_write+0x84/0x140\n system_call_exception+0x138/0x330\n system_call_vectored_common+0x15c/0x2ec\n\nThe patch adds the missing iommu_group_put() call." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0846dd77c8349ec92ca0079c9c71d130f34cb192", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c90fdea9cac9eb419fc266e75d625cb60c8f7f6c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26710.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26710.json new file mode 100644 index 00000000000..ba66cf4e662 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26710.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26710", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.487", + "lastModified": "2024-04-03T15:15:53.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kasan: Limit KASAN thread size increase to 32KB\n\nKASAN is seen to increase stack usage, to the point that it was reported\nto lead to stack overflow on some 32-bit machines (see link).\n\nTo avoid overflows the stack size was doubled for KASAN builds in\ncommit 3e8635fb2e07 (\"powerpc/kasan: Force thread size increase with\nKASAN\").\n\nHowever with a 32KB stack size to begin with, the doubling leads to a\n64KB stack, which causes build errors:\n arch/powerpc/kernel/switch.S:249: Error: operand out of range (0x000000000000fe50 is not between 0xffffffffffff8000 and 0x0000000000007fff)\n\nAlthough the asm could be reworked, in practice a 32KB stack seems\nsufficient even for KASAN builds - the additional usage seems to be in\nthe 2-3KB range for a 64-bit KASAN build.\n\nSo only increase the stack for KASAN if the stack size is < 32KB." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4297217bcf1f0948a19c2bacc6b68d92e7778ad9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4cc31fa07445879a13750cb061bb8c2654975fcb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b29b16bd836a838b7690f80e37f8376414c74cbe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26711.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26711.json new file mode 100644 index 00000000000..b7bad1621c4 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26711.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26711", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.540", + "lastModified": "2024-04-03T15:15:53.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad4130: zero-initialize clock init data\n\nThe clk_init_data struct does not have all its members\ninitialized, causing issues when trying to expose the internal\nclock on the CLK pin.\n\nFix this by zero-initializing the clk_init_data struct." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/02876e2df02f8b17a593d77a0a7879a8109b27e1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0e0dab37750926d4fb0144edb1c1ea0612fea273", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a22b0a2be69a36511cb5b37d948b651ddf7debf3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26712.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26712.json new file mode 100644 index 00000000000..96ff6d0b998 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26712.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26712", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.590", + "lastModified": "2024-04-03T15:15:53.590", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kasan: Fix addr error caused by page alignment\n\nIn kasan_init_region, when k_start is not page aligned, at the begin of\nfor loop, k_cur = k_start & PAGE_MASK is less than k_start, and then\n`va = block + k_cur - k_start` is less than block, the addr va is invalid,\nbecause the memory address space from va to block is not alloced by\nmemblock_alloc, which will not be reserved by memblock_reserve later, it\nwill be used by other places.\n\nAs a result, memory overwriting occurs.\n\nfor example:\nint __init __weak kasan_init_region(void *start, size_t size)\n{\n[...]\n\t/* if say block(dcd97000) k_start(feef7400) k_end(feeff3fe) */\n\tblock = memblock_alloc(k_end - k_start, PAGE_SIZE);\n\t[...]\n\tfor (k_cur = k_start & PAGE_MASK; k_cur < k_end; k_cur += PAGE_SIZE) {\n\t\t/* at the begin of for loop\n\t\t * block(dcd97000) va(dcd96c00) k_cur(feef7000) k_start(feef7400)\n\t\t * va(dcd96c00) is less than block(dcd97000), va is invalid\n\t\t */\n\t\tvoid *va = block + k_cur - k_start;\n\t\t[...]\n\t}\n[...]\n}\n\nTherefore, page alignment is performed on k_start before\nmemblock_alloc() to ensure the validity of the VA address." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0516c06b19dc64807c10e01bb99b552bdf2d7dbe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0c09912dd8387e228afcc5e34ac5d79b1e3a1058", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/230e89b5ad0a33f530a2a976b3e5e4385cb27882", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2738e0aa2fb24a7ab9c878d912dc2b239738c6c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4a7aee96200ad281a5cc4cf5c7a2e2a49d2b97b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70ef2ba1f4286b2b73675aeb424b590c92d57b25", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26713.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26713.json new file mode 100644 index 00000000000..47312f062e1 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26713.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26713", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.647", + "lastModified": "2024-04-03T15:15:53.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: Fix iommu initialisation during DLPAR add\n\nWhen a PCI device is dynamically added, the kernel oopses with a NULL\npointer dereference:\n\n BUG: Kernel NULL pointer dereference on read at 0x00000030\n Faulting instruction address: 0xc0000000006bbe5c\n Oops: Kernel access of bad area, sig: 11 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries\n Modules linked in: rpadlpar_io rpaphp rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs xsk_diag bonding nft_compat nf_tables nfnetlink rfkill binfmt_misc dm_multipath rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_core_mod ib_umad ib_iser libiscsi scsi_transport_iscsi ib_ipoib rdma_cm iw_cm ib_cm mlx5_ib ib_uverbs ib_core pseries_rng drm drm_panel_orientation_quirks xfs libcrc32c mlx5_core mlxfw sd_mod t10_pi sg tls ibmvscsi ibmveth scsi_transport_srp vmx_crypto pseries_wdt psample dm_mirror dm_region_hash dm_log dm_mod fuse\n CPU: 17 PID: 2685 Comm: drmgr Not tainted 6.7.0-203405+ #66\n Hardware name: IBM,9080-HEX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NH1060_008) hv:phyp pSeries\n NIP: c0000000006bbe5c LR: c000000000a13e68 CTR: c0000000000579f8\n REGS: c00000009924f240 TRAP: 0300 Not tainted (6.7.0-203405+)\n MSR: 8000000000009033 CR: 24002220 XER: 20040006\n CFAR: c000000000a13e64 DAR: 0000000000000030 DSISR: 40000000 IRQMASK: 0\n ...\n NIP sysfs_add_link_to_group+0x34/0x94\n LR iommu_device_link+0x5c/0x118\n Call Trace:\n iommu_init_device+0x26c/0x318 (unreliable)\n iommu_device_link+0x5c/0x118\n iommu_init_device+0xa8/0x318\n iommu_probe_device+0xc0/0x134\n iommu_bus_notifier+0x44/0x104\n notifier_call_chain+0xb8/0x19c\n blocking_notifier_call_chain+0x64/0x98\n bus_notify+0x50/0x7c\n device_add+0x640/0x918\n pci_device_add+0x23c/0x298\n of_create_pci_dev+0x400/0x884\n of_scan_pci_dev+0x124/0x1b0\n __of_scan_bus+0x78/0x18c\n pcibios_scan_phb+0x2a4/0x3b0\n init_phb_dynamic+0xb8/0x110\n dlpar_add_slot+0x170/0x3b8 [rpadlpar_io]\n add_slot_store.part.0+0xb4/0x130 [rpadlpar_io]\n kobj_attr_store+0x2c/0x48\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x350/0x4a0\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x330\n system_call_vectored_common+0x15c/0x2ec\n\nCommit a940904443e4 (\"powerpc/iommu: Add iommu_ops to report capabilities\nand allow blocking domains\") broke DLPAR add of PCI devices.\n\nThe above added iommu_device structure to pci_controller. During\nsystem boot, PCI devices are discovered and this newly added iommu_device\nstructure is initialized by a call to iommu_device_register().\n\nDuring DLPAR add of a PCI device, a new pci_controller structure is\nallocated but there are no calls made to iommu_device_register()\ninterface.\n\nFix is to register the iommu device during DLPAR add as well.\n\n[mpe: Trim oops and tweak some change log wording]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9978d5b744e0227afe19e3bcb4c5f75442dde753", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d4f762d6403f7419de90d7749fa83dd92ffb0e1d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed8b94f6e0acd652ce69bd69d678a0c769172df8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26714.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26714.json new file mode 100644 index 00000000000..28b7b890296 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26714.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26714", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.700", + "lastModified": "2024-04-03T15:15:53.700", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: qcom: sc8180x: Mark CO0 BCM keepalive\n\nThe CO0 BCM needs to be up at all times, otherwise some hardware (like\nthe UFS controller) loses its connection to the rest of the SoC,\nresulting in a hang of the platform, accompanied by a spectacular\nlogspam.\n\nMark it as keepalive to prevent such cases." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/6616d3c4f8284a7b3ef978c916566bd240cea1c7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7a3a70dd08e4b7dffc2f86f2c68fc3812804b9d0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/85e985a4f46e462a37f1875cb74ed380e7c0c2e0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d8e36ff40cf9dadb135f3a97341c02c9a7afcc43", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26715.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26715.json new file mode 100644 index 00000000000..4b0262139ce --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26715.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2024-26715", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.750", + "lastModified": "2024-04-03T15:15:53.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend\n\nIn current scenario if Plug-out and Plug-In performed continuously\nthere could be a chance while checking for dwc->gadget_driver in\ndwc3_gadget_suspend, a NULL pointer dereference may occur.\n\nCall Stack:\n\n\tCPU1: CPU2:\n\tgadget_unbind_driver dwc3_suspend_common\n\tdwc3_gadget_stop dwc3_gadget_suspend\n dwc3_disconnect_gadget\n\nCPU1 basically clears the variable and CPU2 checks the variable.\nConsider CPU1 is running and right before gadget_driver is cleared\nand in parallel CPU2 executes dwc3_gadget_suspend where it finds\ndwc->gadget_driver which is not NULL and resumes execution and then\nCPU1 completes execution. CPU2 executes dwc3_disconnect_gadget where\nit checks dwc->gadget_driver is already NULL because of which the\nNULL pointer deference occur." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/36695d5eeeefe5a64b47d0336e7c8fc144e78182", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/57e2e42ccd3cd6183228269715ed032f44536751", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61a348857e869432e6a920ad8ea9132e8d44c316", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/88936ceab6b426f1312327e9ef849c215c6007a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c7ebd8149ee519d27232e6e4940e9c02071b568b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26716.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26716.json new file mode 100644 index 00000000000..58b26c7409d --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26716.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26716", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.800", + "lastModified": "2024-04-03T15:15:53.800", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: core: Prevent null pointer dereference in update_port_device_state\n\nCurrently, the function update_port_device_state gets the usb_hub from\nudev->parent by calling usb_hub_to_struct_hub.\nHowever, in case the actconfig or the maxchild is 0, the usb_hub would\nbe NULL and upon further accessing to get port_dev would result in null\npointer dereference.\n\nFix this by introducing an if check after the usb_hub is populated." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/12783c0b9e2c7915a50d5ec829630ff2da50472c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/465b545d1d7ef282192ddd4439b08279bdb13f6f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed85777c640cf9e6920bb1b60ed8cd48e1f4d873", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26717.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26717.json new file mode 100644 index 00000000000..2e580e62346 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26717.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2024-26717", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.850", + "lastModified": "2024-04-03T15:15:53.850", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid-of: fix NULL-deref on failed power up\n\nA while back the I2C HID implementation was split in an ACPI and OF\npart, but the new OF driver never initialises the client pointer which\nis dereferenced on power-up failures." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00aab7dcb2267f2aef59447602f34501efe1a07f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4cad91344a62536a2949873bad6365fbb6232776", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/62f5d219edbd174829aa18d4b3d97cd5fefbb783", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d7d7a0e3b6f5adc45f23667cbb919e99093a5b5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e28d6b63aeecbda450935fb58db0e682ea8212d3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26718.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26718.json new file mode 100644 index 00000000000..0d4e7cc488b --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26718.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26718", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.897", + "lastModified": "2024-04-03T15:15:53.897", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-crypt, dm-verity: disable tasklets\n\nTasklets have an inherent problem with memory corruption. The function\ntasklet_action_common calls tasklet_trylock, then it calls the tasklet\ncallback and then it calls tasklet_unlock. If the tasklet callback frees\nthe structure that contains the tasklet or if it calls some code that may\nfree it, tasklet_unlock will write into free memory.\n\nThe commits 8e14f610159d and d9a02e016aaf try to fix it for dm-crypt, but\nit is not a sufficient fix and the data corruption can still happen [1].\nThere is no fix for dm-verity and dm-verity will write into free memory\nwith every tasklet-processed bio.\n\nThere will be atomic workqueues implemented in the kernel 6.9 [2]. They\nwill have better interface and they will not suffer from the memory\ncorruption problem.\n\nBut we need something that stops the memory corruption now and that can be\nbackported to the stable kernels. So, I'm proposing this commit that\ndisables tasklets in both dm-crypt and dm-verity. This commit doesn't\nremove the tasklet support, because the tasklet code will be reused when\natomic workqueues will be implemented.\n\n[1] https://lore.kernel.org/all/d390d7ee-f142-44d3-822a-87949e14608b@suse.de/T/\n[2] https://lore.kernel.org/lkml/20240130091300.2968534-1-tj@kernel.org/" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0a9bab391e336489169b95cb0d4553d921302189", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0c45a20cbe68bc4d681734f5c03891124a274257", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/30884a44e0cedc3dfda8c22432f3ba4078ec2d94", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5735a2671ffb70ea29ca83969fe01316ee2ed6fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26719.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26719.json new file mode 100644 index 00000000000..e879a87ad0a --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26719.