From 67daee5b9543e67a731e82d93ff34a395b69e0f8 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 24 Dec 2024 13:03:44 +0000 Subject: [PATCH] Auto-Update: 2024-12-24T13:00:20.073177+00:00 --- CVE-2024/CVE-2024-105xx/CVE-2024-10584.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-108xx/CVE-2024-10856.json | 68 +++++++++++++++++++++ CVE-2024/CVE-2024-117xx/CVE-2024-11726.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-122xx/CVE-2024-12268.json | 60 ++++++++++++++++++ CVE-2024/CVE-2024-434xx/CVE-2024-43441.json | 33 ++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53145.json | 49 +++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53146.json | 53 ++++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53147.json | 29 +++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53148.json | 49 +++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53149.json | 29 +++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53150.json | 49 +++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53151.json | 41 +++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53152.json | 29 +++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53153.json | 29 +++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53154.json | 37 +++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53155.json | 53 ++++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53156.json | 53 ++++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53157.json | 53 ++++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53158.json | 53 ++++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53159.json | 37 +++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53160.json | 33 ++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53161.json | 49 +++++++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53162.json | 33 ++++++++++ CVE-2024/CVE-2024-531xx/CVE-2024-53163.json | 29 +++++++++ README.md | 41 +++++++++---- _state.csv | 42 ++++++++++--- 26 files changed, 1129 insertions(+), 22 deletions(-) create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10584.json create mode 100644 CVE-2024/CVE-2024-108xx/CVE-2024-10856.json create mode 100644 CVE-2024/CVE-2024-117xx/CVE-2024-11726.json create mode 100644 CVE-2024/CVE-2024-122xx/CVE-2024-12268.json create mode 100644 CVE-2024/CVE-2024-434xx/CVE-2024-43441.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53145.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53146.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53147.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53148.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53149.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53150.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53151.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53152.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53153.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53154.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53155.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53156.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53157.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53158.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53159.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53160.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53161.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53162.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53163.json diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10584.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10584.json new file mode 100644 index 00000000000..924eaaaf8a4 --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10584.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10584", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-24T11:15:05.670", + "lastModified": "2024-12-24T11:15:05.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The DirectoryPress \u2013 Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. When DirectoryPress Frontend is installed, this can be exploited by unauthenticated users." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3205071/directorypress/trunk/includes/directorypress_svg.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4625072b-815d-41d2-bf8f-ac290efde369?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10856.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10856.json new file mode 100644 index 00000000000..e9fda49a44d --- /dev/null +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10856.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-10856", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-24T11:15:07.260", + "lastModified": "2024-12-24T11:15:07.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Booking Calendar WpDevArt plugin is vulnerable to time-based, blind SQL injection via the `id` parameter in the \u201cwpdevart_booking_calendar\u201d shortcode in versions up to, and including, 3.2.19 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. The vulnerability requires the \u201cdelete_prev_date\u201d theme option being enabled. This makes it possible for authenticated attackers, with contributor-level access or above, to append additional SQL queries into already existing query that can be used to extract sensitive information such as passwords from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/booking-calendar/tags/3.2.15/includes/main_class.php#L90", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/booking-calendar/tags/3.2.15/includes/main_class.php#L91", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3209851%40booking-calendar&new=3209851%40booking-calendar&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf297cd8-3d67-4750-b856-38ded4daf4ad?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11726.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11726.json new file mode 100644 index 00000000000..4a305ff7dba --- /dev/null +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11726.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-11726", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-24T11:15:07.443", + "lastModified": "2024-12-24T11:15:07.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter of the 'bookingpress_form' shortcode in all versions up to, and including, 1.1.21 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3206780/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d081b89-1b98-4f4f-8728-d1ea676d7afd?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-122xx/CVE-2024-12268.json b/CVE-2024/CVE-2024-122xx/CVE-2024-12268.json new file mode 100644 index 00000000000..5b5105e72ce --- /dev/null +++ b/CVE-2024/CVE-2024-122xx/CVE-2024-12268.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12268", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-24T11:15:07.623", + "lastModified": "2024-12-24T11:15:07.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Responsive Blocks \u2013 WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsive-block-editor-addons/portfolio' block in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3208350/responsive-block-editor-addons/tags/1.9.8/src/blocks/portfolio/index.