admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-21T08:00:18.278838+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-21 08:03:15 +00:00
parent c33b1b7dd8
commit 7f442f8261
76 changed files with 2834 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
CVE-2022/CVE-2022-488xx/CVE-2022-48867.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48867",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:03.860",
"lastModified": "2024-08-21T07:15:03.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Prevent use after free on completion memory\n\nOn driver unload any pending descriptors are flushed at the\ntime the interrupt is freed:\nidxd_dmaengine_drv_remove() ->\n\tdrv_disable_wq() ->\n\t\tidxd_wq_free_irq() ->\n\t\t\tidxd_flush_pending_descs().\n\nIf there are any descriptors present that need to be flushed this\nflow triggers a \"not present\" page fault as below:\n\n BUG: unable to handle page fault for address: ff391c97c70c9040\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n\nThe address that triggers the fault is the address of the\ndescriptor that was freed moments earlier via:\ndrv_disable_wq()->idxd_wq_free_resources()\n\nFix the use after free by freeing the descriptors after any possible\nusage. This is done after idxd_wq_reset() to ensure that the memory\nremains accessible during possible completion writes by the device."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1beeec45f9ac31eba52478379f70a5fa9c2ad005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b9e8e3fcfec625fc1c2f68f684448aeeb882625b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-488xx/CVE-2022-48868.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-48868",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.020",
"lastModified": "2024-08-21T07:15:04.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Let probe fail when workqueue cannot be enabled\n\nThe workqueue is enabled when the appropriate driver is loaded and\ndisabled when the driver is removed. When the driver is removed it\nassumes that the workqueue was enabled successfully and proceeds to\nfree allocations made during workqueue enabling.\n\nFailure during workqueue enabling does not prevent the driver from\nbeing loaded. This is because the error path within drv_enable_wq()\nreturns success unless a second failure is encountered\nduring the error path. By returning success it is possible to load\nthe driver even if the workqueue cannot be enabled and\nallocations that do not exist are attempted to be freed during\ndriver remove.\n\nSome examples of problematic flows:\n(a)\n\n idxd_dmaengine_drv_probe() -> drv_enable_wq() -> idxd_wq_request_irq():\n In above flow, if idxd_wq_request_irq() fails then\n idxd_wq_unmap_portal() is called on error exit path, but\n drv_enable_wq() returns 0 because idxd_wq_disable() succeeds. The\n driver is thus loaded successfully.\n\n idxd_dmaengine_drv_remove()->drv_disable_wq()->idxd_wq_unmap_portal()\n Above flow on driver unload triggers the WARN in devm_iounmap() because\n the device resource has already been removed during error path of\n drv_enable_wq().\n\n(b)\n\n idxd_dmaengine_drv_probe() -> drv_enable_wq() -> idxd_wq_request_irq():\n In above flow, if idxd_wq_request_irq() fails then\n idxd_wq_init_percpu_ref() is never called to initialize the percpu\n counter, yet the driver loads successfully because drv_enable_wq()\n returns 0.\n\n idxd_dmaengine_drv_remove()->__idxd_wq_quiesce()->percpu_ref_kill():\n Above flow on driver unload triggers a BUG when attempting to drop the\n initial ref of the uninitialized percpu ref:\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n\nFix the drv_enable_wq() error path by returning the original error that\nindicates failure of workqueue enabling. This ensures that the probe\nfails when an error is encountered and the driver remove paths are only\nattempted when the workqueue was enabled successfully."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0f150134dd795ffcd60b798a85ab737d8d010fb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/99dc4520b74e7ca8e9dc9abe37a0b10b49467960",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b51b75f0604f17c0f6f3b6f68f1a521a5cc6b04f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-488xx/CVE-2022-48869.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-48869",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.080",
"lastModified": "2024-08-21T07:15:04.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadgetfs: Fix race between mounting and unmounting\n\nThe syzbot fuzzer and Gerald Lee have identified a use-after-free bug\nin the gadgetfs driver, involving processes concurrently mounting and\nunmounting the gadgetfs filesystem. In particular, gadgetfs_fill_super()\ncan race with gadgetfs_kill_sb(), causing the latter to deallocate\nthe_device while the former is using it. The output from KASAN says,\nin part:\n\nBUG: KASAN: use-after-free in instrument_atomic_read_write include/linux/instrumented.h:102 [inline]\nBUG: KASAN: use-after-free in atomic_fetch_sub_release include/linux/atomic/atomic-instrumented.h:176 [inline]\nBUG: KASAN: use-after-free in __refcount_sub_and_test include/linux/refcount.h:272 [inline]\nBUG: KASAN: use-after-free in __refcount_dec_and_test include/linux/refcount.h:315 [inline]\nBUG: KASAN: use-after-free in refcount_dec_and_test include/linux/refcount.h:333 [inline]\nBUG: KASAN: use-after-free in put_dev drivers/usb/gadget/legacy/inode.c:159 [inline]\nBUG: KASAN: use-after-free in gadgetfs_kill_sb+0x33/0x100 drivers/usb/gadget/legacy/inode.c:2086\nWrite of size 4 at addr ffff8880276d7840 by task syz-executor126/18689\n\nCPU: 0 PID: 18689 Comm: syz-executor126 Not tainted 6.1.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n <TASK>\n...\n atomic_fetch_sub_release include/linux/atomic/atomic-instrumented.h:176 [inline]\n __refcount_sub_and_test include/linux/refcount.h:272 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n put_dev drivers/usb/gadget/legacy/inode.c:159 [inline]\n gadgetfs_kill_sb+0x33/0x100 drivers/usb/gadget/legacy/inode.c:2086\n deactivate_locked_super+0xa7/0xf0 fs/super.c:332\n vfs_get_super fs/super.c:1190 [inline]\n get_tree_single+0xd0/0x160 fs/super.c:1207\n vfs_get_tree+0x88/0x270 fs/super.c:1531\n vfs_fsconfig_locked fs/fsopen.c:232 [inline]\n\nThe simplest solution is to ensure that gadgetfs_fill_super() and\ngadgetfs_kill_sb() are serialized by making them both acquire a new\nmutex."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/616fd34d017000ecf9097368b13d8a266f4920b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/856e4b5e53f21edbd15d275dde62228dd94fb2b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9a39f4626b361ee7aa10fd990401c37ec3b466ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2e075f40122d8daf587db126c562a67abd69cf9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d18dcfe9860e842f394e37ba01ca9440ab2178f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-488xx/CVE-2022-48870.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-48870",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.143",
"lastModified": "2024-08-21T07:15:04.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: fix possible null-ptr-defer in spk_ttyio_release\n\nRun the following tests on the qemu platform:\n\nsyzkaller:~# modprobe speakup_audptr\n input: Speakup as /devices/virtual/input/input4\n initialized device: /dev/synth, node (MAJOR 10, MINOR 125)\n speakup 3.1.6: initialized\n synth name on entry is: (null)\n synth probe\n\nspk_ttyio_initialise_ldisc failed because tty_kopen_exclusive returned\nfailed (errno -16), then remove the module, we will get a null-ptr-defer\nproblem, as follow:\n\nsyzkaller:~# modprobe -r speakup_audptr\n releasing synth audptr\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: 0002 [#1] PREEMPT SMP PTI\n CPU: 2 PID: 204 Comm: modprobe Not tainted 6.1.0-rc6-dirty #1\n RIP: 0010:mutex_lock+0x14/0x30\n Call Trace:\n <TASK>\n spk_ttyio_release+0x19/0x70 [speakup]\n synth_release.part.6+0xac/0xc0 [speakup]\n synth_remove+0x56/0x60 [speakup]\n __x64_sys_delete_module+0x156/0x250\n ? fpregs_assert_state_consistent+0x1d/0x50\n do_syscall_64+0x37/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n </TASK>\n Modules linked in: speakup_audptr(-) speakup\n Dumping ftrace buffer:\n\nin_synth->dev was not initialized during modprobe, so we add check\nfor in_synth->dev to fix this bug."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2da67bff29ab49caafb0766e8b8383b735ff796f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5abbeebd8296c2301023b8dc4b5a6c0d5229b4f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64152e05a4de3ebf59f1740a0985a6d5fba0c77b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2022/CVE-2022-488xx/CVE-2022-48871.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2022-48871",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.207",
"lastModified": "2024-08-21T07:15:04.207",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer\n\nDriver's probe allocates memory for RX FIFO (port->rx_fifo) based on\ndefault RX FIFO depth, e.g. 16. Later during serial startup the\nqcom_geni_serial_port_setup() updates the RX FIFO depth\n(port->rx_fifo_depth) to match real device capabilities, e.g. to 32.\n\nThe RX UART handle code will read \"port->rx_fifo_depth\" number of words\ninto \"port->rx_fifo\" buffer, thus exceeding the bounds. This can be\nobserved in certain configurations with Qualcomm Bluetooth HCI UART\ndevice and KASAN:\n\n Bluetooth: hci0: QCA Product ID :0x00000010\n Bluetooth: hci0: QCA SOC Version :0x400a0200\n Bluetooth: hci0: QCA ROM Version :0x00000200\n Bluetooth: hci0: QCA Patch Version:0x00000d2b\n Bluetooth: hci0: QCA controller version 0x02000200\n Bluetooth: hci0: QCA Downloading qca/htbtfw20.tlv\n bluetooth hci0: Direct firmware load for qca/htbtfw20.tlv failed with error -2\n Bluetooth: hci0: QCA Failed to request file: qca/htbtfw20.tlv (-2)\n Bluetooth: hci0: QCA Failed to download patch (-2)\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in handle_rx_uart+0xa8/0x18c\n Write of size 4 at addr ffff279347d578c0 by task swapper/0/0\n\n CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.0-rt5-00350-gb2450b7e00be-dirty #26\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n Call trace:\n dump_backtrace.part.0+0xe0/0xf0\n show_stack+0x18/0x40\n dump_stack_lvl+0x8c/0xb8\n print_report+0x188/0x488\n kasan_report+0xb4/0x100\n __asan_store4+0x80/0xa4\n handle_rx_uart+0xa8/0x18c\n qcom_geni_serial_handle_rx+0x84/0x9c\n qcom_geni_serial_isr+0x24c/0x760\n __handle_irq_event_percpu+0x108/0x500\n handle_irq_event+0x6c/0x110\n handle_fasteoi_irq+0x138/0x2cc\n generic_handle_domain_irq+0x48/0x64\n\nIf the RX FIFO depth changes after probe, be sure to resize the buffer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/894681682dbefdad917b88f86cde1069140a047a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b8caf69a6946e18ffebad49847e258f5b6d52ac2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb53a3366eb28fed67850c80afa52075bb71a38a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fd524ca7fe45b8a06dca2dd546d62684a9768f95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-488xx/CVE-2022-48872.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-48872",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.267",
"lastModified": "2024-08-21T07:15:04.267",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix use-after-free race condition for maps\n\nIt is possible that in between calling fastrpc_map_get() until\nmap->fl->lock is taken in fastrpc_free_map(), another thread can call\nfastrpc_map_lookup() and get a reference to a map that is about to be\ndeleted.\n\nRewrite fastrpc_map_get() to only increase the reference count of a map\nif it's non-zero. Propagate this to callers so they can know if a map is\nabout to be deleted.\n\nFixes this warning:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 5 PID: 10100 at lib/refcount.c:25 refcount_warn_saturate\n...\nCall trace:\n refcount_warn_saturate\n [fastrpc_map_get inlined]\n [fastrpc_map_lookup inlined]\n fastrpc_map_create\n fastrpc_internal_invoke\n fastrpc_device_ioctl\n __arm64_sys_ioctl\n invoke_syscall"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/079c78c68714f7d8d58e66c477b0243b31806907",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/556dfdb226ce1e5231d8836159b23f8bb0395bf4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/61a0890cb95afec5c8a2f4a879de2b6220984ef1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/96b328d119eca7563c1edcc4e1039a62e6370ecb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b171d0d2cf1b8387c72c8d325c5d5746fa271e39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-488xx/CVE-2022-48873.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-48873",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.323",
"lastModified": "2024-08-21T07:15:04.323",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Don't remove map on creater_process and device_release\n\nDo not remove the map from the list on error path in\nfastrpc_init_create_process, instead call fastrpc_map_put, to avoid\nuse-after-free. Do not remove it on fastrpc_device_release either,\ncall fastrpc_map_put instead.\n\nThe fastrpc_free_map is the only proper place to remove the map.\nThis is called only after the reference count is 0."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/193cd853145b63e670bd73740250983af1475330",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1b7b7bb400dd13dcb03fc6e591bb7ca4664bbec8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35ddd482345c43d9eec1f3406c0f20a95ed4054b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4b5c44e924a571d0ad07054de549624fbc04e4d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5bb96c8f9268e2fdb0e5321cbc358ee5941efc15",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48874.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48874",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.383",
"lastModified": "2024-08-21T07:15:04.383",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix use-after-free and race in fastrpc_map_find\n\nCurrently, there is a race window between the point when the mutex is\nunlocked in fastrpc_map_lookup and the reference count increasing\n(fastrpc_map_get) in fastrpc_map_find, which can also lead to\nuse-after-free.\n\nSo lets merge fastrpc_map_find into fastrpc_map_lookup which allows us\nto both protect the maps list by also taking the &fl->lock spinlock and\nthe reference count, since the spinlock will be released only after.\nAdd take_ref argument to make this suitable for all callers."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/9446fa1683a7e3937d9970248ced427c1983a1c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a50c5c25b6e7d2824698c0e6385f882a18f4a498",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2022/CVE-2022-488xx/CVE-2022-48875.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2022-48875",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.440",
"lastModified": "2024-08-21T07:15:04.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: sdata can be NULL during AMPDU start\n\nieee80211_tx_ba_session_handle_start() may get NULL for sdata when a\ndeauthentication is ongoing.\n\nHere a trace triggering the race with the hostapd test\nmulti_ap_fronthaul_on_ap:\n\n(gdb) list *drv_ampdu_action+0x46\n0x8b16 is in drv_ampdu_action (net/mac80211/driver-ops.c:396).\n391 int ret = -EOPNOTSUPP;\n392\n393 might_sleep();\n394\n395 sdata = get_bss_sdata(sdata);\n396 if (!check_sdata_in_driver(sdata))\n397 return -EIO;\n398\n399 trace_drv_ampdu_action(local, sdata, params);\n400\n\nwlan0: moving STA 02:00:00:00:03:00 to state 3\nwlan0: associated\nwlan0: deauthenticating from 02:00:00:00:03:00 by local choice (Reason: 3=DEAUTH_LEAVING)\nwlan3.sta1: Open BA session requested for 02:00:00:00:00:00 tid 0\nwlan3.sta1: dropped frame to 02:00:00:00:00:00 (unauthorized port)\nwlan0: moving STA 02:00:00:00:03:00 to state 2\nwlan0: moving STA 02:00:00:00:03:00 to state 1\nwlan0: Removed STA 02:00:00:00:03:00\nwlan0: Destroyed STA 02:00:00:00:03:00\nBUG: unable to handle page fault for address: fffffffffffffb48\nPGD 11814067 P4D 11814067 PUD 11816067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 2 PID: 133397 Comm: kworker/u16:1 Tainted: G W 6.1.0-rc8-wt+ #59\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-20220807_005459-localhost 04/01/2014\nWorkqueue: phy3 ieee80211_ba_session_work [mac80211]\nRIP: 0010:drv_ampdu_action+0x46/0x280 [mac80211]\nCode: 53 48 89 f3 be 89 01 00 00 e8 d6 43 bf ef e8 21 46 81 f0 83 bb a0 1b 00 00 04 75 0e 48 8b 9b 28 0d 00 00 48 81 eb 10 0e 00 00 <8b> 93 58 09 00 00 f6 c2 20 0f 84 3b 01 00 00 8b 05 dd 1c 0f 00 85\nRSP: 0018:ffffc900025ebd20 EFLAGS: 00010287\nRAX: 0000000000000000 RBX: fffffffffffff1f0 RCX: ffff888102228240\nRDX: 0000000080000000 RSI: ffffffff918c5de0 RDI: ffff888102228b40\nRBP: ffffc900025ebd40 R08: 0000000000000001 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888118c18ec0\nR13: 0000000000000000 R14: ffffc900025ebd60 R15: ffff888018b7efb8\nFS: 0000000000000000(0000) GS:ffff88817a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffffffffffb48 CR3: 0000000105228006 CR4: 0000000000170ee0\nCall Trace:\n <TASK>\n ieee80211_tx_ba_session_handle_start+0xd0/0x190 [mac80211]\n ieee80211_ba_session_work+0xff/0x2e0 [mac80211]\n process_one_work+0x29f/0x620\n worker_thread+0x4d/0x3d0\n ? process_one_work+0x620/0x620\n kthread+0xfb/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n </TASK>"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/187523fa7c2d4c780f775cb869216865c4a909ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/69403bad97aa0162e3d7911b27e25abe774093df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a12fd43bd175fa52c82f9740179d38c34ca1b62e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c838df8461a601b20dc1b9fb1834d2aad8e2f949",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48876.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48876",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.500",