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26719", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.947", + "lastModified": "2024-04-03T15:15:53.947", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: offload fence uevents work to workqueue\n\nThis should break the deadlock between the fctx lock and the irq lock.\n\nThis offloads the processing off the work from the irq into a workqueue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/39126abc5e20611579602f03b66627d7cd1422f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/985d053f7633d8b539ab1531738d538efac678a9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cc0037fa592d56e4abb9c7d1c52c4d2dc25cd906", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26720.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26720.json new file mode 100644 index 00000000000..0f179211895 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26720.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26720", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:53.993", + "lastModified": "2024-04-03T15:15:53.993", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\n\n(struct dirty_throttle_control *)->thresh is an unsigned long, but is\npassed as the u32 divisor argument to div_u64(). On architectures where\nunsigned long is 64 bytes, the argument will be implicitly truncated.\n\nUse div64_u64() instead of div_u64() so that the value used in the \"is\nthis a safe division\" check is the same as the divisor.\n\nAlso, remove redundant cast of the numerator to u64, as that should happen\nimplicitly.\n\nThis would be difficult to exploit in memcg domain, given the ratio-based\narithmetic domain_drity_limits() uses, but is much easier in global\nwriteback domain with a BDI_CAP_STRICTLIMIT-backing device, using e.g. \nvm.dirty_bytes=(1<<32)*PAGE_SIZE so that dtc->thresh == (1<<32)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/16b1025eaa8fc223ab4273ece20d1c3a4211a95d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1f12e4b3284d6c863f272eb2de0d4248ed211cf4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5099871b370335809c0fd1abad74d9c7c205d43f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/65977bed167a92e87085e757fffa5798f7314c9f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/81e7d2530d458548b90a5c5e76b77ad5e5d1c0df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9319b647902cbd5cc884ac08a8a6d54ce111fc78", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ec18ec230301583395576915d274b407743d8f6c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26721.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26721.json new file mode 100644 index 00000000000..79a2818c453 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26721.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-26721", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.043", + "lastModified": "2024-04-03T15:15:54.043", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address\n\nCommit bd077259d0a9 (\"drm/i915/vdsc: Add function to read any PPS\nregister\") defines a new macro to calculate the DSC PPS register\naddresses with PPS number as an input. This macro correctly calculates\nthe addresses till PPS 11 since the addresses increment by 4. So in that\ncase the following macro works correctly to give correct register\naddress:\n\n_MMIO(_DSCA_PPS_0 + (pps) * 4)\n\nHowever after PPS 11, the register address for PPS 12 increments by 12\nbecause of RC Buffer memory allocation in between. Because of this\ndiscontinuity in the address space, the macro calculates wrong addresses\nfor PPS 12 - 16 resulting into incorrect DSC PPS parameter value\nread/writes causing DSC corruption.\n\nThis fixes it by correcting this macro to add the offset of 12 for PPS\n>=12.\n\nv3: Add correct paranthesis for pps argument (Jani Nikula)\n\n(cherry picked from commit 6074be620c31dc2ae11af96a1a5ea95580976fb5)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/962ac2dce56bb3aad1f82a4bbe3ada57a020287c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff5999fb03f467e1e7159f0ddb199c787f7512b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26722.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26722.json new file mode 100644 index 00000000000..dbc5ca422fb --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26722.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26722", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.090", + "lastModified": "2024-04-03T15:15:54.090", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()\n\nThere is a path in rt5645_jack_detect_work(), where rt5645->jd_mutex\nis left locked forever. That may lead to deadlock\nwhen rt5645_jack_detect_work() is called for the second time.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/050ad2ca0ac169dd9e552075d2c6af1bbb46534c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1f0d7792e9023e8658e901b7b76a555f6aa052ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3dd2d99e2352903d0e0b8769e6c9b8293c7454b2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/422d5243b9f780abd3d39da2b746e3915677b07d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4a98bc739d0753a5810ce5630943cd7614c7717e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6ef5d5b92f7117b324efaac72b3db27ae8bb3082", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d14b8e2005f36319df9412d42037416d64827f6b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed5b8b735369b40d6c1f8ef3e62d369f74b4c491", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26723.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26723.json new file mode 100644 index 00000000000..597b096a3ca --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26723.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26723", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.143", + "lastModified": "2024-04-03T15:15:54.143", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlan966x: Fix crash when adding interface under a lag\n\nThere is a crash when adding one of the lan966x interfaces under a lag\ninterface. The issue can be reproduced like this:\nip link add name bond0 type bond miimon 100 mode balance-xor\nip link set dev eth0 master bond0\n\nThe reason is because when adding a interface under the lag it would go\nthrough all the ports and try to figure out which other ports are under\nthat lag interface. And the issue is that lan966x can have ports that are\nNULL pointer as they are not probed. So then iterating over these ports\nit would just crash as they are NULL pointers.\nThe fix consists in actually checking for NULL pointers before accessing\nsomething from the ports. Like we do in other places." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/15faa1f67ab405d47789d4702f587ec7df7ef03e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2a492f01228b7d091dfe38974ef40dccf8f9f2f1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/48fae67d837488c87379f0c9f27df7391718477c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9357489c46c7a43999964628db8b47d3a1f8672", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json new file mode 100644 index 00000000000..0b967d9fa0d --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-26724", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.203", + "lastModified": "2024-04-03T15:15:54.203", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: DPLL, Fix possible use after free after delayed work timer triggers\n\nI managed to hit following use after free warning recently:\n\n[ 2169.711665] ==================================================================\n[ 2169.714009] BUG: KASAN: slab-use-after-free in __run_timers.part.0+0x179/0x4c0\n[ 2169.716293] Write of size 8 at addr ffff88812b326a70 by task swapper/4/0\n\n[ 2169.719022] CPU: 4 PID: 0 Comm: swapper/4 Not tainted 6.8.0-rc2jiri+ #2\n[ 2169.720974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 2169.722457] Call Trace:\n[ 2169.722756] \n[ 2169.723024] dump_stack_lvl+0x58/0xb0\n[ 2169.723417] print_report+0xc5/0x630\n[ 2169.723807] ? __virt_addr_valid+0x126/0x2b0\n[ 2169.724268] kasan_report+0xbe/0xf0\n[ 2169.724667] ? __run_timers.part.0+0x179/0x4c0\n[ 2169.725116] ? __run_timers.part.0+0x179/0x4c0\n[ 2169.725570] __run_timers.part.0+0x179/0x4c0\n[ 2169.726003] ? call_timer_fn+0x320/0x320\n[ 2169.726404] ? lock_downgrade+0x3a0/0x3a0\n[ 2169.726820] ? kvm_clock_get_cycles+0x14/0x20\n[ 2169.727257] ? ktime_get+0x92/0x150\n[ 2169.727630] ? lapic_next_deadline+0x35/0x60\n[ 2169.728069] run_timer_softirq+0x40/0x80\n[ 2169.728475] __do_softirq+0x1a1/0x509\n[ 2169.728866] irq_exit_rcu+0x95/0xc0\n[ 2169.729241] sysvec_apic_timer_interrupt+0x6b/0x80\n[ 2169.729718] \n[ 2169.729993] \n[ 2169.730259] asm_sysvec_apic_timer_interrupt+0x16/0x20\n[ 2169.730755] RIP: 0010:default_idle+0x13/0x20\n[ 2169.731190] Code: c0 08 00 00 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 72 ff ff ff cc cc cc cc 8b 05 9a 7f 1f 02 85 c0 7e 07 0f 00 2d cf 69 43 00 fb f4 c3 66 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 04 25 c0 93 04 00\n[ 2169.732759] RSP: 0018:ffff888100dbfe10 EFLAGS: 00000242\n[ 2169.733264] RAX: 0000000000000001 RBX: ffff888100d9c200 RCX: ffffffff8241bd62\n[ 2169.733925] RDX: ffffed109a848b15 RSI: 0000000000000004 RDI: ffffffff8127ac55\n[ 2169.734566] RBP: 0000000000000004 R08: 0000000000000000 R09: ffffed109a848b14\n[ 2169.735200] R10: ffff8884d42458a3 R11: 000000000000ba7e R12: ffffffff83d7d3a0\n[ 2169.735835] R13: 1ffff110201b7fc6 R14: 0000000000000000 R15: ffff888100d9c200\n[ 2169.736478] ? ct_kernel_exit.constprop.0+0xa2/0xc0\n[ 2169.736954] ? do_idle+0x285/0x290\n[ 2169.737323] default_idle_call+0x63/0x90\n[ 2169.737730] do_idle+0x285/0x290\n[ 2169.738089] ? arch_cpu_idle_exit+0x30/0x30\n[ 2169.738511] ? mark_held_locks+0x1a/0x80\n[ 2169.738917] ? lockdep_hardirqs_on_prepare+0x12e/0x200\n[ 2169.739417] cpu_startup_entry+0x30/0x40\n[ 2169.739825] start_secondary+0x19a/0x1c0\n[ 2169.740229] ? set_cpu_sibling_map+0xbd0/0xbd0\n[ 2169.740673] secondary_startup_64_no_verify+0x15d/0x16b\n[ 2169.741179] \n\n[ 2169.741686] Allocated by task 1098:\n[ 2169.742058] kasan_save_stack+0x1c/0x40\n[ 2169.742456] kasan_save_track+0x10/0x30\n[ 2169.742852] __kasan_kmalloc+0x83/0x90\n[ 2169.743246] mlx5_dpll_probe+0xf5/0x3c0 [mlx5_dpll]\n[ 2169.743730] auxiliary_bus_probe+0x62/0xb0\n[ 2169.744148] really_probe+0x127/0x590\n[ 2169.744534] __driver_probe_device+0xd2/0x200\n[ 2169.744973] device_driver_attach+0x6b/0xf0\n[ 2169.745402] bind_store+0x90/0xe0\n[ 2169.745761] kernfs_fop_write_iter+0x1df/0x2a0\n[ 2169.746210] vfs_write+0x41f/0x790\n[ 2169.746579] ksys_write+0xc7/0x160\n[ 2169.746947] do_syscall_64+0x6f/0x140\n[ 2169.747333] entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\n[ 2169.748049] Freed by task 1220:\n[ 2169.748393] kasan_save_stack+0x1c/0x40\n[ 2169.748789] kasan_save_track+0x10/0x30\n[ 2169.749188] kasan_save_free_info+0x3b/0x50\n[ 2169.749621] poison_slab_object+0x106/0x180\n[ 2169.750044] __kasan_slab_free+0x14/0x50\n[ 2169.750451] kfree+0x118/0x330\n[ 2169.750792] mlx5_dpll_remove+0xf5/0x110 [mlx5_dpll]\n[ 2169.751271] auxiliary_bus_remove+0x2e/0x40\n[ 2169.751694] device_release_driver_internal+0x24b/0x2e0\n[ 2169.752191] unbind_store+0xa6/0xb0\n[ 2169.752563] kernfs_fo\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1596126ea50228f0ed96697bae4e9368fda02c56", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa1eec2f546f2afa8c98ec41e5d8ee488165d685", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26725.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26725.json new file mode 100644 index 00000000000..58ecdf36728 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26725.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-26725", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.257", + "lastModified": "2024-04-03T15:15:54.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix possible deadlock during netlink dump operation\n\nRecently, I've been hitting following deadlock warning during dpll pin\ndump:\n\n[52804.637962] ======================================================\n[52804.638536] WARNING: possible circular locking dependency detected\n[52804.639111] 6.8.0-rc2jiri+ #1 Not tainted\n[52804.639529] ------------------------------------------------------\n[52804.640104] python3/2984 is trying to acquire lock:\n[52804.640581] ffff88810e642678 (nlk_cb_mutex-GENERIC){+.+.}-{3:3}, at: netlink_dump+0xb3/0x780\n[52804.641417]\n but task is already holding lock:\n[52804.642010] ffffffff83bde4c8 (dpll_lock){+.+.}-{3:3}, at: dpll_lock_dumpit+0x13/0x20\n[52804.642747]\n which lock already depends on the new lock.\n\n[52804.643551]\n the existing dependency chain (in reverse order) is:\n[52804.644259]\n -> #1 (dpll_lock){+.+.}-{3:3}:\n[52804.644836] lock_acquire+0x174/0x3e0\n[52804.645271] __mutex_lock+0x119/0x1150\n[52804.645723] dpll_lock_dumpit+0x13/0x20\n[52804.646169] genl_start+0x266/0x320\n[52804.646578] __netlink_dump_start+0x321/0x450\n[52804.647056] genl_family_rcv_msg_dumpit+0x155/0x1e0\n[52804.647575] genl_rcv_msg+0x1ed/0x3b0\n[52804.648001] netlink_rcv_skb+0xdc/0x210\n[52804.648440] genl_rcv+0x24/0x40\n[52804.648831] netlink_unicast+0x2f1/0x490\n[52804.649290] netlink_sendmsg+0x36d/0x660\n[52804.649742] __sock_sendmsg+0x73/0xc0\n[52804.650165] __sys_sendto+0x184/0x210\n[52804.650597] __x64_sys_sendto+0x72/0x80\n[52804.651045] do_syscall_64+0x6f/0x140\n[52804.651474] entry_SYSCALL_64_after_hwframe+0x46/0x4e\n[52804.652001]\n -> #0 (nlk_cb_mutex-GENERIC){+.+.}-{3:3}:\n[52804.652650] check_prev_add+0x1ae/0x1280\n[52804.653107] __lock_acquire+0x1ed3/0x29a0\n[52804.653559] lock_acquire+0x174/0x3e0\n[52804.653984] __mutex_lock+0x119/0x1150\n[52804.654423] netlink_dump+0xb3/0x780\n[52804.654845] __netlink_dump_start+0x389/0x450\n[52804.655321] genl_family_rcv_msg_dumpit+0x155/0x1e0\n[52804.655842] genl_rcv_msg+0x1ed/0x3b0\n[52804.656272] netlink_rcv_skb+0xdc/0x210\n[52804.656721] genl_rcv+0x24/0x40\n[52804.657119] netlink_unicast+0x2f1/0x490\n[52804.657570] netlink_sendmsg+0x36d/0x660\n[52804.658022] __sock_sendmsg+0x73/0xc0\n[52804.658450] __sys_sendto+0x184/0x210\n[52804.658877] __x64_sys_sendto+0x72/0x80\n[52804.659322] do_syscall_64+0x6f/0x140\n[52804.659752] entry_SYSCALL_64_after_hwframe+0x46/0x4e\n[52804.660281]\n other info that might help us debug this:\n\n[52804.661077] Possible unsafe locking scenario:\n\n[52804.661671] CPU0 CPU1\n[52804.662129] ---- ----\n[52804.662577] lock(dpll_lock);\n[52804.662924] lock(nlk_cb_mutex-GENERIC);\n[52804.663538] lock(dpll_lock);\n[52804.664073] lock(nlk_cb_mutex-GENERIC);\n[52804.664490]\n\nThe issue as follows: __netlink_dump_start() calls control->start(cb)\nwith nlk->cb_mutex held. In control->start(cb) the dpll_lock is taken.\nThen nlk->cb_mutex is released and taken again in netlink_dump(), while\ndpll_lock still being held. That leads to ABBA deadlock when another\nCPU races with the same operation.\n\nFix this by moving dpll_lock taking into dumpit() callback which ensures\ncorrect lock taking order." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/087739cbd0d0b87b6cec2c0799436ac66e24acc8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/53c0441dd2c44ee93fddb5473885fd41e4bc2361", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26726.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26726.json new file mode 100644 index 00000000000..ccc987c6793 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26726.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26726", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.313", + "lastModified": "2024-04-03T15:15:54.313", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't drop extent_map for free space inode on write error\n\nWhile running the CI for an unrelated change I hit the following panic\nwith generic/648 on btrfs_holes_spacecache.