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e951b97-3d17-4360-8fec-393e2f0c13d2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json new file mode 100644 index 00000000000..c1acb7d2337 --- /dev/null +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-43441", + "sourceIdentifier": "security@apache.org", + "published": "2024-12-24T12:15:21.697", + "lastModified": "2024-12-24T12:15:21.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server.\n\nThis issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0.\n\nUsers are recommended to upgrade to version 1.5.0, which fixes the issue." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-302" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/h2607yv32wgcrywov960jpxhvsmmlf12", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json new file mode 100644 index 00000000000..50f4e5a10d6 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-53145", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:22.507", + "lastModified": "2024-12-24T12:15:22.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: Fix potential integer overflow during physmem setup\n\nThis issue happens when the real map size is greater than LONG_MAX,\nwhich can be easily triggered on UML/i386." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1575df968650d11771359e5ac78278c5b0cc19f3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1bd118c5f887802cef2d9ba0d1917258667f1cae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5c710f45811e7e2bfcf703980c306f19c7e1ecfe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a875c023155ea92b75d6323977003e64d92ae7fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a98b7761f697e590ed5d610d87fa12be66f23419", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a9c95f787b88b29165563fd97761032db77116e7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d1a211e5210d31da8f49fc0021bf7129b726468c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6102b72edc4eb8c0858df00ba74b5ce579c8fa2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53146.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53146.json new file mode 100644 index 00000000000..53229e34821 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53146.json @@ -0,0 +1,53 @@ +{ + "id": "CVE-2024-53146", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:22.653", + "lastModified": "2024-12-24T12:15:22.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent a potential integer overflow\n\nIf the tag length is >= U32_MAX - 3 then the \"length + 4\" addition\ncan result in an integer overflow. Address this by splitting the\ndecoding into several steps so that decode_cb_compound4res() does\nnot have to perform arithmetic on the unsafe length value." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/084f797dbc7e52209a4ab6dbc7f0109268754eb9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3c5f545c9a1f8a1869246f6f3ae8c17289d6a841", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/745f7ce5a95e783ba62fe774325829466aec2aa8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7f33b92e5b18e904a481e6e208486da43e4dc841", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/842f1c27a1aef5367e535f9e85c8c3b06352151a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/90adbae9dd158da8331d9fdd32077bd1af04f553", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ccd3394f9a7200d6b088553bf38e688620cd27af", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dde654cad08fdaac370febb161ec41eb58e9d2a2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/de53c5305184ca1333b87e695d329d1502d694ce", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53147.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53147.json new file mode 100644 index 00000000000..9f410381f2e --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53147.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53147", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:22.777", + "lastModified": "2024-12-24T12:15:22.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei->hint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/184fa506e392eb78364d9283c961217ff2c0617b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3ddd1cb2b458ff6a193bc845f408dfff217db29e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a0120d6463368378539ef928cf067d02372efb8c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53148.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53148.json new file mode 100644 index 00000000000..f20d6ff0bde --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53148.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-53148", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:22.887", + "lastModified": "2024-12-24T12:15:22.887", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Flush partial mappings in error case\n\nIf some remap_pfn_range() calls succeeded before one failed, we still have\nbuffer pages mapped into the userspace page tables when we drop the buffer\nreference with comedi_buf_map_put(bm). The userspace mappings are only\ncleaned up later in the mmap error path.\n\nFix it by explicitly flushing all mappings in our VMA on the error path.\n\nSee commit 79a61cc3fc04 (\"mm: avoid leaving partial pfn mappings around in\nerror case\")." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/16c507df509113c037cdc0ba642b9ab3389bd26c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/297f14fbb81895f4ccdb0ad25d196786d6461e00", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/57f048c2d205b85e34282a9b0b0ae177e84c2f44", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8797b7712de704dc231f9e821d8eb3b9aeb3a032", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9b07fb464eb69a752406e78e62ab3a60bfa7b00d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9322408d83accc8b96322bc7356593206288c56", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6963a06ce5c61d3238751ada04ee1569663a828", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ce8f9fb651fac95dd41f69afe54d935420b945bd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json new file mode 100644 index 00000000000..35dcff7d35a --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53149", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.007", + "lastModified": "2024-12-24T12:15:23.007", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: glink: fix off-by-one in connector_status\n\nUCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS.\nCorrect the condition in the pmic_glink_ucsi_connector_status()\ncallback, fixing Type-C orientation reporting for the third USB-C\nconnector." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4a22918810980897393fa1776ea3877e4baf8cca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6ba6f7f29e0dff47a2799e60dcd1b5c29cd811a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9a5a8b5bd72169aa7a8ec800ef57be2f2cb4d9b2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json new file mode 100644 index 00000000000..47f98c6e3d1 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-53150", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.117", + "lastModified": "2024-12-24T12:15:23.117", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix out of bounds reads when finding clock sources\n\nThe current USB-audio driver code doesn't check bLength of each\ndescriptor at traversing for clock descriptors. That is, when a\ndevice provides a bogus descriptor with a shorter bLength, the driver\nmight hit out-of-bounds reads.