From 7bba00130828ca9ff09d57fa4eaeade89f783354 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 18 Mar 2024 13:03:27 +0000 Subject: [PATCH] Auto-Update: 2024-03-18T13:00:39.107263+00:00 --- CVE-2018/CVE-2018-250xx/CVE-2018-25099.json | 4 +- CVE-2021/CVE-2021-471xx/CVE-2021-47115.json | 41 +--------- CVE-2021/CVE-2021-471xx/CVE-2021-47154.json | 4 +- CVE-2021/CVE-2021-471xx/CVE-2021-47155.json | 4 +- CVE-2021/CVE-2021-471xx/CVE-2021-47156.json | 4 +- CVE-2021/CVE-2021-471xx/CVE-2021-47157.json | 4 +- CVE-2022/CVE-2022-470xx/CVE-2022-47036.json | 4 +- CVE-2022/CVE-2022-470xx/CVE-2022-47037.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52159.json | 4 +- CVE-2023/CVE-2023-526xx/CVE-2023-52609.json | 48 ++++++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52610.json | 36 +++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52611.json | 28 +++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52612.json | 48 ++++++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52613.json | 28 +++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52614.json | 36 +++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52615.json | 48 ++++++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52616.json | 40 ++++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52617.json | 44 +++++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52618.json | 40 ++++++++++ CVE-2023/CVE-2023-526xx/CVE-2023-52619.json | 48 ++++++++++++ CVE-2024/CVE-2024-10xx/CVE-2024-1013.json | 63 +++++++++++++++ CVE-2024/CVE-2024-16xx/CVE-2024-1604.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1605.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1606.json | 4 +- CVE-2024/CVE-2024-207xx/CVE-2024-20767.json | 55 +++++++++++++ CVE-2024/CVE-2024-218xx/CVE-2024-21824.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22475.json | 4 +- CVE-2024/CVE-2024-236xx/CVE-2024-23604.json | 4 +- CVE-2024/CVE-2024-242xx/CVE-2024-24230.json | 4 +- CVE-2024/CVE-2024-245xx/CVE-2024-24539.json | 4 +- CVE-2024/CVE-2024-25xx/CVE-2024-2574.json | 4 +- CVE-2024/CVE-2024-25xx/CVE-2024-2575.json | 4 +- CVE-2024/CVE-2024-25xx/CVE-2024-2576.json | 4 +- CVE-2024/CVE-2024-25xx/CVE-2024-2577.json | 4 +- CVE-2024/CVE-2024-25xx/CVE-2024-2581.json | 4 +- CVE-2024/CVE-2024-266xx/CVE-2024-26631.json | 36 +++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26632.json | 32 ++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26633.json | 48 ++++++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26634.json | 32 ++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26635.json | 48 ++++++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26636.json | 48 ++++++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26637.json | 24 ++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26638.json | 32 ++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26639.json | 28 +++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26640.json | 40 ++++++++++ CVE-2024/CVE-2024-266xx/CVE-2024-26641.json | 40 ++++++++++ CVE-2024/CVE-2024-277xx/CVE-2024-27757.json | 4 +- CVE-2024/CVE-2024-279xx/CVE-2024-27974.json | 4 +- CVE-2024/CVE-2024-280xx/CVE-2024-28039.json | 4 +- CVE-2024/CVE-2024-281xx/CVE-2024-28125.json | 4 +- CVE-2024/CVE-2024-281xx/CVE-2024-28128.json | 8 +- CVE-2024/CVE-2024-287xx/CVE-2024-28745.json | 4 +- CVE-2024/CVE-2024-291xx/CVE-2024-29151.json | 4 +- CVE-2024/CVE-2024-291xx/CVE-2024-29154.json | 4 +- CVE-2024/CVE-2024-291xx/CVE-2024-29156.json | 4 +- README.md | 63 ++++++++++++--- _state.csv | 86 +++++++++++++-------- 57 files changed, 1147 insertions(+), 137 deletions(-) create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52609.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52610.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52611.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52612.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52613.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52614.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52615.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52616.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52617.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52618.json create mode 100644 CVE-2023/CVE-2023-526xx/CVE-2023-52619.json create mode 100644 CVE-2024/CVE-2024-10xx/CVE-2024-1013.json create mode 100644 CVE-2024/CVE-2024-207xx/CVE-2024-20767.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26631.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26632.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26633.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26634.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26635.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26636.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26637.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26638.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26639.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26640.json create mode 100644 CVE-2024/CVE-2024-266xx/CVE-2024-26641.json diff --git a/CVE-2018/CVE-2018-250xx/CVE-2018-25099.json b/CVE-2018/CVE-2018-250xx/CVE-2018-25099.json index e45063ab90e..b9f45e74164 100644 --- a/CVE-2018/CVE-2018-250xx/CVE-2018-25099.json +++ b/CVE-2018/CVE-2018-250xx/CVE-2018-25099.json @@ -2,8 +2,8 @@ "id": "CVE-2018-25099", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T05:15:06.007", - "lastModified": "2024-03-18T05:15:06.007", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47115.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47115.json index 3bef262a459..100a21ad3ce 100644 --- a/CVE-2021/CVE-2021-471xx/CVE-2021-47115.json +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47115.json @@ -2,47 +2,14 @@ "id": "CVE-2021-47115", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-15T21:15:06.780", - "lastModified": "2024-03-17T22:38:29.433", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-18T11:15:07.400", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect\n\nIt's possible to trigger NULL pointer dereference by local unprivileged\nuser, when calling getsockname() after failed bind() (e.g. the bind\nfails because LLCP_SAP_MAX used as SAP):\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n CPU: 1 PID: 426 Comm: llcp_sock_getna Not tainted 5.13.0-rc2-next-20210521+ #9\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1 04/01/2014\n Call Trace:\n llcp_sock_getname+0xb1/0xe0\n __sys_getpeername+0x95/0xc0\n ? lockdep_hardirqs_on_prepare+0xd5/0x180\n ? syscall_enter_from_user_mode+0x1c/0x40\n __x64_sys_getpeername+0x11/0x20\n do_syscall_64+0x36/0x70\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThis can be reproduced with Syzkaller C repro (bind followed by\ngetpeername):\nhttps://syzkaller.appspot.com/x/repro.c?x=14def446e00000" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/0c4559736d9a4ec1ca58ba98ca34e7c4da4c422b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/39c15bd2e5d11bcf7f4c3dba2aad9e1e110a5d94", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/48ee0db61c8299022ec88c79ad137f290196cac2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/4ac06a1e013cf5fdd963317ffd3b968560f33bba", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/5d4c4b06ed9fb7a69d0b2e2a73fc73226d25ab70", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/93e4ac2a9979a9a4ecc158409ed9c3044dc0ae1f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/eb6875d48590d8e564092e831ff07fa384d7e477", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/ffff05b9ee5c74c04bba2801c1f99b31975d74d9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47154.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47154.json index ff298e2da0a..3a0ff41738c 100644 --- a/CVE-2021/CVE-2021-471xx/CVE-2021-47154.json +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47154.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47154", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T05:15:06.140", - "lastModified": "2024-03-18T05:15:06.140", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47155.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47155.json index 7d0e767a9ab..676dde88c04 100644 --- a/CVE-2021/CVE-2021-471xx/CVE-2021-47155.json +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47155.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47155", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T05:15:06.203", - "lastModified": "2024-03-18T05:15:06.203", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47156.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47156.json index 4e31d9e3325..d8d11e05d6e 100644 --- a/CVE-2021/CVE-2021-471xx/CVE-2021-47156.json +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47156.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47156", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T05:15:06.260", - "lastModified": "2024-03-18T05:15:06.260", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47157.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47157.json index 5a1041cbc48..8d6bf31300a 100644 --- a/CVE-2021/CVE-2021-471xx/CVE-2021-47157.json +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47157.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47157", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T05:15:06.317", - "lastModified": "2024-03-18T05:15:06.317", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47036.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47036.json index 21a12f62caf..a526429b04b 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47036.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47036.json @@ -2,8 +2,8 @@ "id": "CVE-2022-47036", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T03:15:05.957", - "lastModified": "2024-03-18T04:15:08.400", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47037.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47037.json index 74323facf7e..3ad4f9046c8 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47037.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47037.json @@ -2,8 +2,8 @@ "id": "CVE-2022-47037", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T03:15:06.017", - "lastModified": "2024-03-18T03:15:06.017", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52159.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52159.json index d6682bd3806..4ef06738dd9 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52159.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52159.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52159", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T02:15:06.053", - "lastModified": "2024-03-18T02:15:06.053", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52609.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52609.json new file mode 100644 index 00000000000..6d5f34fded1 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52609.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2023-52609", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:07.743", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix race between mmput() and do_exit()\n\nTask A calls binder_update_page_range() to allocate and insert pages on\na remote address space from Task B. For this, Task A pins the remote mm\nvia mmget_not_zero() first. This can race with Task B do_exit() and the\nfinal mmput() refcount decrement will come from Task A.\n\n Task A | Task B\n ------------------+------------------\n mmget_not_zero() |\n | do_exit()\n | exit_mm()\n | mmput()\n mmput() |\n exit_mmap() |\n remove_vma() |\n fput() |\n\nIn this case, the work of ____fput() from Task B is queued up in Task A\nas TWA_RESUME. So in theory, Task A returns to userspace and the cleanup\nwork gets executed. However, Task A instead sleep, waiting for a reply\nfrom Task B that never comes (it's dead).\n\nThis means the binder_deferred_release() is blocked until an unrelated\nbinder event forces Task A to go back to userspace. All the associated\ndeath notifications will also be delayed until then.\n\nIn order to fix this use mmput_async() that will schedule the work in\nthe corresponding mm->async_put_work WQ instead of Task A." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/252a2a5569eb9f8d16428872cc24dea1ac0bb097", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6696f76c32ff67fec26823fc2df46498e70d9bf3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/67f16bf2cc1698fd50e01ee8a2becc5a8e6d3a3e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/77d210e8db4d61d43b2d16df66b1ec46fad2ee01", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7e7a0d86542b0ea903006d3f42f33c4f7ead6918", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/95b1d336b0642198b56836b89908d07b9a0c9608", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/98fee5bee97ad47b527a997d5786410430d1f0e9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9a9ab0d963621d9d12199df9817e66982582d5a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52610.