\n\nassertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385\n------------[ cut here ]------------\nkernel BUG at fs/btrfs/extent_io.c:1385!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1\nRIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0\nCall Trace:\n \n extent_write_cache_pages+0x2ac/0x8f0\n extent_writepages+0x87/0x110\n do_writepages+0xd5/0x1f0\n filemap_fdatawrite_wbc+0x63/0x90\n __filemap_fdatawrite_range+0x5c/0x80\n btrfs_fdatawrite_range+0x1f/0x50\n btrfs_write_out_cache+0x507/0x560\n btrfs_write_dirty_block_groups+0x32a/0x420\n commit_cowonly_roots+0x21b/0x290\n btrfs_commit_transaction+0x813/0x1360\n btrfs_sync_file+0x51a/0x640\n __x64_sys_fdatasync+0x52/0x90\n do_syscall_64+0x9c/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nThis happens because we fail to write out the free space cache in one\ninstance, come back around and attempt to write it again. However on\nthe second pass through we go to call btrfs_get_extent() on the inode to\nget the extent mapping. Because this is a new block group, and with the\nfree space inode we always search the commit root to avoid deadlocking\nwith the tree, we find nothing and return a EXTENT_MAP_HOLE for the\nrequested range.\n\nThis happens because the first time we try to write the space cache out\nwe hit an error, and on an error we drop the extent mapping. This is\nnormal for normal files, but the free space cache inode is special. We\nalways expect the extent map to be correct. Thus the second time\nthrough we end up with a bogus extent map.\n\nSince we're deprecating this feature, the most straightforward way to\nfix this is to simply skip dropping the extent map range for this failed\nrange.\n\nI shortened the test by using error injection to stress the area to make\nit easier to reproduce. With this patch in place we no longer panic\nwith my error injection test." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/02f2b95b00bf57d20320ee168b30fb7f3db8e555", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5571e41ec6e56e35f34ae9f5b3a335ef510e0ade", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7bddf18f474f166c19f91b2baf67bf7c5eda03f7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a4b7741c8302e28073bfc6dd1c2e73598e5e535e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26727.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26727.json new file mode 100644 index 00000000000..65ec08d37a8 --- /dev/null +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26727.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26727", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-03T15:15:54.367", + "lastModified": "2024-04-03T15:15:54.367", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not ASSERT() if the newly created subvolume already got read\n\n[BUG]\nThere is a syzbot crash, triggered by the ASSERT() during subvolume\ncreation:\n\n assertion failed: !anon_dev, in fs/btrfs/disk-io.c:1319\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/disk-io.c:1319!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n RIP: 0010:btrfs_get_root_ref.part.0+0x9aa/0xa60\n \n btrfs_get_new_fs_root+0xd3/0xf0\n create_subvol+0xd02/0x1650\n btrfs_mksubvol+0xe95/0x12b0\n __btrfs_ioctl_snap_create+0x2f9/0x4f0\n btrfs_ioctl_snap_create+0x16b/0x200\n btrfs_ioctl+0x35f0/0x5cf0\n __x64_sys_ioctl+0x19d/0x210\n do_syscall_64+0x3f/0xe0\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n ---[ end trace 0000000000000000 ]---\n\n[CAUSE]\nDuring create_subvol(), after inserting root item for the newly created\nsubvolume, we would trigger btrfs_get_new_fs_root() to get the\nbtrfs_root of that subvolume.\n\nThe idea here is, we have preallocated an anonymous device number for\nthe subvolume, thus we can assign it to the new subvolume.\n\nBut there is really nothing preventing things like backref walk to read\nthe new subvolume.\nIf that happens before we call btrfs_get_new_fs_root(), the subvolume\nwould be read out, with a new anonymous device number assigned already.\n\nIn that case, we would trigger ASSERT(), as we really expect no one to\nread out that subvolume (which is not yet accessible from the fs).\nBut things like backref walk is still possible to trigger the read on\nthe subvolume.\n\nThus our assumption on the ASSERT() is not correct in the first place.\n\n[FIX]\nFix it by removing the ASSERT(), and just free the @anon_dev, reset it\nto 0, and continue.\n\nIf the subvolume tree is read out by something else, it should have\nalready get a new anon_dev assigned thus we only need to free the\npreallocated one." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3f5d47eb163bceb1b9e613c9003bae5fefc0046f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5a172344bfdabb46458e03708735d7b1a918c468", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/66b317a2fc45b2ef66527ee3f8fa08fb5beab88d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/833775656d447c545133a744a0ed1e189ce61430", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e03ee2fe873eb68c1f9ba5112fee70303ebf9dfb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e31546b0f34af21738c4ceac47d662c00ee6382f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27201.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27201.json new file mode 100644 index 00000000000..88a8cbe1af1 --- /dev/null +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27201.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-27201", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2024-04-03T14:15:17.300", + "lastModified": "2024-04-03T15:15:54.413", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1949", + "source": "talos-cna@cisco.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1949", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-282xx/CVE-2024-28275.json b/CVE-2024/CVE-2024-282xx/CVE-2024-28275.json new file mode 100644 index 00000000000..1d3c504cae2 --- /dev/null +++ b/CVE-2024/CVE-2024-282xx/CVE-2024-28275.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-28275", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-03T15:15:54.490", + "lastModified": "2024-04-03T15:15:54.490", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive information in cleartext. This vulnerability allows attackers to intercept and access sensitive information, including users' credentials and password change requests." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://paste.sr.ht/~edaigle/0b4a037fbd3166c8c72fee18efaa7decaf75b0ab", + "source": "cve@mitre.org" + }, + { + "url": "https://paste.sr.ht/~edaigle/c9637d682b65e6501efb1324bba7787a2f775ff4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31419.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31419.json new file mode 100644 index 00000000000..4a365f1ff7c --- /dev/null +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31419.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-31419", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-04-03T14:15:17.787", + "lastModified": "2024-04-03T14:15:17.787", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitly enabled by an administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-497" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-31419", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272948", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31420.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31420.json new file mode 100644 index 00000000000..64914f14a79 --- /dev/null +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31420.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-31420", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-04-03T14:15:18.310", + "lastModified": "2024-04-03T14:15:18.310", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-31420", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272951", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3259.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3259.json new file mode 100644 index 00000000000..d9885e684d1 --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3259.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3259", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-03T14:15:18.797", + "lastModified": "2024-04-03T14:15:18.797", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Internship Portal Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/delete_activity.php. The manipulation of the argument activity_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259108." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-09", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259108", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259108", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.309220", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 08fc2a2059b..5efb4720505 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-03T14:00:52.038847+00:00 +2024-04-03T16:00:38.577737+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-03T13:16:03.310000+00:00 +2024-04-03T15:15:54.490000+00:00 ``` ### Last Data Feed Release @@ -33,69 +33,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -243849 +243904 ``` ### CVEs added in the last Commit -Recently added CVEs: `27` +Recently added CVEs: `55` -- [CVE-2023-52296](CVE-2023/CVE-2023-522xx/CVE-2023-52296.json) (`2024-04-03T13:16:00.360`) -- [CVE-2024-22360](CVE-2024/CVE-2024-223xx/CVE-2024-22360.json) (`2024-04-03T13:16:01.183`) -- [CVE-2024-24707](CVE-2024/CVE-2024-247xx/CVE-2024-24707.json) (`2024-04-03T13:16:01.383`) -- [CVE-2024-25030](CVE-2024/CVE-2024-250xx/CVE-2024-25030.json) (`2024-04-03T13:16:01.590`) -- [CVE-2024-25046](CVE-2024/CVE-2024-250xx/CVE-2024-25046.json) (`2024-04-03T13:16:01.790`) -- [CVE-2024-25096](CVE-2024/CVE-2024-250xx/CVE-2024-25096.json) (`2024-04-03T13:16:02.017`) -- [CVE-2024-25918](CVE-2024/CVE-2024-259xx/CVE-2024-25918.json) (`2024-04-03T12:15:10.537`) -- [CVE-2024-27191](CVE-2024/CVE-2024-271xx/CVE-2024-27191.json) (`2024-04-03T12:15:11.123`) -- [CVE-2024-27254](CVE-2024/CVE-2024-272xx/CVE-2024-27254.json) (`2024-04-03T13:16:02.220`) -- [CVE-2024-27951](CVE-2024/CVE-2024-279xx/CVE-2024-27951.json) (`2024-04-03T12:15:11.690`) -- [CVE-2024-27972](CVE-2024/CVE-2024-279xx/CVE-2024-27972.json) (`2024-04-03T12:15:12.187`) -- [CVE-2024-28782](CVE-2024/CVE-2024-287xx/CVE-2024-28782.json) (`2024-04-03T12:15:12.747`) -- [CVE-2024-29477](CVE-2024/CVE-2024-294xx/CVE-2024-29477.json) (`2024-04-03T12:15:13.353`) -- [CVE-2024-30568](CVE-2024/CVE-2024-305xx/CVE-2024-30568.json) (`2024-04-03T13:16:02.443`) -- [CVE-2024-30569](CVE-2024/CVE-2024-305xx/CVE-2024-30569.json) (`2024-04-03T13:16:02.503`) -- [CVE-2024-30570](CVE-2024/CVE-2024-305xx/CVE-2024-30570.json) (`2024-04-03T13:16:02.563`) -- [CVE-2024-30571](CVE-2024/CVE-2024-305xx/CVE-2024-30571.json) (`2024-04-03T13:16:02.620`) -- [CVE-2024-30572](CVE-2024/CVE-2024-305xx/CVE-2024-30572.json) (`2024-04-03T13:16:02.680`) -- [CVE-2024-31380](CVE-2024/CVE-2024-313xx/CVE-2024-31380.json) (`2024-04-03T12:15:13.530`) -- [CVE-2024-31390](CVE-2024/CVE-2024-313xx/CVE-2024-31390.json) (`2024-04-03T12:15:14.020`) -- [CVE-2024-3254](CVE-2024/CVE-2024-32xx/CVE-2024-3254.json) (`2024-04-03T12:15:14.523`) -- [CVE-2024-3255](CVE-2024/CVE-2024-32xx/CVE-2024-3255.json) (`2024-04-03T12:15:15.040`) -- [CVE-2024-3256](CVE-2024/CVE-2024-32xx/CVE-2024-3256.json) (`2024-04-03T13:16:02.740`) -- [CVE-2024-3257](CVE-2024/CVE-2024-32xx/CVE-2024-3257.json) (`2024-04-03T13:16:03.020`) -- [CVE-2024-3258](CVE-2024/CVE-2024-32xx/CVE-2024-3258.json) (`2024-04-03T13:16:03.310`) +- [CVE-2024-26708](CVE-2024/CVE-2024-267xx/CVE-2024-26708.json) (`2024-04-03T15:15:53.390`) +- [CVE-2024-26709](CVE-2024/CVE-2024-267xx/CVE-2024-26709.json) (`2024-04-03T15:15:53.440`) +- [CVE-2024-26710](CVE-2024/CVE-2024-267xx/CVE-2024-26710.json) (`2024-04-03T15:15:53.487`) +- [CVE-2024-26711](CVE-2024/CVE-2024-267xx/CVE-2024-26711.json) (`2024-04-03T15:15:53.540`) +- [CVE-2024-26712](CVE-2024/CVE-2024-267xx/CVE-2024-26712.json) (`2024-04-03T15:15:53.590`) +- [CVE-2024-26713](CVE-2024/CVE-2024-267xx/CVE-2024-26713.json) (`2024-04-03T15:15:53.647`) +- [CVE-2024-26714](CVE-2024/CVE-2024-267xx/CVE-2024-26714.json) (`2024-04-03T15:15:53.700`) +- [CVE-2024-26715](CVE-2024/CVE-2024-267xx/CVE-2024-26715.json) (`2024-04-03T15:15:53.750`) +- [CVE-2024-26716](CVE-2024/CVE-2024-267xx/CVE-2024-26716.json) (`2024-04-03T15:15:53.800`) +- [CVE-2024-26717](CVE-2024/CVE-2024-267xx/CVE-2024-26717.json) (`2024-04-03T15:15:53.850`) +- [CVE-2024-26718](CVE-2024/CVE-2024-267xx/CVE-2024-26718.json) (`2024-04-03T15:15:53.897`) +- [CVE-2024-26719](CVE-2024/CVE-2024-267xx/CVE-2024-26719.json) (`2024-04-03T15:15:53.947`) +- [CVE-2024-26720](CVE-2024/CVE-2024-267xx/CVE-2024-26720.json) (`2024-04-03T15:15:53.993`) +- [CVE-2024-26721](CVE-2024/CVE-2024-267xx/CVE-2024-26721.json) (`2024-04-03T15:15:54.043`) +- [CVE-2024-26722](CVE-2024/CVE-2024-267xx/CVE-2024-26722.json) (`2024-04-03T15:15:54.090`) +- [CVE-2024-26723](CVE-2024/CVE-2024-267xx/CVE-2024-26723.json) (`2024-04-03T15:15:54.143`) +- [CVE-2024-26724](CVE-2024/CVE-2024-267xx/CVE-2024-26724.json) (`2024-04-03T15:15:54.203`) +- [CVE-2024-26725](CVE-2024/CVE-2024-267xx/CVE-2024-26725.json) (`2024-04-03T15:15:54.257`) +- [CVE-2024-26726](CVE-2024/CVE-2024-267xx/CVE-2024-26726.json) (`2024-04-03T15:15:54.313`) +- [CVE-2024-26727](CVE-2024/CVE-2024-267xx/CVE-2024-26727.json) (`2024-04-03T15:15:54.367`) +- [CVE-2024-27201](CVE-2024/CVE-2024-272xx/CVE-2024-27201.json) (`2024-04-03T14:15:17.300`) +- [CVE-2024-28275](CVE-2024/CVE-2024-282xx/CVE-2024-28275.json) (`2024-04-03T15:15:54.490`) +- [CVE-2024-31419](CVE-2024/CVE-2024-314xx/CVE-2024-31419.json) (`2024-04-03T14:15:17.787`) +- [CVE-2024-31420](CVE-2024/CVE-2024-314xx/CVE-2024-31420.json) (`2024-04-03T14:15:18.310`) +- [CVE-2024-3259](CVE-2024/CVE-2024-32xx/CVE-2024-3259.json) (`2024-04-03T14:15:18.797`) ### CVEs modified in the last Commit -Recently modified CVEs: `81` +Recently modified CVEs: `12` -- [CVE-2024-31009](CVE-2024/CVE-2024-310xx/CVE-2024-31009.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-31010](CVE-2024/CVE-2024-310xx/CVE-2024-31010.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-31011](CVE-2024/CVE-2024-310xx/CVE-2024-31011.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-31012](CVE-2024/CVE-2024-310xx/CVE-2024-31012.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-31013](CVE-2024/CVE-2024-310xx/CVE-2024-31013.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3162](CVE-2024/CVE-2024-31xx/CVE-2024-3162.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3202](CVE-2024/CVE-2024-32xx/CVE-2024-3202.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3203](CVE-2024/CVE-2024-32xx/CVE-2024-3203.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3204](CVE-2024/CVE-2024-32xx/CVE-2024-3204.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3205](CVE-2024/CVE-2024-32xx/CVE-2024-3205.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3207](CVE-2024/CVE-2024-32xx/CVE-2024-3207.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3209](CVE-2024/CVE-2024-32xx/CVE-2024-3209.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3218](CVE-2024/CVE-2024-32xx/CVE-2024-3218.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3221](CVE-2024/CVE-2024-32xx/CVE-2024-3221.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3222](CVE-2024/CVE-2024-32xx/CVE-2024-3222.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3223](CVE-2024/CVE-2024-32xx/CVE-2024-3223.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3224](CVE-2024/CVE-2024-32xx/CVE-2024-3224.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3225](CVE-2024/CVE-2024-32xx/CVE-2024-3225.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3226](CVE-2024/CVE-2024-32xx/CVE-2024-3226.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3227](CVE-2024/CVE-2024-32xx/CVE-2024-3227.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3247](CVE-2024/CVE-2024-32xx/CVE-2024-3247.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3248](CVE-2024/CVE-2024-32xx/CVE-2024-3248.