\n\nFor addressing it, this patch adds sanity checks to the validator\nfunctions for the clock descriptor traversal. When the descriptor\nlength is shorter than expected, it's skipped in the loop.\n\nFor the clock source and clock multiplier descriptors, we can just\ncheck bLength against the sizeof() of each descriptor type.\nOTOH, the clock selector descriptor of UAC2 and UAC3 has an array\nof bNrInPins elements and two more fields at its tail, hence those\nhave to be checked in addition to the sizeof() check." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/096bb5b43edf755bc4477e64004fa3a20539ec2f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/45a92cbc88e4013bfed7fd2ccab3ade45f8e896b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/74cb86e1006c5437b1d90084d22018da30fddc77", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a3dd4d63eeb452cfb064a13862fb376ab108f6a6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a632bdcb359fd8145e86486ff8612da98e239acd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab011f7439d9bbfd34fd3b9cef4b2d6d952c9bb9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/da13ade87a12dd58829278bc816a61bea06a56a9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ea0fa76f61cf8e932d1d26e6193513230816e11d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json new file mode 100644 index 00000000000..f19bfc634ee --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-53151", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.240", + "lastModified": "2024-12-24T12:15:23.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsvcrdma: Address an integer overflow\n\nDan Carpenter reports:\n> Commit 78147ca8b4a9 (\"svcrdma: Add a \"parsed chunk list\" data\n> structure\") from Jun 22, 2020 (linux-next), leads to the following\n> Smatch static checker warning:\n>\n>\tnet/sunrpc/xprtrdma/svc_rdma_recvfrom.c:498 xdr_check_write_chunk()\n>\twarn: potential user controlled sizeof overflow 'segcount * 4 * 4'\n>\n> net/sunrpc/xprtrdma/svc_rdma_recvfrom.c\n> 488 static bool xdr_check_write_chunk(struct svc_rdma_recv_ctxt *rctxt)\n> 489 {\n> 490 u32 segcount;\n> 491 __be32 *p;\n> 492\n> 493 if (xdr_stream_decode_u32(&rctxt->rc_stream, &segcount))\n> ^^^^^^^^\n>\n> 494 return false;\n> 495\n> 496 /* A bogus segcount causes this buffer overflow check to fail. */\n> 497 p = xdr_inline_decode(&rctxt->rc_stream,\n> --> 498 segcount * rpcrdma_segment_maxsz * sizeof(*p));\n>\n>\n> segcount is an untrusted u32. On 32bit systems anything >= SIZE_MAX / 16 will\n> have an integer overflow and some those values will be accepted by\n> xdr_inline_decode()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/21e1cf688fb0397788c8dd42e1e0b08d58ac5c7b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3c63d8946e578663b868cb9912dac616ea68bfd0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4cbc3ba6dc2f746497cade60bcbaa82ae3696689", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/838dd342962cef4c320632a5af48d3c31f2f9877", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c1f8195bf68edd2cef0f18a4cead394075a54b5a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e5c440c227ecdc721f2da0dd88b6358afd1031a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53152.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53152.json new file mode 100644 index 00000000000..b0730fda52a --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53152.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53152", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.353", + "lastModified": "2024-12-24T12:15:23.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()\n\nCurrently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPF\ndeinit notify function pci_epc_deinit_notify() are called during the\nexecution of pex_ep_event_pex_rst_assert() i.e., when the host has asserted\nPERST#. But quickly after this step, refclk will also be disabled by the\nhost.\n\nAll of the tegra194 endpoint SoCs supported as of now depend on the refclk\nfrom the host for keeping the controller operational. Due to this\nlimitation, any access to the hardware registers in the absence of refclk\nwill result in a whole endpoint crash. Unfortunately, most of the\ncontroller cleanups require accessing the hardware registers (like eDMA\ncleanup performed in dw_pcie_ep_cleanup(), etc...). So these cleanup\nfunctions can cause the crash in the endpoint SoC once host asserts PERST#.\n\nOne way to address this issue is by generating the refclk in the endpoint\nitself and not depending on the host. But that is not always possible as\nsome of the endpoint designs do require the endpoint to consume refclk from\nthe host.\n\nThus, fix this crash by moving the controller cleanups to the start of\nthe pex_ep_event_pex_rst_deassert() function. This function is called\nwhenever the host has deasserted PERST# and it is guaranteed that the\nrefclk would be active at this point. So at the start of this function\n(after enabling resources) the controller cleanup can be performed. Once\nfinished, rest of the code execution for PERST# deassert can continue as\nusual." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/40e2125381dc11379112485e3eefdd25c6df5375", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70212c2300971506e986d95000d2745529cac9d7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/72034050ccf4202cd6558b0afd2474f756ea3b9b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53153.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53153.json new file mode 100644 index 00000000000..859e1c82d48 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53153.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53153", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.467", + "lastModified": "2024-12-24T12:15:23.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: qcom-ep: Move controller cleanups to qcom_pcie_perst_deassert()\n\nCurrently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPF\ndeinit notify function pci_epc_deinit_notify() are called during the\nexecution of qcom_pcie_perst_assert() i.e., when the host has asserted\nPERST#. But quickly after this step, refclk will also be disabled by the\nhost.\n\nAll of the Qcom endpoint SoCs supported as of now depend on the refclk from\nthe host for keeping the controller operational. Due to this limitation,\nany access to the hardware registers in the absence of refclk will result\nin a whole endpoint crash. Unfortunately, most of the controller cleanups\nrequire accessing the hardware registers (like eDMA cleanup performed in\ndw_pcie_ep_cleanup(), powering down MHI EPF etc...). So these cleanup\nfunctions are currently causing the crash in the endpoint SoC once host\nasserts PERST#.\n\nOne way to address this issue is by generating the refclk in the endpoint\nitself and not depending on the host. But that is not always possible as\nsome of the endpoint designs do require the endpoint to consume refclk from\nthe host (as I was told by the Qcom engineers).