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52610.json new file mode 100644 index 00000000000..587fbe9342e --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52610.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-52610", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:07.943", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: fix skb leak and crash on ooo frags\n\nact_ct adds skb->users before defragmentation. If frags arrive in order,\nthe last frag's reference is reset in:\n\n inet_frag_reasm_prepare\n skb_morph\n\nwhich is not straightforward.\n\nHowever when frags arrive out of order, nobody unref the last frag, and\nall frags are leaked. The situation is even worse, as initiating packet\ncapture can lead to a crash[0] when skb has been cloned and shared at the\nsame time.\n\nFix the issue by removing skb_get() before defragmentation. act_ct\nreturns TC_ACT_CONSUMED when defrag failed or in progress.\n\n[0]:\n[ 843.804823] ------------[ cut here ]------------\n[ 843.809659] kernel BUG at net/core/skbuff.c:2091!\n[ 843.814516] invalid opcode: 0000 [#1] PREEMPT SMP\n[ 843.819296] CPU: 7 PID: 0 Comm: swapper/7 Kdump: loaded Tainted: G S 6.7.0-rc3 #2\n[ 843.824107] Hardware name: XFUSION 1288H V6/BC13MBSBD, BIOS 1.29 11/25/2022\n[ 843.828953] RIP: 0010:pskb_expand_head+0x2ac/0x300\n[ 843.833805] Code: 8b 70 28 48 85 f6 74 82 48 83 c6 08 bf 01 00 00 00 e8 38 bd ff ff 8b 83 c0 00 00 00 48 03 83 c8 00 00 00 e9 62 ff ff ff 0f 0b <0f> 0b e8 8d d0 ff ff e9 b3 fd ff ff 81 7c 24 14 40 01 00 00 4c 89\n[ 843.843698] RSP: 0018:ffffc9000cce07c0 EFLAGS: 00010202\n[ 843.848524] RAX: 0000000000000002 RBX: ffff88811a211d00 RCX: 0000000000000820\n[ 843.853299] RDX: 0000000000000640 RSI: 0000000000000000 RDI: ffff88811a211d00\n[ 843.857974] RBP: ffff888127d39518 R08: 00000000bee97314 R09: 0000000000000000\n[ 843.862584] R10: 0000000000000000 R11: ffff8881109f0000 R12: 0000000000000880\n[ 843.867147] R13: ffff888127d39580 R14: 0000000000000640 R15: ffff888170f7b900\n[ 843.871680] FS: 0000000000000000(0000) GS:ffff889ffffc0000(0000) knlGS:0000000000000000\n[ 843.876242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 843.880778] CR2: 00007fa42affcfb8 CR3: 000000011433a002 CR4: 0000000000770ef0\n[ 843.885336] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 843.889809] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 843.894229] PKRU: 55555554\n[ 843.898539] Call Trace:\n[ 843.902772] \n[ 843.906922] ? __die_body+0x1e/0x60\n[ 843.911032] ? die+0x3c/0x60\n[ 843.915037] ? do_trap+0xe2/0x110\n[ 843.918911] ? pskb_expand_head+0x2ac/0x300\n[ 843.922687] ? do_error_trap+0x65/0x80\n[ 843.926342] ? pskb_expand_head+0x2ac/0x300\n[ 843.929905] ? exc_invalid_op+0x50/0x60\n[ 843.933398] ? pskb_expand_head+0x2ac/0x300\n[ 843.936835] ? asm_exc_invalid_op+0x1a/0x20\n[ 843.940226] ? pskb_expand_head+0x2ac/0x300\n[ 843.943580] inet_frag_reasm_prepare+0xd1/0x240\n[ 843.946904] ip_defrag+0x5d4/0x870\n[ 843.950132] nf_ct_handle_fragments+0xec/0x130 [nf_conntrack]\n[ 843.953334] tcf_ct_act+0x252/0xd90 [act_ct]\n[ 843.956473] ? tcf_mirred_act+0x516/0x5a0 [act_mirred]\n[ 843.959657] tcf_action_exec+0xa1/0x160\n[ 843.962823] fl_classify+0x1db/0x1f0 [cls_flower]\n[ 843.966010] ? skb_clone+0x53/0xc0\n[ 843.969173] tcf_classify+0x24d/0x420\n[ 843.972333] tc_run+0x8f/0xf0\n[ 843.975465] __netif_receive_skb_core+0x67a/0x1080\n[ 843.978634] ? dev_gro_receive+0x249/0x730\n[ 843.981759] __netif_receive_skb_list_core+0x12d/0x260\n[ 843.984869] netif_receive_skb_list_internal+0x1cb/0x2f0\n[ 843.987957] ? mlx5e_handle_rx_cqe_mpwrq_rep+0xfa/0x1a0 [mlx5_core]\n[ 843.991170] napi_complete_done+0x72/0x1a0\n[ 843.994305] mlx5e_napi_poll+0x28c/0x6d0 [mlx5_core]\n[ 843.997501] __napi_poll+0x25/0x1b0\n[ 844.000627] net_rx_action+0x256/0x330\n[ 844.003705] __do_softirq+0xb3/0x29b\n[ 844.006718] irq_exit_rcu+0x9e/0xc0\n[ 844.009672] common_interrupt+0x86/0xa0\n[ 844.012537] \n[ 844.015285] \n[ 844.017937] asm_common_interrupt+0x26/0x40\n[ 844.020591] RIP: 0010:acpi_safe_halt+0x1b/0x20\n[ 844.023247] Code: ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 65 48 8b 04 25 00 18 03 00 48 8b 00 a8 08 75 0c 66 90 0f 00 2d 81 d0 44 00 fb\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0b5b831122fc3789fff75be433ba3e4dd7b779d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/172ba7d46c202e679f3ccb10264c67416aaeb1c4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3f14b377d01d8357eba032b4cabc8c1149b458b6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/73f7da5fd124f2cda9161e2e46114915e6e82e97", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f5346df0591d10bc948761ca854b1fae6d2ef441", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52611.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52611.json new file mode 100644 index 00000000000..67aa4f0aacc --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52611.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-52611", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:08.157", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: sdio: Honor the host max_req_size in the RX path\n\nLukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes\nwith an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth\ncombo card. The error he observed is identical to what has been fixed\nin commit e967229ead0e (\"wifi: rtw88: sdio: Check the HISR RX_REQUEST\nbit in rtw_sdio_rx_isr()\") but that commit didn't fix Lukas' problem.\n\nLukas found that disabling or limiting RX aggregation works around the\nproblem for some time (but does not fully fix it). In the following\ndiscussion a few key topics have been discussed which have an impact on\nthis problem:\n- The Amlogic A311D (G12B) SoC has a hardware bug in the SDIO controller\n which prevents DMA transfers. Instead all transfers need to go through\n the controller SRAM which limits transfers to 1536 bytes\n- rtw88 chips don't split incoming (RX) packets, so if a big packet is\n received this is forwarded to the host in it's original form\n- rtw88 chips can do RX aggregation, meaning more multiple incoming\n packets can be pulled by the host from the card with one MMC/SDIO\n transfer. This Depends on settings in the REG_RXDMA_AGG_PG_TH\n register (BIT_RXDMA_AGG_PG_TH limits the number of packets that will\n be aggregated, BIT_DMA_AGG_TO_V1 configures a timeout for aggregation\n and BIT_EN_PRE_CALC makes the chip honor the limits more effectively)\n\nUse multiple consecutive reads in rtw_sdio_read_port() and limit the\nnumber of bytes which are copied by the host from the card in one\nMMC/SDIO transfer. This allows receiving a buffer that's larger than\nthe hosts max_req_size (number of bytes which can be transferred in\none MMC/SDIO transfer). As a result of this the skb_over_panic error\nis gone as the rtw88 driver is now able to receive more than 1536 bytes\nfrom the card (either because the incoming packet is larger than that\nor because multiple packets have been aggregated).\n\nIn case of an receive errors (-EILSEQ has been observed by Lukas) we\nneed to drain the remaining data from the card's buffer, otherwise the\ncard will return corrupt data for the next rtw_sdio_read_port() call." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00384f565a91c08c4bedae167f749b093d10e3fe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0e9ffff72a0674cd6656314dbd99cdd2123a3030", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5b5ddf21b978ec315cab9d9e7e6ac7374791a8c7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52612.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52612.json new file mode 100644 index 00000000000..deb9c6a0476 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52612.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2023-52612", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:08.317", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: scomp - fix req->dst buffer overflow\n\nThe req->dst buffer size should be checked before copying from the\nscomp_scratch->dst to avoid req->dst buffer overflow problem." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52613.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52613.json new file mode 100644 index 00000000000..38ca7529571 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52613.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-52613", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:08.477", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment\n\nPTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need\n-ENODEV as the right value for comparison.\n\nOtherwise, tz->type is NULL when thermal-zones is undefined, resulting\nin the following error:\n\n[ 12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8\n[ 12.302877] Oops[#1]:\n[ 12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385\n[ 12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10\n[ 12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001\n[ 12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c\n[ 12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901\n[ 12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790\n[ 12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40\n[ 12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000\n[ 12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8\n[ 12.362938] ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300\n[ 12.386411] ERA: 900000000355f410 strscpy+0xf0/0x160\n[ 12.391626] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[ 12.397898] PRMD: 00000004 (PPLV0 +PIE -PWE)\n[ 12.403678] EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[ 12.409859] ECFG: 00071c1c (LIE=2-4,10-12 VS=7)\n[ 12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[ 12.415907] BADV: fffffffffffffff1\n[ 12.415911] PRID: 0014a000 (Loongson-64bit, Loongson-2K1000)\n[ 12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc\n[ 12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3)\n[ 12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358\n[ 12.415982] ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410\n[ 12.415999] ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0\n[ 12.416016] 9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed\n[ 12.416032] 0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000\n[ 12.416048] 90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410\n[ 12.416065] 0000000000000000 9000000002df6808 90000001002a3410 0000000000000000\n[ 12.416081] ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8\n[ 12.416097] 00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002\n[ 12.416114] ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30\n[ 12.416131] ...\n[ 12.416138] Call Trace:\n[ 12.416142] [<900000000355f410>] strscpy+0xf0/0x160\n[ 12.416167] [<90000000031579b8>] thermal_add_hwmon_sysfs+0x258/0x300\n[ 12.416183] [<9000000003157ab0>] devm_thermal_add_hwmon_sysfs+0x50/0xe0\n[ 12.416200] [] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal]\n[ 12.416232] [<9000000002df6808>] platform_probe+0x68/0x140\n[ 12.416249] [<9000000002df2ba8>] really_probe+0xc8/0x3c0\n[ 12.416269] [<9000000002df2f30>] __driver_probe_device+0x90/0x180\n[ 12.416286] [<9000000002df3058>] driver_probe_device+0x38/0x160\n[ 12.416302] [<9000000002df33a8>] __driver_attach+0xa8/0x200\n[ 12.416314] [<9000000002deffec>] bus_for_each_dev+0x8c/0x120\n[ 12.416330] [<9000000002df198c>] bus_add_driver+0x10c/0x2a0\n[ 12.416346] [<9000000002df46b4>] driver_register+0x74/0x160\n[ 12.416358] [<90000000022201a4>] do_one_initcall+0x84/0x220\n[ 12.416372] [<90000000022f3ab8>] do_init_module+0x58/0x2c0\n[\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/15ef92e9c41124ee9d88b01208364f3fe1f45f84", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6010a9fc14eb1feab5cafd84422001134fe8ec58", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70481755ed77400e783200e2d022e5fea16060ce", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52614.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52614.json new file mode 100644 index 00000000000..96ac1b03c0c --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52614.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-52614", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:08.640", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don't have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52615.