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3251](CVE-2024/CVE-2024-32xx/CVE-2024-3251.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3252](CVE-2024/CVE-2024-32xx/CVE-2024-3252.json) (`2024-04-03T12:38:04.840`) -- [CVE-2024-3253](CVE-2024/CVE-2024-32xx/CVE-2024-3253.json) (`2024-04-03T12:38:04.840`) +- [CVE-2023-5178](CVE-2023/CVE-2023-51xx/CVE-2023-5178.json) (`2024-04-03T14:15:11.910`) +- [CVE-2023-6597](CVE-2023/CVE-2023-65xx/CVE-2023-6597.json) (`2024-04-03T15:15:51.783`) +- [CVE-2024-0450](CVE-2024/CVE-2024-04xx/CVE-2024-0450.json) (`2024-04-03T15:15:51.873`) +- [CVE-2024-26584](CVE-2024/CVE-2024-265xx/CVE-2024-26584.json) (`2024-04-03T14:15:15.613`) +- [CVE-2024-26585](CVE-2024/CVE-2024-265xx/CVE-2024-26585.json) (`2024-04-03T14:15:15.853`) +- [CVE-2024-26642](CVE-2024/CVE-2024-266xx/CVE-2024-26642.json) (`2024-04-03T14:15:16.193`) +- [CVE-2024-26643](CVE-2024/CVE-2024-266xx/CVE-2024-26643.json) (`2024-04-03T14:15:16.370`) +- [CVE-2024-26653](CVE-2024/CVE-2024-266xx/CVE-2024-26653.json) (`2024-04-03T14:15:16.520`) +- [CVE-2024-26654](CVE-2024/CVE-2024-266xx/CVE-2024-26654.json) (`2024-04-03T14:15:16.690`) +- [CVE-2024-26655](CVE-2024/CVE-2024-266xx/CVE-2024-26655.json) (`2024-04-03T14:15:16.860`) +- [CVE-2024-26656](CVE-2024/CVE-2024-266xx/CVE-2024-26656.json) (`2024-04-03T14:15:17.000`) +- [CVE-2024-26657](CVE-2024/CVE-2024-266xx/CVE-2024-26657.json) (`2024-04-03T14:15:17.153`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 464d330a3e1..1739eaf5e83 100644 --- a/_state.csv +++ b/_state.csv @@ -150064,7 +150064,7 @@ CVE-2020-15364,0,0,267701fb21783d509479e8a923b2e19e7ccf8a0551ddbd8729593bda4a16f CVE-2020-15365,0,0,938f5eb3ba3ca728fcaf915904a3526f04ae48f1657ae10dc1f0915c60fa9b70,2020-07-06T18:47:42.987000 CVE-2020-15366,0,0,418b96dc8a719a3b873361e5e3a3e33cefb9922d7cca9aaaf01b96b33e94e458,2022-12-02T19:56:58.037000 CVE-2020-15367,0,0,2dcea22f4f2cd65b40c73e72b1391a728b5cd99c9714e2d866ee4f29017c6c4f,2020-07-15T16:46:47.890000 -CVE-2020-15368,0,1,8c944efb2f74e537b6da2f9ed82910cb74cae29d632db670415cce15e78907a3,2024-04-03T12:15:09.637000 +CVE-2020-15368,0,0,8c944efb2f74e537b6da2f9ed82910cb74cae29d632db670415cce15e78907a3,2024-04-03T12:15:09.637000 CVE-2020-15369,0,0,a7b33e6c58aca4faf2126d0b4cc603b66c5e405a89f3710a8c4caf16e3c56565,2021-08-23T14:47:25.257000 CVE-2020-1537,0,0,bcc163c6a75b75130b836c2e537da6f3b376bf23f1b25fe91b7e5a6faadfd158,2024-01-19T00:15:16.233000 CVE-2020-15370,0,0,d12c8497508acc67b392206bac059a5feae754694eb71a07459ac8c76aff6b6a,2021-06-22T15:19:18.237000 @@ -172352,7 +172352,7 @@ CVE-2021-27306,0,0,be23932f4da70775d6d8d7543aa4c2327e04885b3e647e604f619b6a29948 CVE-2021-27308,0,0,dc72c1bf5f875e27c1ebed03c0898be25187d51302761aa0704fffc49c45a41a,2022-05-23T22:32:02.527000 CVE-2021-27309,0,0,1c1b839104fc5e1bc9466b831ead03517308140f821e7477a5d7b1b741876aba,2021-03-24T18:49:25.550000 CVE-2021-27310,0,0,6db7c5f4fbfa5c67791d131baa497a8bdbe96d01c27f757bb2ec5f081e29d3e8,2021-03-24T18:49:16.487000 -CVE-2021-27312,0,1,541fed24328ac2f26d8c6c6aa072eaebe3374bee165b04b5b4286566edc8f852,2024-04-03T12:38:04.840000 +CVE-2021-27312,0,0,541fed24328ac2f26d8c6c6aa072eaebe3374bee165b04b5b4286566edc8f852,2024-04-03T12:38:04.840000 CVE-2021-27314,0,0,c1764066bd6450133793a8b50594e063f7167e81d7a4822827ad0c620de4f438,2021-03-05T20:45:06.427000 CVE-2021-27315,0,0,4ef7091620726b3ae87b577a366d6cba560af7bf8b4bb7e419e344f9d7c1e5e8,2021-03-24T15:53:20.323000 CVE-2021-27316,0,0,b38e3a43b366db798b96607c064bdaa6ec7a7d19af90494c9f5db26ba9c2e0ca,2021-03-24T15:54:58.873000 @@ -218072,7 +218072,7 @@ CVE-2023-25694,0,0,464fbfa1d242a161fe16a05493e4128187914fbebbfb66670b87d547dab2a CVE-2023-25695,0,0,bb4a715f34797be6d5b5310a52f10934c2ca2def44e00610c3d947967176af16,2023-11-07T04:09:08.003000 CVE-2023-25696,0,0,920703282199f13ec7ff226a4913933d3dda5fbf895421fd74b7e008067b9300,2023-11-07T04:09:08.073000 CVE-2023-25698,0,0,e56b7d935093bd493ce30761a0a46812c945e926647573c5d416569d592987ee,2023-05-25T16:27:29.670000 -CVE-2023-25699,1,1,6a92fe460514b718f9c9159af254d41849707ed5fb7821957e75ef7859ca95dd,2024-04-03T13:15:59.923000 +CVE-2023-25699,0,0,6a92fe460514b718f9c9159af254d41849707ed5fb7821957e75ef7859ca95dd,2024-04-03T13:15:59.923000 CVE-2023-2570,0,0,8663252ec671c3b7a42e9d7664ba3c00e3ca93661a5d1c12b4a7aea331483c3b,2023-06-21T21:03:56.260000 CVE-2023-25700,0,0,df71a756eafc8f0c2c1757cb864d1ed6d6c386b8db0d927c9150d80b49761a82,2023-11-13T19:52:51.423000 CVE-2023-25702,0,0,478b32ffdd91425f5ae34d96cea2ce0295b6bdbe4293355e7dd899d7e42b63cb,2023-11-07T04:09:08.173000 @@ -224719,7 +224719,7 @@ CVE-2023-3442,0,0,1eb44644a323bbb8e968527d7f28d6bee1ceb4563a8ffff0dce4eb74ee9d39 CVE-2023-34420,0,0,b04cb5a678c58456b25bb057074ab261207412bb44636b48938bd48ec4752b05,2023-07-06T18:19:25.597000 CVE-2023-34421,0,0,1afb3be6c0911a9c6b293df81bd5ced0b64375bdf2029b65aa38d78f8f01a8d2,2023-07-06T18:17:47.483000 CVE-2023-34422,0,0,eb9855e536a2a0b5c3a73253dd1e43e10c4736706f2280ed64797a2b1994b06e,2023-07-06T18:17:32.040000 -CVE-2023-34423,0,1,09c0fefa9fe29194ef9f7a8129812e1c60a0ec9e4f41d14673279046e9df1084,2024-04-03T12:38:04.840000 +CVE-2023-34423,0,0,09c0fefa9fe29194ef9f7a8129812e1c60a0ec9e4f41d14673279046e9df1084,2024-04-03T12:38:04.840000 CVE-2023-34425,0,0,47979c30722b419c087b6d33a971fc0b503362cd541563683d6da158a43a1de3,2023-08-03T16:59:34.220000 CVE-2023-34426,0,0,cc92da2771f9ceea77c31fc7ed7817fdc2f831263d853df180f53da16bed43d1,2023-10-12T22:47:54.743000 CVE-2023-34427,0,0,3b35f6139772d0088f029a44aaee6c3c2320b5fe67a17d0d19c59c03f39fa888,2023-11-07T04:15:36.237000 @@ -225377,7 +225377,7 @@ CVE-2023-35759,0,0,737d089372a13d311d938b6f73fbc87604835ac5d6e732c4dc0dc97aa37b2 CVE-2023-3576,0,0,afc3943dafc3dce0b127a1fe6f63cb13cec0d0d4331467a034b7ea0ef34bb624,2024-03-11T13:15:52.550000 CVE-2023-35762,0,0,d3d58c95cdc44cd1c3674a8efa00d524d00379a36ec6dd9b457951306765e9b9,2023-11-29T20:52:44.790000 CVE-2023-35763,0,0,d967a50d80e9fca1c8b396011c9adaeb43d2582130d44fa236f81f07f6cc7468,2023-11-07T04:15:57.230000 -CVE-2023-35764,0,1,6622abc6bb124555cc544529811eea5efe919b804b7cf9eff97a1c87202d19e1,2024-04-03T12:38:04.840000 +CVE-2023-35764,0,0,6622abc6bb124555cc544529811eea5efe919b804b7cf9eff97a1c87202d19e1,2024-04-03T12:38:04.840000 CVE-2023-35765,0,0,c9d756b3cf84f57072c1ddad827e0ca15c83ffcc92755c9945c039f52d670aa0,2023-07-13T22:38:39.083000 CVE-2023-35767,0,0,69cb7e1c27cc3ce4119e9432030af684b1b94cbaadafa0ad24f5ea89435542ae,2023-11-15T16:17:04.597000 CVE-2023-35769,0,0,a93a1833351023bcd3ef5a682b54d56afcf9b489312200ddd2957be40eb51418,2024-02-14T15:01:46.050000 @@ -227574,7 +227574,7 @@ CVE-2023-38722,0,0,671011fc37535d006e8bd4f6abb1cbe4df128c90fe5d2c6bd583ead77ce13 CVE-2023-38723,0,0,96134dfa5c8cc6a33ce702e38b1d00898c8a0da2b221bfaeb2380ab217692854,2024-03-13T12:33:51.697000 CVE-2023-38727,0,0,67e3acf0dbfaba760bdb5942f0f234a680ed76f81d4b3e56c5dc500c4ddf8ec4,2024-01-19T16:15:09.123000 CVE-2023-38728,0,0,4ae0aa245bfd2c5b381beb3353a88eb25960c87d2f2b539906ba0ee433f0dd76,2023-12-22T21:08:08.530000 -CVE-2023-38729,1,1,769ca7f206b2bc7917db8691ed03bde492fc120af77b05a0564fc9b315f3d4bf,2024-04-03T13:16:00.150000 +CVE-2023-38729,0,0,769ca7f206b2bc7917db8691ed03bde492fc120af77b05a0564fc9b315f3d4bf,2024-04-03T13:16:00.150000 CVE-2023-3873,0,0,16713e1487e45edefdc32bccb969e56ea62b42866183772c1f2674ba9329c9c9,2024-03-21T02:48:50.017000 CVE-2023-38730,0,0,23521025db1b5ddb82740780a2bfb531bdc7c9195786ef77914f5eb7dafc55fb,2023-08-29T04:41:34.817000 CVE-2023-38732,0,0,ce7babb7441c0f57518f4e9bdc9aab1724e3cc787e5da79116bc283b904f8db6,2023-08-26T02:25:55.780000 @@ -235786,7 +235786,7 @@ CVE-2023-51773,0,0,8f846ca150db66d0b80073ac6f518008babc62296a2b97f49439a329f7415 CVE-2023-51774,0,0,fefdc22f78e7e05f25a3f4e35760275c17174e95fd4fc343f6a5c594077f56bb,2024-02-29T13:49:47.277000 CVE-2023-51775,0,0,d19885f765b5b97855c2cc0c3f3642c970a937503b8bc204147850896ff7aeb9,2024-02-29T13:49:47.277000 CVE-2023-51779,0,0,12b82d26e314364b82a1986c3c91216c9a108f09c5dc18b48ab69ac05149b4b3,2024-02-29T13:49:47.277000 -CVE-2023-5178,0,0,86d12270da0d2773b51c729f3417bbdc491f365442b885cf65f79a69950fce2b,2024-03-12T21:15:57.457000 +CVE-2023-5178,0,1,f06eb1d20f5d3c1e341a9033b7e72f097988ba079ae215a56b33bd5858bc4b15,2024-04-03T14:15:11.910000 CVE-2023-51780,0,0,a16a72c66560dfdcb72edd12fb9c9ab59947cff8de82bf627e84355dea3d28bf,2024-02-01T18:51:15.553000 CVE-2023-51781,0,0,943dcd6bc9ca41b409437da8a4375ab31f17544ddbdf352ff447f72ff83a2193,2024-01-18T19:58:50.630000 CVE-2023-51782,0,0,4b4197672003cf4578a2bf0f31c16f034d56fceca2a499cb095add5bbd47b401,2024-01-18T19:31:37.630000 @@ -236068,7 +236068,7 @@ CVE-2023-52286,0,0,e3cc7081d095f3a23032a26323048d6596bbf2b2c2019700127ad6b34c3fb CVE-2023-52288,0,0,fdc8cfb88c9fca7195d89b1b10fd0faa7b6e4fc902824e291d86fba27daafd3b,2024-01-24T18:40:15.637000 CVE-2023-52289,0,0,1f6d262e6726a2c4a9b2e8c08858f47aee9c6687d08ddcc0a1d5481105c4b19c,2024-01-24T18:48:24.283000 CVE-2023-5229,0,0,c63670e2a38b6ea58305de35364e2f771fd3e463d4cd1d029ba69dd11d623a38,2023-11-08T18:35:10.590000 -CVE-2023-52296,1,1,39039284d20c6cbf724e37ac5906f4f948ea866fce0f5bafd5d1ca5e6593d57e,2024-04-03T13:16:00.360000 +CVE-2023-52296,0,0,39039284d20c6cbf724e37ac5906f4f948ea866fce0f5bafd5d1ca5e6593d57e,2024-04-03T13:16:00.360000 CVE-2023-5230,0,0,438699b5514b4ceefe4d8c1733138842dd2d26f6bfe2c290df4f68a8ce73aa28,2023-11-07T04:23:38.493000 CVE-2023-52302,0,0,7bd3c1af9cb53d17263165b1c3722e7acd53823308aae9fd993854c7c309f0d9,2024-01-05T12:14:39.403000 CVE-2023-52303,0,0,f7ccea07e1dbc34bd9321cb34f071eeb01566af26202e35f5609e4b282b6ea99,2024-01-05T12:14:41.567000 @@ -236351,6 +236351,9 @@ CVE-2023-52633,0,0,994dc33effe20bcda42b3f8baa7344472ba337f1b03cc5040c676373fa32e CVE-2023-52634,0,0,8265695e3c84a59f01020d2f988756cfe1787db1189b60d300b36503abb1b84f,2024-04-02T12:50:42.233000 CVE-2023-52635,0,0,0ffb4f2ced9ab0b9abbae880421a4a1f5e3623384c2d99c43bb1870fba0ce133,2024-04-02T12:50:42.233000 CVE-2023-52636,0,0,21265293ec935716b77d602f9cef546cb5a051b95b1ff71c38e28ccf52038a90,2024-04-02T12:50:42.233000 +CVE-2023-52637,1,1,bad1285b7d951c78a410a6270a24869c6be032b89df35d282c7421d7612db265,2024-04-03T15:15:51.347000 +CVE-2023-52638,1,1,c47430c331fa263bc46b7fb23e2f4306134c70b983a31b6c787987d3c37e6ba8,2024-04-03T15:15:51.417000 +CVE-2023-52639,1,1,05c25170aa6a464ef3e37c6315331328fe93935dbf7800cffca41d55857dd6ee,2024-04-03T15:15:51.467000 CVE-2023-5264,0,0,7347eec07eb374fa71498dcb5baa16d40eadd7796ae58c56cb5542f911c08d00,2024-03-21T02:50:12.043000 CVE-2023-5265,0,0,a2593868cc8025edeae179a722294beacfae058f7c712cda49462fbdc5096bf5,2024-03-21T02:50:12.123000 CVE-2023-5266,0,0,7e987961d39a4c85b88aa95c8846a47975ab381f916910d8d060a474dfeca830,2024-03-21T02:50:12.200000 @@ -236787,6 +236790,7 @@ CVE-2023-5750,0,0,7a2bcc7a9a7bc4b47543928d6a5a38b365e029251ba2104cb9d7d686c91745 CVE-2023-5752,0,0,fa92e697d2dbadfc2a7a780d7004aeb19254ac0f8880523350d87d25e11f0a21,2023-11-03T14:55:50.973000 CVE-2023-5753,0,0,2bee06fd8baa26d4b5313a1968f2971be1c00d0f2aa7c0465fc4e689e9f03152,2024-01-12T22:04:24.617000 CVE-2023-5754,0,0,74e3317173de33bfa6ebeb8bf0fa083999eace4e572f6e46483b408f783451af,2023-11-06T19:08:13.417000 +CVE-2023-5755,1,1,2f136a4d73250351f0e7ba05ba8108e34ab226a4c4e95d73d21f83a07a9a9b7f,2024-04-03T15:15:51.520000 CVE-2023-5756,0,0,a7fff500251e217a582f3e55db40cd63ce3b9448747f55a1f0a83d3de11be857,2023-12-12T22:33:17.393000 CVE-2023-5757,0,0,7b398d4aecbd9e3eb61e9f4dfe0540006b4a83f723e473f0069b20a27a26847d,2023-12-13T20:29:04.543000 CVE-2023-5758,0,0,279946a19c7b51557ebe0ce07f4091ba364aefa2d5c680bc6d592adcdbea1b8a,2024-01-07T11:15:14.427000 @@ -237493,7 +237497,7 @@ CVE-2023-6592,0,0,64cc414903b2337cb0bd8a5539f823df2fd800285d9deb31df562c295ab75b CVE-2023-6593,0,0,e3b3e08c9100a5e7cf14c217c401234f02853669dddb630e64650e50aa403cb9,2023-12-15T14:38:03.057000 CVE-2023-6594,0,0,d3868296aafc64b6514f2cb5804c13a0687b79a1bf9d5ede2da8f4a451319021,2024-01-11T23:32:17.207000 CVE-2023-6595,0,0,36c4a8ec5f87bb2afaaafb9bf8ff027d48fb76423d85051bd988412db95a161f,2023-12-19T17:51:54.827000 -CVE-2023-6597,0,0,48497f87cf4dd48ac63984e1d9b1272e4b5e5c7985ff6b2afd6a88db77a41607,2024-03-24T23:15:08.920000 +CVE-2023-6597,0,1,0ad4260f4e12f5442e67ca98f3e26ae0d54d4cd318021b60e0b78bb11088338f,2024-04-03T15:15:51.783000 CVE-2023-6598,0,0,8b8f7f87f85d85987c85ed76cf906c53121cfbe34e11294d4d2ee1e26a9f8779,2024-01-17T21:24:33.233000 CVE-2023-6599,0,0,a782437846e35b14cfc1bab743463edcd34abeb3c74717f8ec091163e3cb6d86,2023-12-12T17:22:17.503000 CVE-2023-6600,0,0,5f831a8b56a5e0738a2287ebfb92087ea24b0b41fd445ecae0c2fcd42b5f0965,2024-01-10T01:15:38.327000 @@ -238067,7 +238071,7 @@ CVE-2024-0167,0,0,027478c01bb9e368b8b955ffcfe6cf0157d3f12fd6f001575264eb0737de22 CVE-2024-0168,0,0,2a4ccb9e93ab5cf9187b1ffd9ed8a3d1b35306fae82b7c0ecd296576f574564c,2024-02-16T13:40:44.663000 CVE-2024-0169,0,0,9a5cb9a4280854499904589e4e5a30de357c61c86f55eb6cefb60877151c0863,2024-02-15T06:24:58.003000 CVE-2024-0170,0,0,0cbf15fb7639d69463bb00902bb3bf03cb2541ac612ee0d14074f95d8e68ed31,2024-02-15T16:55:09.957000 -CVE-2024-0172,0,1,b4d3bfa3f2afe51aea0c09278df25aa681a12ef6ca5f718df6980da085f76f3e,2024-04-03T12:38:04.840000 +CVE-2024-0172,0,0,b4d3bfa3f2afe51aea0c09278df25aa681a12ef6ca5f718df6980da085f76f3e,2024-04-03T12:38:04.840000 CVE-2024-0173,0,0,d1fb5e78ae857b85a3374741bdf6622aaccfba3406abb0a47a45dcb43bed998d,2024-03-13T18:15:58.530000 CVE-2024-0181,0,0,c1050c5202016d4fffbc70cf9d1bff4cba3b8f718272e69c2eff1ca91bb3d29a,2024-03-21T02:51:01.390000 CVE-2024-0182,0,0,3062efc93a04a74214b882701c7395972fd557e9c00c604a5426baec833f463b,2024-03-21T02:51:01.473000 @@ -238254,6 +238258,7 @@ CVE-2024-0387,0,0,23bc6e3476c46e45c0f1cab9e646ec38242c781b5838e9b0de1712412e6d88 CVE-2024-0389,0,0,54603acb6d5b07fd510773ee31a014da8fb936acbf60d2c212b5f0e73f4e6544,2024-03-21T02:51:09.250000 CVE-2024-0390,0,0,9f797e4a099c94c2da0407f1b9d4e4b6fb9f46975b208cacd9e42b322aa5198b,2024-02-15T14:28:31.380000 CVE-2024-0393,0,0,da969f8f421acdb215c775785004bc08bc486dde722bd2cf22073edf20e709fb,2024-01-12T06:15:47.157000 +CVE-2024-0394,1,1,a0ecfe77d0a389c38a22c71ada152fd1550a07251894e46d152d7f996ef0e626,2024-04-03T14:15:13.170000 CVE-2024-0395,0,0,9697a8ac3bbf759d0c2ea19b7ab0aa903676619b1d5a607c85b8d090a4e44ee7,2024-01-10T14:15:44.970000 CVE-2024-0396,0,0,106628bcb832aae2e274e4e91fdb5add809827efe4c459066d3102ffe0249334,2024-01-29T15:22:40.317000 CVE-2024-0400,0,0,18035b4484267a537c15645ebee53285fc55ae5559f980b5f9795ec2795f24dd,2024-03-27T12:29:30.307000 @@ -238297,7 +238302,7 @@ CVE-2024-0446,0,0,177f0f6fa9da6f41d147a83b94c4a1a182c538433bae32bd44fabede9ad39c CVE-2024-0447,0,0,0c6016e0347b145a593fad6fcd7d63ca3384ae4f246f4c3ce15c3efcb70f925f,2024-03-13T18:16:18.563000 CVE-2024-0448,0,0,34d135a6c32b742f6287060adde7fa7a1eec7917b9f747a74526de46b9fe8477,2024-02-13T18:33:30.020000 CVE-2024-0449,0,0,04b2f76b62eb26ddbf7fa5138c96f420527f366e1f0ea44623218005ce795988,2024-03-13T18:16:18.563000 -CVE-2024-0450,0,0,144fdd447d50ab903f6c168928a81af3859ad4a2ee14436ed430ccf9ec371666,2024-03-24T23:15:09.027000 +CVE-2024-0450,0,1,fd3a2d52cbddceda93f3b310b1905a20f03ddaceb2461132be09889719dafd9f,2024-04-03T15:15:51.873000 CVE-2024-0454,0,0,810f9e73f945a577a0ff7132f31c0f57509a3b365a63653925f66b4427090389,2024-01-22T16:10:47.897000 CVE-2024-0455,0,0,ad0560da6bb8e515170fb5f5abe4324ffa964b23a03e1a8f57d4bad150093bdc,2024-02-26T16:32:25.577000 CVE-2024-0456,0,0,b7149a60bcad100dc614ada7456561f1d7527e1b845005213074d4fe4b957d52,2024-01-31T20:12:00.077000 @@ -238775,7 +238780,7 @@ CVE-2024-1019,0,0,27c6fed97db80e9684966512d657c2ae1b8d86be0f46f2f894fd714e51d0d5 CVE-2024-1020,0,0,9b7eeacadd4d76ec76728605c0db8aae240ef1fc144c6257f9c7e65cb09dd2fa,2024-03-21T02:51:32.967000 CVE-2024-1021,0,0,d3fe4312df2bfe064f4941a21f6f4666a77fafb9f2d9afcc4b51020ac4568dfa,2024-03-21T02:51:33.050000 CVE-2024-1022,0,0,92eabd9a227ab16e8407856a694e7e9e01a324b423fd407ba70bb701f1be5779,2024-03-21T02:51:33.147000 -CVE-2024-1023,0,1,ff1747c91da6c239861d257099c48d2e04cae213566f0523203ad25b587b69be,2024-04-03T13:16:00.733000 +CVE-2024-1023,0,0,ff1747c91da6c239861d257099c48d2e04cae213566f0523203ad25b587b69be,2024-04-03T13:16:00.733000 