"lastModified": "2024-08-21T07:15:04.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix initialization of rx->link and rx->link_sta\n\nThere are some codepaths that do not initialize rx->link_sta properly. This\ncauses a crash in places which assume that rx->link_sta is valid if rx->sta\nis valid.\nOne known instance is triggered by __ieee80211_rx_h_amsdu being called from\nfast-rx. It results in a crash like this one:\n\n BUG: kernel NULL pointer dereference, address: 00000000000000a8\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page PGD 0 P4D 0\n Oops: 0002 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 506 Comm: mt76-usb-rx phy Tainted: G E 6.1.0-debian64x+1.7 #3\n Hardware name: ZOTAC ZBOX-ID92/ZBOX-IQ01/ZBOX-ID92/ZBOX-IQ01, BIOS B220P007 05/21/2014\n RIP: 0010:ieee80211_deliver_skb+0x62/0x1f0 [mac80211]\n Code: 00 48 89 04 24 e8 9e a7 c3 df 89 c0 48 03 1c c5 a0 ea 39 a1 4c 01 6b 08 48 ff 03 48\n 83 7d 28 00 74 11 48 8b 45 30 48 63 55 44 <48> 83 84 d0 a8 00 00 00 01 41 8b 86 c0\n 11 00 00 8d 50 fd 83 fa 01\n RSP: 0018:ffff999040803b10 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: ffffb9903f496480 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff999040803ce0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: ffff8d21828ac900\n R13: 000000000000004a R14: ffff8d2198ed89c0 R15: ffff8d2198ed8000\n FS: 0000000000000000(0000) GS:ffff8d24afe80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00000000000000a8 CR3: 0000000429810002 CR4: 00000000001706e0\n Call Trace:\n <TASK>\n __ieee80211_rx_h_amsdu+0x1b5/0x240 [mac80211]\n ? ieee80211_prepare_and_rx_handle+0xcdd/0x1320 [mac80211]\n ? __local_bh_enable_ip+0x3b/0xa0\n ieee80211_prepare_and_rx_handle+0xcdd/0x1320 [mac80211]\n ? prepare_transfer+0x109/0x1a0 [xhci_hcd]\n ieee80211_rx_list+0xa80/0xda0 [mac80211]\n mt76_rx_complete+0x207/0x2e0 [mt76]\n mt76_rx_poll_complete+0x357/0x5a0 [mt76]\n mt76u_rx_worker+0x4f5/0x600 [mt76_usb]\n ? mt76_get_min_avg_rssi+0x140/0x140 [mt76]\n __mt76_worker_fn+0x50/0x80 [mt76]\n kthread+0xed/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n\nSince the initialization of rx->link and rx->link_sta is rather convoluted\nand duplicated in many places, clean it up by using a helper function to\nset it.\n\n[remove unnecessary rx->sta->sta.mlo check]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/a57c981d9f24d2bd89eaa76dc477e8ca252e22e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e66b7920aa5ac5b1a1997a454004ba9246a3c005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2022/CVE-2022-488xx/CVE-2022-48877.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2022-48877",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.563",
"lastModified": "2024-08-21T07:15:04.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: let's avoid panic if extent_tree is not created\n\nThis patch avoids the below panic.\n\npc : __lookup_extent_tree+0xd8/0x760\nlr : f2fs_do_write_data_page+0x104/0x87c\nsp : ffffffc010cbb3c0\nx29: ffffffc010cbb3e0 x28: 0000000000000000\nx27: ffffff8803e7f020 x26: ffffff8803e7ed40\nx25: ffffff8803e7f020 x24: ffffffc010cbb460\nx23: ffffffc010cbb480 x22: 0000000000000000\nx21: 0000000000000000 x20: ffffffff22e90900\nx19: 0000000000000000 x18: ffffffc010c5d080\nx17: 0000000000000000 x16: 0000000000000020\nx15: ffffffdb1acdbb88 x14: ffffff888759e2b0\nx13: 0000000000000000 x12: ffffff802da49000\nx11: 000000000a001200 x10: ffffff8803e7ed40\nx9 : ffffff8023195800 x8 : ffffff802da49078\nx7 : 0000000000000001 x6 : 0000000000000000\nx5 : 0000000000000006 x4 : ffffffc010cbba28\nx3 : 0000000000000000 x2 : ffffffc010cbb480\nx1 : 0000000000000000 x0 : ffffff8803e7ed40\nCall trace:\n __lookup_extent_tree+0xd8/0x760\n f2fs_do_write_data_page+0x104/0x87c\n f2fs_write_single_data_page+0x420/0xb60\n f2fs_write_cache_pages+0x418/0xb1c\n __f2fs_write_data_pages+0x428/0x58c\n f2fs_write_data_pages+0x30/0x40\n do_writepages+0x88/0x190\n __writeback_single_inode+0x48/0x448\n writeback_sb_inodes+0x468/0x9e8\n __writeback_inodes_wb+0xb8/0x2a4\n wb_writeback+0x33c/0x740\n wb_do_writeback+0x2b4/0x400\n wb_workfn+0xe4/0x34c\n process_one_work+0x24c/0x5bc\n worker_thread+0x3e8/0xa50\n kthread+0x150/0x1b4"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1c38cdc747f00daf7394535eae5afc4c503c59bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2c129e868992621a739bdd57a5bffa3985ef1b91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/557e85ff9afef6d45020b6f09357111d38033c31",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/72009139a661ade5cb1da4239734ed02fa1cfff0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd83a9763e29ed7a21c8a43f7a62cd0a6bf74692",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df9d44b645b83fffccfb4e28c1f93376585fdec8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ff85a1dbd90d29f73033177ff8d8de4a27d9721c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2022/CVE-2022-488xx/CVE-2022-48878.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2022-48878",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.627",
"lastModified": "2024-08-21T07:15:04.627",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_qca: Fix driver shutdown on closed serdev\n\nThe driver shutdown callback (which sends EDL_SOC_RESET to the device\nover serdev) should not be invoked when HCI device is not open (e.g. if\nhci_dev_open_sync() failed), because the serdev and its TTY are not open\neither. Also skip this step if device is powered off\n(qca_power_shutdown()).\n\nThe shutdown callback causes use-after-free during system reboot with\nQualcomm Atheros Bluetooth:\n\n Unable to handle kernel paging request at virtual address\n 0072662f67726fd7\n ...\n CPU: 6 PID: 1 Comm: systemd-shutdow Tainted: G W\n 6.1.0-rt5-00325-g8a5f56bcfcca #8\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n Call trace:\n tty_driver_flush_buffer+0x4/0x30\n serdev_device_write_flush+0x24/0x34\n qca_serdev_shutdown+0x80/0x130 [hci_uart]\n device_shutdown+0x15c/0x260\n kernel_restart+0x48/0xac\n\nKASAN report:\n\n BUG: KASAN: use-after-free in tty_driver_flush_buffer+0x1c/0x50\n Read of size 8 at addr ffff16270c2e0018 by task systemd-shutdow/1\n\n CPU: 7 PID: 1 Comm: systemd-shutdow Not tainted\n 6.1.0-next-20221220-00014-gb85aaf97fb01-dirty #28\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n Call trace:\n dump_backtrace.part.0+0xdc/0xf0\n show_stack+0x18/0x30\n dump_stack_lvl+0x68/0x84\n print_report+0x188/0x488\n kasan_report+0xa4/0xf0\n __asan_load8+0x80/0xac\n tty_driver_flush_buffer+0x1c/0x50\n ttyport_write_flush+0x34/0x44\n serdev_device_write_flush+0x48/0x60\n qca_serdev_shutdown+0x124/0x274\n device_shutdown+0x1e8/0x350\n kernel_restart+0x48/0xb0\n __do_sys_reboot+0x244/0x2d0\n __arm64_sys_reboot+0x54/0x70\n invoke_syscall+0x60/0x190\n el0_svc_common.constprop.0+0x7c/0x160\n do_el0_svc+0x44/0xf0\n el0_svc+0x2c/0x6c\n el0t_64_sync_handler+0xbc/0x140\n el0t_64_sync+0x190/0x194"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/272970be3dabd24cbe50e393ffee8f04aec3b9a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/908d1742b6e694e84ead5c62e4b7c1bfbb8b46a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e84ec6e25df9bb0968599e92eacedaf3a0a5b587",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ea3ebda47dd56f6e1c62f2e0e1b6e1b0a973e447",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2022/CVE-2022-488xx/CVE-2022-48879.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2022-48879",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.690",
"lastModified": "2024-08-21T07:15:04.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: fix NULL-deref in init error path\n\nIn cases where runtime services are not supported or have been disabled,\nthe runtime services workqueue will never have been allocated.\n\nDo not try to destroy the workqueue unconditionally in the unlikely\nevent that EFI initialisation fails to avoid dereferencing a NULL\npointer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4ca71bc0e1995d15486cd7b60845602a28399cb5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/585a0b2b3ae7903c6abee3087d09c69e955a7794",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5fcf75a8a4c3e7ee9122d143684083c9faf20452",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/703c13fe3c9af557d312f5895ed6a5fda2711104",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/adc96d30f6503d30dc68670c013716f1d9fcc747",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e2ea55564229e4bea1474af15b111b3a3043b76f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-488xx/CVE-2022-48880.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-48880",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.753",
"lastModified": "2024-08-21T07:15:04.753",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/surface: aggregator: Add missing call to ssam_request_sync_free()\n\nAlthough rare, ssam_request_sync_init() can fail. In that case, the\nrequest should be freed via ssam_request_sync_free(). Currently it is\nleaked instead. Fix this."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/50b3cdf8239b11545f311c4f7b89e0092e4feedb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c965daac370f08a9b71d573a71d13cda76f2a884",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2dc110deabe7142b60ebeed689e67f92795ee24",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48881.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48881",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.810",
"lastModified": "2024-08-21T07:15:04.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd: Fix refcount leak in amd_pmc_probe\n\npci_get_domain_bus_and_slot() takes reference, the caller should release\nthe reference by calling pci_dev_put() after use. Call pci_dev_put() in\nthe error path to fix this."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3944162821295993ec89992dec98ab6be6306cc0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ccb32e2be14271a60e9ba89c6d5660cc9998773c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48882.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48882",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.863",
"lastModified": "2024-08-21T07:15:04.863",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY)\n\nUpon updating MAC security entity (SecY) in hw offload path, the macsec\nsecurity association (SA) initialization routine is called. In case of\nextended packet number (epn) is enabled the salt and ssci attributes are\nretrieved using the MACsec driver rx_sa context which is unavailable when\nupdating a SecY property such as encoding-sa hence the null dereference.\nFix by using the provided SA to set those attributes."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/514d9c6a39213d8200884e70f60ce7faef1ee597",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9828994ac492e8e7de47fe66097b7e665328f348",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48883.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48883",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.933",
"lastModified": "2024-08-21T07:15:04.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\n\nA user is able to configure an arbitrary number of rx queues when\ncreating an interface via netlink. This doesn't work for child PKEY\ninterfaces because the child interface uses the parent receive channels.\n\nAlthough the child shares the parent's receive channels, the number of\nrx queues is important for the channel_stats array: the parent's rx\nchannel index is used to access the child's channel_stats. So the array\nhas to be at least as large as the parent's rx queue size for the\ncounting to work correctly and to prevent out of bound accesses.\n\nThis patch checks for the mentioned scenario and returns an error when\ntrying to create the interface. The error is propagated to the user."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/31c70bfe58ef09fe36327ddcced9143a16e9e83d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5844a46f09f768da866d6b0ffbf1a9073266bf24",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48884.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48884",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:04.987",
"lastModified": "2024-08-21T07:15:04.987",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix command stats access after free\n\nCommand may fail while driver is reloading and can't accept FW commands\ntill command interface is reinitialized. Such command failure is being\nlogged to command stats. This results in NULL pointer access as command\nstats structure is being freed and reallocated during mlx5 devlink\nreload (see kernel log below).\n\nFix it by making command stats statically allocated on driver probe.\n\nKernel log:\n[ 2394.808802] BUG: unable to handle kernel paging request at 000000000002a9c0\n[ 2394.810610] PGD 0 P4D 0\n[ 2394.811811] Oops: 0002 [#1] SMP NOPTI\n...\n[ 2394.815482] RIP: 0010:native_queued_spin_lock_slowpath+0x183/0x1d0\n...\n[ 2394.829505] Call Trace:\n[ 2394.830667] _raw_spin_lock_irq+0x23/0x26\n[ 2394.831858] cmd_status_err+0x55/0x110 [mlx5_core]\n[ 2394.833020] mlx5_access_reg+0xe7/0x150 [mlx5_core]\n[ 2394.834175] mlx5_query_port_ptys+0x78/0xa0 [mlx5_core]\n[ 2394.835337] mlx5e_ethtool_get_link_ksettings+0x74/0x590 [mlx5_core]\n[ 2394.836454] ? kmem_cache_alloc_trace+0x140/0x1c0\n[ 2394.837562] __rh_call_get_link_ksettings+0x33/0x100\n[ 2394.838663] ? __rtnl_unlock+0x25/0x50\n[ 2394.839755] __ethtool_get_link_ksettings+0x72/0x150\n[ 2394.840862] duplex_show+0x6e/0xc0\n[ 2394.841963] dev_attr_show+0x1c/0x40\n[ 2394.843048] sysfs_kf_seq_show+0x9b/0x100\n[ 2394.844123] seq_read+0x153/0x410\n[ 2394.845187] vfs_read+0x91/0x140\n[ 2394.846226] ksys_read+0x4f/0xb0\n[ 2394.847234] do_syscall_64+0x5b/0x1a0\n[ 2394.848228] entry_SYSCALL_64_after_hwframe+0x65/0xca"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/da2e552b469a0cd130ff70a88ccc4139da428a65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ddf458641a511e7dff19f3bf0cbbc5dd9fe08ce5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48885.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48885",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.037",
"lastModified": "2024-08-21T07:15:05.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix potential memory leak in ice_gnss_tty_write()\n\nThe ice_gnss_tty_write() return directly if the write_buf alloc failed,\nleaking the cmd_buf.\n\nFix by free cmd_buf if write_buf alloc failed."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/500ca1da9d0876244eb4d1b0ece6fa0e9968d45d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f58985620f55580a07d40062c4115d8c9cf6ae27",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48886.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48886",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.090",
"lastModified": "2024-08-21T07:15:05.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Add check for kzalloc\n\nAdd the check for the return value of kzalloc in order to avoid\nNULL pointer dereference.\nMoreover, use the goto-label to share the clean code."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/40543b3d9d2c13227ecd3aa90a713c201d1d7f09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/96a9873188552ebb2afe76033d7329a5ecabef6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48887.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48887",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.143",