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52615.json new file mode 100644 index 00000000000..70bdadcbefa --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52615.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2023-52615", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:08.797", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwrng: core - Fix page fault dead lock on mmap-ed hwrng\n\nThere is a dead-lock in the hwrng device read path. This triggers\nwhen the user reads from /dev/hwrng into memory also mmap-ed from\n/dev/hwrng. The resulting page fault triggers a recursive read\nwhich then dead-locks.\n\nFix this by using a stack buffer when calling copy_to_user." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/26cc6d7006f922df6cc4389248032d955750b2a0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5030d4c798863ccb266563201b341a099e8cdd48", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6822a14271786150e178869f1495cc03e74c5029", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/78aafb3884f6bc6636efcc1760c891c8500b9922", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa8aa16ed9adf1df05bb339d588cf485a011839e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6a8111aacbfe7a8a70f46cc0de8eed00561693c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eafd83b92f6c044007a3591cbd476bcf90455990", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ecabe8cd456d3bf81e92c53b074732f3140f170d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52616.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52616.json new file mode 100644 index 00000000000..aac7ca4e0c4 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52616.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-52616", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:08.967", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0c3687822259a7628c85cd21a3445cbe3c367165", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2bb86817b33c9d704e127f92b838035a72c315b6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7abdfd45a650c714d5ebab564bb1b988f14d9b49", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7ebf812b7019fd2d4d5a7ca45ef4bf3a6f4bda0a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ba3c5574203034781ac4231acf117da917efcd2a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bb44477d4506e52785693a39f03cdc6a2c5e8598", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52617.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52617.json new file mode 100644 index 00000000000..f6a74b0cf5e --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52617.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2023-52617", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:09.057", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: switchtec: Fix stdev_release() crash after surprise hot remove\n\nA PCI device hot removal may occur while stdev->cdev is held open. The call\nto stdev_release() then happens during close or exit, at a point way past\nswitchtec_pci_remove(). Otherwise the last ref would vanish with the\ntrailing put_device(), just before return.\n\nAt that later point in time, the devm cleanup has already removed the\nstdev->mmio_mrpc mapping. Also, the stdev->pdev reference was not a counted\none. Therefore, in DMA mode, the iowrite32() in stdev_release() will cause\na fatal page fault, and the subsequent dma_free_coherent(), if reached,\nwould pass a stale &stdev->pdev->dev pointer.\n\nFix by moving MRPC DMA shutdown into switchtec_pci_remove(), after\nstdev_kill(). Counting the stdev->pdev ref is now optional, but may prevent\nfuture accidents.\n\nReproducible via the script at\nhttps://lore.kernel.org/r/20231113212150.96410-1-dns@arista.com" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0233b836312e39a3c763fb53512b3fa455b473b3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1d83c85922647758c1f1e4806a4c5c3cf591a20a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4a5d0528cf19dbf060313dffbe047bc11c90c24c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d8c293549946ee5078ed0ab77793cec365559355", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/df25461119d987b8c81d232cfe4411e91dcabe66", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e129c7fa7070fbce57feb0bfc5eaa65eef44b693", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff1c7e2fb9e9c3f53715fbe04d3ac47b80be7eb8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52618.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52618.json new file mode 100644 index 00000000000..778806398a6 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52618.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-52618", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:09.110", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock/rnbd-srv: Check for unlikely string overflow\n\nSince \"dev_search_path\" can technically be as large as PATH_MAX,\nthere was a risk of truncation when copying it and a second string\ninto \"full_path\" since it was also PATH_MAX sized. The W=1 builds were\nreporting this warning:\n\ndrivers/block/rnbd/rnbd-srv.c: In function 'process_msg_open.isra':\ndrivers/block/rnbd/rnbd-srv.c:616:51: warning: '%s' directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~\nIn function 'rnbd_srv_get_full_path',\n inlined from 'process_msg_open.isra' at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: 'snprintf' output between 2 and 4351 bytes into a destination of size 4096\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n 617 | dev_search_path, dev_name);\n | ~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nTo fix this, unconditionally check for truncation (as was already done\nfor the case where \"%SESSNAME%\" was present)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5b9ea86e662035a886ccb5c76d56793cba618827", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/95bc866c11974d3e4a9d922275ea8127ff809cf7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9e4bf6a08d1e127bcc4bd72557f2dfafc6bc7f41", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2c6206f18104fba7f887bf4dbbfe4c41adc4339", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af7bbdac89739e2e7380387fda598848d3b7010f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f6abd5e17da33eba15df2bddc93413e76c2b55f7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52619.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52619.json new file mode 100644 index 00000000000..a040d97be56 --- /dev/null +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52619.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2023-52619", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:09.170", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/ram: Fix crash when setting number of cpus to an odd number\n\nWhen the number of cpu cores is adjusted to 7 or other odd numbers,\nthe zone size will become an odd number.\nThe address of the zone will become:\n addr of zone0 = BASE\n addr of zone1 = BASE + zone_size\n addr of zone2 = BASE + zone_size*2\n ...\nThe address of zone1/3/5/7 will be mapped to non-alignment va.\nEventually crashes will occur when accessing these va.\n\nSo, use ALIGN_DOWN() to make sure the zone size is even\nto avoid this bug." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0593cfd321df9001142a9d2c58d4144917dff7ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2a37905d47bffec61e95d99f0c1cc5dc6377956c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/75b0f71b26b3ad833c5c0670109c0af6e021e86a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b69c30f4e8b69131d92096cb296dc1f217101e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a63e48cd835c34c38ef671d344cc029b1ea5bf10", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cd40e43f870cf21726b22487a95ed223790b3542", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d49270a04623ce3c0afddbf3e984cb245aa48e9c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e9f6ac50890104fdf8194f2865680689239d30fb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1013.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1013.json new file mode 100644 index 00000000000..bc21b0f509b --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1013.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-1013", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-03-18T11:15:09.227", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-823" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1013", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260823", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/lurcher/unixODBC/pull/157", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1604.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1604.json index 8263b984b0b..2c7579b0ee7 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1604.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1604.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1604", "sourceIdentifier": "cvd@cert.pl", "published": "2024-03-18T10:15:19.900", - "lastModified": "2024-03-18T10:15:19.900", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1605.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1605.json index 87dbc840cb7..43a0d9cb6bc 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1605.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1605.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1605", "sourceIdentifier": "cvd@cert.pl", "published": "2024-03-18T10:15:20.583", - "lastModified": "2024-03-18T10:15:20.583", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1606.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1606.json index fef18bc009c..c7469040807 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1606.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1606.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1606", "sourceIdentifier": "cvd@cert.pl", "published": "2024-03-18T10:15:20.863", - "lastModified": "2024-03-18T10:15:20.863", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20767.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20767.json new file mode 100644 index 00000000000..17eef0ca27d --- /dev/null +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20767.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-20767", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-03-18T12:15:06.870", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21824.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21824.json index bfeb2122728..79e3d74699d 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21824.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21824.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21824", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T08:15:06.087", - "lastModified": "2024-03-18T08:15:06.087", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22475.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22475.json index 8f1e303d3ec..3dfcfe779cf 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22475.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22475.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22475", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T08:15:06.173", - "lastModified": "2024-03-18T08:15:06.173", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23604.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23604.json index 469cb413e57..47cb7b79a89 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23604.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23604.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23604", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T08:15:06.233", - "lastModified": "2024-03-18T08:15:06.233", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-242xx/CVE-2024-24230.json b/CVE-2024/CVE-2024-242xx/CVE-2024-24230.json index 2271f59e933..a5d9abfe16d 100644 --- a/CVE-2024/CVE-2024-242xx/CVE-2024-24230.json +++ b/CVE-2024/CVE-2024-242xx/CVE-2024-24230.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24230", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T02:15:06.123", - "lastModified": "2024-03-18T02:15:06.123", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24539.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24539.json index a5c8cee243c..9cbf3960247 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24539.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24539.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24539", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T03:15:06.067", - "lastModified": "2024-03-18T03:15:06.067", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2574.