\n\nThus, fix this crash by moving the controller cleanups to the start of\nthe qcom_pcie_perst_deassert() function. qcom_pcie_perst_deassert() is\ncalled whenever the host has deasserted PERST# and it is guaranteed that\nthe refclk would be active at this point. So at the start of this function\n(after enabling resources), the controller cleanup can be performed. Once\nfinished, rest of the code execution for PERST# deassert can continue as\nusual." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/516969d5765e2302d33b4f251496eedb757d55ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7d7cf89b119af433354f865fc01017b9f8aa411a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e03b5f1615c84f4139cb53ef8659f4cdb8d6a563", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json new file mode 100644 index 00000000000..2753c1d14a6 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-53154", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.580", + "lastModified": "2024-12-24T12:15:23.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: clk-apple-nco: Add NULL check in applnco_probe\n\nAdd NULL check in applnco_probe, to handle kernel NULL pointer\ndereference error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/066c14619e8379c1bafbbf8196fd38eac303472b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/534e02f83889ccef5fe6beb46e773ab9d4ae1655", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/72ea9a7e9e260aa39f9d1c9254cf92adfb05c4f5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/969c765e2b508cca9099d246c010a1e48dcfd089", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9a5905b725739af6a105f9e564e7c80d69969d2b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json new file mode 100644 index 00000000000..941dd607281 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json @@ -0,0 +1,53 @@ +{ + "id": "CVE-2024-53155", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.700", + "lastModified": "2024-12-24T12:15:23.700", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix uninitialized value in ocfs2_file_read_iter()\n\nSyzbot has reported the following KMSAN splat:\n\nBUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80\n ocfs2_file_read_iter+0x9a4/0xf80\n __io_read+0x8d4/0x20f0\n io_read+0x3e/0xf0\n io_issue_sqe+0x42b/0x22c0\n io_wq_submit_work+0xaf9/0xdc0\n io_worker_handle_work+0xd13/0x2110\n io_wq_worker+0x447/0x1410\n ret_from_fork+0x6f/0x90\n ret_from_fork_asm+0x1a/0x30\n\nUninit was created at:\n __alloc_pages_noprof+0x9a7/0xe00\n alloc_pages_mpol_noprof+0x299/0x990\n alloc_pages_noprof+0x1bf/0x1e0\n allocate_slab+0x33a/0x1250\n ___slab_alloc+0x12ef/0x35e0\n kmem_cache_alloc_bulk_noprof+0x486/0x1330\n __io_alloc_req_refill+0x84/0x560\n io_submit_sqes+0x172f/0x2f30\n __se_sys_io_uring_enter+0x406/0x41c0\n __x64_sys_io_uring_enter+0x11f/0x1a0\n x64_sys_call+0x2b54/0x3ba0\n do_syscall_64+0xcd/0x1e0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nSince an instance of 'struct kiocb' may be passed from the block layer\nwith 'private' field uninitialized, introduce 'ocfs2_iocb_init_rw_locked()'\nand use it from where 'ocfs2_dio_end_io()' might take care, i.e. in\n'ocfs2_file_read_iter()' and 'ocfs2_file_write_iter()'." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/366c933c2ab34dd6551acc03b4872726b7605143", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/66b7ddd1804e2c4216dd7ead8eeb746cdbb3b62f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6c8f8d1e595dabd5389817f6d798cc8bd95c40ab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/83f8713a0ef1d55d6a287bcfadcaab8245ac5098", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8c966150d5abff58c3c2bdb9a6e63fd773782905", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8e0de82ed18ba0e71f817adbd81317fd1032ca5a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/adc77b19f62d7e80f98400b2fca9d700d2afdd6f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc78efe556fed162d48736ef24066f42e463e27c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f4078ef38d3163e6be47403a619558b19c4bfccd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json new file mode 100644 index 00000000000..aeec8290046 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json @@ -0,0 +1,53 @@ +{ + "id": "CVE-2024-53156", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.833", + "lastModified": "2024-12-24T12:15:23.833", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n index 255 is out of range for type 'htc_endpoint [22]'\n CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: events request_firmware_work_func\n Call Trace:\n \n dump_stack_lvl+0x180/0x1b0\n __ubsan_handle_out_of_bounds+0xd4/0x130\n htc_issue_send.constprop.0+0x20c/0x230\n ? _raw_spin_unlock_irqrestore+0x3c/0x70\n ath9k_wmi_cmd+0x41d/0x610\n ? mark_held_locks+0x9f/0xe0\n ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3fe99b9690b99606d3743c9961ebee865cfa1ab8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f177fb9d01355ac183e65ad8909ea8ef734e0cf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70eae50d2156cb6e078d0d78809b49bf2f4c7540", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8619593634cbdf5abf43f5714df49b04e4ef09ab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8965db7fe2e913ee0802b05fc94c6d6aa74e0596", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b6551479daf2bfa80bfd5d9016b02a810e508bfb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc981179ab5d1a2715f35e3db4e4bb822bacc849", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c941af142200d975dd3be632aeb490f4cb91dae4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cb480ae80fd4d0f1ac9e107ce799183beee5124b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json new file mode 100644 index 00000000000..3ea09677a53 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json @@ -0,0 +1,53 @@ +{ + "id": "CVE-2024-53157", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:23.970", + "lastModified": "2024-12-24T12:15:23.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Check the DVFS OPP count returned by the firmware\n\nFix a kernel crash with the below call trace when the SCPI firmware\nreturns OPP count of zero.\n\ndvfs_info.opp_count may be zero on some platforms during the reboot\ntest, and the kernel will crash after dereferencing the pointer to\nkcalloc(info->count, sizeof(*opp), GFP_KERNEL).