"lastModified": "2024-08-21T07:15:05.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Remove rcu locks from user resources\n\nUser resource lookups used rcu to avoid two extra atomics. Unfortunately\nthe rcu paths were buggy and it was easy to make the driver crash by\nsubmitting command buffers from two different threads. Because the\nlookups never show up in performance profiles replace them with a\nregular spin lock which fixes the races in accesses to those shared\nresources.\n\nFixes kernel oops'es in IGT's vmwgfx execution_buffer stress test and\nseen crashes with apps using shared resources."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7ac9578e45b20e3f3c0c8eb71f5417a499a7226a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a309c7194e8a2f8bd4539b9449917913f6c2cd50",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48888.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48888",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.193",
"lastModified": "2024-08-21T07:15:05.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path\n\nof_icc_get() alloc resources for path1, we should release it when not\nneed anymore. Early return when IS_ERR_OR_NULL(path0) may leak path1.\nDefer getting path1 to fix this.\n\nPatchwork: https://patchwork.freedesktop.org/patch/514264/"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/45dac1352b55b1d8cb17f218936b2bc2bc1fb4ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c6fa1de83fd87267ab24359e6fa52f98f5cee3f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48889.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48889",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.243",
"lastModified": "2024-08-21T07:15:05.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof-nau8825: fix module alias overflow\n\nThe maximum name length for a platform_device_id entry is 20 characters\nincluding the trailing NUL byte. The sof_nau8825.c file exceeds that,\nwhich causes an obscure error message:\n\nsound/soc/intel/boards/snd-soc-sof_nau8825.mod.c:35:45: error: illegal character encoding in string literal [-Werror,-Winvalid-source-encoding]\nMODULE_ALIAS(\"platform:adl_max98373_nau8825<U+0018><AA>\");\n ^~~~\ninclude/linux/module.h:168:49: note: expanded from macro 'MODULE_ALIAS'\n ^~~~~~\ninclude/linux/module.h:165:56: note: expanded from macro 'MODULE_INFO'\n ^~~~\ninclude/linux/moduleparam.h:26:47: note: expanded from macro '__MODULE_INFO'\n = __MODULE_INFO_PREFIX __stringify(tag) \"=\" info\n\nI could not figure out how to make the module handling robust enough\nto handle this better, but as a quick fix, using slightly shorter\nnames that are still unique avoids the build issue."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3e78986a840d59dd27e636eae3f52dc11125c835",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fba1b23befd88366fe646787b3797e64d7338fd2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48890.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48890",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.303",
"lastModified": "2024-08-21T07:15:05.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM\n\nstorvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(),\nwhich in a confidential VM allocates swiotlb bounce buffers. If the I/O\nsubmission fails in storvsc_do_io(), the I/O is typically retried by higher\nlevel code, but the bounce buffer memory is never freed. The mostly like\ncause of I/O submission failure is a full VMBus channel ring buffer, which\nis not uncommon under high I/O loads. Eventually enough bounce buffer\nmemory leaks that the confidential VM can't do any I/O. The same problem\ncan arise in a non-confidential VM with kernel boot parameter\nswiotlb=force.\n\nFix this by doing scsi_dma_unmap() in the case of an I/O submission\nerror, which frees the bounce buffer memory."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/67ff3d0a49f3d445c3922e30a54e03c161da561e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/87c71e88f6a6619ffb1ff88f84dff48ef6d57adb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2022/CVE-2022-488xx/CVE-2022-48891.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2022-48891",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.360",
"lastModified": "2024-08-21T07:15:05.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9211: Use irq handler when ready\n\nIf the system does not come from reset (like when it is kexec()), the\nregulator might have an IRQ waiting for us.\n\nIf we enable the IRQ handler before its structures are ready, we crash.\n\nThis patch fixes:\n\n[ 1.141839] Unable to handle kernel read from unreadable memory at virtual address 0000000000000078\n[ 1.316096] Call trace:\n[ 1.316101] blocking_notifier_call_chain+0x20/0xa8\n[ 1.322757] cpu cpu0: dummy supplies not allowed for exclusive requests\n[ 1.327823] regulator_notifier_call_chain+0x1c/0x2c\n[ 1.327825] da9211_irq_handler+0x68/0xf8\n[ 1.327829] irq_thread+0x11c/0x234\n[ 1.327833] kthread+0x13c/0x154"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/02228f6aa6a64d588bc31e3267d05ff184d772eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1c1afcb8839b91c09d211ea304faa269763b1f91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/470f6a9175f13a53810734658c35cc5bba33be01",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad1336274f733a7cb1f87b5c5908165a2c14df53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d443308edbfb6e9e757b478af908515110d1efd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d4aa749e046435f054e94ebf50cad143d6229fae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f75cde714e0a67f73ef169aa50d4ed77d04f7236",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2022/CVE-2022-488xx/CVE-2022-48892.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2022-48892",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.420",
"lastModified": "2024-08-21T07:15:05.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Fix use-after-free bug in dup_user_cpus_ptr()\n\nSince commit 07ec77a1d4e8 (\"sched: Allow task CPU affinity to be\nrestricted on asymmetric systems\"), the setting and clearing of\nuser_cpus_ptr are done under pi_lock for arm64 architecture. However,\ndup_user_cpus_ptr() accesses user_cpus_ptr without any lock\nprotection. Since sched_setaffinity() can be invoked from another\nprocess, the process being modified may be undergoing fork() at\nthe same time. When racing with the clearing of user_cpus_ptr in\n__set_cpus_allowed_ptr_locked(), it can lead to user-after-free and\npossibly double-free in arm64 kernel.\n\nCommit 8f9ea86fdf99 (\"sched: Always preserve the user requested\ncpumask\") fixes this problem as user_cpus_ptr, once set, will never\nbe cleared in a task's lifetime. However, this bug was re-introduced\nin commit 851a723e45d1 (\"sched: Always clear user_cpus_ptr in\ndo_set_cpus_allowed()\") which allows the clearing of user_cpus_ptr in\ndo_set_cpus_allowed(). This time, it will affect all arches.\n\nFix this bug by always clearing the user_cpus_ptr of the newly\ncloned/forked task before the copying process starts and check the\nuser_cpus_ptr state of the source task under pi_lock.\n\nNote to stable, this patch won't be applicable to stable releases.\nJust copy the new dup_user_cpus_ptr() function over."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7b5cc7fd1789ea5dbb942c9f8207b076d365badc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/87ca4f9efbd7cc649ff43b87970888f2812945b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b22faa21b6230d5eccd233e1b7e0026a5002b287",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48893.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48893",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.477",
"lastModified": "2024-08-21T07:15:05.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Cleanup partial engine discovery failures\n\nIf we abort driver initialisation in the middle of gt/engine discovery,\nsome engines will be fully setup and some not. Those incompletely setup\nengines only have 'engine->release == NULL' and so will leak any of the\ncommon objects allocated.\n\nv2:\n - Drop the destroy_pinned_context() helper for now. It's not really\n worth it with just a single callsite at the moment. (Janusz)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5c855bcc730656c4b7d30aaddcd0eafc7003e112",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78a033433a5ae4fee85511ee075bc9a48312c79e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48894.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48894",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.527",
"lastModified": "2024-08-21T07:15:05.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu-v3: Don't unregister on shutdown\n\nSimilar to SMMUv2, this driver calls iommu_device_unregister() from the\nshutdown path, which removes the IOMMU groups with no coordination\nwhatsoever with their users - shutdown methods are optional in device\ndrivers. This can lead to NULL pointer dereferences in those drivers'\nDMA API calls, or worse.\n\nInstead of calling the full arm_smmu_device_remove() from\narm_smmu_device_shutdown(), let's pick only the relevant function call -\narm_smmu_device_disable() - more or less the reverse of\narm_smmu_device_reset() - and call just that from the shutdown path."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/32ea2c57dc216b6ad8125fa680d31daa5d421c95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ead3e6c79479890444c777fd329afc125fecde48",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48895.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48895",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.580",
"lastModified": "2024-08-21T07:15:05.580",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu: Don't unregister on shutdown\n\nMichael Walle says he noticed the following stack trace while performing\na shutdown with \"reboot -f\". He suggests he got \"lucky\" and just hit the\ncorrect spot for the reboot while there was a packet transmission in\nflight.\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000098\nCPU: 0 PID: 23 Comm: kworker/0:1 Not tainted 6.1.0-rc5-00088-gf3600ff8e322 #1930\nHardware name: Kontron KBox A-230-LS (DT)\npc : iommu_get_dma_domain+0x14/0x20\nlr : iommu_dma_map_page+0x9c/0x254\nCall trace:\n iommu_get_dma_domain+0x14/0x20\n dma_map_page_attrs+0x1ec/0x250\n enetc_start_xmit+0x14c/0x10b0\n enetc_xmit+0x60/0xdc\n dev_hard_start_xmit+0xb8/0x210\n sch_direct_xmit+0x11c/0x420\n __dev_queue_xmit+0x354/0xb20\n ip6_finish_output2+0x280/0x5b0\n __ip6_finish_output+0x15c/0x270\n ip6_output+0x78/0x15c\n NF_HOOK.constprop.0+0x50/0xd0\n mld_sendpack+0x1bc/0x320\n mld_ifc_work+0x1d8/0x4dc\n process_one_work+0x1e8/0x460\n worker_thread+0x178/0x534\n kthread+0xe0/0xe4\n ret_from_fork+0x10/0x20\nCode: d503201f f9416800 d503233f d50323bf (f9404c00)\n---[ end trace 0000000000000000 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt\n\nThis appears to be reproducible when the board has a fixed IP address,\nis ping flooded from another host, and \"reboot -f\" is used.\n\nThe following is one more manifestation of the issue:\n\n$ reboot -f\nkvm: exiting hardware virtualization\ncfg80211: failed to load regulatory.db\narm-smmu 5000000.iommu: disabling translation\nsdhci-esdhc 2140000.mmc: Removing from iommu group 11\nsdhci-esdhc 2150000.mmc: Removing from iommu group 12\nfsl-edma 22c0000.dma-controller: Removing from iommu group 17\ndwc3 3100000.usb: Removing from iommu group 9\ndwc3 3110000.usb: Removing from iommu group 10\nahci-qoriq 3200000.sata: Removing from iommu group 2\nfsl-qdma 8380000.dma-controller: Removing from iommu group 20\nplatform f080000.display: Removing from iommu group 0\netnaviv-gpu f0c0000.gpu: Removing from iommu group 1\netnaviv etnaviv: Removing from iommu group 1\ncaam_jr 8010000.jr: Removing from iommu group 13\ncaam_jr 8020000.jr: Removing from iommu group 14\ncaam_jr 8030000.jr: Removing from iommu group 15\ncaam_jr 8040000.jr: Removing from iommu group 16\nfsl_enetc 0000:00:00.0: Removing from iommu group 4\narm-smmu 5000000.iommu: Blocked unknown Stream ID 0x429; boot with \"arm-smmu.disable_bypass=0\" to allow, but this may have security implications\narm-smmu 5000000.iommu: GFSR 0x80000002, GFSYNR0 0x00000002, GFSYNR1 0x00000429, GFSYNR2 0x00000000\nfsl_enetc 0000:00:00.1: Removing from iommu group 5\narm-smmu 5000000.iommu: Blocked unknown Stream ID 0x429; boot with \"arm-smmu.disable_bypass=0\" to allow, but this may have security implications\narm-smmu 5000000.iommu: GFSR 0x80000002, GFSYNR0 0x00000002, GFSYNR1 0x00000429, GFSYNR2 0x00000000\narm-smmu 5000000.iommu: Blocked unknown Stream ID 0x429; boot with \"arm-smmu.disable_bypass=0\" to allow, but this may have security implications\narm-smmu 5000000.iommu: GFSR 0x80000002, GFSYNR0 0x00000000, GFSYNR1 0x00000429, GFSYNR2 0x00000000\nfsl_enetc 0000:00:00.2: Removing from iommu group 6\nfsl_enetc_mdio 0000:00:00.3: Removing from iommu group 8\nmscc_felix 0000:00:00.5: Removing from iommu group 3\nfsl_enetc 0000:00:00.6: Removing from iommu group 7\npcieport 0001:00:00.0: Removing from iommu group 18\narm-smmu 5000000.iommu: Blocked unknown Stream ID 0x429; boot with \"arm-smmu.disable_bypass=0\" to allow, but this may have security implications\narm-smmu 5000000.iommu: GFSR 0x00000002, GFSYNR0 0x00000000, GFSYNR1 0x00000429, GFSYNR2 0x00000000\npcieport 0002:00:00.0: Removing from iommu group 19\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000000a8\npc : iommu_get_dma_domain+0x14/0x20\nlr : iommu_dma_unmap_page+0x38/0xe0\nCall trace:\n iommu_get_dma_domain+0x14/0x20\n dma_unmap_page_attrs+0x38/0x1d0\n en\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/a1b9c7b1978aacf4b2f33e34bde1e2bb80b8497a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ce31e6ca68bd7639bd3e5ef97be215031842bbab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2022/CVE-2022-488xx/CVE-2022-48896.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-48896",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.640",
"lastModified": "2024-08-21T07:15:05.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nixgbe: fix pci device refcount leak\n\nAs the comment of pci_get_domain_bus_and_slot() says, it\nreturns a PCI device with refcount incremented, when finish\nusing it, the caller must decrement the reference count by\ncalling pci_dev_put().\n\nIn ixgbe_get_first_secondary_devfn() and ixgbe_x550em_a_has_mii(),\npci_dev_put() is called to avoid leak."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/112df4cd2b09acd64bcd18f5ef83ba5d07b34bf0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4c93422a54cd6a349988f42e1c6bf082cf4ea9d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/53cefa802f070d46c0c518f4865be2c749818a18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b93fb4405fcb5112c5739c5349afb52ec7f15c07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c49996c6aa03590e4ef5add8772cb6068d99fd59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2022/CVE-2022-488xx/CVE-2022-48897.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2022-48897",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.693",
"lastModified": "2024-08-21T07:15:05.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/mm: fix incorrect file_map_count for invalid pmd\n\nThe page table check trigger BUG_ON() unexpectedly when split hugepage:\n\n ------------[ cut here ]------------\n kernel BUG at mm/page_table_check.c:119!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Dumping ftrace buffer:\n (ftrace buffer empty)\n Modules linked in:\n CPU: 7 PID: 210 Comm: transhuge-stres Not tainted 6.1.0-rc3+ #748\n Hardware name: linux,dummy-virt (DT)\n pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : page_table_check_set.isra.0+0x398/0x468\n lr : page_table_check_set.isra.0+0x1c0/0x468\n[...]\n Call trace:\n page_table_check_set.isra.0+0x398/0x468\n __page_table_check_pte_set+0x160/0x1c0\n __split_huge_pmd_locked+0x900/0x1648\n __split_huge_pmd+0x28c/0x3b8\n unmap_page_range+0x428/0x858\n unmap_single_vma+0xf4/0x1c8\n zap_page_range+0x2b0/0x410\n madvise_vma_behavior+0xc44/0xe78\n do_madvise+0x280/0x698\n __arm64_sys_madvise+0x90/0xe8\n invoke_syscall.constprop.0+0xdc/0x1d8\n do_el0_svc+0xf4/0x3f8\n el0_svc+0x58/0x120\n el0t_64_sync_handler+0xb8/0xc0\n el0t_64_sync+0x19c/0x1a0\n[...]\n\nOn arm64, pmd_leaf() will return true even if the pmd is invalid due to\npmd_present_invalid() check. So in pmdp_invalidate() the file_map_count\nwill not only decrease once but also increase once. Then in set_pte_at(),\nthe file_map_count increase again, and so trigger BUG_ON() unexpectedly.\n\nAdd !pmd_present_invalid() check in pmd_user_accessible_page() to fix the\nproblem."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/21e5eca0ac9046da9918a919bc92b7b5a78d27e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/74c2f81054510d45b813548cb0a1c4ebf87cdd5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2022/CVE-2022-488xx/CVE-2022-48898.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2022-48898",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.750",