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2574.json index 7134cb1d35c..bdddf14a339 100644 --- a/CVE-2024/CVE-2024-25xx/CVE-2024-2574.json +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2574.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2574", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-18T02:15:06.177", - "lastModified": "2024-03-18T02:15:06.177", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2575.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2575.json index 138a929e262..a21cc65d609 100644 --- a/CVE-2024/CVE-2024-25xx/CVE-2024-2575.json +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2575.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2575", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-18T02:15:06.397", - "lastModified": "2024-03-18T02:15:06.397", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2576.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2576.json index 949dceacec8..6038635ccd2 100644 --- a/CVE-2024/CVE-2024-25xx/CVE-2024-2576.json +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2576.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2576", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-18T02:15:06.620", - "lastModified": "2024-03-18T02:15:06.620", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2577.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2577.json index 0d772e22a65..7e806701e6c 100644 --- a/CVE-2024/CVE-2024-25xx/CVE-2024-2577.json +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2577.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2577", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-18T03:15:06.123", - "lastModified": "2024-03-18T03:15:06.123", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2581.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2581.json index 8259de8d51d..81129d188fe 100644 --- a/CVE-2024/CVE-2024-25xx/CVE-2024-2581.json +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2581.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2581", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-18T03:15:06.380", - "lastModified": "2024-03-18T03:15:06.380", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26631.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26631.json new file mode 100644 index 00000000000..caf51fab253 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26631.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2024-26631", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:09.483", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work\n\nidev->mc_ifc_count can be written over without proper locking.\n\nOriginally found by syzbot [1], fix this issue by encapsulating calls\nto mld_ifc_stop_work() (and mld_gq_stop_work() for good measure) with\nmutex_lock() and mutex_unlock() accordingly as these functions\nshould only be called with mc_lock per their declarations.\n\n[1]\nBUG: KCSAN: data-race in ipv6_mc_down / mld_ifc_work\n\nwrite to 0xffff88813a80c832 of 1 bytes by task 3771 on cpu 0:\n mld_ifc_stop_work net/ipv6/mcast.c:1080 [inline]\n ipv6_mc_down+0x10a/0x280 net/ipv6/mcast.c:2725\n addrconf_ifdown+0xe32/0xf10 net/ipv6/addrconf.c:3949\n addrconf_notify+0x310/0x980\n notifier_call_chain kernel/notifier.c:93 [inline]\n raw_notifier_call_chain+0x6b/0x1c0 kernel/notifier.c:461\n __dev_notify_flags+0x205/0x3d0\n dev_change_flags+0xab/0xd0 net/core/dev.c:8685\n do_setlink+0x9f6/0x2430 net/core/rtnetlink.c:2916\n rtnl_group_changelink net/core/rtnetlink.c:3458 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3717 [inline]\n rtnl_newlink+0xbb3/0x1670 net/core/rtnetlink.c:3754\n rtnetlink_rcv_msg+0x807/0x8c0 net/core/rtnetlink.c:6558\n netlink_rcv_skb+0x126/0x220 net/netlink/af_netlink.c:2545\n rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:6576\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0x589/0x650 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x66e/0x770 net/netlink/af_netlink.c:1910\n ...\n\nwrite to 0xffff88813a80c832 of 1 bytes by task 22 on cpu 1:\n mld_ifc_work+0x54c/0x7b0 net/ipv6/mcast.c:2653\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2700\n worker_thread+0x525/0x730 kernel/workqueue.c:2781\n ..." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2e7ef287f07c74985f1bf2858bedc62bd9ebf155", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/380540bb06bb1d1b12bdc947d1b8f56cda6b5663", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3bb5849675ae1d592929798a2b37ea450879c855", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3cc283fd16fba72e2cefe3a6f48d7a36b0438900", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/62b3387beef11738eb6ce667601a28fa089fa02c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26632.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26632.json new file mode 100644 index 00000000000..f707fab9708 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26632.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26632", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:09.697", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\n\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses. Move the test that we've reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n\n[axboe: add unlikely() to error case]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26633.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26633.json new file mode 100644 index 00000000000..4d1ea10d8f7 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26633.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26633", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:09.867", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()\n\nsyzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken.\n\nReading frag_off can only be done if we pulled enough bytes\nto skb->head. Currently we might access garbage.\n\n[1]\nBUG: KMSAN: uninit-value in ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendmsg net/socket.c:2676 [inline]\n__se_sys_sendmsg net/socket.c:2674 [inline]\n__x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\nslab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\nslab_alloc_node mm/slub.c:3478 [inline]\n__kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n__do_kmalloc_node mm/slab_common.c:1006 [inline]\n__kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:1027\nkmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\npskb_expand_head+0x226/0x1a00 net/core/skbuff.c:2098\n__pskb_pull_tail+0x13b/0x2310 net/core/skbuff.c:2655\npskb_may_pull_reason include/linux/skbuff.h:2673 [inline]\npskb_may_pull include/linux/skbuff.h:2681 [inline]\nip6_tnl_parse_tlv_enc_lim+0x901/0xbb0 net/ipv6/ip6_tunnel.c:408\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendms\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/135414f300c5db995e2a2f3bf0f455de9d014aee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3f15ba3dc14e6ee002ea01b4faddc3d49200377c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4329426cf6b8e22b798db2331c7ef1dd2a9c748d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/62a1fedeb14c7ac0947ef33fadbabd35ed2400a2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/687c5d52fe53e602e76826dbd4d7af412747e183", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ba8d904c274268b18ef3dc11d3ca7b24a96cb087", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d375b98e0248980681e5e56b712026174d617198", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/da23bd709b46168f7dfc36055801011222b076cd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26634.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26634.json new file mode 100644 index 00000000000..df9d02a69de --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26634.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26634", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:10.053", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/8072699aa9e67d1727692cfb3c347263bb627fb9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2232f29bf52c24f827865b3c90829c44b6c695b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d09486a04f5da0a812c26217213b89a3b1acf836", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e855dded4b70d1975ee7b9fed0c700391e3c8ea6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26635.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26635.json new file mode 100644 index 00000000000..604fc41c105 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26635.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26635", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:10.203", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: Drop support for ETH_P_TR_802_2.\n\nsyzbot reported an uninit-value bug below. [0]\n\nllc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2\n(0x0011), and syzbot abused the latter to trigger the bug.\n\n write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x11}, @val, @mpls={[], @llc={@snap={0xaa, 0x1, ')', \"90e5dd\"}}}}, 0x16)\n\nllc_conn_handler() initialises local variables {saddr,daddr}.mac\nbased on skb in llc_pdu_decode_sa()/llc_pdu_decode_da() and passes\nthem to __llc_lookup().\n\nHowever, the initialisation is done only when skb->protocol is\nhtons(ETH_P_802_2), otherwise, __llc_lookup_established() and\n__llc_lookup_listener() will read garbage.\n\nThe missing initialisation existed prior to commit 211ed865108e\n(\"net: delete all instances of special processing for token ring\").\n\nIt removed the part to kick out the token ring stuff but forgot to\nclose the door allowing ETH_P_TR_802_2 packets to sneak into llc_rcv().\n\nLet's remove llc_tr_packet_type and complete the deprecation.\n\n[0]:\nBUG: KMSAN: uninit-value in __llc_lookup_established+0xe9d/0xf90\n __llc_lookup_established+0xe9d/0xf90\n __llc_lookup net/llc/llc_conn.c:611 [inline]\n llc_conn_handler+0x4bd/0x1360 net/llc/llc_conn.c:791\n llc_rcv+0xfbb/0x14a0 net/llc/llc_input.c:206\n __netif_receive_skb_one_core net/core/dev.c:5527 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5641\n netif_receive_skb_internal net/core/dev.c:5727 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5786\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x8ef/0x1490 fs/read_write.c:584\n ksys_write+0x20f/0x4c0 fs/read_write.c:637\n __do_sys_write fs/read_write.c:649 [inline]\n __se_sys_write fs/read_write.c:646 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:646\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nLocal variable daddr created at:\n llc_conn_handler+0x53/0x1360 net/llc/llc_conn.c:783\n llc_rcv+0xfbb/0x14a0 net/llc/llc_input.c:206\n\nCPU: 1 PID: 5004 Comm: syz-executor994 Not tainted 6.6.0-syzkaller-14500-g1c41041124bd #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/165ad1e22779685c3ed3dd349c6c4c632309cc62", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/660c3053d992b68fee893a0e9ec9159228cffdc6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9ccdef19cf9497c2803b005369668feb91cacdfd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b8e8838f82f332ae80c643dbb1ca4418d0628097", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c0fe2fe7a5a291dfcf6dc64301732c8d3dc6a828", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/df57fc2f2abf548aa889a36ab0bdcc94a75399dc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e3f9bed9bee261e3347131764e42aeedf1ffea61", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f1f34a515fb1e25e85dee94f781e7869ae351fb8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26636.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26636.json new file mode 100644 index 00000000000..ecdbbaf4497 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26636.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-26636", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:10.363", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: make llc_ui_sendmsg() more robust against bonding changes\n\nsyzbot was able to trick llc_ui_sendmsg(), allocating an skb with no\nheadroom, but subsequently trying to push 14 bytes of Ethernet header [1]\n\nLike some others, llc_ui_sendmsg() releases the socket lock before\ncalling sock_alloc_send_skb().\nThen it acquires it again, but does not redo all the sanity checks\nthat were performed.\n\nThis fix:\n\n- Uses LL_RESERVED_SPACE() to reserve space.\n- Check all conditions again after socket lock is held again.\n- Do not account Ethernet header for mtu limitation.