\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028\n | Mem abort info:\n | ESR = 0x96000004\n | Exception class = DABT (current EL), IL = 32 bits\n | SET = 0, FnV = 0\n | EA = 0, S1PTW = 0\n | Data abort info:\n | ISV = 0, ISS = 0x00000004\n | CM = 0, WnR = 0\n | user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000faefa08c\n | [0000000000000028] pgd=0000000000000000\n | Internal error: Oops: 96000004 [#1] SMP\n | scpi-hwmon: probe of PHYT000D:00 failed with error -110\n | Process systemd-udevd (pid: 1701, stack limit = 0x00000000aaede86c)\n | CPU: 2 PID: 1701 Comm: systemd-udevd Not tainted 4.19.90+ #1\n | Hardware name: PHYTIUM LTD Phytium FT2000/4/Phytium FT2000/4, BIOS\n | pstate: 60000005 (nZCv daif -PAN -UAO)\n | pc : scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi]\n | lr : clk_register+0x438/0x720\n | Call trace:\n | scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi]\n | devm_clk_hw_register+0x50/0xa0\n | scpi_clk_ops_init.isra.2+0xa0/0x138 [clk_scpi]\n | scpi_clocks_probe+0x528/0x70c [clk_scpi]\n | platform_drv_probe+0x58/0xa8\n | really_probe+0x260/0x3d0\n | driver_probe_device+0x12c/0x148\n | device_driver_attach+0x74/0x98\n | __driver_attach+0xb4/0xe8\n | bus_for_each_dev+0x88/0xe0\n | driver_attach+0x30/0x40\n | bus_add_driver+0x178/0x2b0\n | driver_register+0x64/0x118\n | __platform_driver_register+0x54/0x60\n | scpi_clocks_driver_init+0x24/0x1000 [clk_scpi]\n | do_one_initcall+0x54/0x220\n | do_init_module+0x54/0x1c8\n | load_module+0x14a4/0x1668\n | __se_sys_finit_module+0xf8/0x110\n | __arm64_sys_finit_module+0x24/0x30\n | el0_svc_common+0x78/0x170\n | el0_svc_handler+0x38/0x78\n | el0_svc+0x8/0x340\n | Code: 937d7c00 a94153f3 a8c27bfd f9400421 (b8606820)\n | ---[ end trace 06feb22469d89fa8 ]---\n | Kernel panic - not syncing: Fatal exception\n | SMP: stopping secondary CPUs\n | Kernel Offset: disabled\n | CPU features: 0x10,a0002008\n | Memory Limit: none" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/025067eeb945aa17c7dd483a63960125b7efb577", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/06258e57fee253f4046d3a6a86d7fde09f596eac", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/109aa654f85c5141e813b2cd1bd36d90be678407", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/12e2c520a0a4202575e4a45ea41f06a8e9aa3417", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2a5b8de6fcb944f9af0c5fcb30bb0c039705e051", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/380c0e1d96f3b522f3170c18ee5e0f1a28fec5d6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8be4e51f3ecfb0915e3510b600c4cce0dc68a383", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9beaff47bcea5eec7d4ead98f5043057161fd71a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dfc9c2aa7f04f7db7e7225a5e118a24bf1c3b325", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53158.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53158.json new file mode 100644 index 00000000000..003e81fe621 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53158.json @@ -0,0 +1,53 @@ +{ + "id": "CVE-2024-53158", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:24.097", + "lastModified": "2024-12-24T12:15:24.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()\n\nThis loop is supposed to break if the frequency returned from\nclk_round_rate() is the same as on the previous iteration. However,\nthat check doesn't make sense on the first iteration through the loop.\nIt leads to reading before the start of these->clk_perf_tbl[] array." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/351bb7f9ecb9d1f09bd7767491a2b8d07f4f1ea4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/37cdd4f0c266560b7b924c42361eeae3dc5f0c3e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/56eda41dcce0ec4d3418b4f85037bdea181486cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/748557ca7dc94695a6e209eb68fce365da9a3bb3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/78261cb08f06c93d362cab5c5034bf5899bc7552", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7a3465b79ef0539aa10b310ac3cc35e0ae25b79e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b0a9c6ccaf88c4701787f61ecd2ec0eb014a0677", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c24e019ca12d9ec814af04b30a64dd7173fb20fe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f4b7bf5a50f1fa25560f0b66a13563465542861b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53159.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53159.json new file mode 100644 index 00000000000..e6163b89bc8 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53159.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-53159", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:24.217", + "lastModified": "2024-12-24T12:15:24.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (nct6775-core) Fix overflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtoul() results in an overflow if a large\nnumber such as 18446744073709551615 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/57ee12b6c514146c19b6a159013b48727a012960", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/685c10269c41d23d7a2b85d3fd6b6345390c8746", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a4712e4485f5c388bbe0d0e8f52978241ab34a29", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ae703f8ff083c5267af30d6c8cf096d562623b3b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dfa8bedfffcae87976b34a45a724deb9c3a0a88e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53160.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53160.json new file mode 100644 index 00000000000..bbb1f0bf3bc --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53160.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53160", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:24.340", + "lastModified": "2024-12-24T12:15:24.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu\n\nKCSAN reports a data race when access the krcp->monitor_work.timer.expires\nvariable in the schedule_delayed_monitor_work() function:\n\n\nBUG: KCSAN: data-race in __mod_timer / kvfree_call_rcu\n\nread to 0xffff888237d1cce8 of 8 bytes by task 10149 on cpu 1:\n schedule_delayed_monitor_work kernel/rcu/tree.c:3520 [inline]\n kvfree_call_rcu+0x3b8/0x510 kernel/rcu/tree.c:3839\n trie_update_elem+0x47c/0x620 kernel/bpf/lpm_trie.c:441\n bpf_map_update_value+0x324/0x350 kernel/bpf/syscall.c:203\n generic_map_update_batch+0x401/0x520 kernel/bpf/syscall.c:1849\n bpf_map_do_batch+0x28c/0x3f0 kernel/bpf/syscall.c:5143\n __sys_bpf+0x2e5/0x7a0\n __do_sys_bpf kernel/bpf/syscall.c:5741 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5739 [inline]\n __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5739\n x64_sys_call+0x2625/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nwrite to 0xffff888237d1cce8 of 8 bytes by task 56 on cpu 0:\n __mod_timer+0x578/0x7f0 kernel/time/timer.c:1173\n add_timer_global+0x51/0x70 kernel/time/timer.c:1330\n __queue_delayed_work+0x127/0x1a0 kernel/workqueue.c:2523\n queue_delayed_work_on+0xdf/0x190 kernel/workqueue.c:2552\n queue_delayed_work include/linux/workqueue.h:677 [inline]\n schedule_delayed_monitor_work kernel/rcu/tree.c:3525 [inline]\n kfree_rcu_monitor+0x5e8/0x660 kernel/rcu/tree.c:3643\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3310\n worker_thread+0x51d/0x6f0 kernel/workqueue.c:3391\n kthread+0x1d1/0x210 kernel/kthread.c:389\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 UID: 0 PID: 56 Comm: kworker/u8:4 Not tainted 6.12.0-rc2-syzkaller-00050-g5b7c893ed5ed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_unbound kfree_rcu_monitor\n\n\nkfree_rcu_monitor() rearms the work if a \"krcp\" has to be still\noffloaded and this is done without holding krcp->lock, whereas\nthe kvfree_call_rcu() holds it.\n\nFix it by acquiring the \"krcp->lock\" for kfree_rcu_monitor() so\nboth functions do not race anymore." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/05b8ea1f16667f07c8e5843fb4bde3e49d49ead8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5ced426d97ce84299ecfcc7bd8b38f975fd11089", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/967a0e61910825d1fad009d836a6cb41f7402395", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a23da88c6c80e41e0503e0b481a22c9eea63f263", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53161.