"lastModified": "2024-08-21T07:15:05.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer\n\nThere are 3 possible interrupt sources are handled by DP controller,\nHPDstatus, Controller state changes and Aux read/write transaction.\nAt every irq, DP controller have to check isr status of every interrupt\nsources and service the interrupt if its isr status bits shows interrupts\nare pending. There is potential race condition may happen at current aux\nisr handler implementation since it is always complete dp_aux_cmd_fifo_tx()\neven irq is not for aux read or write transaction. This may cause aux read\ntransaction return premature if host aux data read is in the middle of\nwaiting for sink to complete transferring data to host while irq happen.\nThis will cause host's receiving buffer contains unexpected data. This\npatch fixes this problem by checking aux isr and return immediately at\naux isr handler if there are no any isr status bits set.\n\nCurrent there is a bug report regrading eDP edid corruption happen during\nsystem booting up. After lengthy debugging to found that VIDEO_READY\ninterrupt was continuously firing during system booting up which cause\ndp_aux_isr() to complete dp_aux_cmd_fifo_tx() prematurely to retrieve data\nfrom aux hardware buffer which is not yet contains complete data transfer\nfrom sink. This cause edid corruption.\n\nFollows are the signature at kernel logs when problem happen,\nEDID has corrupt header\npanel-simple-dp-aux aux-aea0000.edp: Couldn't identify panel via EDID\n\nChanges in v2:\n-- do complete if (ret == IRQ_HANDLED) ay dp-aux_isr()\n-- add more commit text\n\nChanges in v3:\n-- add Stephen suggested\n-- dp_aux_isr() return IRQ_XXX back to caller\n-- dp_ctrl_isr() return IRQ_XXX back to caller\n\nChanges in v4:\n-- split into two patches\n\nChanges in v5:\n-- delete empty line between tags\n\nChanges in v6:\n-- remove extra \"that\" and fixed line more than 75 char at commit text\n\nPatchwork: https://patchwork.freedesktop.org/patch/516121/"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1cba0d150fa102439114a91b3e215909efc9f169",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/785607e5e6fb52caf141e4580de40405565f04f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/984ad875db804948c86ca9e1c2e784ae8252715a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b7dcbca46db3c77fdb02c2a9d6239e5aa3b06a59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2022/CVE-2022-488xx/CVE-2022-48899.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2022-48899",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.810",
"lastModified": "2024-08-21T07:15:05.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/virtio: Fix GEM handle creation UAF\n\nUserspace can guess the handle value and try to race GEM object creation\nwith handle close, resulting in a use-after-free if we dereference the\nobject after dropping the handle's reference. For that reason, dropping\nthe handle's reference must be done *after* we are done dereferencing\nthe object."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/011ecdbcd520c90c344b872ca6b4821f7783b2f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/19ec87d06acfab2313ee82b2a689bf0c154e57ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/52531258318ed59a2dc5a43df2eaf0eb1d65438e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/68bcd063857075d2f9edfed6024387ac377923e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/adc48e5e408afbb01d261bd303fd9fbbbaa3e317",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d01d6d2b06c0d8390adf8f3ba08aa60b5642ef73",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2023/CVE-2023-528xx/CVE-2023-52893.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2023-52893",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.880",
"lastModified": "2024-08-21T07:15:05.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngsmi: fix null-deref in gsmi_get_variable\n\nWe can get EFI variables without fetching the attribute, so we must\nallow for that in gsmi.\n\ncommit 859748255b43 (\"efi: pstore: Omit efivars caching EFI varstore\naccess layer\") added a new get_variable call with attr=NULL, which\ntriggers panic in gsmi."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/32313c11bdc8a02c577abaf865be3664ab30410a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6646d769fdb0ce4318ef9afd127f8526d1ca8393",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a769b05eeed7accc4019a1ed9799dd72067f1ce8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ae2a9dcc8caa60b1e14671294e5ec902ea5d1dfd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eb0421d90f916dffe96b4c049ddf01c0c50620d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ee5763ef829bd923033510de6d1df7c73f085e4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ffef77794fb5f1245c3249b86342bad2299accb5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2023/CVE-2023-528xx/CVE-2023-52894.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2023-52894",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:05.943",
"lastModified": "2024-08-21T07:15:05.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()\n\nIn Google internal bug 265639009 we've received an (as yet) unreproducible\ncrash report from an aarch64 GKI 5.10.149-android13 running device.\n\nAFAICT the source code is at:\n https://android.googlesource.com/kernel/common/+/refs/tags/ASB-2022-12-05_13-5.10\n\nThe call stack is:\n ncm_close() -> ncm_notify() -> ncm_do_notify()\nwith the crash at:\n ncm_do_notify+0x98/0x270\nCode: 79000d0b b9000a6c f940012a f9400269 (b9405d4b)\n\nWhich I believe disassembles to (I don't know ARM assembly, but it looks sane enough to me...):\n\n // halfword (16-bit) store presumably to event->wLength (at offset 6 of struct usb_cdc_notification)\n 0B 0D 00 79 strh w11, [x8, #6]\n\n // word (32-bit) store presumably to req->Length (at offset 8 of struct usb_request)\n 6C 0A 00 B9 str w12, [x19, #8]\n\n // x10 (NULL) was read here from offset 0 of valid pointer x9\n // IMHO we're reading 'cdev->gadget' and getting NULL\n // gadget is indeed at offset 0 of struct usb_composite_dev\n 2A 01 40 F9 ldr x10, [x9]\n\n // loading req->buf pointer, which is at offset 0 of struct usb_request\n 69 02 40 F9 ldr x9, [x19]\n\n // x10 is null, crash, appears to be attempt to read cdev->gadget->max_speed\n 4B 5D 40 B9 ldr w11, [x10, #0x5c]\n\nwhich seems to line up with ncm_do_notify() case NCM_NOTIFY_SPEED code fragment:\n\n event->wLength = cpu_to_le16(8);\n req->length = NCM_STATUS_BYTECOUNT;\n\n /* SPEED_CHANGE data is up/down speeds in bits/sec */\n data = req->buf + sizeof *event;\n data[0] = cpu_to_le32(ncm_bitrate(cdev->gadget));\n\nMy analysis of registers and NULL ptr deref crash offset\n (Unable to handle kernel NULL pointer dereference at virtual address 000000000000005c)\nheavily suggests that the crash is due to 'cdev->gadget' being NULL when executing:\n data[0] = cpu_to_le32(ncm_bitrate(cdev->gadget));\nwhich calls:\n ncm_bitrate(NULL)\nwhich then calls:\n gadget_is_superspeed(NULL)\nwhich reads\n ((struct usb_gadget *)NULL)->max_speed\nand hits a panic.\n\nAFAICT, if I'm counting right, the offset of max_speed is indeed 0x5C.\n(remember there's a GKI KABI reservation of 16 bytes in struct work_struct)\n\nIt's not at all clear to me how this is all supposed to work...\nbut returning 0 seems much better than panic-ing..."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/09e4507ec8ef2d44da6ba4092b8ee2d81f216497",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/63d161f29cd39c050e8873aa36e0c9fc013bb763",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a21da7f7aae618c785f7e4a275d43c06dc8412b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a69c8dfb85b44be9cc223be07d35cc3a9baefbea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c6ec929595c7443250b2a4faea988c62019d5cd2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e92c70059178da751e5af7de02384b7dfadb5ec7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fef6b29671b66dfb71f17e337c1ad14b5a2cedae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-528xx/CVE-2023-52895.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52895",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.007",
"lastModified": "2024-08-21T07:15:06.007",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/poll: don't reissue in case of poll race on multishot request\n\nA previous commit fixed a poll race that can occur, but it's only\napplicable for multishot requests. For a multishot request, we can safely\nignore a spurious wakeup, as we never leave the waitqueue to begin with.\n\nA blunt reissue of a multishot armed request can cause us to leak a\nbuffer, if they are ring provided. While this seems like a bug in itself,\nit's not really defined behavior to reissue a multishot request directly.\nIt's less efficient to do so as well, and not required to rearm anything\nlike it is for singleshot poll requests."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/36fc7317cdb16cfeae0f879916995037bb615ac4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8caa03f10bf92cb8657408a6ece6a8a73f96ce13",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2023/CVE-2023-528xx/CVE-2023-52896.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2023-52896",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.060",
"lastModified": "2024-08-21T07:15:06.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between quota rescan and disable leading to NULL pointer deref\n\nIf we have one task trying to start the quota rescan worker while another\none is trying to disable quotas, we can end up hitting a race that results\nin the quota rescan worker doing a NULL pointer dereference. The steps for\nthis are the following:\n\n1) Quotas are enabled;\n\n2) Task A calls the quota rescan ioctl and enters btrfs_qgroup_rescan().\n It calls qgroup_rescan_init() which returns 0 (success) and then joins a\n transaction and commits it;\n\n3) Task B calls the quota disable ioctl and enters btrfs_quota_disable().\n It clears the bit BTRFS_FS_QUOTA_ENABLED from fs_info->flags and calls\n btrfs_qgroup_wait_for_completion(), which returns immediately since the\n rescan worker is not yet running.\n Then it starts a transaction and locks fs_info->qgroup_ioctl_lock;\n\n4) Task A queues the rescan worker, by calling btrfs_queue_work();\n\n5) The rescan worker starts, and calls rescan_should_stop() at the start\n of its while loop, which results in 0 iterations of the loop, since\n the flag BTRFS_FS_QUOTA_ENABLED was cleared from fs_info->flags by\n task B at step 3);\n\n6) Task B sets fs_info->quota_root to NULL;\n\n7) The rescan worker tries to start a transaction and uses\n fs_info->quota_root as the root argument for btrfs_start_transaction().\n This results in a NULL pointer dereference down the call chain of\n btrfs_start_transaction(). The stack trace is something like the one\n reported in Link tag below:\n\n general protection fault, probably for non-canonical address 0xdffffc0000000041: 0000 [#1] PREEMPT SMP KASAN\n KASAN: null-ptr-deref in range [0x0000000000000208-0x000000000000020f]\n CPU: 1 PID: 34 Comm: kworker/u4:2 Not tainted 6.1.0-syzkaller-13872-gb6bb9676f216 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\n Workqueue: btrfs-qgroup-rescan btrfs_work_helper\n RIP: 0010:start_transaction+0x48/0x10f0 fs/btrfs/transaction.c:564\n Code: 48 89 fb 48 (...)\n RSP: 0018:ffffc90000ab7ab0 EFLAGS: 00010206\n RAX: 0000000000000041 RBX: 0000000000000208 RCX: ffff88801779ba80\n RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\n RBP: dffffc0000000000 R08: 0000000000000001 R09: fffff52000156f5d\n R10: fffff52000156f5d R11: 1ffff92000156f5c R12: 0000000000000000\n R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000003\n FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2bea75b718 CR3: 000000001d0cc000 CR4: 00000000003506e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n btrfs_qgroup_rescan_worker+0x3bb/0x6a0 fs/btrfs/qgroup.c:3402\n btrfs_work_helper+0x312/0x850 fs/btrfs/async-thread.c:280\n process_one_work+0x877/0xdb0 kernel/workqueue.c:2289\n worker_thread+0xb14/0x1330 kernel/workqueue.c:2436\n kthread+0x266/0x300 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n </TASK>\n Modules linked in:\n\nSo fix this by having the rescan worker function not attempt to start a\ntransaction if it didn't do any rescan work."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1004fc90f0d79a4b7d9e3d432729914f472f9ad1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3bd43374857103ba3cac751d6d4afa8d83b5d92a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64287cd456a22373053998c1fccf14b651e9cbbd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/89ac597e3e807b91e2ebd6a7c36fec7b97290233",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b7adbf9ada3513d2092362c8eac5cddc5b651f5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-528xx/CVE-2023-52897.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52897",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.120",
"lastModified": "2024-08-21T07:15:06.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: do not warn on record without old_roots populated\n\n[BUG]\nThere are some reports from the mailing list that since v6.1 kernel, the\nWARN_ON() inside btrfs_qgroup_account_extent() gets triggered during\nrescan:\n\n WARNING: CPU: 3 PID: 6424 at fs/btrfs/qgroup.c:2756 btrfs_qgroup_account_extents+0x1ae/0x260 [btrfs]\n CPU: 3 PID: 6424 Comm: snapperd Tainted: P OE 6.1.2-1-default #1 openSUSE Tumbleweed 05c7a1b1b61d5627475528f71f50444637b5aad7\n RIP: 0010:btrfs_qgroup_account_extents+0x1ae/0x260 [btrfs]\n Call Trace:\n <TASK>\n btrfs_commit_transaction+0x30c/0xb40 [btrfs c39c9c546c241c593f03bd6d5f39ea1b676250f6]\n ? start_transaction+0xc3/0x5b0 [btrfs c39c9c546c241c593f03bd6d5f39ea1b676250f6]\n btrfs_qgroup_rescan+0x42/0xc0 [btrfs c39c9c546c241c593f03bd6d5f39ea1b676250f6]\n btrfs_ioctl+0x1ab9/0x25c0 [btrfs c39c9c546c241c593f03bd6d5f39ea1b676250f6]\n ? __rseq_handle_notify_resume+0xa9/0x4a0\n ? mntput_no_expire+0x4a/0x240\n ? __seccomp_filter+0x319/0x4d0\n __x64_sys_ioctl+0x90/0xd0\n do_syscall_64+0x5b/0x80\n ? syscall_exit_to_user_mode+0x17/0x40\n ? do_syscall_64+0x67/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7fd9b790d9bf\n </TASK>\n\n[CAUSE]\nSince commit e15e9f43c7ca (\"btrfs: introduce\nBTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING to skip qgroup accounting\"), if\nour qgroup is already in inconsistent state, we will no longer do the\ntime-consuming backref walk.\n\nThis can leave some qgroup records without a valid old_roots ulist.\nNormally this is fine, as btrfs_qgroup_account_extents() would also skip\nthose records if we have NO_ACCOUNTING flag set.\n\nBut there is a small window, if we have NO_ACCOUNTING flag set, and\ninserted some qgroup_record without a old_roots ulist, but then the user\ntriggered a qgroup rescan.\n\nDuring btrfs_qgroup_rescan(), we firstly clear NO_ACCOUNTING flag, then\ncommit current transaction.\n\nAnd since we have a qgroup_record with old_roots = NULL, we trigger the\nWARN_ON() during btrfs_qgroup_account_extents().\n\n[FIX]\nUnfortunately due to the introduction of NO_ACCOUNTING flag, the\nassumption that every qgroup_record would have its old_roots populated\nis no longer correct.\n\nFix the false alerts and drop the WARN_ON()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/75181406b4eafacc531ff2ee5fb032bd93317e2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bb2c2e62539f2b63c5e0beb51501d328260c7595",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2023/CVE-2023-528xx/CVE-2023-52898.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2023-52898",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.180",
"lastModified": "2024-08-21T07:15:06.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix null pointer dereference when host dies\n\nMake sure xhci_free_dev() and xhci_kill_endpoint_urbs() do not race\nand cause null pointer dereference when host suddenly dies.\n\nUsb core may call xhci_free_dev() which frees the xhci->devs[slot_id]\nvirt device at the same time that xhci_kill_endpoint_urbs() tries to\nloop through all the device's endpoints, checking if there are any\ncancelled urbs left to give back.\n\nhold the xhci spinlock while freeing the virt device"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/081105213ff6f661c114781d469233c7d0e09c2e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/133b902378e4acbd824c29dd0d48570ad596e368",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6fac4b5cecb3928a0a81069aaa815a2edc8dd5a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2bc47c43e70cf904b1af49f76d572326c08bca7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c462ac871f49753eca86bb960f573b993976a5ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ea2ee5e9991caf74e0604f994c1831a5867055b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2023/CVE-2023-528xx/CVE-2023-52899.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2023-52899",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.237",