CVE-2024-1024,0,0,ea71a00c45aa5902a3b0fb02fb7404209bfff88d5df9e8810a0e7b2f9f86b516,2024-03-21T02:51:33.253000 CVE-2024-1026,0,0,48873cd93146d9f73c9e135123d6db65c6e220d0cb92b24addaf7f355e44fc3c,2024-03-21T02:51:33.340000 CVE-2024-1027,0,0,8609c6f04ef7471989f7ab4db06446961f2059452d94ca5a358bdb526d5f18fb,2024-03-21T02:51:33.427000 @@ -238993,7 +238998,7 @@ CVE-2024-1294,0,0,9641429abe5a940a43824ce0a1ebfc70cc6e8bb9d03222022ce919558da2ba CVE-2024-1296,0,0,d628c54417435b81c9a35f9055b41796b04338bd627b433b683ddaaee5c39d70,2024-03-13T18:16:18.563000 CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000 CVE-2024-1299,0,0,952d3e1978bc9a123968ee45cc4c039cf2f6a96c36b8ac699d5424c827f802f2,2024-03-07T13:52:27.110000 -CVE-2024-1300,0,1,01bd5a0249099e2db9af48813bad94b706c98e435f9b0ade7c2c9613567d965e,2024-04-03T13:16:00.813000 +CVE-2024-1300,0,0,01bd5a0249099e2db9af48813bad94b706c98e435f9b0ade7c2c9613567d965e,2024-04-03T13:16:00.813000 CVE-2024-1301,0,0,ad76e593d116a58eeaf318bfd22383ec748ba7dfe41e7fb39acf2b71f8bc8595,2024-03-12T17:46:17.273000 CVE-2024-1302,0,0,0d92f40493f04fb89736b5d4813cc04155db2e6292914bd81a508f53301b17b8,2024-03-12T17:46:17.273000 CVE-2024-1303,0,0,2c083eedd4995023cbd1b7a6bdebb4abb78e7f89b28ee91bf701625b1108f30f,2024-03-12T17:46:17.273000 @@ -239012,7 +239017,7 @@ CVE-2024-1322,0,0,55eb557d746bd5b316565e48cf52968ab1ba8b0aa245d5ad47a485b7878e67 CVE-2024-1323,0,0,f857e29b0540aed96943a25b1179a5166e6aff501672f2c505f52ee84f4e77cb,2024-02-27T14:20:06.637000 CVE-2024-1325,0,0,7199af35ff2e8cfd23b32138b0b9e599397113796fb04772c3fb72835d4082cd,2024-03-20T13:00:16.367000 CVE-2024-1326,0,0,d4b57d64979c63005c678f4041f67f9ac306dded5913d0b931e59c58b61f1a75,2024-03-21T12:58:51.093000 -CVE-2024-1327,0,1,1b6e3f0296467e9f6b424925712e479dea0088dc2698e1adadd7f96bd6f1e88d,2024-04-03T12:38:04.840000 +CVE-2024-1327,0,0,1b6e3f0296467e9f6b424925712e479dea0088dc2698e1adadd7f96bd6f1e88d,2024-04-03T12:38:04.840000 CVE-2024-1328,0,0,170c1f134b7c1cc323cdf2a8e98021369f31203dcfb3a0aeb70d869d5dfa5df5,2024-03-12T12:40:13.500000 CVE-2024-1329,0,0,c251ab89131ed5db620ce7b9371daf5508a26377e3f0f0d0996003e3074e8cd1,2024-02-15T18:27:28.837000 CVE-2024-1331,0,0,65212442fb47c64d7fb614c7096a47cca7d14e4eea944c5151f6d9634fa6ce6d,2024-03-18T19:40:00.173000 @@ -239065,7 +239070,7 @@ CVE-2024-1390,0,0,760bcdaac2db269a3249aaa20e58e1659b2977bdb995748ef5e46a1ecb8544 CVE-2024-1391,0,0,d263861df201411e95604a0f8dea4a32aa5aa465f14e9d3ee26c7cf1dddcea30,2024-03-13T18:15:58.530000 CVE-2024-1392,0,0,854e6aa0a85eb7f6e01984f9f2b39f09c3e464c67a90f670cafc735773e56736,2024-03-13T18:15:58.530000 CVE-2024-1393,0,0,139d32a27df25f29abc2bcda3159db69b338e05c68d7680abed80afd815e8ff5,2024-03-13T18:15:58.530000 -CVE-2024-1394,0,1,03da9cca513afc12857187e76f6187ccae11463dc1c1c050f3982b6d60a0d7f8,2024-04-03T13:16:00.903000 +CVE-2024-1394,0,0,03da9cca513afc12857187e76f6187ccae11463dc1c1c050f3982b6d60a0d7f8,2024-04-03T13:16:00.903000 CVE-2024-1397,0,0,e6d8c9c2beca75d3fdc5f918cb423cf21913a9c807f46126d5b49c29c7bd60f0,2024-03-13T12:33:51.697000 CVE-2024-1398,0,0,7a7783e481aa897afa83bd125da0d53c431d5a5a9d43f1ade8b1e715449f59a0,2024-03-04T13:58:23.447000 CVE-2024-1400,0,0,295a10f36c3e13d694d09cafc6872c0c48f9e2b4c87da0889327ecdac7abe4ac,2024-03-12T12:40:13.500000 @@ -239421,7 +239426,7 @@ CVE-2024-1973,0,0,7e572d102b77b447a07e2619921bbb7e602276924c210475f15b92aa04c8d9 CVE-2024-1976,0,0,77ae2df323cf6637a14fb06bcb46d711f13422518ce52e9430227e1e91ad53e3,2024-02-29T13:49:29.390000 CVE-2024-1977,0,0,a7692b2da3b0113a60567ddf6634026c09e0a2eeec7666bb0cdf204455073a9e,2024-02-29T13:49:29.390000 CVE-2024-1978,0,0,3ef3e0470f639541e7aa5332764a4fdc0e9cab2190d02bdfffcc246fd4ade338,2024-02-29T13:49:29.390000 -CVE-2024-1979,0,1,cc9dc9ac6cc8a95dd98863a7334b2cf30748679b66f27f42154ef38cb6efa33e,2024-04-03T13:16:01.070000 +CVE-2024-1979,0,0,cc9dc9ac6cc8a95dd98863a7334b2cf30748679b66f27f42154ef38cb6efa33e,2024-04-03T13:16:01.070000 CVE-2024-1981,0,0,56a3a9db8d42e012d762fd6941fad1981a0b2b42e5454cd6b5d1b42406dba2ca,2024-02-29T13:49:29.390000 CVE-2024-1982,0,0,ffbc05dfb227c410b4f1143a120edd4d2849f76b514d8ea46cab15f8dbe11320,2024-02-29T13:49:29.390000 CVE-2024-1983,0,0,fcf7ebbcd94e966d76959304d24a0cdc8c90b0662f61346df497813a9f686878,2024-03-20T13:00:16.367000 @@ -240166,6 +240171,7 @@ CVE-2024-21863,0,0,271dac2898e305fa77d04d20ca85b0dae0a5a0857bbfa85084510f677962f CVE-2024-21865,0,0,7a0c150742a363fb7b1bfb201c6089eca71d87169fcff3d08a3aee9d2d9b45ea,2024-03-25T13:47:14.087000 CVE-2024-21866,0,0,e7c03b05e2d3f94b4b523aca377b349190d980e16c741cbf713751bf3c07dcf0,2024-02-07T17:27:52.793000 CVE-2024-21869,0,0,48ec62155fd9a810461dcd57893eff3c63fc7d7992b6dd94f9f3d8f38382a25c,2024-02-07T17:29:50.927000 +CVE-2024-21870,1,1,fca16327584a0f0eba1d68a84f07d4f4041ade4d59764af5cfabd440473c69f4,2024-04-03T15:15:51.953000 CVE-2024-21875,0,0,8d4925e22ef735a1eb9bad6264e6f33c2cafe0b7aaba00ae03cfb62fe8c61764,2024-02-11T22:29:15.837000 CVE-2024-2188,0,0,6b5888357b2de45eab7adf757198d53f35288744f0d7f0ac4c1d06866a31edc5,2024-03-05T13:41:01.900000 CVE-2024-21885,0,0,2ded91db474abcb1cfa7458555f469a31dde320770425e9a420b652d27c566d8,2024-02-28T14:06:45.783000 @@ -240306,6 +240312,7 @@ CVE-2024-22164,0,0,477ce475db07f491f945e658dfba7270a678f1c9f9986653d1cf70ab7be3b CVE-2024-22165,0,0,e5745c0914c304a6a883c5cbbe12f7d3b628ffd9c8f1f4447610dc31781824ee,2024-01-16T18:30:58.893000 CVE-2024-22167,0,0,66eeaa7802a03d7220e8e4d342cc2b136735ca1b12a8df28a329ae7f7fc30d01,2024-03-14T12:52:21.763000 CVE-2024-22177,0,0,1ff2297e612a95969b8693bc6a53ecafa7223eba267b1cfe298d3bc1fedfbe99,2024-04-02T12:50:42.233000 +CVE-2024-22178,1,1,96d2ae141b7f9be25c582d12e69030b95d687daafb6da9161c32e08b403339bb,2024-04-03T15:15:52.040000 CVE-2024-22180,0,0,19e9318ece70bb0e88968bad696b07798db0b84c54153f426e33acb6b2d89f93,2024-04-02T12:50:42.233000 CVE-2024-22182,0,0,c37429a1e773cd50685496ec9ddb451e2a401ebdf79e9825aae05fc9d7f76705,2024-03-21T02:52:00.913000 CVE-2024-22188,0,0,c925f824384b59eea62dc4af4666ddb75fd12e09a6bf8db8c7f8ccf3dffad485,2024-03-05T13:41:01.900000 @@ -240415,7 +240422,7 @@ CVE-2024-22353,0,0,dcde4e1942667b685d2979f87ac00f95d42a8fc5d16f7dbd8bc9f66a2b78d CVE-2024-22355,0,0,90575169d286b28c7ce02c7d947a264d77a6f25776530138b50b2f2dbc394220,2024-03-04T13:58:23.447000 CVE-2024-22356,0,0,bcc46874c9752933a72230517b74ad7a7a0d54dc67e233e91127533dfceeba1c,2024-03-26T17:09:53.043000 CVE-2024-2236,0,0,17401211af38608097c003c3b08d6e3d90e3570b70699d89a2e396d5b72c602a,2024-03-07T13:52:27.110000 -CVE-2024-22360,1,1,b1577e7bfead8752c54e85cf141f051b4ea451dd86444e439701d0840d08465e,2024-04-03T13:16:01.183000 +CVE-2024-22360,0,0,b1577e7bfead8752c54e85cf141f051b4ea451dd86444e439701d0840d08465e,2024-04-03T13:16:01.183000 CVE-2024-22361,0,0,2cb34447b61b8680c66e6f142987700b31f9f16d4e9b8d748c59e5b8ad5a9a29,2024-02-16T21:35:31.953000 CVE-2024-22362,0,0,826381d745a7bfa89e56ba8a6fed4317ed24204ea30e248bcffb2a9894398594,2024-03-21T02:52:03.063000 CVE-2024-22365,0,0,b09f0e3dd0fc2bf60706805e33c1f78b209416e9ed2aa43cb1cfb00b1fe90d17,2024-02-14T00:27:40.143000 @@ -240732,7 +240739,7 @@ CVE-2024-23216,0,0,d31cf79f0e0002ccd6cefbbd80cf2528661bbd5cad33e2a0e68797e05d7e6 CVE-2024-23217,0,0,cc84cc9fbaed6c93db4e04f742b697db9d331caaf1223ec4b2166e0d765a110d,2024-03-13T22:15:09.273000 CVE-2024-23218,0,0,f9c63856068e91ff9b0c8acaa8fa5ee60b89ba853d892da3a1b57a30a48d466d,2024-03-13T23:15:46.027000 CVE-2024-23219,0,0,6138a00dd33e643c6da7ab985c8bb39139630ef127b2b12e557a72994a3a6de9,2024-01-30T14:36:42.017000 -CVE-2024-2322,0,1,60b35ad3bf9bd02d33facbaf1ddda5c64733f8e2d54364bad1f80ec56ba91bbf,2024-04-03T12:38:04.840000 +CVE-2024-2322,0,0,60b35ad3bf9bd02d33facbaf1ddda5c64733f8e2d54364bad1f80ec56ba91bbf,2024-04-03T12:38:04.840000 CVE-2024-23220,0,0,8ac5f8ea712aad989eb58875485617fa914d9322cd1efd90091219b5c7412925,2024-03-13T23:15:46.087000 CVE-2024-23222,0,0,61f0a7f2953909b2da411f5647bebd2574cadd0ed79ad62454a1a9b27d6b5ecc,2024-03-08T02:15:47.547000 CVE-2024-23223,0,0,d780b4d6e2ed4fd16bbb8e5d6b950b4f66cdf843fe3ec44eff85a2bd755e98e1,2024-01-27T03:48:24.797000 @@ -241322,7 +241329,7 @@ CVE-2024-24497,0,0,508098c217acb7b8b140ecd382edc9fe44597401eccd971d6c1417d26c569 CVE-2024-24498,0,0,753379bf38359db11676987b60d3fc62d861f4b4d9e21b1906af1fc91bba7195,2024-02-12T14:31:21.610000 CVE-2024-24499,0,0,f3fa195f99d03c816961a79dfcc5225a65897f0a2c13286167d69ca586129263,2024-02-12T14:31:04.057000 CVE-2024-2450,0,0,00768fb37fabbe59aaa05a2b15e979f5b194f2b002bbfb5602d5ad6df849f0ce,2024-03-15T12:53:06.423000 -CVE-2024-24506,0,1,e61e773fa9130f4d91d19f538e9680b88b3d221c4a4c885492956cab65f5dd2f,2024-04-03T12:38:04.840000 +CVE-2024-24506,0,0,e61e773fa9130f4d91d19f538e9680b88b3d221c4a4c885492956cab65f5dd2f,2024-04-03T12:38:04.840000 CVE-2024-24511,0,0,c2a15768e4699e22cbf5e8595792dbc9bf48071b723d524443a4f83d9a5c3ab8,2024-03-04T13:58:23.447000 CVE-2024-24512,0,0,03c51f88444f0be6fcfaff8e371681e3a1a1d007832a9bf8fa7088f13cfe5d40,2024-03-04T13:58:23.447000 CVE-2024-2452,0,0,dc7f1023137a78f11f48bc3cf8f72ec03aa67efff74760d3d778cb44b3110a19,2024-03-26T17:09:53.043000 @@ -241390,7 +241397,7 @@ CVE-2024-24701,0,0,c388b86a0d2431583cec02e78e4c710434d60dfd05269a5125b21a1498f26 CVE-2024-24702,0,0,68169c2ba8781d542981a3a82b3dbedd86a42bda996e358152d83922edc27359,2024-02-29T13:49:47.277000 CVE-2024-24705,0,0,ec2ce8236049f46f3eb88b140e7ef49b1684c75c01d49904df6e6b36582e7ddd,2024-02-29T13:49:47.277000 CVE-2024-24706,0,0,4d433b03a4c26ebc6bd4b9712c01509648b3f2cecc7341b14e252b0e38dfa793,2024-02-15T02:09:50.480000 -CVE-2024-24707,1,1,c8b48fefbd27b5dbb2aaacda2e962a85f89e1b6dd91d3262ec79bf92d5158015,2024-04-03T13:16:01.383000 +CVE-2024-24707,0,0,c8b48fefbd27b5dbb2aaacda2e962a85f89e1b6dd91d3262ec79bf92d5158015,2024-04-03T13:16:01.383000 CVE-2024-24708,0,0,0f8e81f3aba5b23c6e778b4d19d5d812998e1b5ce45774f77b59373f3047230f,2024-02-29T13:49:29.390000 CVE-2024-24711,0,0,5c25fab34a5071c77f4fe30781ea1d599a845486544449ee6790bb4d57dacb97,2024-03-26T12:55:05.010000 CVE-2024-24712,0,0,3eb883409ceb5cd8ab7cfb2c23165937e7138a0fdba93206148a8d8c39991d81,2024-02-16T14:48:04.207000 @@ -241402,7 +241409,7 @@ CVE-2024-24719,0,0,53d485bbb875667c1b97b60d8680f27a8ef59cc7392ee19e2e920694ad71f CVE-2024-24720,0,0,168cdc237ea9af641a6fa55d263239a522401ac618a437c23183ffc24b80de9d,2024-02-27T14:20:06.637000 CVE-2024-24721,0,0,f811f7b97630e39f8e09dfe35ae447277604cf213cb4d45448493cc8fa15fbc5,2024-02-27T14:20:06.637000 CVE-2024-24722,0,0,952e66641f17a0fb9dfe3803e528e36e48f057663a4934472c4c7db463b9f3c7,2024-02-20T19:50:53.960000 -CVE-2024-24724,0,1,e42eaee1eef35b64cf72e5bbda0c5779a84559031ee2ff005968828ccd5bd355,2024-04-03T12:38:04.840000 +CVE-2024-24724,0,0,e42eaee1eef35b64cf72e5bbda0c5779a84559031ee2ff005968828ccd5bd355,2024-04-03T12:38:04.840000 CVE-2024-24725,0,0,6c07227491b375222d8eb03a2494a99e24d16433f657fec991bbb466094438c3,2024-03-25T01:51:01.223000 CVE-2024-24736,0,0,608c2f3e65ddbb1c2eb07c75b404de7eb78db210e5f752bbc8c9942f5e722b68,2024-02-02T02:08:23.417000 CVE-2024-24739,0,0,0429371c5cb9ecc13abbb3d02a9a54fdca7eb3accb432d640f9262793fd2a716,2024-02-13T14:01:40.577000 @@ -241581,6 +241588,7 @@ CVE-2024-24964,0,0,3c015ff9319add283b75ba9284dbb0964a9d4ce7edb50d2870b6147733f7e CVE-2024-24966,0,0,b8b1142fa7a04127bebdbfe2d935a3fd815c1f2bb5c99e70bfcbb30576800e5e,2024-02-14T18:04:45.380000 CVE-2024-2497,0,0,26367b992b705e3a1e9a4f207ca2598cfc8985a632173d153ce10f504df7f6b9,2024-03-21T02:52:35.490000 CVE-2024-24975,0,0,c403197a52452c60ee17afdfbf9edd4a6993ed059ba65add25a9b2620ac53eb1,2024-03-15T12:53:06.423000 +CVE-2024-24976,1,1,2f6a6e97b0e4b248f3be6f02ce6f9f27825b26f8122d5ef699e66e2743bb18de,2024-04-03T15:15:52.127000 CVE-2024-24988,0,0,5be9c22e9d6c42885be25053a8e3f832fee202eb91ce1cb05a36918eae761d1a,2024-02-29T13:49:29.390000 CVE-2024-24989,0,0,39be90963d0952b8475635420a2f64ca0893f9b2941aa846029d2a39bd57b9e9,2024-02-14T18:04:45.380000 CVE-2024-24990,0,0,f549c5a0bfcab6df0ca6e0a5d66e4c65b77814eac3b9adbe63217da37b030524,2024-02-14T18:04:45.380000 @@ -241593,13 +241601,13 @@ CVE-2024-25006,0,0,c414b5ce0a5aca9d12e72e07e5e6c8a1c9166fcb862e4319cd46e89cdea2d CVE-2024-25016,0,0,b2e53a7c89b3634211a0ab97be429b79a4ba549d8d66332fe5eecf2928e6745c,2024-03-04T13:58:23.447000 CVE-2024-25021,0,0,62a0335232b74d01ee7f015949b10a01e944590aa7448fb13b5616593f03b63e,2024-02-22T19:07:27.197000 CVE-2024-25027,0,0,506fa0f038304c2bb065c6aafbb038363984a8c8037945872a1b74013246a31c,2024-04-02T17:57:34.440000 -CVE-2024-25030,1,1,eead58c8d1150b9357f4d1b2c1ab011f2f4e7aec84a318e3a4b62d092653dcd9,2024-04-03T13:16:01.590000 -CVE-2024-25046,1,1,288f480b9aeca380a275cf69703a9a4d7730be8122dc7a2d42deae7074433f6f,2024-04-03T13:16:01.790000 +CVE-2024-25030,0,0,eead58c8d1150b9357f4d1b2c1ab011f2f4e7aec84a318e3a4b62d092653dcd9,2024-04-03T13:16:01.590000 +CVE-2024-25046,0,0,288f480b9aeca380a275cf69703a9a4d7730be8122dc7a2d42deae7074433f6f,2024-04-03T13:16:01.790000 CVE-2024-25062,0,0,9596ed5cf07a8bc8469d4afc28fc727a431af7cff3b6b8e84435c301d9955756,2024-02-13T00:40:40.503000 CVE-2024-25063,0,0,8296c4ac18003d6d927b0c45a19a753add4384ce34fc59926d1f36a726ce4dbf,2024-03-04T22:45:02.117000 CVE-2024-25064,0,0,e90e896eb449d7ccff000c59a6c6d8569d7a679ad8db09883eafe6b89f6c07ea,2024-03-04T22:43:15.337000 CVE-2024-25065,0,0,8789f3e0c0f1a18215b02ec07e51d2392ffb2b6e5c0102b29d290a5bd7708b34,2024-02-29T13:49:29.390000 -CVE-2024-25075,0,1,8f1ad7795ac9be7789e9412ad24a6f478ed4bba46ede8202f16d701d6f470c93,2024-04-03T12:38:04.840000 +CVE-2024-25075,0,0,8f1ad7795ac9be7789e9412ad24a6f478ed4bba46ede8202f16d701d6f470c93,2024-04-03T12:38:04.840000 CVE-2024-25080,0,0,c2315cfef210d8345928c4a9163370b64862367865b16b8bb051dd985f4be107,2024-04-01T12:49:00.877000 CVE-2024-25081,0,0,c28ed534590feb1739659669df4a7c74247df29d1ac0d5daa9ed512959af803c,2024-03-23T03:15:11.330000 CVE-2024-25082,0,0,0376e5832e39b19bc504b78433ebb158054a5715ce980118648e2b6c7f603eff,2024-03-23T03:15:11.393000 @@ -241608,7 +241616,7 @@ CVE-2024-25089,0,0,5efabd2c26974f37d1846cb1668b5b36df31dff51c549d5b8d4c512bfb0c7 CVE-2024-25091,0,0,01b357047b564e780ed13b7e87b2fb8ec79ae12ad4e744cc9437e3dc74a94964,2024-03-01T14:04:04.827000 CVE-2024-25093,0,0,c29d732f68144a1dd5d537415c8d51940073ac1e6ff114431aa6a52d78b263f0,2024-02-29T13:49:29.390000 CVE-2024-25094,0,0,6ba9f5c53aa4aac51446efc522144ae35e985d8a070a664685b43e0df39aa007,2024-02-29T13:49:29.390000 -CVE-2024-25096,1,1,a501381610ada5229a45c8d0a176a52dcbb0ce07747d1b41bb94b9415bf24702,2024-04-03T13:16:02.017000 +CVE-2024-25096,0,0,a501381610ada5229a45c8d0a176a52dcbb0ce07747d1b41bb94b9415bf24702,2024-04-03T13:16:02.017000 CVE-2024-25097,0,0,3611107873761535a1eebacf76ff61b5dea6765240f13429484902af14526286,2024-03-13T18:15:58.530000 CVE-2024-25098,0,0,028b98ef9a2084a8173d1d38eecdc4136ac8af6138dca7ba8312806912dc26e0,2024-02-29T13:49:29.390000 CVE-2024-25099,0,0,02a4d0e182c31d1636be1b8bb70f3b551292fc264bca44262b4c213c2a120e6b,2024-03-13T18:15:58.530000 @@ -241979,7 +241987,7 @@ CVE-2024-25854,0,0,46fbf43a98bd39907390458f316c987060b7ad9ff54021918a7edbe500e3d CVE-2024-25858,0,0,e3703a6486af47542a5758b9a0dbed02e4c149644fb605d74af0ebc4b01ef273,2024-03-06T15:18:08.093000 CVE-2024-25859,0,0,535afe19fadca146fcb852c884e13f1f96dd0ffd0b267def3f0a58c94171106c,2024-02-29T13:49:47.277000 CVE-2024-2586,0,0,6350f9931266944c12490221ee20b19d4e2f937e8ccc02710c0c7828d8712797,2024-03-18T19:40:00.173000 -CVE-2024-25864,0,1,bbdc876c67f6d59e585ca102c37ce8a1861aaba2f23b8fa4f38e4dc87ed87b47,2024-04-03T12:38:04.840000 +CVE-2024-25864,0,0,bbdc876c67f6d59e585ca102c37ce8a1861aaba2f23b8fa4f38e4dc87ed87b47,2024-04-03T12:38:04.840000 CVE-2024-25865,0,0,3c1600c9938d3c741a0c565875112497fc6aab8ca57710df7f556dbbd2f4c5d8,2024-03-04T13:58:23.447000 CVE-2024-25866,0,0,9bc37773bde3a2ace3609430b84db3f157b10cdf405491b3720aaee30ab1d883,2024-02-29T13:49:47.277000 CVE-2024-25867,0,0,c245bf99284b583dd6d6f394a291153c7419973184645ffe8ce7f995e790edb9,2024-02-29T13:49:47.277000 @@ -242012,7 +242020,7 @@ CVE-2024-25913,0,0,adbe1d51d998e7755c9e21c2f8e4899af91a4a0cc057128b5afa1c44996ee CVE-2024-25914,0,0,6c21c235c508fdd4e37939a7918e64e3dd4e50979a576bdc305d842a25f11a05,2024-02-13T14:01:07.747000 CVE-2024-25915,0,0,2b3eb3b61519c3cc7ec9c696d86f766a5ba91455b2def2592d7df0099d9b76fa,2024-02-23T16:14:43.447000 