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53161.json new file mode 100644 index 00000000000..ce000d76886 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53161.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-53161", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:24.453", + "lastModified": "2024-12-24T12:15:24.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/bluefield: Fix potential integer overflow\n\nThe 64-bit argument for the \"get DIMM info\" SMC call consists of mem_ctrl_idx\nleft-shifted 16 bits and OR-ed with DIMM index. With mem_ctrl_idx defined as\n32-bits wide the left-shift operation truncates the upper 16 bits of\ninformation during the calculation of the SMC argument.\n\nThe mem_ctrl_idx stack variable must be defined as 64-bits wide to prevent any\npotential integer overflow, i.e. loss of data from upper 16 bits." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/000930193fe5eb79ce5563ee2e9ddb0c6e4e1bb5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1fe774a93b46bb029b8f6fa9d1f25affa53f06c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4ad7033de109d0fec99086f352f58a3412e378b8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/578ca89b04680145d41011e7cec8806fefbb59e7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8cc31cfa36ff37aff399b72faa2ded58110112ae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ac6ebb9edcdb7077e841862c402697c4c48a7c0a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e0269ea7a628fdeddd65b92fe29c09655dbb80b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fdb90006184aa84c7b4e09144ed0936d4e1891a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53162.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53162.json new file mode 100644 index 00000000000..ea47f75ab71 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53162.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53162", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:24.567", + "lastModified": "2024-12-24T12:15:24.567", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53163.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53163.json new file mode 100644 index 00000000000..e870e962a3d --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53163.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53163", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-24T12:15:24.670", + "lastModified": "2024-12-24T12:15:24.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an out of\nbounds access." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/91eef1ad75f03d37dba926b73f9dd6f058bc4d58", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/93a11608fb3720e1bc2b19a2649ac2b49cca1921", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c23661a36eea840b657e485d48ed88b246da1bb8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ef30d76ff5c..465170a2e50 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-24T11:00:19.342154+00:00 +2024-12-24T13:00:20.073177+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-24T10:15:06.803000+00:00 +2024-12-24T12:15:24.670000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -274617 +274641 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `24` -- [CVE-2024-11896](CVE-2024/CVE-2024-118xx/CVE-2024-11896.json) (`2024-12-24T09:15:05.663`) -- [CVE-2024-12031](CVE-2024/CVE-2024-120xx/CVE-2024-12031.json) (`2024-12-24T10:15:05.580`) -- [CVE-2024-12103](CVE-2024/CVE-2024-121xx/CVE-2024-12103.json) (`2024-12-24T10:15:05.820`) -- [CVE-2024-12468](CVE-2024/CVE-2024-124xx/CVE-2024-12468.json) (`2024-12-24T09:15:06.227`) -- [CVE-2024-12850](CVE-2024/CVE-2024-128xx/CVE-2024-12850.json) (`2024-12-24T10:15:06.033`) -- [CVE-2024-12881](CVE-2024/CVE-2024-128xx/CVE-2024-12881.json) (`2024-12-24T10:15:06.240`) -- [CVE-2024-53240](CVE-2024/CVE-2024-532xx/CVE-2024-53240.json) (`2024-12-24T10:15:06.460`) -- [CVE-2024-53241](CVE-2024/CVE-2024-532xx/CVE-2024-53241.json) (`2024-12-24T10:15:06.640`) -- [CVE-2024-8721](CVE-2024/CVE-2024-87xx/CVE-2024-8721.json) (`2024-12-24T10:15:06.803`) +- [CVE-2024-10584](CVE-2024/CVE-2024-105xx/CVE-2024-10584.json) (`2024-12-24T11:15:05.670`) +- [CVE-2024-10856](CVE-2024/CVE-2024-108xx/CVE-2024-10856.json) (`2024-12-24T11:15:07.260`) +- [CVE-2024-11726](CVE-2024/CVE-2024-117xx/CVE-2024-11726.json) (`2024-12-24T11:15:07.443`) +- [CVE-2024-12268](CVE-2024/CVE-2024-122xx/CVE-2024-12268.json) (`2024-12-24T11:15:07.623`) +- [CVE-2024-43441](CVE-2024/CVE-2024-434xx/CVE-2024-43441.json) (`2024-12-24T12:15:21.697`) +- [CVE-2024-53145](CVE-2024/CVE-2024-531xx/CVE-2024-53145.json) (`2024-12-24T12:15:22.507`) +- [CVE-2024-53146](CVE-2024/CVE-2024-531xx/CVE-2024-53146.json) (`2024-12-24T12:15:22.653`) +- [CVE-2024-53147](CVE-2024/CVE-2024-531xx/CVE-2024-53147.json) (`2024-12-24T12:15:22.777`) +- [CVE-2024-53148](CVE-2024/CVE-2024-531xx/CVE-2024-53148.json) (`2024-12-24T12:15:22.887`) +- [CVE-2024-53149](CVE-2024/CVE-2024-531xx/CVE-2024-53149.json) (`2024-12-24T12:15:23.007`) +- [CVE-2024-53150](CVE-2024/CVE-2024-531xx/CVE-2024-53150.json) (`2024-12-24T12:15:23.117`) +- [CVE-2024-53151](CVE-2024/CVE-2024-531xx/CVE-2024-53151.json) (`2024-12-24T12:15:23.240`) +- [CVE-2024-53152](CVE-2024/CVE-2024-531xx/CVE-2024-53152.json) (`2024-12-24T12:15:23.353`) +- [CVE-2024-53153](CVE-2024/CVE-2024-531xx/CVE-2024-53153.json) (`2024-12-24T12:15:23.467`) +- [CVE-2024-53154](CVE-2024/CVE-2024-531xx/CVE-2024-53154.json) (`2024-12-24T12:15:23.580`) +- [CVE-2024-53155](CVE-2024/CVE-2024-531xx/CVE-2024-53155.json) (`2024-12-24T12:15:23.700`) +- [CVE-2024-53156](CVE-2024/CVE-2024-531xx/CVE-2024-53156.json) (`2024-12-24T12:15:23.833`) +- [CVE-2024-53157](CVE-2024/CVE-2024-531xx/CVE-2024-53157.json) (`2024-12-24T12:15:23.970`) +- [CVE-2024-53158](CVE-2024/CVE-2024-531xx/CVE-2024-53158.json) (`2024-12-24T12:15:24.097`) +- [CVE-2024-53159](CVE-2024/CVE-2024-531xx/CVE-2024-53159.json) (`2024-12-24T12:15:24.217`) +- [CVE-2024-53160](CVE-2024/CVE-2024-531xx/CVE-2024-53160.json) (`2024-12-24T12:15:24.340`) +- [CVE-2024-53161](CVE-2024/CVE-2024-531xx/CVE-2024-53161.json) (`2024-12-24T12:15:24.453`) +- [CVE-2024-53162](CVE-2024/CVE-2024-531xx/CVE-2024-53162.json) (`2024-12-24T12:15:24.567`) +- [CVE-2024-53163](CVE-2024/CVE-2024-531xx/CVE-2024-53163.json) (`2024-12-24T12:15:24.670`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 09aa1e8f3c9..143fd6cac89 100644 --- a/_state.csv +++ b/_state.csv @@ -243536,6 +243536,7 @@ CVE-2024-1058,0,0,f55efbbe1000b59a93d67502d5a09284d2f9f41bdec59caa8cc00ef68357b5 CVE-2024-10580,0,0,7cbec3926b1e0a5918766b8a0adb238fb5e9aded2f47a47f3fe18631e2f40ea4,2024-11-27T07:15:07.920000 CVE-2024-10582,0,0,081ced1e3bee3a0a102c94bdff81bc48301372e830a54bd85e35429dcce93b3b,2024-11-19T21:17:53.003000 CVE-2024-10583,0,0,2dd8fa86d783214098b78ecf15207bb297f91c4a4766bbf054ba7ce346e63980,2024-12-12T07:15:05.570000 +CVE-2024-10584,1,1,8c7b6519131adad7fa81ba687e097a0fa4b2a44cb531dbf703074793d62582da,2024-12-24T11:15:05.670000 CVE-2024-10586,0,0,b69dc43541a3d4ba79cbec846432fae4b52e3fc26bdbf2ae2d19921cf034fb0f,2024-11-12T13:56:54.483000 