\n\n[1]\n\nskbuff: skb_under_panic: text:ffff800088baa334 len:1514 put:14 head:ffff0000c9c37000 data:ffff0000c9c36ff2 tail:0x5dc end:0x6c0 dev:bond0\n\n kernel BUG at net/core/skbuff.c:193 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6875 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller-00101-g0802e17d9aca-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : skb_panic net/core/skbuff.c:189 [inline]\n pc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\n lr : skb_panic net/core/skbuff.c:189 [inline]\n lr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\nsp : ffff800096f97000\nx29: ffff800096f97010 x28: ffff80008cc8d668 x27: dfff800000000000\nx26: ffff0000cb970c90 x25: 00000000000005dc x24: ffff0000c9c36ff2\nx23: ffff0000c9c37000 x22: 00000000000005ea x21: 00000000000006c0\nx20: 000000000000000e x19: ffff800088baa334 x18: 1fffe000368261ce\nx17: ffff80008e4ed000 x16: ffff80008a8310f8 x15: 0000000000000001\nx14: 1ffff00012df2d58 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000001 x10: 0000000000ff0100 x9 : e28a51f1087e8400\nx8 : e28a51f1087e8400 x7 : ffff80008028f8d0 x6 : 0000000000000000\nx5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff800082b78714\nx2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000089\nCall trace:\n skb_panic net/core/skbuff.c:189 [inline]\n skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\n skb_push+0xf0/0x108 net/core/skbuff.c:2451\n eth_header+0x44/0x1f8 net/ethernet/eth.c:83\n dev_hard_header include/linux/netdevice.h:3188 [inline]\n llc_mac_hdr_init+0x110/0x17c net/llc/llc_output.c:33\n llc_sap_action_send_xid_c+0x170/0x344 net/llc/llc_s_ac.c:85\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x1ec/0x774 net/llc/llc_sap.c:209\n llc_build_and_send_xid_pkt+0x12c/0x1c0 net/llc/llc_sap.c:270\n llc_ui_sendmsg+0x7bc/0xb1c net/llc/af_llc.c:997\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_sendmsg+0x194/0x274 net/socket.c:767\n splice_to_socket+0x7cc/0xd58 fs/splice.c:881\n do_splice_from fs/splice.c:933 [inline]\n direct_splice_actor+0xe4/0x1c0 fs/splice.c:1142\n splice_direct_to_actor+0x2a0/0x7e4 fs/splice.c:1088\n do_splice_direct+0x20c/0x348 fs/splice.c:1194\n do_sendfile+0x4bc/0xc70 fs/read_write.c:1254\n __do_sys_sendfile64 fs/read_write.c:1322 [inline]\n __se_sys_sendfile64 fs/read_write.c:1308 [inline]\n __arm64_sys_sendfile64+0x160/0x3b4 fs/read_write.c:1308\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155\n el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595\nCode: aa1803e6 aa1903e7 a90023f5 94792f6a (d4210000)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/04f2a74b562f3a7498be0399309669f342793d8c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6d53b813ff8b177f86f149c2f744442681f720e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/84e9d10419f6f4f3f3cd8f9aaf44a48719aa4b1b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b643d0defcbacd7fe548bc65c3e4e6f17dc5eb2d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c22044270da68881074fda81a7d34812726cb249", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c451c008f563d56d5e676c9dcafae565fcad84bb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cafd3ad3fe03ef4d6632747be9ee15dc0029db4b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dad555c816a50c6a6a8a86be1f9177673918c647", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26637.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26637.json new file mode 100644 index 00000000000..2fc9cee36e2 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26637.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-26637", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:10.550", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: rely on mac80211 debugfs handling for vif\n\nmac80211 started to delete debugfs entries in certain cases, causing a\nath11k to crash when it tried to delete the entries later. Fix this by\nrelying on mac80211 to delete the entries when appropriate and adding\nthem from the vif_add_debugfs handler." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/556857aa1d0855aba02b1c63bc52b91ec63fc2cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa74ce30a8a40d19a4256de4ae5322e71344a274", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26638.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26638.json new file mode 100644 index 00000000000..9d81ef47c45 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26638.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26638", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:10.720", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: always initialize struct msghdr completely\n\nsyzbot complains that msg->msg_get_inq value can be uninitialized [1]\n\nstruct msghdr got many new fields recently, we should always make\nsure their values is zero by default.\n\n[1]\n BUG: KMSAN: uninit-value in tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n inet_recvmsg+0x131/0x580 net/ipv4/af_inet.c:879\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg+0x12b/0x1e0 net/socket.c:1066\n __sock_xmit+0x236/0x5c0 drivers/block/nbd.c:538\n nbd_read_reply drivers/block/nbd.c:732 [inline]\n recv_work+0x262/0x3100 drivers/block/nbd.c:863\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2700\n worker_thread+0xf45/0x1490 kernel/workqueue.c:2781\n kthread+0x3ed/0x540 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n\nLocal variable msg created at:\n __sock_xmit+0x4c/0x5c0 drivers/block/nbd.c:513\n nbd_read_reply drivers/block/nbd.c:732 [inline]\n recv_work+0x262/0x3100 drivers/block/nbd.c:863\n\nCPU: 1 PID: 7465 Comm: kworker/u5:1 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: nbd5-recv recv_work" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1960f2b534da1e6c65fb96f9e98bda773495f406", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/78fbb92af27d0982634116c7a31065f24d092826", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b0028f333420a65a53a63978522db680b37379dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d9c54763e5cdbbd3f81868597fe8aca3c96e6387", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json new file mode 100644 index 00000000000..4b5c09b6a37 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-26639", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:10.880", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, kmsan: fix infinite recursion due to RCU critical section\n\nAlexander Potapenko writes in [1]: \"For every memory access in the code\ninstrumented by KMSAN we call kmsan_get_metadata() to obtain the metadata\nfor the memory being accessed. For virtual memory the metadata pointers\nare stored in the corresponding `struct page`, therefore we need to call\nvirt_to_page() to get them.\n\nAccording to the comment in arch/x86/include/asm/page.h,\nvirt_to_page(kaddr) returns a valid pointer iff virt_addr_valid(kaddr) is\ntrue, so KMSAN needs to call virt_addr_valid() as well.\n\nTo avoid recursion, kmsan_get_metadata() must not call instrumented code,\ntherefore ./arch/x86/include/asm/kmsan.h forks parts of\narch/x86/mm/physaddr.c to check whether a virtual address is valid or not.\n\nBut the introduction of rcu_read_lock() to pfn_valid() added instrumented\nRCU API calls to virt_to_page_or_null(), which is called by\nkmsan_get_metadata(), so there is an infinite recursion now. I do not\nthink it is correct to stop that recursion by doing\nkmsan_enter_runtime()/kmsan_exit_runtime() in kmsan_get_metadata(): that\nwould prevent instrumented functions called from within the runtime from\ntracking the shadow values, which might introduce false positives.\"\n\nFix the issue by switching pfn_valid() to the _sched() variant of\nrcu_read_lock/unlock(), which does not require calling into RCU. Given\nthe critical section in pfn_valid() is very small, this is a reasonable\ntrade-off (with preemptible RCU).\n\nKMSAN further needs to be careful to suppress calls into the scheduler,\nwhich would be another source of recursion. This can be done by wrapping\nthe call to pfn_valid() into preempt_disable/enable_no_resched(). The\ndownside is that this sacrifices breaking scheduling guarantees; however,\na kernel compiled with KMSAN has already given up any performance\nguarantees due to being heavily instrumented.\n\nNote, KMSAN code already disables tracing via Makefile, and since mmzone.h\nis included, it is not necessary to use the notrace variant, which is\ngenerally preferred in all other cases." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5a33420599fa0288792537e6872fd19cc8607ea6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6335c0cdb2ea0ea02c999e04d34fd84f69fb27ff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc904345e3771aa01d0b8358b550802fdc6fe00b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26640.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26640.json new file mode 100644 index 00000000000..579cfc42b3d --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26640.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26640", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:11.043", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: add sanity checks to rx zerocopy\n\nTCP rx zerocopy intent is to map pages initially allocated\nfrom NIC drivers, not pages owned by a fs.\n\nThis patch adds to can_map_frag() these additional checks:\n\n- Page must not be a compound one.\n- page->mapping must be NULL.\n\nThis fixes the panic reported by ZhangPeng.\n\nsyzbot was able to loopback packets built with sendfile(),\nmapping pages owned by an ext4 file to TCP rx zerocopy.\n\nr3 = socket$inet_tcp(0x2, 0x1, 0x0)\nmmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)\nr4 = socket$inet_tcp(0x2, 0x1, 0x0)\nbind$inet(r4, &(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10)\nconnect$inet(r4, &(0x7f00000006c0)={0x2, 0x4e24, @empty}, 0x10)\nr5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\\x00',\n 0x181e42, 0x0)\nfallocate(r5, 0x0, 0x0, 0x85b8)\nsendfile(r4, r5, 0x0, 0x8ba0)\ngetsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23,\n &(0x7f00000001c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0,\n 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000440)=0x40)\nr6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\\x00',\n 0x181e42, 0x0)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1b8adcc0e2c584fec778add7777fe28e20781e60", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/577e4432f3ac810049cb7e6b71f4d96ec7c6e894", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/718f446e60316bf606946f7f42367d691d21541e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b383d4ea272fe5795877506dcce5aad1f6330e5e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d15cc0f66884ef2bed28c7ccbb11c102aa3a0760", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f48bf9a83b1666d934247cb58a9887d7b3127b6f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26641.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26641.json new file mode 100644 index 00000000000..2e764cf95d3 --- /dev/null +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26641.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-26641", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-18T11:15:11.193", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\n\nsyzbot found __ip6_tnl_rcv() could access unitiliazed data [1].\n\nCall pskb_inet_may_pull() to fix this, and initialize ipv6h\nvariable after this call as it can change skb->head.\n\n[1]\n BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n ip6ip6_dscp_ecn_decapsulate+0x178/0x1b0 net/ipv6/ip6_tunnel.c:727\n __ip6_tnl_rcv+0xd4e/0x1590 net/ipv6/ip6_tunnel.c:845\n ip6_tnl_rcv+0xce/0x100 net/ipv6/ip6_tunnel.c:888\n gre_rcv+0x143f/0x1870\n ip6_protocol_deliver_rcu+0xda6/0x2a60 net/ipv6/ip6_input.c:438\n ip6_input_finish net/ipv6/ip6_input.c:483 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_input+0x15d/0x430 net/ipv6/ip6_input.c:492\n ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586\n dst_input include/net/dst.h:461 [inline]\n ip6_rcv_finish+0x5db/0x870 net/ipv6/ip6_input.c:79\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ipv6_rcv+0xda/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5532 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5646\n netif_receive_skb_internal net/core/dev.c:5732 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5791\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n tun_alloc_skb drivers/net/tun.c:1531 [inline]\n tun_get_user+0x1e8a/0x66d0 drivers/net/tun.c:1846\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 0 PID: 5034 Comm: syz-executor331 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/350a6640fac4b53564ec20aa3f4a0922cb0ba5e6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8d975c15c0cd744000ca386247432d57b21f9df0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a9bc32879a08f23cdb80a48c738017e39aea1080", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af6b5c50d47ab43e5272ad61935d0ed2e264d3f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c835df3bcc14858ae9b27315dd7de76370b94f3a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d54e4da98bbfa8c257bdca94c49652d81d18a4d8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-277xx/CVE-2024-27757.json b/CVE-2024/CVE-2024-277xx/CVE-2024-27757.json index e47b2aaa0e5..ca07c6523db 100644 --- a/CVE-2024/CVE-2024-277xx/CVE-2024-27757.json +++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27757.