"lastModified": "2024-08-21T07:15:06.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nAdd exception protection processing for vd in axi_chan_handle_err function\n\nSince there is no protection for vd, a kernel panic will be\ntriggered here in exceptional cases.\n\nYou can refer to the processing of axi_chan_block_xfer_complete function\n\nThe triggered kernel panic is as follows:\n\n[ 67.848444] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n[ 67.848447] Mem abort info:\n[ 67.848449] ESR = 0x96000004\n[ 67.848451] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 67.848454] SET = 0, FnV = 0\n[ 67.848456] EA = 0, S1PTW = 0\n[ 67.848458] Data abort info:\n[ 67.848460] ISV = 0, ISS = 0x00000004\n[ 67.848462] CM = 0, WnR = 0\n[ 67.848465] user pgtable: 4k pages, 48-bit VAs, pgdp=00000800c4c0b000\n[ 67.848468] [0000000000000060] pgd=0000000000000000, p4d=0000000000000000\n[ 67.848472] Internal error: Oops: 96000004 [#1] SMP\n[ 67.848475] Modules linked in: dmatest\n[ 67.848479] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.100-emu_x2rc+ #11\n[ 67.848483] pstate: 62000085 (nZCv daIf -PAN -UAO +TCO BTYPE=--)\n[ 67.848487] pc : axi_chan_handle_err+0xc4/0x230\n[ 67.848491] lr : axi_chan_handle_err+0x30/0x230\n[ 67.848493] sp : ffff0803fe55ae50\n[ 67.848495] x29: ffff0803fe55ae50 x28: ffff800011212200\n[ 67.848500] x27: ffff0800c42c0080 x26: ffff0800c097c080\n[ 67.848504] x25: ffff800010d33880 x24: ffff80001139d850\n[ 67.848508] x23: ffff0800c097c168 x22: 0000000000000000\n[ 67.848512] x21: 0000000000000080 x20: 0000000000002000\n[ 67.848517] x19: ffff0800c097c080 x18: 0000000000000000\n[ 67.848521] x17: 0000000000000000 x16: 0000000000000000\n[ 67.848525] x15: 0000000000000000 x14: 0000000000000000\n[ 67.848529] x13: 0000000000000000 x12: 0000000000000040\n[ 67.848533] x11: ffff0800c0400248 x10: ffff0800c040024a\n[ 67.848538] x9 : ffff800010576cd4 x8 : ffff0800c0400270\n[ 67.848542] x7 : 0000000000000000 x6 : ffff0800c04003e0\n[ 67.848546] x5 : ffff0800c0400248 x4 : ffff0800c4294480\n[ 67.848550] x3 : dead000000000100 x2 : dead000000000122\n[ 67.848555] x1 : 0000000000000100 x0 : ffff0800c097c168\n[ 67.848559] Call trace:\n[ 67.848562] axi_chan_handle_err+0xc4/0x230\n[ 67.848566] dw_axi_dma_interrupt+0xf4/0x590\n[ 67.848569] __handle_irq_event_percpu+0x60/0x220\n[ 67.848573] handle_irq_event+0x64/0x120\n[ 67.848576] handle_fasteoi_irq+0xc4/0x220\n[ 67.848580] __handle_domain_irq+0x80/0xe0\n[ 67.848583] gic_handle_irq+0xc0/0x138\n[ 67.848585] el1_irq+0xc8/0x180\n[ 67.848588] arch_cpu_idle+0x14/0x2c\n[ 67.848591] default_idle_call+0x40/0x16c\n[ 67.848594] do_idle+0x1f0/0x250\n[ 67.848597] cpu_startup_entry+0x2c/0x60\n[ 67.848600] rest_init+0xc0/0xcc\n[ 67.848603] arch_call_rest_init+0x14/0x1c\n[ 67.848606] start_kernel+0x4cc/0x500\n[ 67.848610] Code: eb0002ff 9a9f12d6 f2fbd5a2 f2fbd5a3 (a94602c1)\n[ 67.848613] ---[ end trace 585a97036f88203a ]---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/20d0a6d17e85a8a816a64fa7d7cae616f1617833",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5054d001ffaf76155637c5e5b922c11016cd6a5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/51a7ad5b60efac65691729d10745c28fa1016b96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/53dd833fd0a2d8f0118d01ea063a70652689d31e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/57054fe516d59d03a7bcf1888e82479ccc244f87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f534dc438828cc3f1f8c6895b8bdfbef079521fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2023/CVE-2023-529xx/CVE-2023-52900.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2023-52900",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.297",
"lastModified": "2024-08-21T07:15:06.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix general protection fault in nilfs_btree_insert()\n\nIf nilfs2 reads a corrupted disk image and tries to reads a b-tree node\nblock by calling __nilfs_btree_get_block() against an invalid virtual\nblock address, it returns -ENOENT because conversion of the virtual block\naddress to a disk block address fails. However, this return value is the\nsame as the internal code that b-tree lookup routines return to indicate\nthat the block being searched does not exist, so functions that operate on\nthat b-tree may misbehave.\n\nWhen nilfs_btree_insert() receives this spurious 'not found' code from\nnilfs_btree_do_lookup(), it misunderstands that the 'not found' check was\nsuccessful and continues the insert operation using incomplete lookup path\ndata, causing the following crash:\n\n general protection fault, probably for non-canonical address\n 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n ...\n RIP: 0010:nilfs_btree_get_nonroot_node fs/nilfs2/btree.c:418 [inline]\n RIP: 0010:nilfs_btree_prepare_insert fs/nilfs2/btree.c:1077 [inline]\n RIP: 0010:nilfs_btree_insert+0x6d3/0x1c10 fs/nilfs2/btree.c:1238\n Code: bc 24 80 00 00 00 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89\n ff e8 4b 02 92 fe 4d 8b 3f 49 83 c7 28 4c 89 f8 48 c1 e8 03 <42> 80 3c\n 28 00 74 08 4c 89 ff e8 2e 02 92 fe 4d 8b 3f 49 83 c7 02\n ...\n Call Trace:\n <TASK>\n nilfs_bmap_do_insert fs/nilfs2/bmap.c:121 [inline]\n nilfs_bmap_insert+0x20d/0x360 fs/nilfs2/bmap.c:147\n nilfs_get_block+0x414/0x8d0 fs/nilfs2/inode.c:101\n __block_write_begin_int+0x54c/0x1a80 fs/buffer.c:1991\n __block_write_begin fs/buffer.c:2041 [inline]\n block_write_begin+0x93/0x1e0 fs/buffer.c:2102\n nilfs_write_begin+0x9c/0x110 fs/nilfs2/inode.c:261\n generic_perform_write+0x2e4/0x5e0 mm/filemap.c:3772\n __generic_file_write_iter+0x176/0x400 mm/filemap.c:3900\n generic_file_write_iter+0xab/0x310 mm/filemap.c:3932\n call_write_iter include/linux/fs.h:2186 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x7dc/0xc50 fs/read_write.c:584\n ksys_write+0x177/0x2a0 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n ...\n </TASK>\n\nThis patch fixes the root cause of this problem by replacing the error\ncode that __nilfs_btree_get_block() returns on block address conversion\nfailure from -ENOENT to another internal code -EINVAL which means that the\nb-tree metadata is corrupted.\n\nBy returning -EINVAL, it propagates without glitches, and for all relevant\nb-tree operations, functions in the upper bmap layer output an error\nmessage indicating corrupted b-tree metadata via\nnilfs_bmap_convert_error(), and code -EIO will be eventually returned as\nit should be."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0bf463939c09e5b2c35c71ed74a5fd60a74d6a04",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3c2a2ff67d46106715c2132021b98bd057c27545",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/45627a1a6450662e1e0f8174ef07b05710a20062",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/712bd74eccb9d3626a0a236641962eca8e11a243",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7633355e5c7f29c049a9048e461427d1d8ed3051",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b0ba060d3287108eba17603bee3810e4cf2c272d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d9fde9eab1766170ff2ade67d09178d2cfd78749",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2023/CVE-2023-529xx/CVE-2023-52901.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2023-52901",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.363",
"lastModified": "2024-08-21T07:15:06.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Check endpoint is valid before dereferencing it\n\nWhen the host controller is not responding, all URBs queued to all\nendpoints need to be killed. This can cause a kernel panic if we\ndereference an invalid endpoint.\n\nFix this by using xhci_get_virt_ep() helper to find the endpoint and\nchecking if the endpoint is valid before dereferencing it.\n\n[233311.853271] xhci-hcd xhci-hcd.1.auto: xHCI host controller not responding, assume dead\n[233311.853393] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000e8\n\n[233311.853964] pc : xhci_hc_died+0x10c/0x270\n[233311.853971] lr : xhci_hc_died+0x1ac/0x270\n\n[233311.854077] Call trace:\n[233311.854085] xhci_hc_died+0x10c/0x270\n[233311.854093] xhci_stop_endpoint_command_watchdog+0x100/0x1a4\n[233311.854105] call_timer_fn+0x50/0x2d4\n[233311.854112] expire_timers+0xac/0x2e4\n[233311.854118] run_timer_softirq+0x300/0xabc\n[233311.854127] __do_softirq+0x148/0x528\n[233311.854135] irq_exit+0x194/0x1a8\n[233311.854143] __handle_domain_irq+0x164/0x1d0\n[233311.854149] gic_handle_irq.22273+0x10c/0x188\n[233311.854156] el1_irq+0xfc/0x1a8\n[233311.854175] lpm_cpuidle_enter+0x25c/0x418 [msm_pm]\n[233311.854185] cpuidle_enter_state+0x1f0/0x764\n[233311.854194] do_idle+0x594/0x6ac\n[233311.854201] cpu_startup_entry+0x7c/0x80\n[233311.854209] secondary_start_kernel+0x170/0x198"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/08864dc14a6803f0377ca77b9740b26db30c020f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2d2820d5f375563690c96e60676855205abfb7f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/375be2dd61a072f7b1cac9b17eea59e07b58db3a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/66fc1600855c05c4ba4e997184c91cf298e0405c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9891e5c73cab3fd9ed532dc50e9799e55e974766",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e8fb5bc76eb86437ab87002d4a36d6da02165654",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f39c813af0b64f44af94e435c07bfa1ddc2575f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52902.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52902",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.427",
"lastModified": "2024-08-21T07:15:06.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnommu: fix memory leak in do_mmap() error path\n\nThe preallocation of the maple tree nodes may leak if the error path to\n\"error_just_free\" is taken. Fix this by moving the freeing of the maple\ntree nodes to a shared location for all error paths."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1442d51026c58e7c11dd5f9b19650632a48676d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7f31cced5724e6d414fe750aa1cd7e7b578ec22f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2023/CVE-2023-529xx/CVE-2023-52903.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2023-52903",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.480",
"lastModified": "2024-08-21T07:15:06.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: lock overflowing for IOPOLL\n\nsyzbot reports an issue with overflow filling for IOPOLL:\n\nWARNING: CPU: 0 PID: 28 at io_uring/io_uring.c:734 io_cqring_event_overflow+0x1c0/0x230 io_uring/io_uring.c:734\nCPU: 0 PID: 28 Comm: kworker/u4:1 Not tainted 6.2.0-rc3-syzkaller-16369-g358a161a6a9e #0\nWorkqueue: events_unbound io_ring_exit_work\nCall trace:\n\u00a0io_cqring_event_overflow+0x1c0/0x230 io_uring/io_uring.c:734\n\u00a0io_req_cqe_overflow+0x5c/0x70 io_uring/io_uring.c:773\n\u00a0io_fill_cqe_req io_uring/io_uring.h:168 [inline]\n\u00a0io_do_iopoll+0x474/0x62c io_uring/rw.c:1065\n\u00a0io_iopoll_try_reap_events+0x6c/0x108 io_uring/io_uring.c:1513\n\u00a0io_uring_try_cancel_requests+0x13c/0x258 io_uring/io_uring.c:3056\n\u00a0io_ring_exit_work+0xec/0x390 io_uring/io_uring.c:2869\n\u00a0process_one_work+0x2d8/0x504 kernel/workqueue.c:2289\n\u00a0worker_thread+0x340/0x610 kernel/workqueue.c:2436\n\u00a0kthread+0x12c/0x158 kernel/kthread.c:376\n\u00a0ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:863\n\nThere is no real problem for normal IOPOLL as flush is also called with\nuring_lock taken, but it's getting more complicated for IOPOLL|SQPOLL,\nfor which __io_cqring_overflow_flush() happens from the CQ waiting path."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/544d163d659d45a206d8929370d5a2984e546cb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7fc3990dad04a677606337ebc61964094d6cb41b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de77faee280163ff03b7ab64af6c9d779a43d4c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ed4629d1e968359fbb91d0a3780b1e86a2c08845",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52904.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52904",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.540",
"lastModified": "2024-08-21T07:15:06.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()\n\nThe subs function argument may be NULL, so do not use it before the NULL check."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/92a9c0ad86d47ff4cce899012e355c400f02cfb8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52905.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52905",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.597",
"lastModified": "2024-08-21T07:15:06.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix resource leakage in VF driver unbind\n\nresources allocated like mcam entries to support the Ntuple feature\nand hash tables for the tc feature are not getting freed in driver\nunbind. This patch fixes the issue."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/53da7aec32982f5ee775b69dce06d63992ce4af3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c8ca0ad10df08ea36bcac1288062d567d22604c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2023/CVE-2023-529xx/CVE-2023-52906.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2023-52906",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.663",
"lastModified": "2024-08-21T07:15:06.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mpls: Fix warning during failed attribute validation\n\nThe 'TCA_MPLS_LABEL' attribute is of 'NLA_U32' type, but has a\nvalidation type of 'NLA_VALIDATE_FUNCTION'. This is an invalid\ncombination according to the comment above 'struct nla_policy':\n\n\"\nMeaning of `validate' field, use via NLA_POLICY_VALIDATE_FN:\n NLA_BINARY Validation function called for the attribute.\n All other Unused - but note that it's a union\n\"\n\nThis can trigger the warning [1] in nla_get_range_unsigned() when\nvalidation of the attribute fails. Despite being of 'NLA_U32' type, the\nassociated 'min'/'max' fields in the policy are negative as they are\naliased by the 'validate' field.\n\nFix by changing the attribute type to 'NLA_BINARY' which is consistent\nwith the above comment and all other users of NLA_POLICY_VALIDATE_FN().\nAs a result, move the length validation to the validation function.\n\nNo regressions in MPLS tests:\n\n # ./tdc.py -f tc-tests/actions/mpls.json\n [...]\n # echo $?\n 0\n\n[1]\nWARNING: CPU: 0 PID: 17743 at lib/nlattr.c:118\nnla_get_range_unsigned+0x1d8/0x1e0 lib/nlattr.c:117\nModules linked in:\nCPU: 0 PID: 17743 Comm: syz-executor.0 Not tainted 6.1.0-rc8 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.13.0-48-gd9c812dda519-prebuilt.qemu.org 04/01/2014\nRIP: 0010:nla_get_range_unsigned+0x1d8/0x1e0 lib/nlattr.c:117\n[...]\nCall Trace:\n <TASK>\n __netlink_policy_dump_write_attr+0x23d/0x990 net/netlink/policy.c:310\n netlink_policy_dump_write_attr+0x22/0x30 net/netlink/policy.c:411\n netlink_ack_tlv_fill net/netlink/af_netlink.c:2454 [inline]\n netlink_ack+0x546/0x760 net/netlink/af_netlink.c:2506\n netlink_rcv_skb+0x1b7/0x240 net/netlink/af_netlink.c:2546\n rtnetlink_rcv+0x18/0x20 net/core/rtnetlink.c:6109\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x5e9/0x6b0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x739/0x860 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg net/socket.c:734 [inline]\n ____sys_sendmsg+0x38f/0x500 net/socket.c:2482\n ___sys_sendmsg net/socket.c:2536 [inline]\n __sys_sendmsg+0x197/0x230 net/socket.c:2565\n __do_sys_sendmsg net/socket.c:2574 [inline]\n __se_sys_sendmsg net/socket.c:2572 [inline]\n __x64_sys_sendmsg+0x42/0x50 net/socket.c:2572\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2b157c3c5d6b8ddca48d53c9e662032f65af8d61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/453277feb41c2235cf2c0de9209eef962c401457",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8a97b544b98e44f596219ebb290fd2ba2fd5d644",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e17f99220d111ea031b44153fdfe364b0024ff2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e2c38827cdc6fdd3bb375c8607fc04d289756f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2023/CVE-2023-529xx/CVE-2023-52907.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2023-52907",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.733",