CVE-2024-25916,0,0,fd67fe38751dcee5e685d1168694fd860012e656006cfe93ceab898ad49c641f,2024-03-15T16:26:49.320000 -CVE-2024-25918,1,1,1f27cc1f5ef8a65e6a154134d4a53a9d6f447cbdce444b0a5a08dab908f386bd,2024-04-03T12:38:04.840000 +CVE-2024-25918,0,0,1f27cc1f5ef8a65e6a154134d4a53a9d6f447cbdce444b0a5a08dab908f386bd,2024-04-03T12:38:04.840000 CVE-2024-25919,0,0,5218810224fbf56f6083cabf959c1cac12534ba7273f9a4eb37375eb636b2ae1,2024-03-15T16:26:49.320000 CVE-2024-2592,0,0,82585bae4fa7f314917b7ba7f0e03f283a0c4f763802d50150853f7239d1bc1b,2024-03-18T19:40:00.173000 CVE-2024-25920,0,0,94ff03356ded2e8c1531b05296ce05ed12081a8bfdbdad9166a21df9ab3cb6e8,2024-03-27T12:29:30.307000 @@ -242298,7 +242306,7 @@ CVE-2024-2649,0,0,d94342a82ea1b48d654a74591af18489b25bdcf59dab6bf0b9f710b6366d30 CVE-2024-26490,0,0,b6f6bbce17cb8b3e0d7ffc74af2883f439e6d11d15d184e2f1a2e43e85a99a1d,2024-02-22T19:07:27.197000 CVE-2024-26491,0,0,73ef4da115c90ed06a18a1a334653b2533761b4f911c3db9814bd0d18285bcac,2024-02-22T19:07:27.197000 CVE-2024-26492,0,0,223ddadc0c7efe7b0886f487630808be0927541c8864c0a1df96647191c41c4f,2024-03-08T14:02:57.420000 -CVE-2024-26495,0,1,bbb6b231bf109fc8acfd5241f02faec1361b46bca779b6926f0190dbd5a53c19,2024-04-03T12:38:04.840000 +CVE-2024-26495,0,0,bbb6b231bf109fc8acfd5241f02faec1361b46bca779b6926f0190dbd5a53c19,2024-04-03T12:38:04.840000 CVE-2024-26503,0,0,d0f374031f3bfa957597401c8f88ca58d151627558fd63926354c04ec0b8dff2,2024-03-15T12:53:06.423000 CVE-2024-26521,0,0,0e3dff2f526dd01b3807e889e548f69877c6fbe716f338bf9b68ff7b3cd2a892,2024-03-12T12:40:13.500000 CVE-2024-26529,0,0,ceb7dffe95e5cd49d7bba0e418c1f06e328c8386f0796095312ed90a87d2d1b6,2024-03-13T12:33:51.697000 @@ -242314,8 +242322,8 @@ CVE-2024-26580,0,0,716bfe9e7477c84eaf394c6917d0ce79d82ccdb90bad82d0c89b019a7d1ce CVE-2024-26581,0,0,353f24559890ac7b3597bd26d99362ecbfd523a3ec7e2aa7e9d65e75d894e5ee,2024-02-23T09:15:22.563000 CVE-2024-26582,0,0,3ff5c496d753899c1fc1e8062e53c8f61453498de38167daf1346ce24125ba81,2024-03-15T13:56:41.843000 CVE-2024-26583,0,0,469df0658e18197ed0356dd7a5240250603137d767287de06ec0167d1ae18c2a,2024-03-15T13:05:03.220000 -CVE-2024-26584,0,0,628c83749212390e734524e43d20fa678834b7ea9755141f8a3b9cd3762087b8,2024-03-11T18:15:18.503000 -CVE-2024-26585,0,0,ab0df1121b4a44ad09abca0cf48007274128e339349339533a7e7946a2e72b52,2024-03-14T20:18:37.957000 +CVE-2024-26584,0,1,d68a4d58b87753c0e1bb744e1a26295eea21086b2f2685b711c57bb3369e39c5,2024-04-03T14:15:15.613000 +CVE-2024-26585,0,1,f63f838d2bcdd8ae6d99da2fdbc37c9df617bc6a41e88fe22fa920d7915c1497,2024-04-03T14:15:15.853000 CVE-2024-26586,0,0,85e4fb034cd8f802fb7949a6edeb44e49e071e6e365162d8c01bd895923b7bfd,2024-03-18T18:12:44.400000 CVE-2024-26587,0,0,9404613a5d22d59f7b9830950f6da0789d954efb37d6d668289d4948436f8def,2024-03-18T18:09:54.027000 CVE-2024-26588,0,0,a12e329faae009d801e11973c8a72020a4a4a89d8da3b097e68d3f4be6ee8827,2024-03-18T18:02:15.647000 @@ -242372,8 +242380,8 @@ CVE-2024-26638,0,0,810693405d991f7ccd7a2a1a0260a34b1a9402f77c9d945d74efd33b7925e CVE-2024-26639,0,0,5ecaa163a6c77c6111bb006a53c43194195b6cfbe8535ad567a79569fc77c2b9,2024-03-18T12:38:25.490000 CVE-2024-26640,0,0,5cc6b5e042a5b441f74784080591c7d359381cd13aba12bdf63d6c89fc714c33,2024-03-18T12:38:25.490000 CVE-2024-26641,0,0,d0ed2cdfb0ff7417cb869a8d4b0f844e96cb33626fa12ef7a8d145f64e7e59f2,2024-03-18T12:38:25.490000 -CVE-2024-26642,0,0,2030c36d17cf3955028a3c8cf70b58662419898c5eb4245b6345fdb4fa4667cf,2024-03-21T12:58:51.093000 -CVE-2024-26643,0,0,76e88a10e1b7ae620b3b2f807c32687dfa488694b94b88072cd31ad829305fec,2024-03-21T12:58:51.093000 +CVE-2024-26642,0,1,71e4095a03007036b330826bde9436c408f23f15e0193634b741c378a8da394c,2024-04-03T14:15:16.193000 +CVE-2024-26643,0,1,40d5b21fa93f0e45e5fe0fc09804a952bf6a588bf8d8ff5b87a6deddf6f3b5f5,2024-04-03T14:15:16.370000 CVE-2024-26644,0,0,e5196539d0d7d2426b70f5c3d7b2262aa5f8e671e6361172395eb0ace801b5d7,2024-03-26T17:09:53.043000 CVE-2024-26645,0,0,fe3f1a6f358cce09c9a7d8315812702f5784843255df1b174247cd1e300a4c71,2024-03-26T17:09:53.043000 CVE-2024-26646,0,0,dccd3fb042f624b294392888bd78f3cb643c796b96f3f1a01e194aa7fd56d552,2024-03-27T12:29:41.530000 @@ -242383,11 +242391,11 @@ CVE-2024-26649,0,0,86aeb2fae965a4a5332ed6f99e853d97c707f8eddf2b6cb0afb03f1458efa CVE-2024-26650,0,0,a6462e36b1dd6f69ddd876eed038a048534eb12e06d7671796e4cb5890514076,2024-03-27T12:29:41.530000 CVE-2024-26651,0,0,664bc67b3020a550d402c968ae917bf5e5ca3e46c2b2c739e7380a7f1a9e1448,2024-04-03T04:15:11.563000 CVE-2024-26652,0,0,ccc590b218f45c6bb9fa7fed88041733bb926c9879d519c1ffc1f038a0a8e977,2024-03-27T15:49:41.437000 -CVE-2024-26653,0,0,51ec04b4caad105d6a87d39763000adedafa64f3ca4ed0afd4f0fd868b34511b,2024-04-01T12:49:00.877000 -CVE-2024-26654,0,0,b14ee10449a26fa43b702987883255923c391dcb0b66cb2ca66a79385a9b486e,2024-04-01T12:49:00.877000 -CVE-2024-26655,0,0,bda045aa0e6985af1bfcf0c9d1071b2d80c5f34b860dfc6331d24f9e8d446952,2024-04-01T15:53:18.060000 -CVE-2024-26656,0,0,e47b58126763c351e186f9879e61bacaed2de7b73944f0fc6986b9785ca0637c,2024-04-02T12:50:42.233000 -CVE-2024-26657,0,0,55763f19a1b01751f70c3fcd3289f33a315f6fec31600b5d19ba3208beda7ea2,2024-04-02T12:50:42.233000 +CVE-2024-26653,0,1,d049a2565dfb8e2d40a03bd3cfe4e1ae5290c810bf6ab13cfbe1970fbbfbb37e,2024-04-03T14:15:16.520000 +CVE-2024-26654,0,1,742febfe3d710345a87b7b0fca0d3ad06b08437bfd376c32921d3f358d2d767a,2024-04-03T14:15:16.690000 +CVE-2024-26655,0,1,ac0b7c61eb26a3582ca4d638572b761a96d74326d8ddfef7479705aa04b577b6,2024-04-03T14:15:16.860000 +CVE-2024-26656,0,1,5337c8b618800d7ae076a65ae658288f2225d153cd5a33d44f7af43e0758d01a,2024-04-03T14:15:17 +CVE-2024-26657,0,1,5dc4a9c95210d3424ad527963550b1460b63acfba87b6d5e9086dc26cb8bd63d,2024-04-03T14:15:17.153000 CVE-2024-26658,0,0,1013cf0b269e9d3559a1126cca40b69c8071575276ed3dd1757812dfad4c0199,2024-04-02T12:50:42.233000 CVE-2024-26659,0,0,9da56d86cd36627698f3029a2c5501b296124cd8c7d2b484b46f5f4c8dbd5a07,2024-04-02T12:50:42.233000 CVE-2024-26660,0,0,b1951297ec8036559699923c7fc2f6a4b545d195c3084904d1128a08b214c072,2024-04-02T12:50:42.233000 @@ -242416,10 +242424,52 @@ CVE-2024-26681,0,0,d0888cf223e3ff781851ac3c49fc20b7e9eb990bff5eb716a081ef52bec7a CVE-2024-26682,0,0,815bda0c2dbd75c0be714f55d4f47783146c4072cae1e67684474359c73535d9,2024-04-02T12:50:42.233000 CVE-2024-26683,0,0,6c5f44f4e0a996eee17bab8d16a07d09ac59770d962422611b733c6dc302bcad,2024-04-02T12:50:42.233000 CVE-2024-26684,0,0,8a54aaa18a77dc2662ce76183d24e3ad5d44d55136a6048d03ebfafcb9d4c252,2024-04-02T12:50:42.233000 +CVE-2024-26685,1,1,c36ca36f4136868c7237746c297a3f3b61bc4c0e92f97a2d0521d6063acc3d65,2024-04-03T15:15:52.210000 +CVE-2024-26686,1,1,7c2b9b237dd1f0e1f5e6e6d6fb08a0133f2a4a41f2a8f65f4639fafa13efa938,2024-04-03T15:15:52.263000 +CVE-2024-26687,1,1,0e0684ef721f2024adcc55dcd640663a32e83a1e39c0877300e1b34eaa3fbe04,2024-04-03T15:15:52.313000 +CVE-2024-26688,1,1,2f0cf6e29059d81e2774ed0f6cb464e20aaacb7cddb00c7a6b74bcec7d3ad8ea,2024-04-03T15:15:52.370000 +CVE-2024-26689,1,1,07433352f91be45fce02d917dde8f101a9354558f3e3ce1ffbb1ea844fa581f7,2024-04-03T15:15:52.427000 CVE-2024-2669,0,0,4f5a2d5969b59448109cf022193bd2b7c88dc7ffa7ca03caa723fb0f374642a3,2024-03-21T02:52:41.157000 +CVE-2024-26690,1,1,3902183eeddbfab170b1d9b27d7f7eee926edec2ef838a462a10dfca26ab6bf8,2024-04-03T15:15:52.487000 +CVE-2024-26691,1,1,29ded2db966f52e899f4761ce9a65ed1c8faf8a174950a78b8cbb85f71d02c9e,2024-04-03T15:15:52.550000 +CVE-2024-26692,1,1,fc9eda2402bfcf4e3c40c64ec2532c2ef6c1424a17694e9bfc4eaa6fbf4cde19,2024-04-03T15:15:52.610000 +CVE-2024-26693,1,1,b5545aae4daec00aee0dde313d51156ffe01a4854509eca385c2a9b9f021d06d,2024-04-03T15:15:52.667000 +CVE-2024-26694,1,1,f893e40654beea2d45e873da178b1d9072b817d5f34a88de4a7db6a11d173ec5,2024-04-03T15:15:52.717000 +CVE-2024-26695,1,1,eea4d36cf0d642e7d3558ac95fa91f00d7953f7ab5ecc618ae8d8fd14cebb118,2024-04-03T15:15:52.770000 +CVE-2024-26696,1,1,ef7de37710ec27d876be50ced9779901d93bbc2541fe7ae23f3ebe2fc75f1d10,2024-04-03T15:15:52.830000 +CVE-2024-26697,1,1,f0006c8fae4ceec91f4555d31bf709fb386760e880f3c74055b8fbb4b747ab4d,2024-04-03T15:15:52.880000 +CVE-2024-26698,1,1,2da742d44a54b48ea1b0eecf87f33111c8c09ac13354c402685352e21f4b74fb,2024-04-03T15:15:52.933000 +CVE-2024-26699,1,1,17ad217094ed845ba9689e541f8ab18ecaea5397236ad908f437e4f654982f06,2024-04-03T15:15:52.980000 CVE-2024-2670,0,0,51102bd696ec0a80433e00190a81242d0892d06afe5affb13dd51bd0c370ce65,2024-03-21T02:52:41.253000 +CVE-2024-26700,1,1,031dec200b70270aca3af9fb0396cb1fb2b30c5456ae1167d00e61781317043d,2024-04-03T15:15:53.030000 +CVE-2024-26702,1,1,0de17e598622fdefe03b3ca5fadbdb1514d6af13581e720613cafa9f777cc8f0,2024-04-03T15:15:53.087000 +CVE-2024-26703,1,1,5993e0b46fc105c34e91040fbcf981f6d4456c8dd0e0ec701cd8f428427d3334,2024-04-03T15:15:53.140000 +CVE-2024-26704,1,1,d3e56a6c2ac5b0abfe06e83302763ac23c16a226284315bcdc2cdc033f9fc987,2024-04-03T15:15:53.193000 +CVE-2024-26705,1,1,f8b2b110fb1162e48aea3328b9c6236d389c32fa862c42fd96c8475c5ee150bf,2024-04-03T15:15:53.243000 +CVE-2024-26706,1,1,f3bc4ca37496d753564a6c027f9518bd50dfd0d4dd386043f640be48b89c75a3,2024-04-03T15:15:53.293000 +CVE-2024-26707,1,1,6226bc0781cb4b63ec7997151098dcb55fae3d0a1724f76d0b2b57c4eb0ca946,2024-04-03T15:15:53.340000 +CVE-2024-26708,1,1,cc6d257f1676441b67ef27ca9d8b2476caa3cf7f96e800cbd0d470d78918c135,2024-04-03T15:15:53.390000 +CVE-2024-26709,1,1,3ec728ab9c7784b681004a0241657f83eddc8c310140faa52786d7b607cea9a6,2024-04-03T15:15:53.440000 CVE-2024-2671,0,0,fed12512cf97fa3efd1f758fc5910f8d1b7c528221158e27cc18986800b968a9,2024-03-21T02:52:41.343000 +CVE-2024-26710,1,1,e3e29ff58aaa612ac6ff64b6446260ac4034f637fab5191d3c373f9d9997aea2,2024-04-03T15:15:53.487000 +CVE-2024-26711,1,1,e5eb375ae35c4e0370a656dfc129170fd2c9597beec4805f94b9d42d592c8aae,2024-04-03T15:15:53.540000 +CVE-2024-26712,1,1,ce89bed7437850c6bf635f5d05ca9ca8f8c0cf330bf1d4f771fe33ce84b6a2cf,2024-04-03T15:15:53.590000 +CVE-2024-26713,1,1,51d966d1484a22124487f320fb429a22a37d8cd91244074c2aaeea8e986da421,2024-04-03T15:15:53.647000 +CVE-2024-26714,1,1,6a744c15fdd9884d19026d3a4e779ffa5b7434416d697589f67d50e1457ca736,2024-04-03T15:15:53.700000 +CVE-2024-26715,1,1,779fcc02b8c10543782de604d8378038a8fcb6a9a40a45e3c29c5c3d8163ad65,2024-04-03T15:15:53.750000 +CVE-2024-26716,1,1,877cf334265cf8465014d1b38d674072c93ff00958165094ae4260a967b500cc,2024-04-03T15:15:53.800000 +CVE-2024-26717,1,1,7784373235ae4728da9534069799413c5bb96d91bb3dde094440d3d425d6af69,2024-04-03T15:15:53.850000 +CVE-2024-26718,1,1,63927ab2e6d10d693d6ba12a87b03a14059045acb11a966f59c6547a1b8f7d7c,2024-04-03T15:15:53.897000 +CVE-2024-26719,1,1,43d32e3cb316d4f7d7f7947c300c2f2ac4d4bc87f8a9b68999a5829f79f3e30c,2024-04-03T15:15:53.947000 CVE-2024-2672,0,0,2da86fc651bc03f651368581e7694edb9562cdb310c637162da24bed5ec47657,2024-03-21T02:52:41.420000 +CVE-2024-26720,1,1,5d93ba505d1d96624ba4e3f43afa7cf13ad645e5d8f69ee28423d6064c808621,2024-04-03T15:15:53.993000 +CVE-2024-26721,1,1,3acb99caf85d9cd324e71c65cb400de4ad6a542b2f755169bbe0cf1160d643cb,2024-04-03T15:15:54.043000 +CVE-2024-26722,1,1,cec5d522f41d94dc464c549121ecb9e5922534a751541e157acb171202469d2e,2024-04-03T15:15:54.090000 +CVE-2024-26723,1,1,f327301718df5c7141f167d8778fa9e6dbdcb40114ba7adfb144cb5655f3f892,2024-04-03T15:15:54.143000 +CVE-2024-26724,1,1,3d8bbece0c1840306e478c0861d162d4dbd289725ee98cd621260b96fa75fb56,2024-04-03T15:15:54.203000 +CVE-2024-26725,1,1,a1b7424dc37486bc6863ea05cc6fc5641a875a4bafb70947ff4aca4a274cb4f5,2024-04-03T15:15:54.257000 +CVE-2024-26726,1,1,bdb85cb8336360454026b14412a3731a8a84a8f9c8f0d0afecc02e8696301a08,2024-04-03T15:15:54.313000 +CVE-2024-26727,1,1,25bda1e3cf9dd5e39903a0c781d5237a03402bc5f992e435c62aac801b196573,2024-04-03T15:15:54.367000 CVE-2024-2673,0,0,02c7815146b5a3acb280ba90466cd71222f5ed95ea4203973a7ebbfdbd52db01,2024-03-21T02:52:41.500000 CVE-2024-2674,0,0,81482ed52b55f09c63e731886ccd00277c35fcbb5fcdc0ea469830544258aabf,2024-03-21T02:52:41.583000 CVE-2024-2675,0,0,141d2f9c3ed998ec5fc7c1be9fb79ee859e57c1fe9eb4586fae21651720e0444,2024-03-21T02:52:41.660000 @@ -242486,7 +242536,7 @@ CVE-2024-27188,0,0,0a250e5949948eb56c4e7cf9856d7a21d10f3e8b950f62db4c44a6dd21c9f CVE-2024-27189,0,0,515e61fa1831b3fd92525b0004dfafde618646c72fb29e4527e0a2fb9466806f,2024-03-15T16:26:49.320000 CVE-2024-2719,0,0,a4ab17264d9d4de02148162ae470cd2b2fdd972306f561edebd77c0e41dd9d7a,2024-03-21T12:58:51.093000 CVE-2024-27190,0,0,1aa0bf9b04d8ad0cd0d83da443ced72d3db96666d7e8636691ac4635aaeee635,2024-03-21T19:47:03.943000 -CVE-2024-27191,1,1,c59b146584f3b3c53db5efa7d88848518f278a0fdbf3dc303e796a9d406dfa86,2024-04-03T12:38:04.840000 +CVE-2024-27191,0,0,c59b146584f3b3c53db5efa7d88848518f278a0fdbf3dc303e796a9d406dfa86,2024-04-03T12:38:04.840000 CVE-2024-27192,0,0,0ff7a489a9c185cda73564233ae30b76c3279bb0d352bc83dbf6b8e10c6212e5,2024-03-15T16:26:49.320000 CVE-2024-27193,0,0,1a2f1126258ed9b0f5281770f95fad5056f0f1e4993150f3d871f6ef458a3533,2024-03-15T16:26:49.320000 CVE-2024-27194,0,0,b8200fea2f0a79d9b8f1fbf40aca3e6d111a7a732357978a250e1964deaa7251,2024-03-17T22:38:29.433000 @@ -242496,6 +242546,7 @@ CVE-2024-27197,0,0,78aca5045460ef7da4ea40b21e3ad45b2151c6d7e43b2c297841492788bc4 CVE-2024-27198,0,0,e4259fe3d4611134ab5dfb0d4f88f5b563c21b8238f30b4253811838ad004753,2024-03-11T15:15:47.483000 CVE-2024-27199,0,0,3dd3bfb58b796a8c7735f0a6f342852f32998fc13795786d35eb3d4375df0417,2024-03-11T15:15:47.663000 CVE-2024-2720,0,0,eb10a25c2acbdf6ea38b15c05249a78381584758b82c10dc686eff70def0e785,2024-03-21T12:58:51.093000 +CVE-2024-27201,1,1,a5ca5af71c8baf146f228355e8c8364d1f0456bb1cfaa6ab50ae388dd144094b,2024-04-03T15:15:54.413000 CVE-2024-27204,0,0,2f9f2ac2078c33addc2c698f165f7aff9339fcf3fa26f2cdd29a6de3328c8c2a,2024-03-12T12:40:13.500000 CVE-2024-27205,0,0,52855ef1396675bf7ce515be434e694f795d99891e26fffa6e36d6a889b1c72f,2024-03-15T20:15:08.703000 CVE-2024-27206,0,0,7a39e0c9f0f47b5a6e43427d7518d5d862cb34ba539b01bd0717056c4e6dcf42,2024-03-15T20:15:08.743000 @@ -242530,7 +242581,7 @@ CVE-2024-27236,0,0,050a1052e26047f2e5d0b58d8351e3e856ec1c52f1b2daf95f02084addfb0 CVE-2024-27237,0,0,952387726c7567ea2371af0e500cab297b027867a108431eaa82a39745a31338,2024-03-12T12:40:13.500000 CVE-2024-2724,0,0,890ae7d14540888ae4d0300e6c3327b78b165387c35f98da98215dff4a44bb25,2024-03-22T15:34:43.663000 CVE-2024-2725,0,0,7cb31ae5832528a9cc7de2e461a09450be9145e26468abe7975abc97f0008d6e,2024-03-22T15:34:43.663000 -CVE-2024-27254,1,1,a0bd76be660e25bb457e2810063b8be0c7f283d959df6e0620ec741a1dd3de4c,2024-04-03T13:16:02.220000 +CVE-2024-27254,0,0,a0bd76be660e25bb457e2810063b8be0c7f283d959df6e0620ec741a1dd3de4c,2024-04-03T13:16:02.220000 CVE-2024-27255,0,0,07d4523d50b3b6ceec1ed85c31e8859376bfd63a9732f2f4d2cf6e5b4c34b76b,2024-03-04T13:58:23.447000 CVE-2024-2726,0,0,670b2be162ea05000bb5b040a32b1dee9c94eee7d1b48ed8e7d2e78e98ae50a2,2024-03-22T15:34:43.663000 CVE-2024-27265,0,0,caf2cbef481f9d0206d06f75a38ca052c5291ba0582e91875cea8f52e6d86a34,2024-03-19T16:52:02.767000 @@ -242620,9 +242671,9 @@ CVE-2024-27569,0,0,a1c97a6629a14374fe383c8737fbd058f9c69e29cacac5f65c8ee536732ce CVE-2024-27570,0,0,bb5768b9abe1d66233dd488033991c033e73d40122830f230bd575bce0ee2d3c,2024-03-01T15:23:36.177000 CVE-2024-27571,0,0,c83a44f9887d08cabab3b2a4f270c8d7a63fba9a80bea6bcef31fb59117b7c4c,2024-03-01T15:23:36.177000 CVE-2024-27572,0,0,ad4311ae425bc6b17f909abcd4c2456b040031c823802764df1b154118e12883,2024-03-01T15:23:36.177000 -CVE-2024-27602,0,1,641d004f193cbc187bf560868353a5607871444565457a2a1f222c57bafe0082,2024-04-03T12:38:04.840000 -CVE-2024-27604,0,1,5dd90a20288c95f7805059ddcbf501c6de9e3b933a16f752b43bf101ed5f2058,2024-04-03T12:38:04.840000 -CVE-2024-27605,0,1,4f744199930e3e7e9b7f220c4e73a81bb4fe207bf4ecc2f618ea8f6d8437d165,2024-04-03T12:38:04.840000 +CVE-2024-27602,0,0,641d004f193cbc187bf560868353a5607871444565457a2a1f222c57bafe0082,2024-04-03T12:38:04.840000 +CVE-2024-27604,0,0,5dd90a20288c95f7805059ddcbf501c6de9e3b933a16f752b43bf101ed5f2058,2024-04-03T12:38:04.840000 +CVE-2024-27605,0,0,4f744199930e3e7e9b7f220c4e73a81bb4fe207bf4ecc2f618ea8f6d8437d165,2024-04-03T12:38:04.840000 CVE-2024-27609,0,0,5e824357e4183ab719c4b74c8b8f75258087ffff9b9d5d9bfa2e37f5fe8c146d,2024-04-01T01:12:59.077000 