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27757", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T04:15:09.667", - "lastModified": "2024-03-18T04:15:09.667", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27974.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27974.json index 483898c608e..ce622e7833b 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27974.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27974.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27974", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T08:15:06.287", - "lastModified": "2024-03-18T08:15:06.287", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-280xx/CVE-2024-28039.json b/CVE-2024/CVE-2024-280xx/CVE-2024-28039.json index 9b9aae7457c..57d2dd32fef 100644 --- a/CVE-2024/CVE-2024-280xx/CVE-2024-28039.json +++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28039.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28039", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T09:15:06.483", - "lastModified": "2024-03-18T09:15:06.483", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28125.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28125.json index f832acc8e45..724ef530f7f 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28125.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28125.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28125", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T08:15:06.347", - "lastModified": "2024-03-18T08:15:06.347", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28128.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28128.json index f3a31e42a37..48b7b773c79 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28128.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28128.json @@ -2,12 +2,16 @@ "id": "CVE-2024-28128", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T08:15:06.400", - "lastModified": "2024-03-18T08:15:06.400", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site scripting en las versiones de FitNesse anteriores a 20220319, lo que puede permitir que un atacante remoto no autenticado ejecute un script arbitrario en el navegador web del usuario que utiliza el producto y accede a un enlace con un determinado par\u00e1metro especialmente manipulado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28745.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28745.json index 50e7dc2b4d3..070e1c10a8f 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28745.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28745.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28745", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-03-18T04:15:09.987", - "lastModified": "2024-03-18T04:15:09.987", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29151.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29151.json index 82b2acc119c..0ab65f20cae 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29151.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29151.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29151", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T06:15:05.913", - "lastModified": "2024-03-18T06:15:05.913", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29154.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29154.json index 7c12791b872..f8747603b84 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29154.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29154.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29154", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T06:15:06.080", - "lastModified": "2024-03-18T06:15:06.080", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29156.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29156.json index 7a9ac027895..770eae55522 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29156.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29156.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29156", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-18T07:15:05.880", - "lastModified": "2024-03-18T07:15:05.880", - "vulnStatus": "Received", + "lastModified": "2024-03-18T12:38:25.490", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index f02c5076a48..5aced658569 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-18T11:00:37.871709+00:00 +2024-03-18T13:00:39.107263+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-18T10:15:20.863000+00:00 +2024-03-18T12:38:25.490000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,68 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -241785 +241809 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `24` -* [CVE-2024-1604](CVE-2024/CVE-2024-16xx/CVE-2024-1604.json) (`2024-03-18T10:15:19.900`) -* [CVE-2024-1605](CVE-2024/CVE-2024-16xx/CVE-2024-1605.json) (`2024-03-18T10:15:20.583`) -* [CVE-2024-1606](CVE-2024/CVE-2024-16xx/CVE-2024-1606.json) (`2024-03-18T10:15:20.863`) -* [CVE-2024-28039](CVE-2024/CVE-2024-280xx/CVE-2024-28039.json) (`2024-03-18T09:15:06.483`) +* [CVE-2023-52609](CVE-2023/CVE-2023-526xx/CVE-2023-52609.json) (`2024-03-18T11:15:07.743`) +* [CVE-2023-52610](CVE-2023/CVE-2023-526xx/CVE-2023-52610.json) (`2024-03-18T11:15:07.943`) +* [CVE-2023-52611](CVE-2023/CVE-2023-526xx/CVE-2023-52611.json) (`2024-03-18T11:15:08.157`) +* [CVE-2023-52612](CVE-2023/CVE-2023-526xx/CVE-2023-52612.json) (`2024-03-18T11:15:08.317`) +* [CVE-2023-52613](CVE-2023/CVE-2023-526xx/CVE-2023-52613.json) (`2024-03-18T11:15:08.477`) +* [CVE-2023-52614](CVE-2023/CVE-2023-526xx/CVE-2023-52614.json) (`2024-03-18T11:15:08.640`) +* [CVE-2023-52615](CVE-2023/CVE-2023-526xx/CVE-2023-52615.json) (`2024-03-18T11:15:08.797`) +* [CVE-2023-52616](CVE-2023/CVE-2023-526xx/CVE-2023-52616.json) (`2024-03-18T11:15:08.967`) +* [CVE-2023-52617](CVE-2023/CVE-2023-526xx/CVE-2023-52617.json) (`2024-03-18T11:15:09.057`) +* [CVE-2023-52618](CVE-2023/CVE-2023-526xx/CVE-2023-52618.json) (`2024-03-18T11:15:09.110`) +* [CVE-2023-52619](CVE-2023/CVE-2023-526xx/CVE-2023-52619.json) (`2024-03-18T11:15:09.170`) +* [CVE-2024-1013](CVE-2024/CVE-2024-10xx/CVE-2024-1013.json) (`2024-03-18T11:15:09.227`) +* [CVE-2024-20767](CVE-2024/CVE-2024-207xx/CVE-2024-20767.json) (`2024-03-18T12:15:06.870`) +* [CVE-2024-26631](CVE-2024/CVE-2024-266xx/CVE-2024-26631.json) (`2024-03-18T11:15:09.483`) +* [CVE-2024-26632](CVE-2024/CVE-2024-266xx/CVE-2024-26632.json) (`2024-03-18T11:15:09.697`) +* [CVE-2024-26633](CVE-2024/CVE-2024-266xx/CVE-2024-26633.json) (`2024-03-18T11:15:09.867`) +* [CVE-2024-26634](CVE-2024/CVE-2024-266xx/CVE-2024-26634.json) (`2024-03-18T11:15:10.053`) +* [CVE-2024-26635](CVE-2024/CVE-2024-266xx/CVE-2024-26635.json) (`2024-03-18T11:15:10.203`) +* [CVE-2024-26636](CVE-2024/CVE-2024-266xx/CVE-2024-26636.json) (`2024-03-18T11:15:10.363`) +* [CVE-2024-26637](CVE-2024/CVE-2024-266xx/CVE-2024-26637.json) (`2024-03-18T11:15:10.550`) +* [CVE-2024-26638](CVE-2024/CVE-2024-266xx/CVE-2024-26638.json) (`2024-03-18T11:15:10.720`) +* [CVE-2024-26639](CVE-2024/CVE-2024-266xx/CVE-2024-26639.json) (`2024-03-18T11:15:10.880`) +* [CVE-2024-26640](CVE-2024/CVE-2024-266xx/CVE-2024-26640.json) (`2024-03-18T11:15:11.043`) +* [CVE-2024-26641](CVE-2024/CVE-2024-266xx/CVE-2024-26641.json) (`2024-03-18T11:15:11.193`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `31` +* [CVE-2022-47036](CVE-2022/CVE-2022-470xx/CVE-2022-47036.json) (`2024-03-18T12:38:25.490`) +* [CVE-2022-47037](CVE-2022/CVE-2022-470xx/CVE-2022-47037.json) (`2024-03-18T12:38:25.490`) +* [CVE-2023-52159](CVE-2023/CVE-2023-521xx/CVE-2023-52159.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-1604](CVE-2024/CVE-2024-16xx/CVE-2024-1604.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-1605](CVE-2024/CVE-2024-16xx/CVE-2024-1605.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-1606](CVE-2024/CVE-2024-16xx/CVE-2024-1606.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-21824](CVE-2024/CVE-2024-218xx/CVE-2024-21824.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-22475](CVE-2024/CVE-2024-224xx/CVE-2024-22475.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-23604](CVE-2024/CVE-2024-236xx/CVE-2024-23604.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-24230](CVE-2024/CVE-2024-242xx/CVE-2024-24230.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-24539](CVE-2024/CVE-2024-245xx/CVE-2024-24539.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-2574](CVE-2024/CVE-2024-25xx/CVE-2024-2574.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-2575](CVE-2024/CVE-2024-25xx/CVE-2024-2575.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-2576](CVE-2024/CVE-2024-25xx/CVE-2024-2576.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-2577](CVE-2024/CVE-2024-25xx/CVE-2024-2577.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-2581](CVE-2024/CVE-2024-25xx/CVE-2024-2581.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-27757](CVE-2024/CVE-2024-277xx/CVE-2024-27757.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-27974](CVE-2024/CVE-2024-279xx/CVE-2024-27974.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-28039](CVE-2024/CVE-2024-280xx/CVE-2024-28039.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-28125](CVE-2024/CVE-2024-281xx/CVE-2024-28125.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-28128](CVE-2024/CVE-2024-281xx/CVE-2024-28128.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-28745](CVE-2024/CVE-2024-287xx/CVE-2024-28745.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-29151](CVE-2024/CVE-2024-291xx/CVE-2024-29151.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-29154](CVE-2024/CVE-2024-291xx/CVE-2024-29154.json) (`2024-03-18T12:38:25.490`) +* [CVE-2024-29156](CVE-2024/CVE-2024-291xx/CVE-2024-29156.json) (`2024-03-18T12:38:25.490`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 6c8cbf87f3f..4f287c80171 100644 --- a/_state.csv +++ b/_state.csv @@ -121368,7 +121368,7 @@ CVE-2018-25095,0,0,fb73a2ca07bc0b1c3648dd352ef5d63d5e38141d3163c348c092eb2180763 CVE-2018-25096,0,0,65946b951ad2c28cc99779b55c9189a3eff50639dbf842e942c8a91e53b437eb,2024-02-29T01:23:15.437000 CVE-2018-25097,0,0,2c5fa32a0d772992a56fb020de703568956d2982c6480d087346ecda7afe11fd,2024-02-29T01:23:15.543000 CVE-2018-25098,0,0,37d4c449b9e769fa372d3a284d5f7c94226d641b16e61e76e9d5cd58b62d1343,2024-02-29T01:23:15.647000 -CVE-2018-25099,0,0,ecd7dfac4689d31b78533455ca24a9939b8794d81bc98ef23cf13bf85a2f0f57,2024-03-18T05:15:06.007000 +CVE-2018-25099,0,1,d735b1e1efe1c691d95c6f3f3364dd85854197ddc01aa598bf0b31d51ccd7052,2024-03-18T12:38:25.490000 CVE-2018-2515,0,0,158f882e4275a7485a2b9ce17e7e57c4ea22cf74c55a78a9900c73a4caa327c0,2023-11-07T02:57:57.887000 CVE-2018-2560,0,0,0bb1a26d6c05fddeb488697adb0bbe667a3dd77c1a5bc7af495c8721df5b1197,2020-08-24T17:37:01.140000 CVE-2018-2561,0,0,b76feaa260e2f54fc8eeb8d50d578ffdd22b603f486ac4f8f5b3bc42df22fa45,2018-01-25T13:53:15.120000 @@ -186819,7 +186819,7 @@ CVE-2021-47111,0,0,4c6d7f8e2ead540fb0466d815466662a005fab2f4031af315699a1765895c CVE-2021-47112,0,0,ef3a3e380c8ada0d435f747145102854eb6709678939c7dd53a2655dec90b8bf,2024-03-17T22:38:29.433000 CVE-2021-47113,0,0,9d09116e6373fa7bcc34c1e6cf39477e57ad53cc498118b2c620dd8cb1fd917a,2024-03-17T22:38:29.433000 CVE-2021-47114,0,0,f5813d25bee050c532c2ccb4b387e41f4cbb05e6ea107b39f7cf36e459515eeb,2024-03-17T22:38:29.433000 -CVE-2021-47115,0,0,8e9aec619cddfcb6f6a2a3e9edf5df83c4486b5d55f6b2371ed1210a1eb082d0,2024-03-17T22:38:29.433000 +CVE-2021-47115,0,1,49756cf61db16dbbdfddc93156bf4dc1ab50dec73c144a78168f769329c96b5d,2024-03-18T11:15:07.400000 CVE-2021-47116,0,0,c48e06418b0b118ca22950b67b38f3f54a74fdd6b5e133cecb48e88f0d85752d,2024-03-17T22:38:29.433000 CVE-2021-47117,0,0,793b6ef69840b6724f086df3c240a12b855b373684b21d34236523cd515af073,2024-03-17T22:38:29.433000 CVE-2021-47118,0,0,f5bdd0fd152f2c6bba595adb8fe6b7a19e5810e3cd44162d6db75d729a87359a,2024-03-17T22:38:29.433000 @@ -186840,10 +186840,10 @@ CVE-2021-47132,0,0,1547d2dc3a369b3f7e76a4c03ab3a2a4cba2c1bffe45a54c111488733e6a6 