"lastModified": "2024-08-21T07:15:06.733",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()\n\nFix a use-after-free that occurs in hcd when in_urb sent from\npn533_usb_send_frame() is completed earlier than out_urb. Its callback\nfrees the skb data in pn533_send_async_complete() that is used as a\ntransfer buffer of out_urb. Wait before sending in_urb until the\ncallback of out_urb is called. To modify the callback of out_urb alone,\nseparate the complete function of out_urb and ack_urb.\n\nFound by a modified version of syzkaller.\n\nBUG: KASAN: use-after-free in dummy_timer\nCall Trace:\n memcpy (mm/kasan/shadow.c:65)\n dummy_perform_transfer (drivers/usb/gadget/udc/dummy_hcd.c:1352)\n transfer (drivers/usb/gadget/udc/dummy_hcd.c:1453)\n dummy_timer (drivers/usb/gadget/udc/dummy_hcd.c:1972)\n arch_static_branch (arch/x86/include/asm/jump_label.h:27)\n static_key_false (include/linux/jump_label.h:207)\n timer_expire_exit (include/trace/events/timer.h:127)\n call_timer_fn (kernel/time/timer.c:1475)\n expire_timers (kernel/time/timer.c:1519)\n __run_timers (kernel/time/timer.c:1790)\n run_timer_softirq (kernel/time/timer.c:1803)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ca78c99656f5c448567db1e148367aa3b01c80a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/321db5131c92983dac4f3338e8fbb6df214238c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35529d6b827eedb6bf7e81130e4b7e0aba9e58d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/39ae73e581112cfe27ba50aecb1c891ce57cecb1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8998db5021a28ad67aa8d627bdb4226e4046ccc4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9424d2205fe94a095fb9365ec0c6137f0b394a2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9dab880d675b9d0dd56c6428e4e8352a3339371d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52908.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52908",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.800",
"lastModified": "2024-08-21T07:15:06.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL dereference\n\nFix potential NULL dereference, in the case when \"man\", the resource manager\nmight be NULL, when/if we print debug information."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0be7ed8e7eb15282b5d0f6fdfea884db594ea9bf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f2faf0699af78968a27ca154bf76e94247f8c471",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2023/CVE-2023-529xx/CVE-2023-52909.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2023-52909",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.857",
"lastModified": "2024-08-21T07:15:06.857",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix handling of cached open files in nfsd4_open codepath\n\nCommit fb70bf124b05 (\"NFSD: Instantiate a struct file when creating a\nregular NFSv4 file\") added the ability to cache an open fd over a\ncompound. There are a couple of problems with the way this currently\nworks:\n\nIt's racy, as a newly-created nfsd_file can end up with its PENDING bit\ncleared while the nf is hashed, and the nf_file pointer is still zeroed\nout. Other tasks can find it in this state and they expect to see a\nvalid nf_file, and can oops if nf_file is NULL.\n\nAlso, there is no guarantee that we'll end up creating a new nfsd_file\nif one is already in the hash. If an extant entry is in the hash with a\nvalid nf_file, nfs4_get_vfs_file will clobber its nf_file pointer with\nthe value of op_file and the old nf_file will leak.\n\nFix both issues by making a new nfsd_file_acquirei_opened variant that\ntakes an optional file pointer. If one is present when this is called,\nwe'll take a new reference to it instead of trying to open the file. If\nthe nfsd_file already has a valid nf_file, we'll just ignore the\noptional file and pass the nfsd_file back as-is.\n\nAlso rework the tracepoints a bit to allow for an \"opened\" variant and\ndon't try to avoid counting acquisitions in the case where we already\nhave a cached open file."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b3a551fa58b4da941efeb209b3770868e2eddd7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0b778361998d6c6356b8d2fc7ddf025fb3224654",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/45c08a752982116f3287afcd1bd9c50f4fab0c28",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/973acfdfe90c8a4e58ade97ff0653a498531ff2e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2023/CVE-2023-529xx/CVE-2023-52910.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2023-52910",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.910",
"lastModified": "2024-08-21T07:15:06.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/iova: Fix alloc iova overflows issue\n\nIn __alloc_and_insert_iova_range, there is an issue that retry_pfn\noverflows. The value of iovad->anchor.pfn_hi is ~0UL, then when\niovad->cached_node is iovad->anchor, curr_iova->pfn_hi + 1 will\noverflow. As a result, if the retry logic is executed, low_pfn is\nupdated to 0, and then new_pfn < low_pfn returns false to make the\nallocation successful.\n\nThis issue occurs in the following two situations:\n1. The first iova size exceeds the domain size. When initializing\niova domain, iovad->cached_node is assigned as iovad->anchor. For\nexample, the iova domain size is 10M, start_pfn is 0x1_F000_0000,\nand the iova size allocated for the first time is 11M. The\nfollowing is the log information, new->pfn_lo is smaller than\niovad->cached_node.\n\nExample log as follows:\n[ 223.798112][T1705487] sh: [name:iova&]__alloc_and_insert_iova_range\nstart_pfn:0x1f0000,retry_pfn:0x0,size:0xb00,limit_pfn:0x1f0a00\n[ 223.799590][T1705487] sh: [name:iova&]__alloc_and_insert_iova_range\nsuccess start_pfn:0x1f0000,new->pfn_lo:0x1efe00,new->pfn_hi:0x1f08ff\n\n2. The node with the largest iova->pfn_lo value in the iova domain\nis deleted, iovad->cached_node will be updated to iovad->anchor,\nand then the alloc iova size exceeds the maximum iova size that can\nbe allocated in the domain.\n\nAfter judging that retry_pfn is less than limit_pfn, call retry_pfn+1\nto fix the overflow issue."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/61cbf790e7329ed78877560be7136f0b911bba7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c929a230c84441e400c32e7b7b4ab763711fb63e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dcdb3ba7e2a8caae7bfefd603bc22fd0ce9a389c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52911.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52911",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:06.967",
"lastModified": "2024-08-21T07:15:06.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: another fix for the headless Adreno GPU\n\nFix another oops reproducible when rebooting the board with the Adreno\nGPU working in the headless mode (e.g. iMX platforms).\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000 when read\n[00000000] *pgd=74936831, *pte=00000000, *ppte=00000000\nInternal error: Oops: 17 [#1] ARM\nCPU: 0 PID: 51 Comm: reboot Not tainted 6.2.0-rc1-dirty #11\nHardware name: Freescale i.MX53 (Device Tree Support)\nPC is at msm_atomic_commit_tail+0x50/0x970\nLR is at commit_tail+0x9c/0x188\npc : [<c06aa430>] lr : [<c067a214>] psr: 600e0013\nsp : e0851d30 ip : ee4eb7eb fp : 00090acc\nr10: 00000058 r9 : c2193014 r8 : c4310000\nr7 : c4759380 r6 : 07bef61d r5 : 00000000 r4 : 00000000\nr3 : c44cc440 r2 : 00000000 r1 : 00000000 r0 : 00000000\nFlags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 10c5387d Table: 74910019 DAC: 00000051\nRegister r0 information: NULL pointer\nRegister r1 information: NULL pointer\nRegister r2 information: NULL pointer\nRegister r3 information: slab kmalloc-1k start c44cc400 pointer offset 64 size 1024\nRegister r4 information: NULL pointer\nRegister r5 information: NULL pointer\nRegister r6 information: non-paged memory\nRegister r7 information: slab kmalloc-128 start c4759380 pointer offset 0 size 128\nRegister r8 information: slab kmalloc-2k start c4310000 pointer offset 0 size 2048\nRegister r9 information: non-slab/vmalloc memory\nRegister r10 information: non-paged memory\nRegister r11 information: non-paged memory\nRegister r12 information: non-paged memory\nProcess reboot (pid: 51, stack limit = 0xc80046d9)\nStack: (0xe0851d30 to 0xe0852000)\n1d20: c4759380 fbd77200 000005ff 002b9c70\n1d40: c4759380 c4759380 00000000 07bef61d 00000600 c0d6fe7c c2193014 00000058\n1d60: 00090acc c067a214 00000000 c4759380 c4310000 00000000 c44cc854 c067a89c\n1d80: 00000000 00000000 00000000 c4310468 00000000 c4759380 c4310000 c4310468\n1da0: c4310470 c0643258 c4759380 00000000 00000000 c0c4ee24 00000000 c44cc810\n1dc0: 00000000 c0c4ee24 00000000 c44cc810 00000000 0347d2a8 e0851e00 e0851e00\n1de0: c4759380 c067ad20 c4310000 00000000 c44cc810 c27f8718 c44cc854 c067adb8\n1e00: c4933000 00000002 00000001 00000000 00000000 c2130850 00000000 c2130854\n1e20: c25fc488 00000000 c0ff162c 00000000 00000001 00000002 00000000 00000000\n1e40: c43102c0 c43102c0 00000000 0347d2a8 c44cc810 c44cc814 c2133da8 c06d1a60\n1e60: 00000000 00000000 00079028 c2012f24 fee1dead c4933000 00000058 c01431e4\n1e80: 01234567 c0143a20 00000000 00000000 00000000 00000000 00000000 00000000\n1ea0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1ec0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1ee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f80: 00000000 00000000 00000000 0347d2a8 00000002 00000004 00000078 00000058\n1fa0: c010028c c0100060 00000002 00000004 fee1dead 28121969 01234567 00079028\n1fc0: 00000002 00000004 00000078 00000058 0002fdc5 00000000 00000000 00090acc\n1fe0: 00000058 becc9c64 b6e97e05 b6e0e5f6 600e0030 fee1dead 00000000 00000000\n msm_atomic_commit_tail from commit_tail+0x9c/0x188\n commit_tail from drm_atomic_helper_commit+0x160/0x188\n drm_atomic_helper_commit from drm_atomic_commit+0xac/0xe0\n drm_atomic_commit from drm_atomic_helper_disable_all+0x1b0/0x1c0\n drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x88/0x140\n drm_atomic_helper_shutdown from device_shutdown+0x16c/0x240\n device_shutdown from kernel_restart+0x38/0x90\n kernel_restart from __do_sys_reboot+0x\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/00dd060ab3cf95ca6ede7853bc14397014971b5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b107b08c41b3076a508113fbaaffe15ce1fe7f65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52912.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52912",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:07.020",
"lastModified": "2024-08-21T07:15:07.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fixed bug on error when unloading amdgpu\n\nFixed bug on error when unloading amdgpu.\n\nThe error message is as follows:\n[ 377.706202] kernel BUG at drivers/gpu/drm/drm_buddy.c:278!\n[ 377.706215] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[ 377.706222] CPU: 4 PID: 8610 Comm: modprobe Tainted: G IOE 6.0.0-thomas #1\n[ 377.706231] Hardware name: ASUS System Product Name/PRIME Z390-A, BIOS 2004 11/02/2021\n[ 377.706238] RIP: 0010:drm_buddy_free_block+0x26/0x30 [drm_buddy]\n[ 377.706264] Code: 00 00 00 90 0f 1f 44 00 00 48 8b 0e 89 c8 25 00 0c 00 00 3d 00 04 00 00 75 10 48 8b 47 18 48 d3 e0 48 01 47 28 e9 fa fe ff ff <0f> 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 54 55 48 89 f5 53\n[ 377.706282] RSP: 0018:ffffad2dc4683cb8 EFLAGS: 00010287\n[ 377.706289] RAX: 0000000000000000 RBX: ffff8b1743bd5138 RCX: 0000000000000000\n[ 377.706297] RDX: ffff8b1743bd5160 RSI: ffff8b1743bd5c78 RDI: ffff8b16d1b25f70\n[ 377.706304] RBP: ffff8b1743bd59e0 R08: 0000000000000001 R09: 0000000000000001\n[ 377.706311] R10: ffff8b16c8572400 R11: ffffad2dc4683cf0 R12: ffff8b16d1b25f70\n[ 377.706318] R13: ffff8b16d1b25fd0 R14: ffff8b1743bd59c0 R15: ffff8b16d1b25f70\n[ 377.706325] FS: 00007fec56c72c40(0000) GS:ffff8b1836500000(0000) knlGS:0000000000000000\n[ 377.706334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 377.706340] CR2: 00007f9b88c1ba50 CR3: 0000000110450004 CR4: 00000000003706e0\n[ 377.706347] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 377.706354] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 377.706361] Call Trace:\n[ 377.706365] <TASK>\n[ 377.706369] drm_buddy_free_list+0x2a/0x60 [drm_buddy]\n[ 377.706376] amdgpu_vram_mgr_fini+0xea/0x180 [amdgpu]\n[ 377.706572] amdgpu_ttm_fini+0x12e/0x1a0 [amdgpu]\n[ 377.706650] amdgpu_bo_fini+0x22/0x90 [amdgpu]\n[ 377.706727] gmc_v11_0_sw_fini+0x26/0x30 [amdgpu]\n[ 377.706821] amdgpu_device_fini_sw+0xa1/0x3c0 [amdgpu]\n[ 377.706897] amdgpu_driver_release_kms+0x12/0x30 [amdgpu]\n[ 377.706975] drm_dev_release+0x20/0x40 [drm]\n[ 377.707006] release_nodes+0x35/0xb0\n[ 377.707014] devres_release_all+0x8b/0xc0\n[ 377.707020] device_unbind_cleanup+0xe/0x70\n[ 377.707027] device_release_driver_internal+0xee/0x160\n[ 377.707033] driver_detach+0x44/0x90\n[ 377.707039] bus_remove_driver+0x55/0xe0\n[ 377.707045] pci_unregister_driver+0x3b/0x90\n[ 377.707052] amdgpu_exit+0x11/0x6c [amdgpu]\n[ 377.707194] __x64_sys_delete_module+0x142/0x2b0\n[ 377.707201] ? fpregs_assert_state_consistent+0x22/0x50\n[ 377.707208] ? exit_to_user_mode_prepare+0x3e/0x190\n[ 377.707215] do_syscall_64+0x38/0x90\n[ 377.707221] entry_SYSCALL_64_after_hwframe+0x63/0xcd"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/9196eb7c52e55749a332974f0081f77d53d60199",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/99f1a36c90a7524972be5a028424c57fa17753ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52913.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52913",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:07.087",
"lastModified": "2024-08-21T07:15:07.087",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Fix potential context UAFs\n\ngem_context_register() makes the context visible to userspace, and which\npoint a separate thread can trigger the I915_GEM_CONTEXT_DESTROY ioctl.\nSo we need to ensure that nothing uses the ctx ptr after this. And we\nneed to ensure that adding the ctx to the xarray is the *last* thing\nthat gem_context_register() does with the ctx pointer.\n\n[tursulin: Stable and fixes tags add/tidy.]\n(cherry picked from commit bed4b455cf5374e68879be56971c1da563bcd90c)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/afce71ff6daa9c0f852df0727fe32c6fb107f0fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b696c627b3f56e173f7f70b8487d66da8ff22506",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2023/CVE-2023-529xx/CVE-2023-52914.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52914",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T07:15:07.143",
"lastModified": "2024-08-21T07:15:07.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/poll: add hash if ready poll request can't complete inline\n\nIf we don't, then we may lose access to it completely, leading to a\nrequest leak. This will eventually stall the ring exit process as\nwell."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4ad6c063541665c407d17e1faf2fe4f04e947dcc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/febb985c06cb6f5fac63598c0bffd4fd823d110d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

14
CVE-2024/CVE-2024-51xx/CVE-2024-5163.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-5163",
"sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"published": "2024-06-17T03:15:09.057",
"lastModified": "2024-07-03T02:08:37.670",
"lastModified": "2024-08-21T06:15:07.277",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -57,7 +67,7 @@
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
},
{
"url": "https://security.tecno.com/SRC/securityUpdates",
"url": "https://security.tecno.com/SRC/securityUpdates?type=SA",
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
}
]

60
CVE-2024/CVE-2024-58xx/CVE-2024-5880.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-5880",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:07.633",
"lastModified": "2024-08-21T06:15:07.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Hide My Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 due to the plugin not restricting access to the REST API when password protection is enabled. This makes it possible for unauthenticated attackers to gain unauthorized access to the site."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/hide-my-site/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31d2ccd2-d38b-4bdf-a905-a2b54ca80a58?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-65xx/CVE-2024-6508.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6508",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-08-21T06:15:08.120",
"lastModified": "2024-08-21T06:15:08.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim\u2019s current application account using a third-party account without any restrictions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-331"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-6508",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295777",
"source": "secalert@redhat.com"
}
]
}

64
CVE-2024/CVE-2024-65xx/CVE-2024-6568.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-6568",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:08.500",