CVE-2024-27612,0,0,c510222cc98aeecd84a141efbf806cb4a31be0185bd980ef0ea0993f9e29a425,2024-03-08T14:02:57.420000 CVE-2024-27613,0,0,55e42cf2e4639a6096ea75af39dc974125f1048dbd4b80fc4aa61dc42e00d85d,2024-03-08T14:02:57.420000 @@ -242721,7 +242772,7 @@ CVE-2024-2794,0,0,759cf6525781306722e41aca6a100ccb37df35d975f73aac822206bcb71057 CVE-2024-27948,0,0,67e156b37ac5c6da6ca4063513792c829bdbe8e804f7b01b28e54c9fc1c182b2,2024-02-29T13:49:47.277000 CVE-2024-27949,0,0,12ee9b935394b527d1677a59b517c94d0df067a0b32bfff31d7cb2be5b4b5d00,2024-03-01T14:04:26.010000 CVE-2024-27950,0,0,56d632dad56c45d949d3327de16e5b70b08683cea8ce7876ca8c59cc37ee8062,2024-03-01T14:04:04.827000 -CVE-2024-27951,1,1,5214bf0ae78cade4639f395d688589b65103945d0e777f1316108089a3cd002d,2024-04-03T12:38:04.840000 +CVE-2024-27951,0,0,5214bf0ae78cade4639f395d688589b65103945d0e777f1316108089a3cd002d,2024-04-03T12:38:04.840000 CVE-2024-27952,0,0,184c933cd3d4f7d9f291de87daadba6c6d2dcb57a0cab449b4798a27658d2d98,2024-03-13T18:15:58.530000 CVE-2024-27953,0,0,9606a5ea342585cc8ea605f674c63e8d870327e37e1ba285dba38be6126632a2,2024-03-13T18:15:58.530000 CVE-2024-27956,0,0,eeea096f0e7e7487ea049c194ac62702e3efa47a3d999d9e69a572f09e5c15e8,2024-03-21T19:47:03.943000 @@ -242735,7 +242786,7 @@ CVE-2024-27963,0,0,1fe8e45c3046e4191d77b36670840383914d58f1ba31efb184b266de4ae6b CVE-2024-27964,0,0,f723b903bea75dee5cd9d094fb735ccf35df44ec2a2fe82d8cd63bd7e33ad323,2024-03-21T19:47:03.943000 CVE-2024-27965,0,0,07b2c962b6af72a3fa4d6e0cca49f1bed68d7474aaf9839141a5bebbc2988945,2024-03-21T19:47:03.943000 CVE-2024-27968,0,0,62d1484625b8ff1b6da2393031085b35a7b07168c520f9d4ac0420345380cdc9,2024-03-21T19:47:03.943000 -CVE-2024-27972,1,1,5f2a44ef4455f2392170f0062af4e1f33c4163a5c961cda58ad08221f3c689b8,2024-04-03T12:38:04.840000 +CVE-2024-27972,0,0,5f2a44ef4455f2392170f0062af4e1f33c4163a5c961cda58ad08221f3c689b8,2024-04-03T12:38:04.840000 CVE-2024-27974,0,0,c5d12161a6a294fb4d33a068888d07d2dec693f9073d8d47f06182bf4fe2779a,2024-03-18T12:38:25.490000 CVE-2024-27986,0,0,221ac31a72264e8303bc0dc716d0bcad27f92aa2e3b64824247f9d02601983b8,2024-03-14T12:52:09.877000 CVE-2024-27987,0,0,ce6fd0b1730cd837f285c0aaaa1258cf6aa8505469e7f313401adb363ee7f395,2024-03-15T12:53:06.423000 @@ -242870,7 +242921,7 @@ CVE-2024-28213,0,0,123dce2bcd1dc69568d6c5cbaff040ae81dbab0468f48456713cfbf9a03f5 CVE-2024-28214,0,0,76f80df1e3db719174c664a8c6faf2adc85abffc04e0a27143c2db72f7cc0ddc,2024-03-07T13:52:27.110000 CVE-2024-28215,0,0,b75c62903069d346adeb5d4d830666ec30aba706366e0a1ba743e223df9965c6,2024-03-07T13:52:27.110000 CVE-2024-28216,0,0,2a9c0d9bf26dcccba11f21ba5b773a9b1fa8ef0ca0bd0ec8330c8d19a1d9d1ca,2024-03-07T13:52:27.110000 -CVE-2024-28219,0,1,5d1482e6721cb93d62e502f1f8ab261cac73f35af60759ddf9b75d97f371a8d4,2024-04-03T12:38:04.840000 +CVE-2024-28219,0,0,5d1482e6721cb93d62e502f1f8ab261cac73f35af60759ddf9b75d97f371a8d4,2024-04-03T12:38:04.840000 CVE-2024-2822,0,0,2610f5ce96e467cfdfbe88a0a281a09b1b1b71407e2f991a84e93422cf7c0761,2024-03-22T19:02:10.300000 CVE-2024-28222,0,0,fc2bb6625872999de46c3fec787964c81811fbafba85fd6aa0a9c0c190c12038,2024-03-07T13:52:27.110000 CVE-2024-28226,0,0,60d2b317d558a952126fd2c59e7791a3132f61184750bcc6e4113640853620c0,2024-04-02T12:50:42.233000 @@ -242903,6 +242954,7 @@ CVE-2024-28254,0,0,ba6384e5d24a90ea0036dcbe7f89cd48d629aea12c2d3808708fa9f619d07 CVE-2024-28255,0,0,abc37b2c1df4d41f872020a3754e2ae86c707a3247848b9d32abc1bd5f67bb13,2024-03-17T22:38:29.433000 CVE-2024-2826,0,0,1d93b91609afdc8cde3f5ecc45472a564308e5f462238793e621360ebc7e6e2d,2024-03-25T01:51:01.223000 CVE-2024-2827,0,0,dfdf8cf189fc6f162d882c6851315350232a4ff93bfc1499f4ef207025e889fe,2024-03-25T01:51:01.223000 +CVE-2024-28275,1,1,cdd1da87b72185d93a0288f87634d98e98c9b47a07841e837ddd242464f14236,2024-04-03T15:15:54.490000 CVE-2024-2828,0,0,3207b9b6338469802274c5e9e9fd6ddcd26ec8d2629100ed3caf35752f6b6a3b,2024-03-25T01:51:01.223000 CVE-2024-28283,0,0,39f85b2f17c0fe895d0bdb32702da6d7a9c62274d2c91228b15f8ef37a4f9826,2024-03-20T13:00:16.367000 CVE-2024-28286,0,0,0c649cd6694a1837fe5561b872f74550eafab1ff52e9c04655d5ad406a1d7e85,2024-03-21T12:58:51.093000 @@ -242960,7 +243012,7 @@ CVE-2024-2848,0,0,a4d9bf4c4cd104d99430baa68a796e04878fb2cfe61d9d35640dc4c26856b3 CVE-2024-2849,0,0,689f01009061efff1ee0cd29db14c96053c4b561f68402f2590b4aaf791eded8,2024-03-26T09:15:11.360000 CVE-2024-2850,0,0,18a7df7924646d54c8018dc44d3ceaaa7b16c75f99276cbe6ac98b765122f744,2024-03-26T03:15:24.927000 CVE-2024-2851,0,0,9a668cf4331e419a65111b1e6f8abf3e27bc0fce212b623cd8a47fdd549e170b,2024-03-26T03:15:36.833000 -CVE-2024-28515,0,1,a2f38351769a80f01f300fd8c83038fe9060fc0b0320f8b6c711930dd11ec84b,2024-04-03T12:38:04.840000 +CVE-2024-28515,0,0,a2f38351769a80f01f300fd8c83038fe9060fc0b0320f8b6c711930dd11ec84b,2024-04-03T12:38:04.840000 CVE-2024-2852,0,0,d7c0051b0398ed6771fdd69c5942366e1b233545fdf7340abf88db5b663c134a,2024-03-26T03:15:47.310000 CVE-2024-28521,0,0,8ab5b6bd1cc025dda03cab07eeddd7e1f81756c34e55025f1870bf6a0feb8a5b,2024-03-22T12:45:36.130000 CVE-2024-2853,0,0,e510059736f729514b8634c28eabbedda89b99502b90c04b4a57c0f56252c1ab,2024-03-26T03:15:50.793000 @@ -242999,7 +243051,7 @@ CVE-2024-28581,0,0,0da5c13c4b85d9bb8c608869fbe145c4047aa7b262d3dbb32ca42932b0c65 CVE-2024-28582,0,0,c8d9c6f6a1d338659902e37adbb04b12fb77269e6591f5ca5a12aad10c123c1f,2024-03-20T13:00:16.367000 CVE-2024-28583,0,0,7f3ab6d4f4ab97c0265937ef4d115a2fa3e5739f0ab5531555f42d21c39d5f43,2024-03-20T13:00:16.367000 CVE-2024-28584,0,0,30acc0576141383424b25d4ae09660ec9df2b394d12270056a0fa465700d0ad8,2024-03-20T13:00:16.367000 -CVE-2024-28589,0,1,0bbfba634be0a6220fb48d12550a4d1e9192f3d277848f34860717c51da56d55,2024-04-03T12:38:04.840000 +CVE-2024-28589,0,0,0bbfba634be0a6220fb48d12550a4d1e9192f3d277848f34860717c51da56d55,2024-04-03T12:38:04.840000 CVE-2024-28593,0,0,3589e0bd6bcc642b0735aaa1e50dd022f336ec4dcb26e9d3f97bf8fabcebcecc,2024-03-22T15:34:43.663000 CVE-2024-28595,0,0,ef113c40b1e587c7577ee3cf38a094a31c4af04143b7a8e19edb798f98163070,2024-03-20T13:00:16.367000 CVE-2024-2862,0,0,a714f5e8cb944f65576648fcdb042cca021906895d812cc8cb0301d4fdfba94b,2024-03-25T13:47:14.087000 @@ -243041,12 +243093,12 @@ CVE-2024-28746,0,0,4e08f19b517756fb15fbaf966494c1aeec3b9803b4e2b615b4d5a557eb48c CVE-2024-28752,0,0,b6856abb589c0fed02798f341901c4f3025e287fced11706e9fa0c89b392cd6a,2024-03-15T12:53:06.423000 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000 CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3b2c,2024-03-11T01:32:39.697000 -CVE-2024-28755,0,1,1b8336cb8aec54928e95e2838923ef63de390c1d6a172c9e230fb0e16707e4c5,2024-04-03T12:38:04.840000 +CVE-2024-28755,0,0,1b8336cb8aec54928e95e2838923ef63de390c1d6a172c9e230fb0e16707e4c5,2024-04-03T12:38:04.840000 CVE-2024-28756,0,0,25c89ab9b64cbd69060fc1b1f68e4f1c76ee574185097dbf9146fc8b2b315bf5,2024-03-22T12:45:36.130000 CVE-2024-28757,0,0,6f674e74da8b1d303f1997061736a8f7699c424c20f0aba68e441f140f441071,2024-03-23T03:15:11.920000 -CVE-2024-28782,1,1,493e55169735d5727cf0c0e734e42ef2baf23f206bb8e4370c0853d4f8c42678,2024-04-03T12:38:04.840000 +CVE-2024-28782,0,0,493e55169735d5727cf0c0e734e42ef2baf23f206bb8e4370c0853d4f8c42678,2024-04-03T12:38:04.840000 CVE-2024-28784,0,0,2bc1ea2e712d4e90db6a7b931c77b9f29985433c42fe688e3c826f016a685898,2024-03-27T15:49:51.300000 -CVE-2024-2879,0,1,054a6fdcadc9bcaaea40956329fc48dac6cafc8e30cc5dab57e2d3f376caf457,2024-04-03T12:38:04.840000 +CVE-2024-2879,0,0,054a6fdcadc9bcaaea40956329fc48dac6cafc8e30cc5dab57e2d3f376caf457,2024-04-03T12:38:04.840000 CVE-2024-28815,0,0,f9ba7e38674697b7d17d51e7b24c9c896d5b8cd72333d8b6833bda1b0cb49c74,2024-03-27T12:29:30.307000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000 @@ -243054,7 +243106,7 @@ CVE-2024-28824,0,0,29abf61aa992ee5bcede73dcd8363195f5ccb0f240073ed24aaff3a2acefa CVE-2024-2883,0,0,e66be81816608580e2e81ffcb02cca4ae9a2aa5cbea60907cc2e1d80cffbaf4a,2024-03-29T04:15:08.743000 CVE-2024-28834,0,0,841718fd8fddff124f231102263dad7d394e02b19e9697b20d411d85f567df2c,2024-03-21T15:24:35.093000 CVE-2024-28835,0,0,807354fa6b4609be92d801df299988ca81259642594a0e94cba8cafe4de90346,2024-03-21T12:58:51.093000 -CVE-2024-28836,0,1,ef9665bb9a0895616f82c07b3b8f93ecbb9dcd318a88906096e3fd29af01d6df,2024-04-03T12:38:04.840000 +CVE-2024-28836,0,0,ef9665bb9a0895616f82c07b3b8f93ecbb9dcd318a88906096e3fd29af01d6df,2024-04-03T12:38:04.840000 CVE-2024-28847,0,0,77ca7298b6799783b77992e414cebfaaf69a1bd2c05124cbdf6b914d3e0bb310,2024-03-17T22:38:29.433000 CVE-2024-28848,0,0,f738fe56a5bc4cdb728fabdb4b9cb52618afbf9827db3dbc12ec3f1fb91169bf,2024-03-21T02:52:25.197000 CVE-2024-28849,0,0,5e73d26630408070b9f2d0554aca63f533ce0044a2d97ed66eab06494ab2be18,2024-03-23T03:15:11.970000 @@ -243249,9 +243301,9 @@ CVE-2024-2941,0,0,ce11630a400956dcbfeeac55ad32861fc5176b2eeccb4990e4aaf30900f5cb CVE-2024-29419,0,0,1f113c646466febbefbd1317ecc5036f9bdf6e219db156971cfdda70e05f32f0,2024-03-20T17:18:21.343000 CVE-2024-2942,0,0,3fa2fdee1f7a471c21b1ac1386874f056fa7e82fdcd541072fb7ea8f5bfccb08,2024-03-27T12:29:30.307000 CVE-2024-2943,0,0,b5b95bbcb0b53766ee2bd76974e535abb9029181348d10726e03c7804fb75e95,2024-03-27T12:29:30.307000 -CVE-2024-29432,0,1,935ce59b23319f15478ff1d005b1786853efcea9f20ed5b78b83dcf1879a3c65,2024-04-03T12:38:04.840000 +CVE-2024-29432,0,0,935ce59b23319f15478ff1d005b1786853efcea9f20ed5b78b83dcf1879a3c65,2024-04-03T12:38:04.840000 CVE-2024-29433,0,0,b10a666a979afbf6ffc25b1ef458e1d0fb9c766493f3b32e8a3cbc2c3e4a9e2b,2024-04-02T12:50:42.233000 -CVE-2024-29434,0,1,e2dd739e4fe1b524f01d6355aa24f60868a619e4b33fdd429c31c5ef2f0acc1e,2024-04-03T12:38:04.840000 +CVE-2024-29434,0,0,e2dd739e4fe1b524f01d6355aa24f60868a619e4b33fdd429c31c5ef2f0acc1e,2024-04-03T12:38:04.840000 CVE-2024-29435,0,0,4d03d83d8cb615246ed4e783c1ea07f9aee9ed7e6aa6133cefbb15bfb0a5c168,2024-04-02T12:50:42.233000 CVE-2024-2944,0,0,edbe06654b669678b299b573aae74f1e6525956b78541d7e0f3aff7e4dd8cf16,2024-03-27T12:29:30.307000 CVE-2024-29440,0,0,b41dbba691936eb263a6e48ee2f4c3b0c65bf928cbb922caedd1e0f5f03baacf,2024-03-26T12:55:05.010000 @@ -243264,7 +243316,7 @@ CVE-2024-29471,0,0,82d45a5ffd79414ce139218b143945b76a967fb1502a8005b616153a32c45 CVE-2024-29472,0,0,8914457096a81cfec257e1932986907f8b2f25a966f10c0d7629905ec24b0f86,2024-03-21T12:58:51.093000 CVE-2024-29473,0,0,2dcbe7e94767e08f46a9353b62d8f30da500a221f5affb32fc9ef958cfff985b,2024-03-21T12:58:51.093000 CVE-2024-29474,0,0,cd74b93fedbacc13ab911c0f2a2b89e07d9e578953f3b262ce40503b72930e98,2024-03-21T12:58:51.093000 -CVE-2024-29477,1,1,5231aab2983543fdf491ab629db6bbcb71a18478e7074594e3d1100549f6a211,2024-04-03T12:38:04.840000 +CVE-2024-29477,0,0,5231aab2983543fdf491ab629db6bbcb71a18478e7074594e3d1100549f6a211,2024-04-03T12:38:04.840000 CVE-2024-2948,0,0,69ae62e863aa0c628d345bc7d66ea32126e1cf0abc93ad86985926e075e497af,2024-04-01T01:12:59.077000 CVE-2024-29489,0,0,b53e28436eacd43712154645616899ea4ad86f89638685c2d1c1f1bd71a439fa,2024-03-29T12:45:02.937000 CVE-2024-29499,0,0,bc8db29a97bf5517e5213278d0d5f5ecdec4b51f00adea3262848d25f6e735bc,2024-03-22T19:02:10.300000 @@ -243289,7 +243341,7 @@ CVE-2024-2969,0,0,3b44a35797f59af8c943f5dbb2fce3c943dbaa3692484ae9edd2ca48b318cc CVE-2024-2970,0,0,97b5efebd06d1da6e27cb01c572bc0b66502d05407bc0c3aa6cc4cd6986808de,2024-03-29T12:45:02.937000 CVE-2024-2971,0,0,898bc718d43d0c390c6d16657d6a8f74b1bed4195ca2be9f6e03b60807e37565,2024-03-27T12:29:30.307000 CVE-2024-29732,0,0,3aff958eec55f5cf06538251c792be6423021bd21573f6f2f920d098c9ad37bd,2024-03-21T12:58:51.093000 -CVE-2024-29734,0,1,8d99461dc9b8889d99315bde49edbce5536e3a20b88b53095157d8f0afc148b5,2024-04-03T12:38:04.840000 +CVE-2024-29734,0,0,8d99461dc9b8889d99315bde49edbce5536e3a20b88b53095157d8f0afc148b5,2024-04-03T12:38:04.840000 CVE-2024-29735,0,0,286fbba4f7cb1bbd32eae740efb468430068245735dc6c522579c415dcd44e18,2024-03-27T12:29:41.530000 CVE-2024-29758,0,0,850000367bf365fc67358722bd3f49f9e6efe1177fc04e28429703ce7619a3b6,2024-03-27T15:49:41.437000 CVE-2024-29759,0,0,604dde57e158ba268d6ad5edd22f6f9ee225a2c65d1a266897bc2dc328d431c0,2024-03-27T15:49:41.437000 @@ -243458,7 +243510,7 @@ CVE-2024-3014,0,0,57dd337802948c0c36abeb7862e4d697d25a39c1914e60d6e237ec085f38c2 CVE-2024-3015,0,0,3e96e179fc605bd086459a8977cf3494e9c3b88c686e177fb5725b8b22e0b1bb,2024-03-28T12:42:56.150000 CVE-2024-30156,0,0,aff0cd27a6d4ebd55e03f44f61cc23ee9163e094843acbac5af736e684ab9391,2024-03-25T01:51:01.223000 CVE-2024-30161,0,0,f6d00094643508d05d1e5626fca4ef83c82ab69ba4696adb329c49eff6d0ab4a,2024-03-25T01:51:01.223000 -CVE-2024-30166,0,1,b150008503ab8c7534770489f2591fa7243e9c9df016e5c1c4c33123a4b73e85,2024-04-03T12:38:04.840000 +CVE-2024-30166,0,0,b150008503ab8c7534770489f2591fa7243e9c9df016e5c1c4c33123a4b73e85,2024-04-03T12:38:04.840000 CVE-2024-30177,0,0,ce7cec2fca67508ea4a8b86ac0339410ad9c9cb05c2afad1960db626913e7789,2024-03-27T12:29:30.307000 CVE-2024-30178,0,0,d11fc89cba6da171daf23dbb46df2a76bfb6083f334196d374e91e86d9976c38,2024-03-27T12:29:30.307000 CVE-2024-30179,0,0,35abc90ebe1a793047559644af343573def8da2ffc996aad9121641adf83cee8,2024-03-27T12:29:30.307000 @@ -243524,31 +243576,31 @@ CVE-2024-30340,0,0,936ebaade289155374119ab988cd44e329d38211b347eebf5f3d927e148cd CVE-2024-30341,0,0,06e6e6ab91aceac3584aa28f680a6780e9c648bd3e0caf27c0cbc8a0dc062f9c,2024-04-02T20:31:58.463000 CVE-2024-30342,0,0,6e8505848332938edac1021b1a94bb920d4ae83e28f352981633100a09367b89,2024-04-02T20:31:58.463000 CVE-2024-30343,0,0,fb6dfc8d754fa12e0d7786222270a9c7de30f36fb56fc1dbd26852867305fd08,2024-04-02T20:31:58.463000 -CVE-2024-30344,0,1,5bc139b5bbd44b7bb5b34a3a55c5a8ccb21aac14a897b892f152d0b7b80fa738,2024-04-03T12:38:04.840000 -CVE-2024-30345,0,1,d7f29b53351ee4b9cd93cf2b1fe26dc4705952a936cac37646bba650f9cd001b,2024-04-03T12:38:04.840000 -CVE-2024-30346,0,1,7d0368ecfc06cc1f8f2402fe99d9dfa0d6c63c2f34d70d6276af16ded29f534e,2024-04-03T12:38:04.840000 -CVE-2024-30347,0,1,e68985540e4648080ae382727cbdd6bd480d390686c7260409a8b3176121f126,2024-04-03T12:38:04.840000 -CVE-2024-30348,0,1,39f5c40227cf1fd49ec006be104dc0d67c20f3b98cdee650ab09c642d8fd60db,2024-04-03T12:38:04.840000 -CVE-2024-30349,0,1,6edf865ace49706734eddebd9b18356c82fe0f305fffaf4d53c808cfc353e0ba,2024-04-03T12:38:04.840000 -CVE-2024-30350,0,1,a1fe348f76aee865cda8fcaa498464a95d5044ea3be945a2ef416a0def6f418a,2024-04-03T12:38:04.840000 -CVE-2024-30351,0,1,7def1887ca6a75a01a298363eda9ce99d3f7cd03715e5fca72f5c0965da9c1c3,2024-04-03T12:38:04.840000 -CVE-2024-30352,0,1,e5c21ae78b9c524cc4ffd2bef6f185aca1e11f9feb144253b8f981fd55b6eb34,2024-04-03T12:38:04.840000 -CVE-2024-30353,0,1,4ddfab1fb4debdb52601bd8007f16aedb5c867fa7242ab4bef38630b5fcff776,2024-04-03T12:38:04.840000 -CVE-2024-30354,0,1,19b394e99590970a0db244f031fdca72c1785146331c48b5a3693178e2c0e0d4,2024-04-03T12:38:04.840000 -CVE-2024-30355,0,1,0decd90dac62ed7ef29b8b8f2f7ac7e8352838872b34ab7354a8ba9b609c657c,2024-04-03T12:38:04.840000 -CVE-2024-30356,0,1,c5df9b68c97f16468b5bc6b7fd4842294dd1cd4288439b029d531fd5ee2cf5d7,2024-04-03T12:38:04.840000 -CVE-2024-30357,0,1,b490603cfd1ae2bd60b1a73e06f78329e6a61ef981448feb412f19c789a2fb31,2024-04-03T12:38:04.840000 -CVE-2024-30358,0,1,0851f6424db5d7a6c7a03964dab129792309ca234977750d89a17754f629936e,2024-04-03T12:38:04.840000 -CVE-2024-30359,0,1,2f580ba4df713d107b03ef75cb85107d21786a90460916d480b0e35884e5f03e,2024-04-03T12:38:04.840000 -CVE-2024-30360,0,1,80c7b7c44e3824b902966f606dd1196cfc97097ce03102457d782a3b6a8868f0,2024-04-03T12:38:04.840000 -CVE-2024-30361,0,1,2879c3f761aa256a70cbaaae709e90f2c1dd7342ebded9044f02d01c6d51dc6f,2024-04-03T12:38:04.840000 -CVE-2024-30362,0,1,35aafb2836e5f8e5924ff39a2464f965c35f7dc3efb76e15b7b7082bb4cf34a3,2024-04-03T12:38:04.840000 -CVE-2024-30363,0,1,486d64804c1de5e8bb428f2000e75f33f32d44204e917e98f16ea5b43bd64847,2024-04-03T12:38:04.840000 -CVE-2024-30364,0,1,510899e3ecba71d096b404b02c98b4b3e3d0afcbd2457b7d4336fb6c1da0be73,2024-04-03T12:38:04.840000 -CVE-2024-30365,0,1,8d8a5efd96412c7324fe23e0515deeca0b6ea605ee15bf7de07d85db987cca0f,2024-04-03T12:38:04.840000 -CVE-2024-30367,0,1,a902af43f2971ddd47d7eebd60d52a9673dc37a2dcdcf1f5ecafc349085ea3e6,2024-04-03T12:38:04.840000 -CVE-2024-30370,0,1,0b843daff5c28582cf7b13f2850b1d8c607c4ae5b045b88facad224f99e19e5b,2024-04-03T12:38:04.840000 -CVE-2024-30371,0,1,b1d655f20dce1a124d87b962baf334d2a249a3ceff7f094651f12c5849e1f6ee,2024-04-03T12:38:04.840000 +CVE-2024-30344,0,0,5bc139b5bbd44b7bb5b34a3a55c5a8ccb21aac14a897b892f152d0b7b80fa738,2024-04-03T12:38:04.840000 +CVE-2024-30345,0,0,d7f29b53351ee4b9cd93cf2b1fe26dc4705952a936cac37646bba650f9cd001b,2024-04-03T12:38:04.840000 +CVE-2024-30346,0,0,7d0368ecfc06cc1f8f2402fe99d9dfa0d6c63c2f34d70d6276af16ded29f534e,2024-04-03T12:38:04.840000 +CVE-2024-30347,0,0,e68985540e4648080ae382727cbdd6bd480d390686c7260409a8b3176121f126,2024-04-03T12:38:04.840000 +CVE-2024-30348,0,0,39f5c40227cf1fd49ec006be104dc0d67c20f3b98cdee650ab09c642d8fd60db,2024-04-03T12:38:04.840000 +CVE-2024-30349,0,0,6edf865ace49706734eddebd9b18356c82fe0f305fffaf4d53c808cfc353e0ba,2024-04-03T12:38:04.840000 +CVE-2024-30350,0,0,a1fe348f76aee865cda8fcaa498464a95d5044ea3be945a2ef416a0def6f418a,2024-04-03T12:38:04.840000 +CVE-2024-30351,0,0,7def1887ca6a75a01a298363eda9ce99d3f7cd03715e5fca72f5c0965da9c1c3,2024-04-03T12:38:04.840000 +CVE-2024-30352,0,0,e5c21ae78b9c524cc4ffd2bef6f185aca1e11f9feb144253b8f981fd55b6eb34,2024-04-03T12:38:04.840000 +CVE-2024-30353,0,0,4ddfab1fb4debdb52601bd8007f16aedb5c867fa7242ab4bef38630b5fcff776,2024-04-03T12:38:04.840000 +CVE-2024-30354,0,0,19b394e99590970a0db244f031fdca72c1785146331c48b5a3693178e2c0e0d4,2024-04-03T12:38:04.840000 +CVE-2024-30355,0,0,0decd90dac62ed7ef29b8b8f2f7ac7e8352838872b34ab7354a8ba9b609c657c,2024-04-03T12:38:04.840000 +CVE-2024-30356,0,0,c5df9b68c97f16468b5bc6b7fd4842294dd1cd4288439b029d531fd5ee2cf5d7,2024-04-03T12:38:04.840000 +CVE-2024-30357,0,0,b490603cfd1ae2bd60b1a73e06f78329e6a61ef981448feb412f19c789a2fb31,2024-04-03T12:38:04.840000 +CVE-2024-30358,0,0,0851f6424db5d7a6c7a03964dab129792309ca234977750d89a17754f629936e,2024-04-03T12:38:04.840000 +CVE-2024-30359,0,0,2f580ba4df713d107b03ef75cb85107d21786a90460916d480b0e35884e5f03e,2024-04-03T12:38:04.840000 +CVE-2024-30360,0,0,80c7b7c44e3824b902966f606dd1196cfc97097ce03102457d782a3b6a8868f0,2024-04-03T12:38:04.840000 +CVE-2024-30361,0,0,2879c3f761aa256a70cbaaae709e90f2c1dd7342ebded9044f02d01c6d51dc6f,2024-04-03T12:38:04.840000 +CVE-2024-30362,0,0,35aafb2836e5f8e5924ff39a2464f965c35f7dc3efb76e15b7b7082bb4cf34a3,2024-04-03T12:38:04.840000 +CVE-2024-30363,0,0,486d64804c1de5e8bb428f2000e75f33f32d44204e917e98f16ea5b43bd64847,2024-04-03T12:38:04.840000 +CVE-2024-30364,0,0,510899e3ecba71d096b404b02c98b4b3e3d0afcbd2457b7d4336fb6c1da0be73,2024-04-03T12:38:04.840000 +CVE-2024-30365,0,0,8d8a5efd96412c7324fe23e0515deeca0b6ea605ee15bf7de07d85db987cca0f,2024-04-03T12:38:04.840000 +CVE-2024-30367,0,0,a902af43f2971ddd47d7eebd60d52a9673dc37a2dcdcf1f5ecafc349085ea3e6,2024-04-03T12:38:04.840000 +CVE-2024-30370,0,0,0b843daff5c28582cf7b13f2850b1d8c607c4ae5b045b88facad224f99e19e5b,2024-04-03T12:38:04.840000 +CVE-2024-30371,0,0,b1d655f20dce1a124d87b962baf334d2a249a3ceff7f094651f12c5849e1f6ee,2024-04-03T12:38:04.840000 CVE-2024-3039,0,0,78eee57f82e030cc18475a85cdac1c12567dfe02603d629b2fbdbce1920e64dd,2024-03-28T16:07:30.893000 CVE-2024-3040,0,0,6f474eb89904d3ef26a1f99830c4f7e6fe42c974c3600ac0c482bf259f0da50d,2024-03-28T16:07:30.893000 CVE-2024-3041,0,0,3dadac99e88a79c62df6899f0fad147e3340516f2236f4e3cf8c259f2e06d9f0,2024-03-28T16:07:30.893000 @@ -243654,11 +243706,11 @@ CVE-2024-30557,0,0,d7ce80b7f514a588122360a1f5c7eb0e9d404422a86a2baf0f50cda830cd3 CVE-2024-30558,0,0,316bd1105795de2fd275943651925f37b5b583b6c7f2661f419ea96f6a9cb3e3,2024-04-01T01:12:59.077000 CVE-2024-30559,0,0,f8ff76c4b16936e5dab4a8e27b62011f38d8de1b5fa8e1b44dbcce666b46665a,2024-04-01T01:12:59.077000 CVE-2024-30561,0,0,60da1cbf317b304915e9076fb22281ec294c91ddc5ed997ca9114e07c21539f0,2024-04-01T01:12:59.077000 -CVE-2024-30568,1,1,c1880c20bb23ec4792d88fbb2a6c8dcc3119a807f46104b657991a2ac713fc33,2024-04-03T13:16:02.443000 -CVE-2024-30569,1,1,23164113b89c0382baa728aaea671f86b34c3d702de9b152235d7ce1dbffe85d,2024-04-03T13:16:02.503000 -CVE-2024-30570,1,1,18b05d8e8572d736cfe250154a2c9d24c0e4ccd3ffc3e110a960d854c0786e6b,2024-04-03T13:16:02.563000 -CVE-2024-30571,1,1,0378dccc43b51f3d231cf4fa0071dd28bc804611f22a89a9e90c27451fa45f5a,2024-04-03T13:16:02.620000 -CVE-2024-30572,1,1,aada8a4ab69718fa1b192e1c189265c054bddcf0b09d64bc75803efbc6a4a095,2024-04-03T13:16:02.680000 +CVE-2024-30568,0,0,c1880c20bb23ec4792d88fbb2a6c8dcc3119a807f46104b657991a2ac713fc33,2024-04-03T13:16:02.443000 +CVE-2024-30569,0,0,23164113b89c0382baa728aaea671f86b34c3d702de9b152235d7ce1dbffe85d,2024-04-03T13:16:02.503000 +CVE-2024-30570,0,0,18b05d8e8572d736cfe250154a2c9d24c0e4ccd3ffc3e110a960d854c0786e6b,2024-04-03T13:16:02.563000 +CVE-2024-30571,0,0,0378dccc43b51f3d231cf4fa0071dd28bc804611f22a89a9e90c27451fa45f5a,2024-04-03T13:16:02.620000 +CVE-2024-30572,0,0,aada8a4ab69718fa1b192e1c189265c054bddcf0b09d64bc75803efbc6a4a095,2024-04-03T13:16:02.680000 CVE-2024-30583,0,0,90e06b2d765278ac0f3bc4028344fdf483d30ea530d1cc273b94886fa84d52bd,2024-03-28T16:07:30.893000 CVE-2024-30584,0,0,35ddda2305ed50d97f06df7df7b733486405aa80385b935162c6180d1fe62320,2024-03-28T16:07:30.893000 CVE-2024-30585,0,0,7e78a86bcf687f746816842e948af254246fdc173fd94674915f1ec2e6a3c749,2024-03-28T16:07:30.893000 @@ -243739,17 +243791,17 @@ CVE-2024-3091,0,0,e5161a5a2d0196ce39626dff7591f836486bee878683ee478a2b6a285b1e55 CVE-2024-3094,0,0,502febf68b0d02803300ecc80fd5edf81a987966a53e4a71d6dd7ef4cc670f65,2024-04-03T06:15:07.873000 CVE-2024-30946,0,0,70258085ea0feb3f4aefa024075f57fc53acff2011361e3af9e62e409d001b0a,2024-04-02T18:12:16.283000 CVE-2024-30965,0,0,1400e6b50a8e4ef1623822c9ced221ce754149f4a9e5d2ebec8abe5a21a0d53f,2024-04-02T18:12:16.283000 -CVE-2024-30998,0,1,179abd0db8095df44a7d1fc224d4f504797395ef6ca242b590dce2e234dbd0de,2024-04-03T12:38:04.840000 +CVE-2024-30998,0,0,179abd0db8095df44a7d1fc224d4f504797395ef6ca242b590dce2e234dbd0de,2024-04-03T12:38:04.840000 CVE-2024-31002,0,0,96e076f675a43d72347dc0c980a987d7f8bd37cac2f635917b77c618d7fb5159,2024-04-02T12:50:42.233000 CVE-2024-31003,0,0,3f0adfc7393f75768ba5f0ff119d336a00244f196f86b1dcc7f91a86901fc5be,2024-04-02T12:50:42.233000 CVE-2024-31004,0,0,f755b2d1295cbba2fb235b141572098c75292e03492bd90218100dd91b46b2be,2024-04-02T12:50:42.233000 CVE-2024-31005,0,0,782f5eeda1d450c46424dc60bc6e4a7de1c6ae363a2e211c85f204b9263b919b,2024-04-02T12:50:42.233000 -CVE-2024-31008,0,1,fb58f95d5ac3e573901428dcb6b3f88285442daec81b849ad7032a6828042476,2024-04-03T12:38:04.840000 -CVE-2024-31009,0,1,4ba716bb3226f0c34bd04f51a3a22402f08a7c166518bbe25119daff68e02eff,2024-04-03T12:38:04.840000 -CVE-2024-31010,0,1,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e965,2024-04-03T12:38:04.840000 -CVE-2024-31011,0,1,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000 -CVE-2024-31012,0,1,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000 -CVE-2024-31013,0,1,137ba39b03bbaab20823954557195167ac08df3fa32a6782dd4080f1d723f338,2024-04-03T12:38:04.840000 +CVE-2024-31008,0,0,fb58f95d5ac3e573901428dcb6b3f88285442daec81b849ad7032a6828042476,2024-04-03T12:38:04.840000 +CVE-2024-31009,0,0,4ba716bb3226f0c34bd04f51a3a22402f08a7c166518bbe25119daff68e02eff,2024-04-03T12:38:04.840000 +CVE-2024-31010,0,0,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e965,2024-04-03T12:38:04.840000 +CVE-2024-31011,0,0,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000 +CVE-2024-31012,0,0,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000 +CVE-2024-31013,0,0,137ba39b03bbaab20823954557195167ac08df3fa32a6782dd4080f1d723f338,2024-04-03T12:38:04.840000 CVE-2024-31032,0,0,c23457a1b61188b806e7f7013717ab2174a595288e28b36b486645ce08e16035,2024-04-01T01:12:59.077000 CVE-2024-31033,0,0,897cdecff344b121550f3f8e1b3cb821fdde5689eabf8f2834a81266f3e9da87,2024-04-03T03:15:10.670000 CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000 @@ -243807,12 +243859,14 @@ CVE-2024-3131,0,0,2b79afbaf014f4ade09eea20b1cd97cb73297f40c06110081e5ce6e7cfad71 CVE-2024-3135,0,0,91954ab6e8bf3cb2f93a640035369c46334c6e185515d1b835de2161b0fd8f69,2024-04-02T12:50:42.233000 CVE-2024-3137,0,0,85619be4f983f97db1d6302bec8264dd546f884b93dfcad5f6be85034ffe5dcb,2024-04-02T12:50:42.233000 CVE-2024-3138,0,0,b2250a42d544b358de2555f1c668a77223939f10414766861d02ac21eac35bc6,2024-04-02T12:50:42.233000 -CVE-2024-31380,1,1,1a4e1f7b831e38df9b9543e60ce27d39c5119a0884381124bc60265b99a20aa8,2024-04-03T12:38:04.840000 +CVE-2024-31380,0,0,1a4e1f7b831e38df9b9543e60ce27d39c5119a0884381124bc60265b99a20aa8,2024-04-03T12:38:04.840000 CVE-2024-3139,0,0,ea53ec9a6dc1c2a719d7c48bab67da65c2ac8a1d444e99171b341666ca5377cf,2024-04-02T12:50:42.233000 -CVE-2024-31390,1,1,b4e9fc961de919e72175f3311bf8b0d63373bf3d5ee822252b4b654a4846db50,2024-04-03T12:38:04.840000 +CVE-2024-31390,0,0,b4e9fc961de919e72175f3311bf8b0d63373bf3d5ee822252b4b654a4846db50,2024-04-03T12:38:04.840000 CVE-2024-3140,0,0,4a4571ebf0c853d6a035886d12ee1aa0de7c52d00b7e897dcd0cf868acaf4ead,2024-04-02T12:50:42.233000 CVE-2024-3141,0,0,ce62be676a9f576284382f942b9c0316c626e7082a6cbe792c5dce19baf816e8,2024-04-03T11:15:45.800000 +CVE-2024-31419,1,1,f07bfeda8a3ff02bc8be2cd1c53c7c05e64c3a23bb565d1d04c597b7e7327f11,2024-04-03T14:15:17.787000 CVE-2024-3142,0,0,59bb44b33a795c38abca6f63ff6fcf122a126c2c3f877441166eb833a7bd6786,2024-04-03T11:15:45.993000 +CVE-2024-31420,1,1,178c8130af4c5d71b547f9fd286c33ecb3003581e34aaa04b7473645cdc9cec7,2024-04-03T14:15:18.310000 CVE-2024-3143,0,0,adef6ddf8aed4b85f5b9ec5c41837e0ea05c8056f77fa6600789550fcc865a57,2024-04-02T12:50:42.233000 CVE-2024-3144,0,0,0d76c2330ba298defd0f1b4b8583f5577295a22c7482e9267c8cbbe09aa0eb3a,2024-04-02T12:50:42.233000 CVE-2024-3145,0,0,910eeb7fc8d864d7945418c0e4535b894388c19da07aa9b0f359cad540d76837,2024-04-02T12:50:42.233000 @@ -243821,30 +243875,31 @@ CVE-2024-3147,0,0,02625b405a9656dc1928c253c58a24946e5b9cb50ef47acb30b3a3a470e8ef CVE-2024-3148,0,0,da83dea91bd5fed523ca15df13db4100d62650319dcc492fed6d52171a819a8a,2024-04-02T12:50:42.233000 CVE-2024-3151,0,0,fd318ccd62bb1591c5adc8aa64b64902777e5494f39fd013fd04f3b34dca25d6,2024-04-02T18:12:16.283000 CVE-2024-3160,0,0,f3860e2f9070e5e070adb0fe8ff153c3f84611a0ac253de8db1847a3b6990614,2024-04-02T12:50:42.233000 -CVE-2024-3162,0,1,7209bf9b1b4a4f41543ae01bfd19e9aec1dd355164cd1434a8cb5548ea161c65,2024-04-03T12:38:04.840000 +CVE-2024-3162,0,0,7209bf9b1b4a4f41543ae01bfd19e9aec1dd355164cd1434a8cb5548ea161c65,2024-04-03T12:38:04.840000 CVE-2024-3164,0,0,3f14d5740dc99012cea5d98ccad2d9781e84892caf086f43791d3f9483c41c33,2024-04-02T12:50:42.233000 CVE-2024-3165,0,0,de9c55d425cf1712b174cf5953c3fab2e18950a6202399f31519128938dc300f,2024-04-02T12:50:42.233000 -CVE-2024-3202,0,1,c740eb561a7c1440cb5a8dd5eb2f94f0cce226529c05056c2f841e5a9fe9ca73,2024-04-03T12:38:04.840000 -CVE-2024-3203,0,1,697bde31fba6d3c5a0e2d11da403a2e3b16828faac086b66cd78b0527d17b9c5,2024-04-03T12:38:04.840000 -CVE-2024-3204,0,1,a9dea1ca01b499632a34af3ee57c461ecd8a21787537da790c2ae8f833a61142,2024-04-03T12:38:04.840000 -CVE-2024-3205,0,1,b2f3ceb1bf38a09a954460b526a18eba5a5a22a0c7181b9f1de158755c6153d4,2024-04-03T12:38:04.840000 -CVE-2024-3207,0,1,5c9ae7819818cf69391317769652edafe7eb5058db1623e7c6299d6d13471791,2024-04-03T12:38:04.840000 -CVE-2024-3209,0,1,30868cdb47dd928f589dfe2abcfe897db3e1f5f5372f4956ca12525c6828bcc3,2024-04-03T12:38:04.840000 -CVE-2024-3218,0,1,2efa792f2f422ae3d499fd8bd729cdb1e057c75ae9cfbaccf7a66bc466210399,2024-04-03T12:38:04.840000 -CVE-2024-3221,0,1,265e838721fb682684198a7086d104f84e57519a8c4d6ef772db38592eb6bf44,2024-04-03T12:38:04.840000 -CVE-2024-3222,0,1,b37821a3e0768163f96b2bee06bee09f327b52e150bd3dc09c830a3634a1e6b2,2024-04-03T12:38:04.840000 -CVE-2024-3223,0,1,4fec83d637121ccff0125099b853e71324363eb3441ea87ee58103aa1679d119,2024-04-03T12:38:04.840000 -CVE-2024-3224,0,1,df4c497061254d88e30845f005326a0e8dcc0160759089f479b7881ad8ceacd1,2024-04-03T12:38:04.840000 -CVE-2024-3225,0,1,c811644d786446dc903ce63beb97b40688ffdfe279f9ae136fe25e53360310ab,2024-04-03T12:38:04.840000 -CVE-2024-3226,0,1,0d9ebebedadf244922f8385228c3d640f57a5f4e2e40a7b8124aa06fa756c486,2024-04-03T12:38:04.840000 -CVE-2024-3227,0,1,5e86de506c0356caace938eb3ddc76daf74ee07964bebbed2f3824e6fdb4ef31,2024-04-03T12:38:04.840000 -CVE-2024-3247,0,1,095afc187e8f976bc1a2eaa79a4c0328aa3c3e2487a10203585d8616775f8a4d,2024-04-03T12:38:04.840000 -CVE-2024-3248,0,1,65f6d4ddfc43ae235edf2e59fc9daa1f1d020439a4fa197a41a6ddd58e106004,2024-04-03T12:38:04.840000 -CVE-2024-3251,0,1,612fa2cbd1b7aa381067b911d8824859d86a26753bd39d3ebfa059bfd1d20eac,2024-04-03T12:38:04.840000 -CVE-2024-3252,0,1,aa2e5a3beeb53d70ad7f51b4bbc1915ec41533b4a644198bc020755253bede7e,2024-04-03T12:38:04.840000 -CVE-2024-3253,0,1,0972236c1835b9f5b2c1ab54b3987e593351bdd4ff986c80c53132587f0059fc,2024-04-03T12:38:04.840000 -CVE-2024-3254,1,1,854c687aaabf8bf91229d5dee06e1f8110fe8d98d15afe9f4ad67450b6cecf41,2024-04-03T12:38:04.840000 -CVE-2024-3255,1,1,bd5bd4cdd01653b8a07d932f79727f171443054afc527b2297174d92120314df,2024-04-03T12:38:04.840000 -CVE-2024-3256,1,1,2a40af9f430269463bc81be879d77884382b7d476ba20e48ec3fbc010a876fba,2024-04-03T13:16:02.740000 -CVE-2024-3257,1,1,52095fc15c9a0c77a941584a416d4e18c77a59b100cdd84ed585707c3b7496ee,2024-04-03T13:16:03.020000 -CVE-2024-3258,1,1,791178381568249aa1eba11446e049d3d25a22c9cf90906d16a3a21a2f9a6fa4,2024-04-03T13:16:03.310000 +CVE-2024-3202,0,0,c740eb561a7c1440cb5a8dd5eb2f94f0cce226529c05056c2f841e5a9fe9ca73,2024-04-03T12:38:04.840000 +CVE-2024-3203,0,0,697bde31fba6d3c5a0e2d11da403a2e3b16828faac086b66cd78b0527d17b9c5,2024-04-03T12:38:04.840000 +CVE-2024-3204,0,0,a9dea1ca01b499632a34af3ee57c461ecd8a21787537da790c2ae8f833a61142,2024-04-03T12:38:04.840000 +CVE-2024-3205,0,0,b2f3ceb1bf38a09a954460b526a18eba5a5a22a0c7181b9f1de158755c6153d4,2024-04-03T12:38:04.840000 +CVE-2024-3207,0,0,5c9ae7819818cf69391317769652edafe7eb5058db1623e7c6299d6d13471791,2024-04-03T12:38:04.840000 +CVE-2024-3209,0,0,30868cdb47dd928f589dfe2abcfe897db3e1f5f5372f4956ca12525c6828bcc3,2024-04-03T12:38:04.840000 +CVE-2024-3218,0,0,2efa792f2f422ae3d499fd8bd729cdb1e057c75ae9cfbaccf7a66bc466210399,2024-04-03T12:38:04.840000 +CVE-2024-3221,0,0,265e838721fb682684198a7086d104f84e57519a8c4d6ef772db38592eb6bf44,2024-04-03T12:38:04.840000 +CVE-2024-3222,0,0,b37821a3e0768163f96b2bee06bee09f327b52e150bd3dc09c830a3634a1e6b2,2024-04-03T12:38:04.840000 +CVE-2024-3223,0,0,4fec83d637121ccff0125099b853e71324363eb3441ea87ee58103aa1679d119,2024-04-03T12:38:04.840000 +CVE-2024-3224,0,0,df4c497061254d88e30845f005326a0e8dcc0160759089f479b7881ad8ceacd1,2024-04-03T12:38:04.840000 +CVE-2024-3225,0,0,c811644d786446dc903ce63beb97b40688ffdfe279f9ae136fe25e53360310ab,2024-04-03T12:38:04.840000 +CVE-2024-3226,0,0,0d9ebebedadf244922f8385228c3d640f57a5f4e2e40a7b8124aa06fa756c486,2024-04-03T12:38:04.840000 +CVE-2024-3227,0,0,5e86de506c0356caace938eb3ddc76daf74ee07964bebbed2f3824e6fdb4ef31,2024-04-03T12:38:04.840000 +CVE-2024-3247,0,0,095afc187e8f976bc1a2eaa79a4c0328aa3c3e2487a10203585d8616775f8a4d,2024-04-03T12:38:04.840000 +CVE-2024-3248,0,0,65f6d4ddfc43ae235edf2e59fc9daa1f1d020439a4fa197a41a6ddd58e106004,2024-04-03T12:38:04.840000 +CVE-2024-3251,0,0,612fa2cbd1b7aa381067b911d8824859d86a26753bd39d3ebfa059bfd1d20eac,2024-04-03T12:38:04.840000 +CVE-2024-3252,0,0,aa2e5a3beeb53d70ad7f51b4bbc1915ec41533b4a644198bc020755253bede7e,2024-04-03T12:38:04.840000 +CVE-2024-3253,0,0,0972236c1835b9f5b2c1ab54b3987e593351bdd4ff986c80c53132587f0059fc,2024-04-03T12:38:04.840000 +CVE-2024-3254,0,0,854c687aaabf8bf91229d5dee06e1f8110fe8d98d15afe9f4ad67450b6cecf41,2024-04-03T12:38:04.840000 +CVE-2024-3255,0,0,bd5bd4cdd01653b8a07d932f79727f171443054afc527b2297174d92120314df,2024-04-03T12:38:04.840000 +CVE-2024-3256,0,0,2a40af9f430269463bc81be879d77884382b7d476ba20e48ec3fbc010a876fba,2024-04-03T13:16:02.740000 +CVE-2024-3257,0,0,52095fc15c9a0c77a941584a416d4e18c77a59b100cdd84ed585707c3b7496ee,2024-04-03T13:16:03.020000 +CVE-2024-3258,0,0,791178381568249aa1eba11446e049d3d25a22c9cf90906d16a3a21a2f9a6fa4,2024-04-03T13:16:03.310000 +CVE-2024-3259,1,1,171c52825722b785d1fc8dd3b6935bc90d6b8730cc21ec6eee6fde18b9fdda3d,2024-04-03T14:15:18.797000