CVE-2021-47133,0,0,7b6345e898b3e10a871129b85c8e095f10e5f051f1b15bf60f334c8709116bdd,2024-03-17T22:38:29.433000 CVE-2021-47134,0,0,8a7c141a2170c4a86e59cf8803a362f8506e9aca7f6918b58c8cce087c1666ed,2024-03-17T22:38:29.433000 CVE-2021-47135,0,0,a29c3bbac0a96b9549a1fb1c3113013df387a88d8966ee7b2759c5051b5c4adf,2024-03-17T22:38:29.433000 -CVE-2021-47154,0,0,5e15afa228cb7c4a5090cc44bbb98f6da5085390666542753115a7e8b02a7679,2024-03-18T05:15:06.140000 -CVE-2021-47155,0,0,71b3ab778c2ec575952faee8d383c5ecbb1e2626f5a83aefc2641eccdfa77ae2,2024-03-18T05:15:06.203000 -CVE-2021-47156,0,0,c96a781c45f67e4a33fa315e21c1e4dbf3e2bf8222c513ca19d93fc27237c58e,2024-03-18T05:15:06.260000 -CVE-2021-47157,0,0,212dafd9cdc2c9edf3fb0934adbba9140a4a5dd9a0c761aaceb0aa74dde8aa68,2024-03-18T05:15:06.317000 +CVE-2021-47154,0,1,6f3a77fc4eba272ac7ca8c198e6c7a5888f680d671d07339b643b3281c849444,2024-03-18T12:38:25.490000 +CVE-2021-47155,0,1,bee494eb829200ce197a81001bf6f873f4a081da3e2129bb7d4b020992031289,2024-03-18T12:38:25.490000 +CVE-2021-47156,0,1,75fd63fb5ac8e458da495960e06e713feb6719d51d4702ce727e2c406aac37b5,2024-03-18T12:38:25.490000 +CVE-2021-47157,0,1,39163a926229df1ebe51a3fc386748b3ee02182007a091017d976eab8239a6c0,2024-03-18T12:38:25.490000 CVE-2022-0001,0,0,eef83f8ee034200b042b5eda26b679b982266672cf1407daf8d9fbe1ba7937b5,2022-08-19T12:28:32.903000 CVE-2022-0002,0,0,4ba989879ca817729e7cddc36d35dc20834fb13fd71d0cce189890fe2defbd53,2022-08-19T12:28:50.667000 CVE-2022-0004,0,0,4891f62a2edc2f307dec62ec3f2089232f3fddba4652b7ef635786ed0f8a2286,2022-06-10T20:52:37.810000 @@ -210330,8 +210330,8 @@ CVE-2022-47029,0,0,6711d7ceb115fd6a5fbadd5fd10d1d6bf8dce32543d421aee1cee97e3de99 CVE-2022-4703,0,0,04fd529fd214a0ee7797e781b2cb706147a8cd1fa8d3cd1a0b2b027baebf6129,2023-11-07T03:58:37.930000 CVE-2022-47034,0,0,5ac67aa163553be867a866364afa18b92dc4bc7f840a7a175875590efa8c950d,2023-02-22T20:14:11.913000 CVE-2022-47035,0,0,aa806af6e8b40d416e03065c0212e2a0473d848363c34ed069117e45409d8bfd,2023-02-07T21:48:39.107000 -CVE-2022-47036,0,0,712b2d752195991270c0d018b0cbec8e88bfed191acb4f7fab9be1a524adeda3,2024-03-18T04:15:08.400000 -CVE-2022-47037,0,0,9998cdfb32a03dcbd235f2220286548ce939ef5b688176017ac8aaa10119e5df,2024-03-18T03:15:06.017000 +CVE-2022-47036,0,1,9bbe50d7c7e651f6f38e707fdc31a6ac4f54683556035faaca683fa85a311228,2024-03-18T12:38:25.490000 +CVE-2022-47037,0,1,72cf2244460ffdc281a6c91818d5583d58f2057f1518ae4cb3f39eb5dd39d6e3,2024-03-18T12:38:25.490000 CVE-2022-4704,0,0,84b343d6897ec65299cf51bae586ccb120c16f50abcda275762c71d63050680b,2023-11-07T03:58:38.160000 CVE-2022-47040,0,0,9ae2dd2965fd1fe7d23b5e824c080ca835a2b6315c4b7e40e407cf6ffc8d9ff4,2023-02-06T16:23:30.867000 CVE-2022-47042,0,0,23eeda5f6d3ef78633c762345fe7efe3a9fda0099f5033544f0151a84183269c,2023-02-01T15:55:27.787000 @@ -235731,7 +235731,7 @@ CVE-2023-52152,0,0,e56fa2d2c1e141f8041fc8c88a612bb4ba95742ec4640f573ab4ba7b04743 CVE-2023-52153,0,0,0c2ecbcd7f13f6c7a2e779421c57cd39c3bb12a281b05ae9cded4398a2a9234b,2024-02-22T19:07:27.197000 CVE-2023-52154,0,0,4fcc7827557b88433f869eead3b4c25d57fe62a3f5aad2c73cc5b9f30781be75,2024-02-22T19:07:27.197000 CVE-2023-52155,0,0,2d124c7a3937e95fe09338bcde4297ee381aa5672d319a6218dc245e972781e4,2024-02-22T19:07:27.197000 -CVE-2023-52159,0,0,24affa4d9ce082b4c50b11f3bef4ca5d64d23ec2aaf939bcbbdfbf1e18a07e7f,2024-03-18T02:15:06.053000 +CVE-2023-52159,0,1,41421be2ebaeeb7ef7d7c43552644b2dc0056ba0b234467156aa851224a19b02,2024-03-18T12:38:25.490000 CVE-2023-52160,0,0,26d003b98163e2d30bad3b1985c8060a1ba805b634cf011a494792cd39c5f541,2024-03-10T04:15:06.897000 CVE-2023-52161,0,0,b966a3a69a610f6ff3a56147c89455f884597e29aebe81d8c5dff7de80fd83ac,2024-03-16T02:15:08.023000 CVE-2023-5217,0,0,eb72b7bf45cf830e8dfea06ca9df4012d36de44c17fe08c39232c1c398d1ba15,2024-02-15T02:00:01.650000 @@ -236055,7 +236055,18 @@ CVE-2023-52605,0,0,b5af21151183e023d24583c3bc040b304802944a7a957d88eaa5a84d6f115 CVE-2023-52606,0,0,af178db0080c3115d91a437ab5b42adac2141a98dadd572d3736b5223567f757,2024-03-06T15:18:08.093000 CVE-2023-52607,0,0,cd279ac76807826cb38ca9326be0382c8b742bd78a6b07422163f9ab0e29e5d3,2024-03-06T15:18:08.093000 CVE-2023-52608,0,0,cf7b7e55e8f4282fe3aa5b5ec270126b4956cd8a6e010ac62f6f0d8d8eda977e,2024-03-13T14:28:45.217000 +CVE-2023-52609,1,1,1ec7b2b7f0b5830398bf496ede77a85c956636f5efebb34c5821c74e87de59fb,2024-03-18T12:38:25.490000 CVE-2023-5261,0,0,b9a5d5c1665b23d8f490ac5c803287da98c60050898a52b85f908d7910feaa98,2024-02-29T01:42:14.327000 +CVE-2023-52610,1,1,ee1e0c855b5086ee8a6cd69476a115a967c2be78afb4e6bd5609c72193b33174,2024-03-18T12:38:25.490000 +CVE-2023-52611,1,1,40845ba9316514441d1feadb87e0cae62c231f80f18083575a7589f436d9c88a,2024-03-18T12:38:25.490000 +CVE-2023-52612,1,1,86116ad5501f8e16e34b2278435e9f6615fe4c5eca8db57af8a92ccd01f4aeb9,2024-03-18T12:38:25.490000 +CVE-2023-52613,1,1,2559e9a47d0865c6ed91b9b97353a357d5bdc1bc0874c4528461888eaa82e4b0,2024-03-18T12:38:25.490000 +CVE-2023-52614,1,1,9a47e5fa010c233eb65cf265083158848e74b2ac98bc88ba47dba336f5d6f864,2024-03-18T12:38:25.490000 +CVE-2023-52615,1,1,ae2f588dd944919ccefd8f117b5857b1dee371d6c0136e4afa363298576cdb9d,2024-03-18T12:38:25.490000 +CVE-2023-52616,1,1,d46a36daaf39a6933f1934dcc804e0dde6c24dd892af8eba3e365f7799c5e226,2024-03-18T12:38:25.490000 +CVE-2023-52617,1,1,f0d1845e58ea02c738b1ec1e2d288afdea54a1b7b0560563e591cbf8a94d7b1a,2024-03-18T12:38:25.490000 +CVE-2023-52618,1,1,b5911b883516cbd2f5cf14b99d902d8a0925341159df16255394d123241b138c,2024-03-18T12:38:25.490000 +CVE-2023-52619,1,1,f46462caad2b4e4fe7d002d9098d4ea67efe389e422897ccb9b563c086ee66f9,2024-03-18T12:38:25.490000 CVE-2023-5262,0,0,894fcd8d03366c3f74f7ca422533c84f8d2347a01347f60fdf2b57148937c32b,2024-02-29T01:42:14.413000 CVE-2023-5263,0,0,f725be7f729eda7e17d61afdbcbca4a8848bfa1b71076de4cfece717f5e6d50f,2024-02-29T01:42:14.507000 CVE-2023-5264,0,0,32d08cc44c26da535bf45da918c6c375eb3bc38f07506a97a8067a4cdac008b2,2024-02-29T01:42:14.613000 @@ -238408,6 +238419,7 @@ CVE-2024-1009,0,0,e9886f135a1904513c5492584e93b480f8123ea54a5646cc63ad7979a09156 CVE-2024-1010,0,0,21de2d13dbbe9aa75a4792fd36a3d02bbd63262ac6495868a67338c19b09d8b7,2024-02-29T01:43:36.437000 CVE-2024-1011,0,0,669595c30eb4657a25bcf3a638abdfae088c17340bebe30f08014dbb9d8968c7,2024-02-29T01:43:36.520000 CVE-2024-1012,0,0,5f9b49ca4d9113130e1f5bff1f097fc59594bf2267da99bbbd213167113297fd,2024-02-29T01:43:36.610000 +CVE-2024-1013,1,1,e150b03e8effe5d408e609c52edc2a97a672ec71e37b752ba81390ace6e6c4a5,2024-03-18T12:38:25.490000 CVE-2024-1014,0,0,238edcae645caf8c250171c26ca284bc55fd0cc45f1850cc46805f3ee42bb20b,2024-02-02T02:05:39.277000 CVE-2024-1015,0,0,21a80afc576ae37259c08dd92fbf001f544a22abb5c075d30ace7a2bb3b39c35,2024-02-02T02:04:13.267000 CVE-2024-1016,0,0,e64ebc3d814950f52294a7bd305cc8a8cd0e3376d4281bf830abdca26d872c4e,2024-02-29T01:43:36.723000 @@ -238790,9 +238802,9 @@ CVE-2024-1591,0,0,813b185516fa7310825023c3e019d8a3dad8db3ac6e030a92367a91ad355f3 CVE-2024-1592,0,0,4582ff945ad5ca026cbf9802fe1ff930654543e6af8959ddb0064a96f357fa86,2024-03-04T13:58:23.447000 CVE-2024-1595,0,0,0ac9aed2c4ed6b9e7bc181d6ab55412b8033a5bfcbc541a4a4b602392614e428,2024-03-01T14:04:26.010000 CVE-2024-1597,0,0,0788307c80ba77730580ebf7121ded97ea91ea8a6104800552d5fad5d2571fd9,2024-02-28T02:15:24.200000 -CVE-2024-1604,1,1,f03e64e076771f10a4466b1653b837ed73edc455ea0a99c28551d16bf8f086f0,2024-03-18T10:15:19.900000 -CVE-2024-1605,1,1,54e4dae625736985f2a55e6599ffb1abe4d5ce0ac2b4b1339cb85fbc1236aa01,2024-03-18T10:15:20.583000 -CVE-2024-1606,1,1,a561afbf8c29489e57c320d94e3f00d7262440823579ed6619d2c954f1912bee,2024-03-18T10:15:20.863000 +CVE-2024-1604,0,1,25d170839db11f4ea41c632ced8337b5253782b12d340da37d023f63edea028f,2024-03-18T12:38:25.490000 +CVE-2024-1605,0,1,62b019578e70e53cfe423518bffbdacd7e9d2b20a38e1a20493843f48f2c9335,2024-03-18T12:38:25.490000 +CVE-2024-1606,0,1,1dd8d3f4038ab114d7381393cf6ccaa18972b644bfdd0185bedd24c55f77fbfa,2024-03-18T12:38:25.490000 CVE-2024-1608,0,0,9c8b01b69ae5b4c70260d911aff7b2894c96a989ff451b383a0cacb2ffa6ce98,2024-02-20T19:50:53.960000 CVE-2024-1618,0,0,d4ed9a7b03a6bc2af34446a7f8522f650b18bcab5c93148fbff943d48943d202,2024-03-12T16:02:33.900000 CVE-2024-1619,0,0,3bd1c888593742e1605642ab3506d543678d2b012b17cc6ff867249b1db44054,2024-02-29T13:49:29.390000 @@ -239181,6 +239193,7 @@ CVE-2024-2075,0,0,2beaacabda2667a69b2e9a569fffed920e74cee8944931393d2178dcce4206 CVE-2024-20750,0,0,5cddf8a3a2bd619a95576bd7ac518a9a2bd0be1c8d28ed40e8010a951f4b5862,2024-02-15T14:28:20.067000 CVE-2024-2076,0,0,e7f4f1eb9d4801b159e19e6958b03336e4a3f4c5f2daffd2429350dcc008cebc,2024-03-01T22:22:25.913000 CVE-2024-20765,0,0,0bc0d6bebc7d0e3e5238fdf4ab0750cdcca06992066d14fdc4f2a56816d15cff,2024-02-29T18:06:42.010000 +CVE-2024-20767,1,1,c5c5af529a4cf50a35ecc8212e19f71560e769e33252f4d68e58edb47051acdf,2024-03-18T12:38:25.490000 CVE-2024-2077,0,0,9a4b96c976de73d6d8f579a225f4ba6e55c8a8791cc5d9d9f141b958b0074a4a,2024-03-01T22:22:25.913000 CVE-2024-2078,0,0,c5cf1f8224dc1437cc5c72b4c20f193ca60f923ea1195c1e3b8d6f13446a32c9,2024-03-01T14:04:04.827000 CVE-2024-2079,0,0,d19df912ca8f24c4783570207f7ead00a2f333eee11795e142007ff6a5180cfc,2024-03-14T12:52:16.723000 @@ -239595,7 +239608,7 @@ CVE-2024-21815,0,0,77643bc01852fedba42660856307ea92e48bb3e3a61f220c8468619481001 CVE-2024-21816,0,0,1c59ad824873b45e692308f55039674fb26186a48eef31c5167e14b30ad2d48e,2024-03-04T13:58:23.447000 CVE-2024-2182,0,0,14bda1bfcdbdf6b080e85345ab2fdae24b0366e1f08f909e690ef4866c4d1dff,2024-03-12T17:46:17.273000 CVE-2024-21821,0,0,4c3f841f13791c81362ea564b3fbf92012289121b1ae208771ab4f8c8efda3a4,2024-01-18T17:08:35.830000 -CVE-2024-21824,0,0,c1cdc2d3ea2481a42a8abdd1bb8cc537b301ce8f4369b37ab2671314039376c0,2024-03-18T08:15:06.087000 +CVE-2024-21824,0,1,6578f1c255bf92b3227d0fe6cbfb40e3cb2e59e3f57b8afa73116b5698d99b20,2024-03-18T12:38:25.490000 CVE-2024-21825,0,0,863f3bb0e32138d36771cc5631b2bee7f6404deacea520723a59336b368d85d0,2024-02-26T18:15:07.390000 CVE-2024-21826,0,0,86b5e9b280063a0ae27fb6d21bc17eab887de733b019435029a476d441c4590c,2024-03-04T13:58:23.447000 CVE-2024-21833,0,0,d495db7ecc3e5eea6a844ebf68934df72f88808ddb4472cc88d71eac4c0a6284,2024-01-18T18:26:59.627000 @@ -239878,7 +239891,7 @@ CVE-2024-22463,0,0,5b884681f5c1cb31ebf38842df7c3075a8e9d98da101d1e4ec4faa1ef09b6 CVE-2024-22464,0,0,890f63b91e1207e51dc2d0fc686f763deb067d6410c523bfc64d52071d75be15,2024-02-15T05:03:27.617000 CVE-2024-2247,0,0,b52dba6f68142dbeca56f2f1bf8b23a5401066ec4f0585445fe0cb42ba284eff,2024-03-14T10:15:07.027000 CVE-2024-22473,0,0,ba695bcad0bbe2cba422f3053697429916506f0f0ce55f150fe9af4a818e1f6b,2024-02-22T19:07:27.197000 -CVE-2024-22475,0,0,33e191f20f26c04b0dc5ed44a066597bc27a3961d127d59ca446b81a73b31962,2024-03-18T08:15:06.173000 +CVE-2024-22475,0,1,4c4064dfe279df3915cfe4351b34e2203987ab9678ccd5088b1ed534013ef14b,2024-03-18T12:38:25.490000 CVE-2024-2249,0,0,cf7e9c481ceeab4ebea44cd6aa64f5dbe4abd16900b5ad6fea6a1dcff54afc44,2024-03-15T12:53:06.423000 CVE-2024-22490,0,0,36caaa8caefc70cd3fb65a62a9488b2446e68d14844d0a61d7baf757d2000caa,2024-01-29T22:48:35.493000 CVE-2024-22491,0,0,99c25b0ff8de89fe3ebd04368e499e7fe9b3820707560bd21fed90048934c0ad,2024-01-23T14:28:45.890000 @@ -240260,7 +240273,7 @@ CVE-2024-23553,0,0,51ea2d50cc1ff4dbab518de2a29e9ef6a91bd6b91073c23eb1a7f0cb7c8f1 CVE-2024-2357,0,0,313587ca8b6b7919815ba797bea441002843b5151b56a9603272699863c7c655,2024-03-12T12:40:13.500000 CVE-2024-23591,0,0,f4c08614f6a162f49ecc99f020c088036b0b565e06b57796e1304b45ae78e59d,2024-02-20T22:15:08.353000 CVE-2024-23603,0,0,fa877b171423c355baa3228ce2c605e41edbf822a3508567d7754cb447355052,2024-02-14T18:04:45.380000 -CVE-2024-23604,0,0,ebf520efdb1291625cebf2afa512ecc89e9f0859d871db5a1cc4908400df4c55,2024-03-18T08:15:06.233000 +CVE-2024-23604,0,1,e59b2fef3e4403b54421820ae361a45c51d8d110d838c4f169f6bbcd20d8405d,2024-03-18T12:38:25.490000 CVE-2024-23605,0,0,6357ef47a85c4e22049db0926cbddeb8bbc82cdf2a1a81b5a28ca15d9cbb7aa0,2024-02-26T18:15:07.673000 CVE-2024-23606,0,0,598e3aff4ae1bfd2aada0c773944509bbb201f8071a41b1a5b9e3c7372eb5aae,2024-02-20T19:50:53.960000 CVE-2024-23607,0,0,8fbc2564c100ed17fa897212d565c049df0409466e1eb4358411ecb3ce547801,2024-02-14T18:04:45.380000 @@ -240565,7 +240578,7 @@ CVE-2024-24202,0,0,1d105bed1b9a63d735bee37efd6d6c425165a2cc4b28137df80d69159f445 CVE-2024-24213,0,0,2bfc81b7a3f58a2bff005a4738a275e99e1d9966d545c209bcf9c96774c75b4f,2024-03-05T02:15:27.493000 CVE-2024-24215,0,0,d3883dc710155bd950a18903f8aa5eb2eda59d1e9725a4303b203ea7778b78f1,2024-02-15T18:08:47.813000 CVE-2024-24216,0,0,3c3e699d8ba3256f67c55852e9ef2e3011cfbebba9e6c02139e656f08115b8a1,2024-02-08T13:44:21.670000 -CVE-2024-24230,0,0,ebdb4190370da69de050192a1be867f0889c450b3a5eb58717a347df2f1f90f9,2024-03-18T02:15:06.123000 +CVE-2024-24230,0,1,bf139fdd38db03479f7a2f56ec7f5e6118cac58f85cba8561f268b1ddc0f6335,2024-03-18T12:38:25.490000 