"lastModified": "2024-08-21T06:15:08.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Flamix: Bitrix24 and Contact Form 7 integrations plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.1.0. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/flamix-bitrix24-and-contact-forms-7-integrations/trunk/includes/vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3138051%40flamix-bitrix24-and-contact-forms-7-integrations&new=3138051%40flamix-bitrix24-and-contact-forms-7-integrations&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/da2050ea-70b3-476d-841f-021c3baddf35?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-67xx/CVE-2024-6767.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-6767",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:08.877",
"lastModified": "2024-08-21T06:15:08.877",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordSurvey plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018sounding_title\u2019 parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wordsurvey/trunk/wordsurvey-add.php#L45",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wordsurvey/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/626dac34-6b25-42c9-8f7d-9899e4bcc039?source=cve",
"source": "security@wordfence.com"
}
]
}

16
CVE-2024/CVE-2024-67xx/CVE-2024-6780.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6780",
"sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"published": "2024-07-16T02:15:12.640",
"lastModified": "2024-07-16T13:43:58.773",
"lastModified": "2024-08-21T06:15:09.290",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,13 +16,25 @@
}
],
"metrics": {},
"weaknesses": [
{
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://security.tecno.com/SRC/blogdetail/276?lang=en_US",
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
},
{
"url": "https://security.tecno.com/SRC/securityUpdates",
"url": "https://security.tecno.com/SRC/securityUpdates?type=SA",
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
}
]

60
CVE-2024/CVE-2024-68xx/CVE-2024-6883.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6883",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:09.433",
"lastModified": "2024-08-21T06:15:09.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Event Espresso 4 Decaf \u2013 Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to, and including, 5.0.22.decaf. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify some of the plugin settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/event-espresso-decaf/tags/4.10.46.decaf/admin_pages/events/Events_Admin_Page.core.php#L2800",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/689abb68-0c19-4f89-91db-fd15ab8bca8e?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-70xx/CVE-2024-7013.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7013",
"sourceIdentifier": "product-security@gg.jp.panasonic.com",
"published": "2024-08-21T06:15:09.753",
"lastModified": "2024-08-21T06:15:09.753",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@gg.jp.panasonic.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "product-security@gg.jp.panasonic.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://industry.panasonic.com/jp/ja/products/fasys/plc/software/fpwinpro7",
"source": "product-security@gg.jp.panasonic.com"
},
{
"url": "https://industry.panasonic.eu/products/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro",
"source": "product-security@gg.jp.panasonic.com"
}
]
}

64
CVE-2024/CVE-2024-70xx/CVE-2024-7030.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-7030",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:10.053",
"lastModified": "2024-08-21T06:15:10.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update product and category descriptions, category titles and images, and sort order."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/clover-online-orders/trunk/admin/js/moo-OnlineOrders-admin.js",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/clover-online-orders/trunk/public/moo-OnlineOrders-public.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8664fec3-4e11-4775-a5ca-b4f58931da76?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-70xx/CVE-2024-7032.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-7032",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:10.453",
"lastModified": "2024-08-21T06:15:10.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moo_deactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to deactivate the plugin and drop all plugin tables from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/clover-online-orders/trunk/includes/moo-OnlineOrders-deactivator.php#L29",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/clover-online-orders/trunk/moo_OnlineOrders.php#L183",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9a6b05b1-c649-4b72-b884-11fb83ec77f2?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-70xx/CVE-2024-7090.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-7090",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:10.800",
"lastModified": "2024-08-21T06:15:10.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LH Add Media From Url plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018lh_add_media_from_url-file_url\u2019 parameter in all versions up to, and including, 1.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/lh-add-media-from-url/trunk/lh-add-media-from-url.php#L173",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/lh-add-media-from-url/trunk/partials/upload.php#L6",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b3461327-9195-48ed-b9c3-7b33198e9438?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-71xx/CVE-2024-7134.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-7134",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:11.200",
"lastModified": "2024-08-21T06:15:11.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LiquidPoll \u2013 Polls, Surveys, NPS and Feedback Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018form_data\u2019 parameter in all versions up to, and including, 3.3.78 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-poll/trunk/includes/classes/class-hooks.php#L408",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wp-poll/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3e62eba7-1ac9-4420-8692-58a169aa4330?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-73xx/CVE-2024-7390.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7390",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:11.577",
"lastModified": "2024-08-21T06:15:11.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnSaveTestimonailOrder function in all versions up to, and including, 3.0. This makes it possible for unauthenticated attackers to change the order of testimonials."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-testimonial-widget/trunk/functions.php#L358",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67eef869-a57f-40b5-b289-9353bf5b680a?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-76xx/CVE-2024-7629.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7629",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:12.090",
"lastModified": "2024-08-21T06:15:12.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This requires responsive videos to be enabled for posts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/responsive-video/trunk/responsive-video.php#L534",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c530f5d2-eed3-433b-bf96-656593ad6ce2?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-76xx/CVE-2024-7647.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7647",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:12.413",
"lastModified": "2024-08-21T06:15:12.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.7. This is due to missing or incorrect nonce validation on the otasync_widget_settings_fnc() function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ota-sync-booking-engine-widget/trunk/otasync-widget.php#L72",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9af6d311-a72e-4c86-8ecb-70fa83e5a240?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-76xx/CVE-2024-7651.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7651",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:12.830",
"lastModified": "2024-08-21T06:15:12.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The App Builder \u2013 Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the \u2018app-builder-search\u2019 parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/app-builder/trunk/includes/pure.php#L18",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b43371a6-bcb5-4418-b5a5-85879775010c?source=cve",
"source": "security@wordfence.com"
}
]
}

14
CVE-2024/CVE-2024-76xx/CVE-2024-7697.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7697",
"sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"published": "2024-08-12T13:38:58.913",
"lastModified": "2024-08-12T15:35:07.293",
"lastModified": "2024-08-21T06:15:13.187",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -57,7 +67,7 @@
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
},
{
"url": "https://security.tecno.com/SRC/securityUpdates",
"url": "https://security.tecno.com/SRC/securityUpdates?type=SA",
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
}
]

60
CVE-2024/CVE-2024-78xx/CVE-2024-7854.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7854",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-21T06:15:13.423",
"lastModified": "2024-08-21T06:15:13.423",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-inquiry/trunk/includes/functions.php?rev=2088873#L307",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/312a6601-c914-4661-82ff-6f8bac849442?source=cve",
"source": "security@wordfence.com"
}
]
}

44
CVE-2024/CVE-2024-79xx/CVE-2024-7998.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-7998",
"sourceIdentifier": "security@octopus.com",
"published": "2024-08-21T06:15:13.830",
"lastModified": "2024-08-21T06:15:13.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@octopus.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://advisories.octopus.com/post/2024/sa2024-07/",
"source": "security@octopus.com"
}
]
}

40
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-21T06:00:17.825887+00:00
2024-08-21T08:00:18.278838+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-21T05:15:14.920000+00:00
2024-08-21T07:15:07.143000+00:00
```
### Last Data Feed Release
@ -33,21 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
260700
260771
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `71`
- [CVE-2024-42939](CVE-2024/CVE-2024-429xx/CVE-2024-42939.json) (`2024-08-21T05:15:14.920`)
- [CVE-2023-52906](CVE-2023/CVE-2023-529xx/CVE-2023-52906.json) (`2024-08-21T07:15:06.663`)
- [CVE-2023-52907](CVE-2023/CVE-2023-529xx/CVE-2023-52907.json) (`2024-08-21T07:15:06.733`)
- [CVE-2023-52908](CVE-2023/CVE-2023-529xx/CVE-2023-52908.json) (`2024-08-21T07:15:06.800`)
- [CVE-2023-52909](CVE-2023/CVE-2023-529xx/CVE-2023-52909.json) (`2024-08-21T07:15:06.857`)
- [CVE-2023-52910](CVE-2023/CVE-2023-529xx/CVE-2023-52910.json) (`2024-08-21T07:15:06.910`)
- [CVE-2023-52911](CVE-2023/CVE-2023-529xx/CVE-2023-52911.json) (`2024-08-21T07:15:06.967`)
- [CVE-2023-52912](CVE-2023/CVE-2023-529xx/CVE-2023-52912.json) (`2024-08-21T07:15:07.020`)
- [CVE-2023-52913](CVE-2023/CVE-2023-529xx/CVE-2023-52913.json) (`2024-08-21T07:15:07.087`)
- [CVE-2023-52914](CVE-2023/CVE-2023-529xx/CVE-2023-52914.json) (`2024-08-21T07:15:07.143`)
- [CVE-2024-5880](CVE-2024/CVE-2024-58xx/CVE-2024-5880.json) (`2024-08-21T06:15:07.633`)
- [CVE-2024-6508](CVE-2024/CVE-2024-65xx/CVE-2024-6508.json) (`2024-08-21T06:15:08.120`)
- [CVE-2024-6568](CVE-2024/CVE-2024-65xx/CVE-2024-6568.json) (`2024-08-21T06:15:08.500`)
- [CVE-2024-6767](CVE-2024/CVE-2024-67xx/CVE-2024-6767.json) (`2024-08-21T06:15:08.877`)
- [CVE-2024-6883](CVE-2024/CVE-2024-68xx/CVE-2024-6883.json) (`2024-08-21T06:15:09.433`)
- [CVE-2024-7013](CVE-2024/CVE-2024-70xx/CVE-2024-7013.json) (`2024-08-21T06:15:09.753`)
- [CVE-2024-7030](CVE-2024/CVE-2024-70xx/CVE-2024-7030.json) (`2024-08-21T06:15:10.053`)
- [CVE-2024-7032](CVE-2024/CVE-2024-70xx/CVE-2024-7032.json) (`2024-08-21T06:15:10.453`)
- [CVE-2024-7090](CVE-2024/CVE-2024-70xx/CVE-2024-7090.json) (`2024-08-21T06:15:10.800`)
- [CVE-2024-7134](CVE-2024/CVE-2024-71xx/CVE-2024-7134.json) (`2024-08-21T06:15:11.200`)
- [CVE-2024-7390](CVE-2024/CVE-2024-73xx/CVE-2024-7390.json) (`2024-08-21T06:15:11.577`)
- [CVE-2024-7629](CVE-2024/CVE-2024-76xx/CVE-2024-7629.json) (`2024-08-21T06:15:12.090`)
- [CVE-2024-7647](CVE-2024/CVE-2024-76xx/CVE-2024-7647.json) (`2024-08-21T06:15:12.413`)
- [CVE-2024-7651](CVE-2024/CVE-2024-76xx/CVE-2024-7651.json) (`2024-08-21T06:15:12.830`)
- [CVE-2024-7854](CVE-2024/CVE-2024-78xx/CVE-2024-7854.json) (`2024-08-21T06:15:13.423`)
- [CVE-2024-7998](CVE-2024/CVE-2024-79xx/CVE-2024-7998.json) (`2024-08-21T06:15:13.830`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `3`
- [CVE-2024-1394](CVE-2024/CVE-2024-13xx/CVE-2024-1394.json) (`2024-08-21T04:15:09.187`)
- [CVE-2024-5163](CVE-2024/CVE-2024-51xx/CVE-2024-5163.json) (`2024-08-21T06:15:07.277`)
- [CVE-2024-6780](CVE-2024/CVE-2024-67xx/CVE-2024-6780.json) (`2024-08-21T06:15:09.290`)
- [CVE-2024-7697](CVE-2024/CVE-2024-76xx/CVE-2024-7697.json) (`2024-08-21T06:15:13.187`)
## Download and Usage

81
_state.csv
View File

@ -212367,8 +212367,41 @@ CVE-2022-48863,0,0,0b99b60ca586a6da4e957e9e6764f579d04f3de517666b5d23308eb74a032
CVE-2022-48864,0,0,20a93d8c717514ed3619da6525932e50b688bd0d476c290094d596cb506d7b10,2024-07-23T14:44:00.093000
CVE-2022-48865,0,0,131f2466a64b0e56f3543f09aa08c5ba9a2688ed851b0bd16452f38d0b32c199,2024-07-23T14:42:20.300000
CVE-2022-48866,0,0,dd9632abea944a27af10a71970d4f3466ac4d00c77d7597d39b4974e89d54588,2024-07-23T14:36:54.493000
CVE-2022-48867,1,1,cdd047098e7521891c64deaa6d25be49842462ad499b251cb71897e970e14bee,2024-08-21T07:15:03.860000
CVE-2022-48868,1,1,d1c9f109ad55e8fa7ebd6611ad85522572861fa6a96af40a1451028039bedde0,2024-08-21T07:15:04.020000
CVE-2022-48869,1,1,fe2b46dcde73a065aaef6bbb2d64a2a6019a5844d9c9a779546ccd065327c86d,2024-08-21T07:15:04.080000
CVE-2022-48870,1,1,f103a70546b0fea7da1c9b26e866e130156eeb50cb671bad4018602f257f6ec6,2024-08-21T07:15:04.143000
CVE-2022-48871,1,1,3b9cddd5780de08b555fc27072967febc10ce2fd574e7bacf345c4b605723334,2024-08-21T07:15:04.207000
CVE-2022-48872,1,1,75918a455a4bfa3a2688bbffc3eb8e9e314d3535e8115c003d60b7dd1d5e0961,2024-08-21T07:15:04.267000
CVE-2022-48873,1,1,ea092bb358b9c94909bcde1559b32c04a00f1ab1699c941a1463fd380899b857,2024-08-21T07:15:04.323000
CVE-2022-48874,1,1,468e09a2a5eeaa2755a7d415e567d3eff2867962b69d211104afeaca8ab92fc0,2024-08-21T07:15:04.383000
CVE-2022-48875,1,1,a0141b16291e68f99cfcb9f169a9bda342d0633563073a84652c0e457c47362b,2024-08-21T07:15:04.440000
CVE-2022-48876,1,1,47f94c9f4b42488d0aa7a60b502db5a11d6a5df1238c6b6ede4bbc43a797f636,2024-08-21T07:15:04.500000
CVE-2022-48877,1,1,ddfa915241190e684d3e8bfb0eca8764585da3e9f0aa003fa991adc8cc0e9249,2024-08-21T07:15:04.563000
CVE-2022-48878,1,1,8b02d6b36d19bd2a3aaaf66743daf8592ac5b9adbdd3c022a77e24cf7c7ecd8d,2024-08-21T07:15:04.627000
CVE-2022-48879,1,1,aeabd97414625836a8f9298ca40977fe0b1fa6d5eda686cfcf07901afb6f43a9,2024-08-21T07:15:04.690000
CVE-2022-4888,0,0,b679e23092f1369239dc0dfe1d4aeef981e952b9db5ffb43ed815e206bd3f53d,2023-11-07T03:59:13.600000
CVE-2022-48880,1,1,5cf0a5254b2a947c94fb61e1c868c4197288be4f4f8f0053252bc15eadd334ec,2024-08-21T07:15:04.753000
CVE-2022-48881,1,1,8cbfc7d20f8001ea8199ceb8ed2872608bcad56c807318ae864b8fd8b1658f65,2024-08-21T07:15:04.810000
CVE-2022-48882,1,1,238125e63160f60623a1c2fa126c76674397d24bea5bc79b1945f3e5286c944f,2024-08-21T07:15:04.863000
CVE-2022-48883,1,1,4f39d6d888cdd491e67f5fafb9b9666cc2a1eb0d9cd32d9a6c82fe6fc5cd0837,2024-08-21T07:15:04.933000
CVE-2022-48884,1,1,507012b2bd470cfd5f12ce4fad926e3fa8901cd647767819473748f4f1222c0d,2024-08-21T07:15:04.987000
CVE-2022-48885,1,1,c15f371ac126a03cb4cbbe72245c013dad5271763579159135ac1b29934ad7d6,2024-08-21T07:15:05.037000
CVE-2022-48886,1,1,9051b99851828ec2d8ddb8676510a648d92a2a1b0a908aec1bb251e85260871f,2024-08-21T07:15:05.090000
CVE-2022-48887,1,1,68e6e8becb6bdcef30d7a4d69f39b4671f100d7df8ea1fb5d63a1bfdc5634e7c,2024-08-21T07:15:05.143000
CVE-2022-48888,1,1,bb5191e916e7a22da4484fce9ae4a64a9c3ac07890a87c2da330de7d86f63208,2024-08-21T07:15:05.193000
CVE-2022-48889,1,1,88da34346ef839c431bf532e9d111858e1ccb11f92fc215f4420ff21e0e7e643,2024-08-21T07:15:05.243000
CVE-2022-4889,0,0,e28145e6bac3566714c615b828c485e97008b42961c16fdc8c566e13678a4601,2024-05-17T02:17:01.537000
CVE-2022-48890,1,1,39f0bf226d76b28261639f14aae6ba7aea2e5b47c7d64b079a82492c1e18b1e0,2024-08-21T07:15:05.303000
CVE-2022-48891,1,1,a453136cf6485b2d243ff7872eea0e46d838cb47bf51e89e6962b95f7af4e252,2024-08-21T07:15:05.360000
CVE-2022-48892,1,1,45868c47b9453e14dbab40974b264c5e5757f6e0fc47aadd0ffc11bbd1886d69,2024-08-21T07:15:05.420000
CVE-2022-48893,1,1,4a1b1af85325f86a0bd47b4a695a8da657a543ef9d1bc03255faed28bc22262f,2024-08-21T07:15:05.477000
CVE-2022-48894,1,1,d9c7e7ea2eb3fab0f72df125cb82f6b566609907e3c96520a0a0e0225650a159,2024-08-21T07:15:05.527000