CVE-2024-10587,0,0,d6724952982058693533d93eda32abe5adf3dfced7d03365b0a9849e1c3651d6,2024-12-04T03:15:04.037000 CVE-2024-10588,0,0,abb174590e2c3805aae308cc65206f91b43bf77d5c69f89364fb1f1e9e31b3d2,2024-11-12T13:56:24.513000 @@ -243766,6 +243767,7 @@ CVE-2024-10852,0,0,88fb8de98b83210c82faaa8e1b095564877022a37a1a43fabad4deb9c385a CVE-2024-10853,0,0,add694a740bab97bc9cd56d06dbb885f02fcec8f590e9f750238303d6750f5de,2024-11-13T17:01:16.850000 CVE-2024-10854,0,0,afc7bc69a1b6288540bb663e3abfd7c0b6a784132b70b7f35e98f7b2cc506cd5,2024-11-13T17:01:16.850000 CVE-2024-10855,0,0,ae24b9251832889f0ab5093466f5bbce4d7ad6d8dd4bf7a8321d2155c2606591,2024-11-26T20:34:02.857000 +CVE-2024-10856,1,1,251c7531c17b6f3b0ed919ef9a67ac2f96c713f0018b87cf93ecb45c7c80519e,2024-12-24T11:15:07.260000 CVE-2024-10857,0,0,957ae8afb2b021b5a39096260dcb79ccdc7e257258c659d883b9a23a31df5c0b,2024-11-26T07:15:05.003000 CVE-2024-1086,0,0,688e2fb2892801c230e1dfe45afd0a98166e64f80974b1a593d490f3471fc0dd,2024-11-21T08:49:46.013000 CVE-2024-10861,0,0,a0a9ed450f8163c1435b46341b966a17dde352d3f4e975547d6d20959f88110b,2024-11-18T17:11:17.393000 @@ -244466,6 +244468,7 @@ CVE-2024-11721,0,0,476bad2ae1181a71ee1e909e9b2944d8737010e4d5a814100bd6b1844c536 CVE-2024-11722,0,0,75cb60b5eb4ea9d09b52d1e1e4055e2e26017dc0ef3344e31ce543e08644d731,2024-12-21T10:15:07.367000 CVE-2024-11723,0,0,d555056e56adae6d2817421636f03f202df11e8bc291dc8225ccc2e718d1c709,2024-12-12T05:15:09.247000 CVE-2024-11724,0,0,05e5e5fa479e9093ec1673d131b2e00f2d4111914ddf22019f00bb0b00e67aae,2024-12-12T07:15:08.600000 +CVE-2024-11726,1,1,d04c53bbeede2c8e9ddb1dccc50575467bbc326dd496f7a6d0a176abbdeb495b,2024-12-24T11:15:07.443000 CVE-2024-11727,0,0,74ce7fa8cdfe22d5e7361f3d2dc50d23f9504f53bdcf31e2233dafec5ae3422b,2024-12-12T07:15:09.107000 CVE-2024-11728,0,0,6b4bed5fd27460e210abe0c2b9d4d46303cd8332bea3bc720df94689692e5ca9,2024-12-06T10:15:05.853000 CVE-2024-11729,0,0,efdcf50f70e4aaed57e8feef0a7a962846d2881b2d7c26550ce5bf699f2f41d7,2024-12-06T11:15:07.837000 @@ -244602,7 +244605,7 @@ CVE-2024-1189,0,0,3e2c1a3fc9f24eb6eaedd5adba4b6f521645b93b8971a5e9477fe83a4ee5ef CVE-2024-11891,0,0,f8a38032fa61b45ae7f4fd61d15412795ca770178ff882a3a6fac619a51ce045,2024-12-12T05:15:10.670000 CVE-2024-11893,0,0,c62163c48ee35e299b71936d209d9441db563d33661eb5d071dc1058fa6edb4a,2024-12-20T07:15:11.747000 CVE-2024-11894,0,0,9e31b28fa56a41e12b82fdf98576d9a13777f5eed7b6c3fc1f71a85af109ef81,2024-12-14T05:15:10.227000 -CVE-2024-11896,1,1,b7887a35718982d9a40b48d94a29d98d396924c0396da321ff55af82e411bc5b,2024-12-24T09:15:05.663000 +CVE-2024-11896,0,0,b7887a35718982d9a40b48d94a29d98d396924c0396da321ff55af82e411bc5b,2024-12-24T09:15:05.663000 CVE-2024-11897,0,0,63c2369fafd5da048dd57864988be95602290ce10df0f51d423ab54c866c15e0,2024-12-04T03:15:05.380000 CVE-2024-11898,0,0,e843212abf00805a20f8b4b65b36c01f75cc2096cf65f2d0e7899f11eb517a82,2024-12-03T08:15:06.857000 CVE-2024-1190,0,0,234a49a5e7705658abf0b6e88d111180ae34b962c9b1fcba39bd09bd939fee39,2024-11-21T08:49:59.993000 @@ -244695,7 +244698,7 @@ CVE-2024-12026,0,0,cbdee4f4d341b218f2a9910c9db7c968e1470cd32e93684865d3bd2934d62 CVE-2024-12027,0,0,37ec4b44c0b83690aba6eca2d38a4a49f2c2ce6081a618c323d63a584206d2b7,2024-12-06T09:15:07.803000 CVE-2024-12028,0,0,1e73c6e2445828811f3920b16dca38e7a1768853994affcbd716568d4e1eb5f0,2024-12-06T09:15:07.957000 CVE-2024-1203,0,0,d1f896c2674b7d8b8ac7ccf181e7d9a7e598afaaabec693045eb0f85d52368c5,2024-11-21T08:50:01.913000 -CVE-2024-12031,1,1,cfc6f1023abe47e6b5b2864c3b0c4a867844e306a2754ed2113fa3de55e88299,2024-12-24T10:15:05.580000 +CVE-2024-12031,0,0,cfc6f1023abe47e6b5b2864c3b0c4a867844e306a2754ed2113fa3de55e88299,2024-12-24T10:15:05.580000 CVE-2024-12034,0,0,4c2e300bb226d14953e4b3dc5ae8d49de8b4d5f0a3f05cacf826cb6e7c67368a,2024-12-24T06:15:32.553000 CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000 CVE-2024-12040,0,0,82ff661fdb988bbdc555297e0b0d4a5a42a6c3fde3cb51373bdf40b4e4dd0633,2024-12-12T06:15:22.947000 @@ -244726,7 +244729,7 @@ CVE-2024-12099,0,0,82c97da21165b875b9d77b9a11ed031ee03fad8a14b90d2e80c74afeac6e2 CVE-2024-1210,0,0,f5a9389cac94cbfcfa3f0d961d1ea27115bf7afa331ce2988db15dbaf2efdf76,2024-11-21T08:50:02.867000 CVE-2024-12100,0,0,d36c08f92a239c009a6ddf35a16924f2d7f8840cc80d6bb06a52ecf54ad1016c,2024-12-24T06:15:32.830000 CVE-2024-12101,0,0,cf6330eb409e982923b4b0b78cc8d64ad396889b9513f5530cedf911c9fe2802,2024-12-03T16:15:20.910000 -CVE-2024-12103,1,1,7561088b40e256189107665db0468ce1a8ba4eda11aa4136609659635e96e605,2024-12-24T10:15:05.820000 +CVE-2024-12103,0,0,7561088b40e256189107665db0468ce1a8ba4eda11aa4136609659635e96e605,2024-12-24T10:15:05.820000 CVE-2024-12107,0,0,7da8659dc821ee4f071df4b42d3ae5a3881cc2b8cc55779739dc797df4a302eb,2024-12-04T11:15:05 CVE-2024-12110,0,0,f266935beaa447960f1dea8d3421db64eefadfd0613c53fd8d2543de02327a47,2024-12-06T09:15:08.270000 CVE-2024-12111,0,0,249e2997ccf6c657e0ff5b6a4af4a93a49c070bbbe4a87b0550980bf4bf876ac,2024-12-19T20:15:06.950000 @@ -244815,6 +244818,7 @@ CVE-2024-12262,0,0,8ec2a15063c99a2ece13211a7279c6a76a6a3bffd489dd7a1525f6aa0b49d CVE-2024-12263,0,0,183574df079ffbee27d57051711c108d812463b16a94004cdf52784fa08d4f65,2024-12-12T06:15:23.960000 CVE-2024-12265,0,0,4ecaf6258b9c646985803002f662a35d37ddc850eb892429f8568423d5e8ff62,2024-12-12T06:15:24.143000 CVE-2024-12266,0,0,1d7106cc2c49b744bdb4d729e342d386ad6363e95bef155c87eaefa9b1480a20,2024-12-24T05:15:06.433000 +CVE-2024-12268,1,1,de0d16e82fc665a0e026b29b66216e9a0dec9a54b17a86489bcd3b7f12025a82,2024-12-24T11:15:07.623000 CVE-2024-1227,0,0,2b74966c63acb4b53db9100814c0ea98b900c2b18de594c13a326b21bfb265c8,2024-11-21T08:50:06.103000 CVE-2024-12270,0,0,a59b36ad08a62409fa966fc5cef53e6796ba20371cadd9c7e001162bc2771bae,2024-12-07T10:15:06.200000 CVE-2024-12271,0,0,e756524ee3996486f46fc9dfb0848744c8a90daec55e50296545ffd31d194dcb,2024-12-12T13:15:07.570000 @@ -244909,7 +244913,7 @@ CVE-2024-1246,0,0,1f374a88e5f240286cc1247b0f1cf35c16b35bebd909ebb6b31cd5f41f4735 CVE-2024-12461,0,0,f7bab5c2b1e2764e06dde5d0575615b7d6c222c7cf9c0439423d8ffeaa327299,2024-12-12T04:15:07.820000 CVE-2024-12463,0,0,bf2ad951357546047d42b0aefb8a66347583691f5449e603983c94f9bac4eadf,2024-12-12T05:15:13.197000 CVE-2024-12465,0,0,71cf8d099f9bc4306dd9d21cf13805ebee4cfad62908f99a6e3f6ef7ca285117,2024-12-13T09:15:09.060000 -CVE-2024-12468,1,1,f44759d48f32f2ec884919fb05a719abebdbd17e88657464a7f13dce61bb97cf,2024-12-24T09:15:06.227000 +CVE-2024-12468,0,0,f44759d48f32f2ec884919fb05a719abebdbd17e88657464a7f13dce61bb97cf,2024-12-24T09:15:06.227000 CVE-2024-12469,0,0,871c3c1e000bdae5610f745ffefecdbdcd7d22ba906daf923687641c197ab750,2024-12-17T10:15:05.997000 CVE-2024-1247,0,0,87dd54613b1838220658d2242080e8fb0b79934df6e5afef144b61ee319c0ba1,2024-11-21T08:50:09.013000 CVE-2024-12474,0,0,2858a766a8bcbd6035c2be4131a605cddb7bb17f787cc233f6060efa0069c36f,2024-12-14T06:15:19.627000 @@ -245075,13 +245079,13 @@ CVE-2024-12844,0,0,6d8ec288c31d3bbe3b33ef2f9ad3792a8943c952d5f308d34593c00a3e1c4 CVE-2024-12845,0,0,4291254c308b66e0c715e21bc18b77504015cd917159726af921dfd1ff44e590,2024-12-20T22:15:24.727000 CVE-2024-12846,0,0,9690583a4102b053af9756b9270b8bc42327f0664ded7d993b4ca2544e24e5cb,2024-12-21T05:15:07.373000 CVE-2024-1285,0,0,f377c2065ba4ae04295fe1855da43b832210575f04c4c7725642d3c9965142c4,2024-11-21T08:50:13.903000 -CVE-2024-12850,1,1,337106ad10d501f734e3bf88bd4810b6de5d19df8b985806eb036bbc69e4e77c,2024-12-24T10:15:06.033000 +CVE-2024-12850,0,0,337106ad10d501f734e3bf88bd4810b6de5d19df8b985806eb036bbc69e4e77c,2024-12-24T10:15:06.033000 CVE-2024-1286,0,0,3a37afba636befcbf537a255eb60a76fe80040636283609c3669d2692aee914a,2024-11-21T08:50:14.037000 CVE-2024-12867,0,0,01e49ed64d6e9cd55a7b69c5d48fb82a0f55b6ea873444ea934a92cdc9c1bea1,2024-12-20T20:15:22.740000 CVE-2024-1287,0,0,86cfcf8ed68830eef8991c1cc47e2012e7e4c97ca8a27598ab8fa2741ba6d8b0,2024-11-21T08:50:14.227000 CVE-2024-12875,0,0,ee4bf98b78016953207e90ab1c1e1367a08d0d85e025d7e25b88e0372fa04581,2024-12-21T12:15:20.910000 CVE-2024-1288,0,0,395f2de724425f73212a7bc39e91c09ee4289c7b4882341dd1ed370b6c884fd8,2024-11-21T08:50:14.440000 -CVE-2024-12881,1,1,8633172ceaa02153cd8321289b54fef40b2b6ded85b3f87c287abe9a2a317719,2024-12-24T10:15:06.240000 +CVE-2024-12881,0,0,8633172ceaa02153cd8321289b54fef40b2b6ded85b3f87c287abe9a2a317719,2024-12-24T10:15:06.240000 CVE-2024-12883,0,0,0aa6b94784eb025896882814202fa04e9e4a7816349ae85e5172dbeb18285a66,2024-12-21T13:15:05.613000 CVE-2024-12884,0,0,543f1871079a56956cadcd381356178e485931e988c0c8b4f5476339a04576ed,2024-12-21T14:15:21.063000 CVE-2024-1289,0,0,e65e8e4dfe8200c9b56fed0852a43d923fc5ad73370ce2516cb730a4df84b5f1,2024-11-21T08:50:14.563000 @@ -263270,6 +263274,7 @@ CVE-2024-43438,0,0,73d1b28c6f38899287538d919cdc80ec31dafefe92f6661fe9a36214164d9 CVE-2024-43439,0,0,40ba494cdfdd48b88a4840d8431101c7f1fdc9c475043690f5f31b7b91efbc66,2024-11-12T15:35:10.043000 CVE-2024-4344,0,0,f2fc8cf2dc3e9a916d8c0e02c7965d497c7aae8ae1650868477b4aff5dcf5623,2024-11-21T09:42:40.023000 CVE-2024-43440,0,0,0d10351622646300ab78c6feb395f887255f528f4060e11d93edde30e1c5afaa,2024-11-08T19:01:03.880000 +CVE-2024-43441,1,1,82d66dd0d1494a3b8fd89d59d7d5aff81d4208bdba8428a1179a98d74629a843,2024-12-24T12:15:21.697000 CVE-2024-43442,0,0,7cf6887173b63e3e2077127f17ebb1f8864349b85ded2485a70c9170e31ad69f,2024-08-26T16:35:12.860000 CVE-2024-43443,0,0,01387b83c9d3faae4be2489d643851ab28bd718e216da87fe7730786e406c157,2024-08-26T12:47:20.187000 CVE-2024-43444,0,0,01fa601f2d9572951dd3491c52e1bfaeb60836d6e72e0f6dc396e203847ee36c,2024-08-26T12:47:20.187000 @@ -269717,14 +269722,33 @@ CVE-2024-53141,0,0,c4eea5c2fe51a3898acccfa414620e41964aab3e73f12af77b5d7bb35ff9f CVE-2024-53142,0,0,fc23c3e378fb46ab5615da6a919ab3136de551312d5d21e741724005200e92a7,2024-12-14T21:15:38.707000 CVE-2024-53143,0,0,7d8fba7c24860a89d1b840b90918c133ee3933019e46b80ab5b9ae6d981cb066,2024-12-13T14:15:22.443000 CVE-2024-53144,0,0,9d107c35ff0dca61e5b14e7d0131ac8dad4f8c1aeabd45b2baa64b7fc7411808,2024-12-18T08:15:05.687000 +CVE-2024-53145,1,1,a794d4ac0b712d63b5a4f5c614911e162b6ce3248946604583a1f97c35593a48,2024-12-24T12:15:22.507000 +CVE-2024-53146,1,1,a59f9cf9608bdc70e51346d9812220bfb3cb08ec15173e6580771158820e1e31,2024-12-24T12:15:22.653000 +CVE-2024-53147,1,1,11198985e4392f153f9573138ec2dd67e24a0a9f9bb11f1ad2b2bdf3312f7d4a,2024-12-24T12:15:22.777000 +CVE-2024-53148,1,1,14d55888245050ee61a327176f07bde5d880b1095e6870181ddcd71f73ae4e47,2024-12-24T12:15:22.887000 +CVE-2024-53149,1,1,11b437334d0edbcdb3fc948d5f31b8485d631dadd73b0fb345614b5924d03674,2024-12-24T12:15:23.007000 CVE-2024-5315,0,0,cfc4383f1c53119936ccfb248038372daec91d7a497e742b345000be072ec700,2024-11-21T09:47:24.927000 +CVE-2024-53150,1,1,d6f8d9f411199489faad977a7b1b179c34ae56352e067ac5275ecbc595a8512e,2024-12-24T12:15:23.117000 +CVE-2024-53151,1,1,0a19bb456823afa10dca91713c047b675836e5cb2e0724e10d1ca125957f78e5,2024-12-24T12:15:23.240000 +CVE-2024-53152,1,1,4345f691f419382725fc59641477cd780f4dd28af83df1a57a7b6c008c6b3887,2024-12-24T12:15:23.353000 +CVE-2024-53153,1,1,2bd4df6d3a8af20f12ebf92d9aea0464d13d2ba03495b557ea06067f63e159c8,2024-12-24T12:15:23.467000 +CVE-2024-53154,1,1,7f7012c3517a686211b5c8167a36c7f44327539ccde74ba846d5b1547d31c5ae,2024-12-24T12:15:23.580000 +CVE-2024-53155,1,1,f288f236d00f69151667c74688b0faa6af5945d9c4e2a7549317a56847a1db98,2024-12-24T12:15:23.700000 +CVE-2024-53156,1,1,2107f159859e8c34d6c03a643d52c5af7a2ac1aaf8d89468d90a64ffc346b3d1,2024-12-24T12:15:23.833000 +CVE-2024-53157,1,1,cce375a08583bd4138c992b3c43ddf0afa03cf57324ceea72c8f1a3942bfad6e,2024-12-24T12:15:23.970000 +CVE-2024-53158,1,1,92e67e49dfa885f342ca09dc0b53e0a2a4cab4ad2dd50508b4ef7c274845bae3,2024-12-24T12:15:24.097000 +CVE-2024-53159,1,1,1a9e3c600cdaf3c4c33cb3c1a2280c94d3c2a8b10e67c8ed84dc60edfb740caa,2024-12-24T12:15:24.217000 +CVE-2024-53160,1,1,ff254e02cac78a07c63aec4bee692adfccd26dd44365edfa283e8f1b144c6102,2024-12-24T12:15:24.340000 +CVE-2024-53161,1,1,4c889d5326cb457d8a3e33cf6bc06ad8054072494111666dc71c53124ff17e4c,2024-12-24T12:15:24.453000 +CVE-2024-53162,1,1,68c59ac64dee7b71afad079ff17be1238407665149bddd0b27b657c5b48b01d9,2024-12-24T12:15:24.567000 +CVE-2024-53163,1,1,95ccc2d9839e1df02d7976d62d1f670c0803478f2bc2be176b260986c38c459b,2024-12-24T12:15:24.670000 CVE-2024-5317,0,0,c2af981f2442def6d43cf11dee826712fdb79df4e8b131d1c0815426b050d563,2024-11-21T09:47:25.040000 CVE-2024-5318,0,0,87e97b53a33051fc1fa3c078212ad6afb68bf37151bd321e62e233d7b2989703,2024-12-13T17:04:31.133000 CVE-2024-5321,0,0,0f218b8b6fcc3fc0b4ccef7040ede5ee801dc8e00258e6450bd3f123b6e73ca4,2024-11-21T09:47:25.283000 CVE-2024-5322,0,0,6e9032fa3deabc9be71dae1989b7f0a781e1608a9b8c8f048902e90e4caef6d4,2024-11-21T09:47:25.413000 CVE-2024-5324,0,0,616d1ba80af339308061f2c79fb4da68886ab2b91b97eb35403d14df6efb4acc,2024-11-21T09:47:25.537000 -CVE-2024-53240,1,1,e69ff2fdc28ca3622d0897f90e8abc77194686814995361bc6e5824ed60d497d,2024-12-24T10:15:06.460000 -CVE-2024-53241,1,1,a002e355ac961e14d0fd6f099edd2f8bca3b3ff394530055699c10d0b25dc065,2024-12-24T10:15:06.640000 +CVE-2024-53240,0,0,e69ff2fdc28ca3622d0897f90e8abc77194686814995361bc6e5824ed60d497d,2024-12-24T10:15:06.460000 +CVE-2024-53241,0,0,a002e355ac961e14d0fd6f099edd2f8bca3b3ff394530055699c10d0b25dc065,2024-12-24T10:15:06.640000 CVE-2024-53242,0,0,bfcd83cfb5068348e4b0b254067e4992bd35af5c9120fcbf4b785e99c4fb6a44,2024-12-10T14:30:46.700000 CVE-2024-53243,0,0,0055f373ee76668c96d6bfcf8a6f00835a4bd98d186934410e0656653ee7c808,2024-12-10T18:15:41.093000 CVE-2024-53244,0,0,314d52ddee68b7d194db67c48301dcf21a10bd6aaea8b99e26bb6f18d015b1d7,2024-12-10T18:15:41.243000 @@ -273588,7 +273612,7 @@ CVE-2024-8717,0,0,f1a9ff442a5f6813151f0b37448a691be71bf0f8a43db898abd4d0bbf67fe8 CVE-2024-8718,0,0,08f9f7324fe1750583259b3c93648593ad90bf879a6e322b24780fec64fd4610,2024-10-04T13:51:25.567000 CVE-2024-8719,0,0,f09775703ce33efd1a382062d7fd99b2a3df4a10d5639e789be4bdf90386ec17,2024-10-18T12:53:04.627000 CVE-2024-8720,0,0,a92271303c4f165ef6918751e334ec6c2a5d2eedb6ef1b6e7529ea9a9bccddee,2024-10-04T13:51:25.567000 -CVE-2024-8721,1,1,dd39c17641552ccfa4fc9e3c5b59a14dfb4e4fa6da94c7f7ac4b55066666a2ab,2024-12-24T10:15:06.803000 +CVE-2024-8721,0,0,dd39c17641552ccfa4fc9e3c5b59a14dfb4e4fa6da94c7f7ac4b55066666a2ab,2024-12-24T10:15:06.803000 CVE-2024-8723,0,0,83a844d582685fdefc602bc8b434e71b492fde6813a7ae6c416922e3445759df,2024-10-02T17:00:23.603000 CVE-2024-8724,0,0,79eb3fc36e2ade01b1d81ee061bd0ccc9d41db170377c76707443e9b9b4c1829,2024-09-27T15:56:00.073000 CVE-2024-8725,0,0,46dd31707149bc30a113fe6e731b5768bd17b167e63d858b2e790e78d82762b2,2024-10-01T14:16:42.727000