CVE-2024-24246,0,0,bc598f9753d5ea601268c824c614eb035554042dcf5c8d2ed6a002f1d526ccfa,2024-03-10T04:15:06.997000 CVE-2024-24254,0,0,9339820ae71b7b870d84000911554e2e5f93e1c4ab945fdf5145aa252036f9c2,2024-02-15T18:46:57.737000 CVE-2024-24255,0,0,2085b0cb468b304c9118b3c0b0e3b0cf89bfb225076d95ede49b5c87a27416c9,2024-02-15T18:46:41.247000 @@ -240647,7 +240660,7 @@ CVE-2024-24512,0,0,03c51f88444f0be6fcfaff8e371681e3a1a1d007832a9bf8fa7088f13cfe5 CVE-2024-24524,0,0,40ecb02cd326bdc34833c61cf5eb3e9f45f526d45502f51591361c36d1938c63,2024-02-09T16:30:43.830000 CVE-2024-24525,0,0,13b50b322b70c1ba78c523473a9882b44cc13b59455e3e47dd336806a91a1148,2024-02-29T13:49:29.390000 CVE-2024-24528,0,0,184f3e16e059f6b990b79bbe85c13104f1b7059f71d8a1713060531c24aa2c42,2024-02-26T19:15:07.247000 -CVE-2024-24539,0,0,a272d51552049f1d1c59054e6c8b9ecaadcd41c34640ff79e6925b73f4ec2911,2024-03-18T03:15:06.067000 +CVE-2024-24539,0,1,7f9ccf3aeb194dbcadb7e7c711b93d67a684f5cb9ef05c7df05a6ce3579b487e,2024-03-18T12:38:25.490000 CVE-2024-24543,0,0,f516e88d85199344e1e2c4ae69468b4de7248951f71da4710fc97171a286ff1a,2024-02-14T17:13:32.827000 CVE-2024-24548,0,0,9dbe1af5af4a9b865bf88b2a305b739ac231a7ce95c9c8ed04344b3144708c91,2024-02-08T18:53:14.107000 CVE-2024-24549,0,0,40c63234666e6fbd8dd5cc33724c32e6d1287bfca86653230a25093c5deda2c2,2024-03-13T18:15:58.530000 @@ -241163,26 +241176,26 @@ CVE-2024-2573,0,0,de1a2a1cf4e8ef16f87ebea5a561eac940ddfce289df7fd5f1459fc536f370 CVE-2024-25730,0,0,70855abe305d0dfeeb202d7d3e0222d8c78a13e99e14d9706026a5f359efacd5,2024-02-26T13:42:22.567000 CVE-2024-25731,0,0,12f10a210f08c80cc0b13af611399517c9199c1982133ea9d0862af74a2a1634,2024-03-05T13:41:01.900000 CVE-2024-25739,0,0,950aa9620985a2c8df1dee08ed10faa0394d7dbb50bfb07f9f6b4659211920e9,2024-02-26T21:13:34.897000 -CVE-2024-2574,0,0,f3d27f0fdca6e865f12579e85f88d30568bd92fab237bca2c6afe554a6fe3580,2024-03-18T02:15:06.177000 +CVE-2024-2574,0,1,489d12064476cd3960c1b9d8f64bcc393653f5b7362134471aae726c860c1ffb,2024-03-18T12:38:25.490000 CVE-2024-25740,0,0,e49082457da2ca822066645fd01741e2b46dee6a85b6e915fd169e8229594e99,2024-02-26T21:11:27.837000 CVE-2024-25741,0,0,f1234f859d02ff2a7aa2753dc2a1e43b929acf864167d8c3c5522f3098d24837,2024-02-12T14:20:03.287000 CVE-2024-25744,0,0,4b0b476da30d39c3d73f2f74d7d6a3fe7e372d371ce439923d15b6b4e22ccfeb,2024-02-12T14:20:03.287000 CVE-2024-25746,0,0,5d39c9cb27e2bd00967bd4ec89fe88bf22de477dd4c75b89dc38553966ec146d,2024-02-23T02:42:54.547000 CVE-2024-25748,0,0,538a825e9b3c762e7399aa6e8e3620bb14adc4b7f457092ae0e7d0bdba4a75e0,2024-02-23T02:42:54.547000 -CVE-2024-2575,0,0,ffb9e775702933bebd6c7fa9022f5303592fa482ab50b0e426b04311d7db4dcd,2024-03-18T02:15:06.397000 +CVE-2024-2575,0,1,f7bb5ed4e3293e7d47a1d33395d6e166a3b78b75a117f37899305f78a869d856,2024-03-18T12:38:25.490000 CVE-2024-25751,0,0,395becc114c34ed66ca0b69212e22c009bdd05d997290a2e353e3ceaba1432fb,2024-02-27T14:20:06.637000 CVE-2024-25753,0,0,485cccebfe5fb0bc8a16c4251d09565dde29abb5cf6084c6575e818887f703b2,2024-02-23T02:42:54.547000 CVE-2024-25756,0,0,4f12516b1becc36f368c255854438cb309da839dc9385f2dc823c401d0d48621,2024-02-23T02:42:54.547000 -CVE-2024-2576,0,0,c673212c24afb50a628f2ffccbb8d254cb2639b2007abe680125ceb33545d6f7,2024-03-18T02:15:06.620000 +CVE-2024-2576,0,1,ae97ec54e5cf669b3cae8a0d91b4eaee2c46a60819e7862f191324e9dc28d58f,2024-03-18T12:38:25.490000 CVE-2024-25760,0,0,255ca6230bb354f98509c01959da5b0923f549858d798f3db2290377395c8140,2024-02-27T15:15:07.820000 CVE-2024-25763,0,0,449253544ddeb38e4327642a9711026d85e9fd1e23016db2d903615337918cb9,2024-02-26T16:32:25.577000 CVE-2024-25767,0,0,5e5d85efb5a949e2d407dc5470a1026f931741e6d3d19a638a7a6f425b54dab9,2024-02-26T22:10:40.463000 CVE-2024-25768,0,0,80ced9e42f994d6a00a0057cb00581829176f61a4dfa1e97abbae3afb8561c8a,2024-02-26T22:10:40.463000 -CVE-2024-2577,0,0,ad8451afd1390137a3b983f02220f15d6718eec310abed7ecf664e064735c063,2024-03-18T03:15:06.123000 +CVE-2024-2577,0,1,0201916e3ec6ab1c48d4e8137c25d7ff69789531ea1854a3511430fcb635775e,2024-03-18T12:38:25.490000 CVE-2024-25770,0,0,d105bd95abb6afbf92cef5c1765f81d4416c38d2a6067fe6216eb1ee17388748,2024-02-26T22:10:40.463000 CVE-2024-25801,0,0,86d0a2f88d637a38d728e68507deae5ad1ee66b74383784e4b403b33b5149a86,2024-02-22T19:07:27.197000 CVE-2024-25802,0,0,cb029cdbf03ee0051152f36415381bb55ee304fcb50819490e22f017c52403c6,2024-02-22T19:07:27.197000 -CVE-2024-2581,0,0,15b7d09b477f0aab6030373480de1a5accd1c6a98f933506472a280ef354e4ce,2024-03-18T03:15:06.380000 +CVE-2024-2581,0,1,849caff13b2da8cd59c8ea02b135aebf16437628f0d1590cf850f052f2f0edef,2024-03-18T12:38:25.490000 CVE-2024-25817,0,0,8244c17ffec667dd25976664571f96aed86930fb569e330976ea19223cb10648,2024-03-06T15:18:08.093000 CVE-2024-25828,0,0,92587cac273321dd48e48a5d2c154576da6b3b44017a5ef2ceb5bc8263a5b565,2024-02-22T19:07:27.197000 CVE-2024-25830,0,0,a69b2c428d084da5de639d84fab9ebf1369360f9dfa15a26056f1d306db52180,2024-02-29T13:49:29.390000 @@ -241462,6 +241475,17 @@ CVE-2024-26627,0,0,9c09d4f73dbc04e8bf693f2b91f36043cf32b88ec1b0ffef850696b2f5157 CVE-2024-26628,0,0,42dfef900a5a3b235123f4b602a0e59569ae0b50c5a44e59039017e264e71923,2024-03-06T15:18:08.093000 CVE-2024-26629,0,0,a8a1fa974201393ac548df2735f5100bbd51b57e895a6e88b4a1674396c6f867,2024-03-13T14:28:45.217000 CVE-2024-26630,0,0,9702cbab91d4749f3e129e50919c4a071df5e9b36954be9165dbcd1ac3c64739,2024-03-13T18:15:58.530000 +CVE-2024-26631,1,1,ea74f9e6a1883f94867068be393f26e19f0385687584f61f507fd33a7f946097,2024-03-18T12:38:25.490000 +CVE-2024-26632,1,1,d21ca146d16a120a7ba9385194aedce8ba027ac711ac1897453eeb713ae74cc7,2024-03-18T12:38:25.490000 +CVE-2024-26633,1,1,ff7bb5d2e7c8eeb949d4be945c2a6169b624e4d17f257e069cd14094cf4f0196,2024-03-18T12:38:25.490000 +CVE-2024-26634,1,1,571ebd66fabd5357b40076ccbf45d65177a99625ecd10ef6da6971b58e86cd70,2024-03-18T12:38:25.490000 +CVE-2024-26635,1,1,4ba8b5b995991daa8af04e4997c9cc63a9bc66aa9d9f3bdacebc77e793b41c41,2024-03-18T12:38:25.490000 +CVE-2024-26636,1,1,0193e3ef9fdfe04f56c81b6e019a270b05e67f25d109d8edc25a3a17fe302e2b,2024-03-18T12:38:25.490000 +CVE-2024-26637,1,1,e641a1df565cf47c3d34af38008701f3ac02ffcac07e84eeb891960a334fc202,2024-03-18T12:38:25.490000 +CVE-2024-26638,1,1,0887eafd2f5c975ded6d1353d8267418745941d4efd07fa17cbba9398b43986a,2024-03-18T12:38:25.490000 +CVE-2024-26639,1,1,34afe6c9831140ab0f18b63e0782e7fa0f6cb29893234cf53cd4cb5ab8f744ef,2024-03-18T12:38:25.490000 +CVE-2024-26640,1,1,fd342b06c71e257c9820b2866a8a07c06237402a4f5bd5bef9e67f29a2bf2b87,2024-03-18T12:38:25.490000 +CVE-2024-26641,1,1,f851445cf2ba649d1948203d3e96a4070362a834df9024d01178aeef5e16337a,2024-03-18T12:38:25.490000 CVE-2024-27081,0,0,47d3ae55f3dd6ab1587375b5a2b7c0ac715515add555c3e7f6d75a8a181b7509,2024-02-26T22:10:40.463000 CVE-2024-27083,0,0,7bbff1c1de69dd1832a650b6712070018b44593bcae8cda4ed320989a44fd4d0,2024-02-29T13:49:29.390000 CVE-2024-27084,0,0,9d9dc56eb44342ebdf65f8df5857c4a42b535ee96f2998cb21e8400366ec79c8,2024-02-26T18:15:07.920000 @@ -241612,7 +241636,7 @@ CVE-2024-27744,0,0,c100d4ba8f49a307e8f166c43dcf72396c641c27bc5c30f424e004f4b4c33 CVE-2024-27746,0,0,6f3ddced2e2b26bef51987507b4e7466957a803a9da415c8c1c8b245cafe1423,2024-03-13T07:15:36.470000 CVE-2024-27747,0,0,eff635f872515818dfe20352d610bb047327d7f6971e953c63bc92feb6bf3ebe,2024-03-13T07:15:36.523000 CVE-2024-27756,0,0,aebfc12c95eee1aa3d95acbf6fc8b0650b6e3d2e490fe1817d1c49f0782fe0c7,2024-03-15T12:53:06.423000 -CVE-2024-27757,0,0,9fc4fdc29f1d4f5e16510e2511fd17d66162c940abcce562b2566788a91519b3,2024-03-18T04:15:09.667000 +CVE-2024-27757,0,1,07174a5a627823d817e9c2c7aa280bba8d93ceb1c307e4a6b34047f26b3a00ba,2024-03-18T12:38:25.490000 CVE-2024-27758,0,0,6abe87e0a8905ac150ade2fec85250ff5e7fbf580c101c16b193b98f7d58141f,2024-03-12T17:46:17.273000 CVE-2024-27764,0,0,a6da085213081f41482d74001d5b27250ddae1567bc465fa0f4b1023f8322f06,2024-03-06T15:18:08.093000 CVE-2024-27765,0,0,c9283b485df441e5cf44e98a2bcaa6921e6b7ae7825314dc1fd3bb862197fb6e,2024-03-06T15:18:08.093000 @@ -241640,10 +241664,10 @@ CVE-2024-27958,0,0,2ee086fb447798c561fd1c831c754d734514f619f6ebb04cf96679cb78dfe CVE-2024-27959,0,0,e2d4c3e5066dc506643038067fab6e9f26070ced2f7f327a18ffcd82b243c593,2024-03-17T22:38:29.433000 CVE-2024-27960,0,0,6ff911c5617586aebae672070284633e223cb5b14cbbc3b1801f17c292900f46,2024-03-17T22:38:29.433000 CVE-2024-27961,0,0,3162bfbc67900a83a9b4114dba265e7189f0bad8c0ddf2d85f6724674d13510a,2024-03-17T22:38:29.433000 -CVE-2024-27974,0,0,488bcc5b63f94acd0b1ffdaaa0228d98259feadd04707d2943e178cd4181ca3d,2024-03-18T08:15:06.287000 +CVE-2024-27974,0,1,e997f1546d1f2965b8bf1ab635f67c813309fc63eef254915c447dfc85e3bcb2,2024-03-18T12:38:25.490000 CVE-2024-27986,0,0,221ac31a72264e8303bc0dc716d0bcad27f92aa2e3b64824247f9d02601983b8,2024-03-14T12:52:09.877000 CVE-2024-27987,0,0,ce6fd0b1730cd837f285c0aaaa1258cf6aa8505469e7f313401adb363ee7f395,2024-03-15T12:53:06.423000 -CVE-2024-28039,1,1,a91718c4020837fd9e211325d1d6147f0b785cbdbab9fb18babde9370ced1b12,2024-03-18T09:15:06.483000 +CVE-2024-28039,0,1,cd4ffe7659e92bcb17dbcf1e944fa335282ab081f2ebccbec782d41683ab4906,2024-03-18T12:38:25.490000 CVE-2024-28053,0,0,e281ed045d826247c32c0ccef204d2c431b80f755e75c928bfd444d7e8497772,2024-03-15T12:53:06.423000 CVE-2024-28069,0,0,bc55065fc354d40d7b16dc028d30e9ac9c120daebe64d1e74cc55e5aec96ab01,2024-03-17T22:38:29.433000 CVE-2024-28070,0,0,d9b3309fdc4db05937449ae85d6df93a299898f40c2c79f5bb7988f4ebb25838,2024-03-17T22:38:29.433000 @@ -241664,8 +241688,8 @@ CVE-2024-28115,0,0,3e0e705412ec4ecfb9fabefcb95634cd838a6bf7c9c03087d677ba199986f CVE-2024-28120,0,0,1945ab744b479cd2a55b16e82913f94d84bcc236918a39e22cfe06aca7010c4c,2024-03-12T12:40:13.500000 CVE-2024-28121,0,0,6ad3b99e4c8dd1459c44e51d2edc62f08f0aa4d5ffd25ea4a2fe7aa5af2916e8,2024-03-13T21:16:00.460000 CVE-2024-28122,0,0,3209f9a611aea4804720e8e5b4eeb3a02772982f302e787ac8040299af464092,2024-03-11T01:32:39.697000 -CVE-2024-28125,0,0,65d9c24a5e0c0b4d148512225b96193c0bf73b8894ddd2671583c2b38959e5fa,2024-03-18T08:15:06.347000 -CVE-2024-28128,0,0,a17695a240f4f2d82ca81a1ea07dea66dfa16007f2258e0e74076abcd1b5a954,2024-03-18T08:15:06.400000 +CVE-2024-28125,0,1,8d2068bbf33d8d9f683c668ca640b5088789efc4990906bcd46ad6aaa69bb749,2024-03-18T12:38:25.490000 +CVE-2024-28128,0,1,ef4664596358b3dc6747b9cba3aab3612190b1b010cfc8ac1373f0312ebe3b50,2024-03-18T12:38:25.490000 CVE-2024-28149,0,0,bb1327eb2ceb44ae2cc8e952fde2f54b109f1740591e1ece1b912c644025402b,2024-03-06T21:42:54.697000 CVE-2024-28150,0,0,bd9c785686979f74fc956d3a9d80b65ba208ec849a10e17a7f0c9226761980a2,2024-03-06T21:42:54.697000 CVE-2024-28151,0,0,473d59d35d2166d8f0877541c6be6e5f16e5683e6e89c2ed65e060f312f6c9a8,2024-03-06T21:42:54.697000 @@ -241766,7 +241790,7 @@ CVE-2024-28681,0,0,ed8a4fd064b6b3346412990e6226cbe04bee8a6bd2aaad4671fdcd0478ce5 CVE-2024-28682,0,0,2c53ed716809a76ded005fd10ac6d93891dbf2dd9f02238c66f1445af60cb8e7,2024-03-13T18:15:58.530000 CVE-2024-28683,0,0,14fce1fb8fe5dd3fb68153125dd387047f48de59cd587ce41acfe8b0e8fa04c2,2024-03-13T18:15:58.530000 CVE-2024-28684,0,0,df89c702874c46527da5dc5bf33ec252c05a69f53466623f5ca04f0566a6cd25,2024-03-13T14:28:45.217000 -CVE-2024-28745,0,0,e8f06f0723d0e34bc09fa894347df18111e8e083b0fdc8acc056c0d9c0cb66dc,2024-03-18T04:15:09.987000 +CVE-2024-28745,0,1,13ca5bd73902fa4f167555a43f26874492a5977b7189d5543243066fed0730a6,2024-03-18T12:38:25.490000 CVE-2024-28746,0,0,4e08f19b517756fb15fbaf966494c1aeec3b9803b4e2b615b4d5a557eb48c84a,2024-03-14T12:52:09.877000 CVE-2024-28752,0,0,b6856abb589c0fed02798f341901c4f3025e287fced11706e9fa0c89b392cd6a,2024-03-15T12:53:06.423000 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000 @@ -241781,6 +241805,6 @@ CVE-2024-28851,0,0,f15187ac52243f1288d6dabed456ab5bd2287b2db60c97a538d0582f4f0ba CVE-2024-28854,0,0,8cb03aded6b194ffbf5e93b6a999bfbf01ac8f736343c4fc752b0e38a8bc9f90,2024-03-17T22:38:29.433000 CVE-2024-28859,0,0,2d0407c7b83f2786a493b842ae3fe3ce3f906494adee8b0e0f61c75557fcb17c,2024-03-17T22:38:29.433000 CVE-2024-28862,0,0,b0dc40150b0e5f15633ecb26c2614b37fe6eefbb423911349887989b36d78640,2024-03-17T22:38:29.433000 -CVE-2024-29151,0,0,5ec903f1e83fe9ef91dd8fa281d0d9249de67095eb219c2fefc315dc2fd25383,2024-03-18T06:15:05.913000 -CVE-2024-29154,0,0,27deb04035bee400856eb7d08b4f1bd8e0f3cd03c5a26708ab341cdb537485b4,2024-03-18T06:15:06.080000 -CVE-2024-29156,0,0,dc9b9c233c31a730eb56f0d9193b5d656bd692e0fe6247903130d468d58de8ec,2024-03-18T07:15:05.880000 +CVE-2024-29151,0,1,f1dc8d6327a758fb8e40f178dee13719787aa08f09bfc93522e9a3abdd7c9753,2024-03-18T12:38:25.490000 +CVE-2024-29154,0,1,1df6e83c0b461bcaefcccc090cc4be02051bb8dcb63c7951238fdc029ecbdddf,2024-03-18T12:38:25.490000 +CVE-2024-29156,0,1,537bcadb68d9e34c1c7c7ba6e9e3f15ebc32d7fc799651837d556f6c57f22ae6,2024-03-18T12:38:25.490000