CVE-2022-48895,1,1,34996717b44d3bfca980912d689048639a61724603fa0fd5b8f5ae08bae670cc,2024-08-21T07:15:05.580000
CVE-2022-48896,1,1,48dae6adeb402ca2442ef781a0e993f00e1176b3de1d6761e706d74587021d79,2024-08-21T07:15:05.640000
CVE-2022-48897,1,1,fb62568da841f70e07386a9c634430265eaef90f31f656eaf2df736efdd667b7,2024-08-21T07:15:05.693000
CVE-2022-48898,1,1,3a0276bbbc377ad49f0760f8ea0b393d28d10477acfd2681220f9edba0639ebb,2024-08-21T07:15:05.750000
CVE-2022-48899,1,1,9d847cc32614cf58376c3994aa3ea22de3cfae6e33079188def9b87973800628,2024-08-21T07:15:05.810000
CVE-2022-4890,0,0,6681cfa53e1bf5f370bc8c8bc62693e3d5b22cda3aa6b9f40531dae97a716dfa,2024-05-17T02:17:01.647000
CVE-2022-4891,0,0,a455b0842f19c717ee670b5db60155cb5018f293a7aaf3547e3c50a0a475a09d,2024-05-17T02:17:01.767000
CVE-2022-4892,0,0,a02afb40fce024abebfb05a40298b81994dfc2b7567f3762fdb2b328cbdbe6a9,2024-05-17T02:17:01.897000
@ -239204,8 +239237,30 @@ CVE-2023-5289,0,0,85a0656428a156af531ef9ce48391ff960ba4c2a8af32298a7386854e98b6d
CVE-2023-52890,0,0,98d004bfa32a49234fd94c1d29c092368def9b12c09abef3185e148025b433c1,2024-06-13T18:36:09.010000
CVE-2023-52891,0,0,5e151a4d8c6f84e3d9dd04a36315448ea54aacacf0306d24e88a33c5bc6a9764,2024-07-09T18:19:14.047000
CVE-2023-52892,0,0,32d862a219e297bef87d6af26c1c79f877a4570bd3376c8ef713855d979da993,2024-06-28T10:27:00.920000
CVE-2023-52893,1,1,b44edc36a2cdd85da84249057ec53101430dac5a8ebb6a2c47313223f74913c6,2024-08-21T07:15:05.880000
CVE-2023-52894,1,1,1f853e060c40816d7b437ac94820c0a1a076d4a0d1e97ce4c12e9a2002266c8e,2024-08-21T07:15:05.943000
CVE-2023-52895,1,1,7becbccbe98e47a54670a06c1177ccde1cd6362450068cd1b83c2e92ec630280,2024-08-21T07:15:06.007000
CVE-2023-52896,1,1,d3bf2194b67ca6deb47910c1feb19be2d3300f09be3d5fcc9502856d2530118c,2024-08-21T07:15:06.060000
CVE-2023-52897,1,1,7f5b939c20664e292bbdfefebb360e552cd1d88980ae57294055e5d297fc03c8,2024-08-21T07:15:06.120000
CVE-2023-52898,1,1,bd4ed759d32b9b408b843ca971610071a604e502dedf583651093af838b4c3f6,2024-08-21T07:15:06.180000
CVE-2023-52899,1,1,f94522c4b5582f0c2cf0f1cdfa920542166663012ae0d2861afeac7dbd8d1cb6,2024-08-21T07:15:06.237000
CVE-2023-5290,0,0,255136b2a2d1074a86a7ffaaa04fac7dce086f58333ef45175fedd871048a368,2023-11-07T04:23:48.727000
CVE-2023-52900,1,1,2350fa55886cb47ebc13f866d003c8f547e5a8ed3014035d8e0344099ab09eee,2024-08-21T07:15:06.297000
CVE-2023-52901,1,1,2b6b46b8f1582cd6183c36472ee0019222c1ed445a9a7e06e45c7c908fd222c3,2024-08-21T07:15:06.363000
CVE-2023-52902,1,1,5301f846c75805f813245f8df15b7c5c5ce897c7b3f8fcd63bbe773a69a65e11,2024-08-21T07:15:06.427000
CVE-2023-52903,1,1,5c79f08b2e4b8a002772bb3da9f3ad045e0a2261c7db62b8e25341a7bf7b37d4,2024-08-21T07:15:06.480000
CVE-2023-52904,1,1,40f6a244e47418265433b067f6c491948d1e99214ae1d263dac24c42b5079983,2024-08-21T07:15:06.540000
CVE-2023-52905,1,1,e4ade75ae414ecfb6d8138fd94894bb5bfbd46760ae741f522f68e53dda3327a,2024-08-21T07:15:06.597000
CVE-2023-52906,1,1,20b61617be2e5ddb90bf7dcfa2cbdde43fb4ce975ef1025d4e02f19f1e698f2a,2024-08-21T07:15:06.663000
CVE-2023-52907,1,1,5d21847bd162dff651037227b0b145b4392442e8a81f3b8678a41059f2498860,2024-08-21T07:15:06.733000
CVE-2023-52908,1,1,cada97a9b33aecab7684f6d8e4f949fff1e7b535f7446e135a7e97a7edb00e27,2024-08-21T07:15:06.800000
CVE-2023-52909,1,1,ed21478189dcd9bdb9c1040c7ac2052582b55883366a1575fdfb2434d24e8206,2024-08-21T07:15:06.857000
CVE-2023-5291,0,0,9fbf4165ef098167a71fe88b00d2bfc45902a0f6c10baa2f3dd4bdabd4d91739,2023-11-07T04:23:48.757000
CVE-2023-52910,1,1,bfbb9e6d24e3702c61876f69c2ad6447bffbbe132976da491d68acb63049928e,2024-08-21T07:15:06.910000
CVE-2023-52911,1,1,ac7859752d845ae191861aed248a033a7108870eae69cc8519650c0488e8e59d,2024-08-21T07:15:06.967000
CVE-2023-52912,1,1,c0a3e4d87467f009e4102e719c6b5fcd5fb26ceeb7abb50dc229b477c8dda4e3,2024-08-21T07:15:07.020000
CVE-2023-52913,1,1,f35d3d04987097a61f1949515901b96c566fcc632e43d33fadb3594621956f1d,2024-08-21T07:15:07.087000
CVE-2023-52914,1,1,3a1a2998871bc54e3d6d5c458e76fc1487477a2da0da908c417fe5277db8ea4c,2024-08-21T07:15:07.143000
CVE-2023-5292,0,0,214d7ae5654e29ed0e372211abf39e379cdbd830eab553609e162ffb791fd787,2023-11-07T04:23:48.910000
CVE-2023-5293,0,0,37b5570c94c226fac17bbeba13451e285dd87937cebf55577645a70e3fbcf851,2024-05-17T02:32:58.843000
CVE-2023-5294,0,0,91871d88408d7e2bcaad4b05fb484ac2315248d3665cd88ba6ae47f2da8d5f16,2024-05-17T02:32:58.950000
@ -242220,7 +242275,7 @@ CVE-2024-1390,0,0,f2a25975c3042e30a42c5fcd19f4c398992a4b35179f84e0b51a1c441a4e4d
CVE-2024-1391,0,0,50e2fbe1cc7d386fd26fed3bf083598946d64d5314a6236ebb9200766cf4f837,2024-03-13T18:15:58.530000
CVE-2024-1392,0,0,8db7abe472b85e00e4ae726e30591de82c7d16f05d2f6d5459004c50d152a5c0,2024-03-13T18:15:58.530000
CVE-2024-1393,0,0,4f5797aa4dbf368118dda7b12f73418a8cf88d40cd13e8c8978941ce6c41ad41,2024-03-13T18:15:58.530000
CVE-2024-1394,0,1,fa4e05861081666b98481f82ecb109fc66fe66af9ca446ba7b4127cc8d5069da,2024-08-21T04:15:09.187000
CVE-2024-1394,0,0,fa4e05861081666b98481f82ecb109fc66fe66af9ca446ba7b4127cc8d5069da,2024-08-21T04:15:09.187000
CVE-2024-1395,0,0,9f5cead23576320934b06ae7650426cd28c58ea3927d599eb3ccbebbf15a3072,2024-07-03T01:45:14.570000
CVE-2024-1396,0,0,0697e623a8579806097bf49373d31640770e9cf97f78e16b0038cfa8bc55a349,2024-05-02T18:00:37.360000
CVE-2024-1397,0,0,8da6b20072e696017f2fea6d653b85b1ce227e84921025d1f452d353bbc1383a,2024-03-13T12:33:51.697000
@ -257741,7 +257796,7 @@ CVE-2024-4291,0,0,3555454673f17bb302e51e81ea2fe7cd049aabde203c094d5792666ddbcea9
CVE-2024-42919,0,0,0d4d9236af3e88e77a598ff9abf029cb75f753ce61fafb7445e61745bd695bdf,2024-08-20T17:15:19.463000
CVE-2024-4292,0,0,3da8afef6eac3f0e74c17cae2760dab77b8f6d77627214b0783fc9bf5f2f59b0,2024-06-04T19:20:35.097000
CVE-2024-4293,0,0,32ea35cbc5ba91cf83ff71be9c2b19347dd1b3b0949ec88573415a66fabe3aec,2024-06-04T19:20:35.203000
CVE-2024-42939,1,1,063810f5bb6a6e0548bad9e96a46b51dc48585338b19c52acbbea6730ae59fdc,2024-08-21T05:15:14.920000
CVE-2024-42939,0,0,063810f5bb6a6e0548bad9e96a46b51dc48585338b19c52acbbea6730ae59fdc,2024-08-21T05:15:14.920000
CVE-2024-4294,0,0,0a6adde2b8f93d4c8d3c3070f48f62e5ef1709fd02553117d08b35488342d14f,2024-06-04T19:20:35.300000
CVE-2024-42940,0,0,097785b0d8b1a2c5e9dc9f93304a2dd55a9659adb94f015efea3fb7466159ea6,2024-08-15T19:33:37.670000
CVE-2024-42941,0,0,4823e4e899032fc94bff489b9cbadb70ea6c991fd28db39b71d862913b0d21ef,2024-08-15T19:33:07.637000
@ -258784,7 +258839,7 @@ CVE-2024-5159,0,0,9a9b3de45c6c36099e2df42ed5c739b91b4960d213fd6f345b99527b20e821
CVE-2024-5160,0,0,761bdadb9ac3f89d156978519ca326c5704c62592c7f03e703ecc7e802a865d7,2024-07-03T02:08:36.807000
CVE-2024-5161,0,0,f120c7db938e25c7983d6c400da502880d5ffbc93ab4e5e05351c3fca8fbd038,2024-07-24T17:54:42.387000
CVE-2024-5162,0,0,b916c521cfe3c1fb21956086b784f2a8541eeb514496e084206ecc726f921efe,2024-07-24T17:53:33.277000
CVE-2024-5163,0,0,bdc81db4ac58629f980356520760931bcc42aa23cfccd4fdeb3934ec7b891de9,2024-07-03T02:08:37.670000
CVE-2024-5163,0,1,1f45f157a740def8c3f1c2e097025198bc2166983108f63600058e7c57408d30,2024-08-21T06:15:07.277000
CVE-2024-5165,0,0,2b7469c3d25cc1e03e7fcca1607bc78daf489d82c018a0fbc4f3b815c328cf85,2024-05-24T01:15:30.977000
CVE-2024-5166,0,0,5c544eab21844e01fabd3874ed7776a55145987bd3a510311ad16f12f33bd2bc,2024-05-22T18:59:20.240000
CVE-2024-5167,0,0,a26d674346a63d8730649864e3fcc22e33fb8b5877ed990bcd49874aef8d8c48,2024-08-01T13:59:41.660000
@ -259376,6 +259431,7 @@ CVE-2024-5866,0,0,1e8ac9a24cff1ef0b1e69b0cad4245851696c731844c0dad74330fe9e97df7
CVE-2024-5868,0,0,9a8536b47a27c25b7062405f8aad2263147d3121835e9d2d4eb9b37e61c344ed,2024-06-17T12:42:04.623000
CVE-2024-5871,0,0,bfc23a1063e8c2c3d98988ddd8df8ea7002d8802bf04bd4c0c941cb9250f6a3f,2024-06-17T12:42:04.623000
CVE-2024-5873,0,0,5735eb2853c46a5b255fc10b814ec1b6c4f29d136a3521fa8f4d7be256150249,2024-06-12T08:15:51.550000
CVE-2024-5880,1,1,ebf838631b85cb084ee3c123a33dca070716403aae01d55c63a31ce80114bec0,2024-08-21T06:15:07.633000
CVE-2024-5881,0,0,3ae006c5e782ce634c6c6fd24fda313894dca095797874331692050dc97499bf,2024-07-09T18:19:14.047000
CVE-2024-5882,0,0,9790fb22da231882b81afb2259612f6848f747553cc5560caa274dd01996ad4d,2024-08-01T14:00:04.947000
CVE-2024-5883,0,0,d6a370f6079b934cdc983b97c847b09fbc2fd364cbab75a4154dad04b870dbf6,2024-08-01T14:00:05.160000
@ -259854,6 +259910,7 @@ CVE-2024-6504,0,0,8b12236aeea36b8f50ca52878af23b200b8eec2ab40fe418832b1f4c4c6b95
CVE-2024-6505,0,0,b8708084cd092b6ca88acb18ad5e80f748f8e2829ec040b8958bfe3c1fee2cd6,2024-07-08T15:41:17.883000
CVE-2024-6506,0,0,58310ca3e68e3dacb16dafd9b32db187bdf111a88d3da008267c8c84bbec48d6,2024-07-05T12:55:51.367000
CVE-2024-6507,0,0,4e3b24fd61e25de66a6840473e4d19109a713188592b0f05efa1cbb9de33936e,2024-07-08T14:19:21.610000
CVE-2024-6508,1,1,ad710cc967089e6834cd0bda1693c96808d80b6089a0c3a4cd253e1aa8b0008b,2024-08-21T06:15:08.120000
CVE-2024-6511,0,0,053f3089b06a0cd915df79eb3301836b5db5c9fe4d3ed571ee6923d36f4d1832,2024-07-05T12:55:51.367000
CVE-2024-6513,0,0,bb977a38eaef5aa918756b3907c97d9805111d3bc118dcf2b0096d1bbd202aea,2024-07-04T16:15:03.103000
CVE-2024-6518,0,0,7a127ef3c2d090457ff99a50f0f761572ef9ee379e26194986d16a2b77609a00,2024-07-29T14:12:08.783000
@ -259897,6 +259954,7 @@ CVE-2024-6564,0,0,b381c943e4dc87d72df0560a8008d835d4542fba3e8b6a3b21a1beca0e3a3f
CVE-2024-6565,0,0,43def900ab0d6afe7974c0f6bcdb1952d3f11b54fce1bb808ab6238edf9d39c2,2024-07-16T13:43:58.773000
CVE-2024-6566,0,0,d6506e8698f9fc48107baf6879b3d68aa0d41c6ff56f3284c695ecacd8e825b0,2024-07-29T14:12:08.783000
CVE-2024-6567,0,0,9de7307cc0759fd9897fd3f0912c6bf0e2680673968bc0cc458d792904193dbe,2024-08-02T12:59:43.990000
CVE-2024-6568,1,1,9c59c2befb80672bcceb861772c983f5bf38da3b51fc50e701c26ed574236c09,2024-08-21T06:15:08.500000
CVE-2024-6569,0,0,ea17e16deeca6260fdba738f342a9d86e7275b877d87aa50f5264cd0a02b7a0c,2024-07-29T14:12:08.783000
CVE-2024-6570,0,0,1c2083317d49d5094b93c672429fe80fa3944fba8c36de7f1f2403e55beb6b46,2024-07-16T13:43:58.773000
CVE-2024-6571,0,0,78a981d5a6d937e0ba878714ecb6e9c0e22f79c4ebbc143a02b12bb91eae6bff,2024-08-14T19:24:59.063000
@ -260027,6 +260085,7 @@ CVE-2024-6760,0,0,2363997d66d6496a6d94c4263cbac8f525a5e902af0a9a7389048de6fc4d9b
CVE-2024-6761,0,0,f38b3ccdc89aa0093bd659ba31741817a9ff74cb3bee1ce8404957bf0a35b578,2024-07-29T11:15:10.140000
CVE-2024-6765,0,0,582116fb1612a7c43e0b570dc3dd773f185a6bed827d147d00793764d2f2774e,2024-07-17T14:15:04.327000
CVE-2024-6766,0,0,4e69f4c5d546bbff4d97a532e9e5f675c0139ba3a0fba76f00597bc0bd516b20,2024-08-06T16:30:24.547000
CVE-2024-6767,1,1,5732aae7dd2bc3e20c67c665f4626a4a8a3aa8aa61698ea65a022d013409b6a4,2024-08-21T06:15:08.877000
CVE-2024-6768,0,0,82748b5876adf1db3885f7851e524fbc4111b7e46f9748cb3a4056bb52182449,2024-08-13T12:58:25.437000
CVE-2024-6770,0,0,4e0dc06a2aaa55c8bf6c7adb0f484fa8776788d11a4220cb3908768a1c995eb7,2024-07-31T12:57:02.300000
CVE-2024-6772,0,0,f0ffeebc9a92372629de2eb0378ed8854f5d1b95881919ea662c83ca59f4b1a0,2024-08-06T19:35:10.307000
@ -260037,7 +260096,7 @@ CVE-2024-6776,0,0,3f1ebb6e9dceea367fad64f14a324a2ed3be61cc5710cd237dd667a1644d55
CVE-2024-6777,0,0,ca29db0995c8af0d3bc27804bd1f135839d6af869a949f56fbd75929b6968b0d,2024-08-01T14:00:41.267000
CVE-2024-6778,0,0,84b088ec3020aa8ff5e55451d795a5507972d54955d86abc44832d806c764933,2024-08-01T14:00:42.093000
CVE-2024-6779,0,0,fe5ad1222b3723da7c0ac78d266b4f175bcea5cc66ba78d4d443b9702520701b,2024-08-01T14:00:42.927000
CVE-2024-6780,0,0,54fc3efeb973ca2f40f04f54d5a723685bcfaff31befba604fec0242bd088a83,2024-07-16T13:43:58.773000
CVE-2024-6780,0,1,ad87716761d57bba157b9bc6302fd56c93db87ccc83552a263372092cb4e844e,2024-08-21T06:15:09.290000
CVE-2024-6781,0,0,678fc4d6db3dccbbb40576923dc15e296dd0a3cca23bbb526dd93d0dbc8a0cec,2024-08-19T17:15:34.797000
CVE-2024-6782,0,0,623508ea52e56d6a6e227168366ca2cd7770a1a0850e95e080f5f12fc915b728,2024-08-06T16:30:24.547000
CVE-2024-6783,0,0,02ffa81303e2d0b2c8d5ada15cd1c5a0e17971825cf42319819acea737c80823,2024-07-24T12:55:13.223000
@ -260071,6 +260130,7 @@ CVE-2024-6872,0,0,9eb628e3a6d1ea0380e94dd099512f5a2f74ddb0ba75bf9a102e83ab13e260
CVE-2024-6873,0,0,8e5db8bfa0491746f29814d1d8249a1850325cbcdbd09b52dbf90709e95d212c,2024-08-01T16:45:25.400000
CVE-2024-6874,0,0,dbf80741a5dbaf69dfea3d6102d0d56a1052d5bac2fe6cc0bc24819c43cddd92,2024-08-01T14:00:45.683000
CVE-2024-6881,0,0,520f7716290babc1617560777d62fc095cd252de40f50f3ed54fb0f967edb111,2024-08-08T20:24:41.957000
CVE-2024-6883,1,1,0bd38a88444dfb59228ac9618461e5d3d2e5a60d0d3ad4e99860c91c8c2d6fde,2024-08-21T06:15:09.433000
CVE-2024-6884,0,0,02f1ddb5da314dd396e2205aa21249cb1d9497ae10f450ff628522b4f22bdeac,2024-08-08T19:35:22.760000
CVE-2024-6885,0,0,820342a8aad3354940c223afe57157bbf13eee743fbe19265a63d35dde973086,2024-07-24T12:55:13.223000
CVE-2024-6886,0,0,fbca102ce434786c03a8469f687e67e8b7739ad3b6f0519e88d819189fb30d7c,2024-08-06T16:30:24.547000
@ -260168,10 +260228,13 @@ CVE-2024-7006,0,0,e6fa209ac0713e033e0ece6a5e36f45d5c69970bc1d46f1daeb274aa6fa96c
CVE-2024-7007,0,0,443ea019503bb62163681477e591813d689cda148f7559da12362b93a0b77177,2024-07-26T12:38:41.683000
CVE-2024-7008,0,0,e9008eac80639f6b75fc8244a6b0baab3d6a7fa095b7e9aa58d7626a117a490a,2024-08-19T17:19:25.390000
CVE-2024-7009,0,0,63b067a161bbf9c0630f63b1d51ac801565652e58cd58fdd4516392106a400e2,2024-08-19T17:18:50.290000
CVE-2024-7013,1,1,66ce99a337f0f86d204cb5544882650b9d56adecbd2755f45811969a6820e690,2024-08-21T06:15:09.753000
CVE-2024-7014,0,0,bf4bcb57365a86d29a45ebd019245eec542daaec8aac5d2bd790565f954bcfee,2024-07-24T12:55:13.223000
CVE-2024-7027,0,0,5a505a0256616ae7086bad971714674072a78d2b5b489c23bd05df293d4823ce,2024-07-24T12:55:13.223000
CVE-2024-7029,0,0,5175bec03cf7f2378284f608514536d153bc0fcc9978511b168a2887b7029c22,2024-08-05T12:41:45.957000
CVE-2024-7030,1,1,ea9f562942a2af0f2104072413a81037570527653965cb62ca96c615002d5bd2,2024-08-21T06:15:10.053000
CVE-2024-7031,0,0,4808703a4cd0b97f67a773c5f222b01d69a2fff387801423358b3ea99670c83a,2024-08-05T12:41:45.957000
CVE-2024-7032,1,1,7e7c52e8ad4a656046e935668264238995d9aedb55a26e6312d6577ab4062e2a,2024-08-21T06:15:10.453000
CVE-2024-7047,0,0,c626b8092c8533dfe4198c51e8e35d5946df1ed097b6fb1d01ca755685dc1b0d,2024-07-25T12:36:39.947000
CVE-2024-7050,0,0,f402c0a89ba2917236fe6639793bd54ee4751807250eba7a4dde84d4a362ffd7,2024-07-29T14:12:08.783000
CVE-2024-7054,0,0,c2f192d88d8b2a817d17540b8fda16fcd38e463cdb3b6d5e52e3cf243830add6,2024-08-20T15:44:20.567000
@ -260192,6 +260255,7 @@ CVE-2024-7080,0,0,e8f51ead66f7469f7e63dc63102236554262bdfa2e68b9dc33e11c14a1ca04
CVE-2024-7081,0,0,6a139e489a9ff084a663269dd9c842c08d77e29c45f0c2d71d596839a517bb01,2024-07-26T13:18:21.957000
CVE-2024-7082,0,0,7f537cf9e56a23a456a2abd974bf40cbc8fb8378373545e42b0269e937581d9d,2024-08-06T16:30:24.547000
CVE-2024-7084,0,0,3a2aa9dec6c248febe470c8d1edface773b4a9804761de6b43694a8997eff852,2024-08-06T16:30:24.547000
CVE-2024-7090,1,1,c11699ae55c8dc840700dbb2bdad33df3834d1766ce8bd2bbcb91ea34081cf21,2024-08-21T06:15:10.800000
CVE-2024-7091,0,0,ea018e26f872aadaa59f554aafa24269e38ad2d18885b5619000c0f610b93be1,2024-07-25T12:36:39.947000
CVE-2024-7092,0,0,e9e7e1c22eeddb38238cff178e26d1e84cd16a1ecd7c31190a29d77a32325d08,2024-08-13T12:58:25.437000
CVE-2024-7093,0,0,2af97c55d7ffe283d233de8149da5391663d6c7f2b6f21acff51e16815034b7f,2024-08-02T12:59:43.990000
@ -260212,6 +260276,7 @@ CVE-2024-7121,0,0,fdae6687b65374b6aec5500198958517002acfa86b757e82c1fe85c4c568e8
CVE-2024-7123,0,0,9cd56c5d21be01850838f11a2df252558cd6c9b176bc2485ad2b1b549f072ade,2024-08-08T17:15:19.970000
CVE-2024-7127,0,0,6b292748e8421eae2ee17ad044bc14a6084b68762b6284b02f94a1dd672b3c81,2024-07-30T13:32:45.943000
CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000
CVE-2024-7134,1,1,7f76c7b2c99d9ad04d443d4bfc2e64896df0515015867856ce022336ff1d724c,2024-08-21T06:15:11.200000
CVE-2024-7135,0,0,31437d1db396166831d3abd18bbeb77eef50ad11110b9df0f25d86e90a9b1fe1,2024-07-31T12:57:02.300000
CVE-2024-7136,0,0,8aada0541fe051e5634e6d0e6056d54d479250830cd49e1b32d308af5a5c28dc,2024-08-19T13:00:23.117000
CVE-2024-7143,0,0,444409226f2889debaa1b6cea63b846cc438f1a41258f2e601b106b9c83baf18,2024-08-07T19:09:46.290000
@ -260398,6 +260463,7 @@ CVE-2024-7382,0,0,38dbfd05201dede10e421fed3e3b0d675c062e51a3aa3f6428b06fad8a88c5
CVE-2024-7383,0,0,e9e41ebbc97601346bb675225ba79de921d0c65e55a076ffc6c52d62374e6a9a,2024-08-06T16:31:05.780000
CVE-2024-7388,0,0,f17b6292d40b8d2d9d22865fdbf912ed4604c49db111ea9e78f67fdbb858de85,2024-08-13T12:58:25.437000
CVE-2024-7389,0,0,a5776290ae762be985431158def3f2d002b265ca6a95ce830d8f46206854f21a,2024-08-02T12:59:43.990000
CVE-2024-7390,1,1,610180941de1e06138edd637cd770e584545754db830b3acbf5408ed4203650c,2024-08-21T06:15:11.577000
CVE-2024-7394,0,0,29459446676ebb07a97678c0a588cd4da58f4cf687ed192aec71d6f9cff45400,2024-08-08T18:55:19.180000
CVE-2024-7395,0,0,6b93b6db07480e26c0ae715f45aa50cef676fc9c19ea641f155805eb4429ff3f,2024-08-06T16:31:05.780000
CVE-2024-7396,0,0,4ebde91c8a3429e260812e0a142900e161f2137833db297002231fa5cfafb30a,2024-08-06T16:31:05.780000
@ -260533,6 +260599,7 @@ CVE-2024-7621,0,0,07161284faa2eb0637370b6ff462e631787a37850cefb6ac5fa6750545dd70
CVE-2024-7624,0,0,c87cdcd90fb34d1c79e4bedcfe521cd45a7c97d88fc176665ac59544b2fffb63,2024-08-15T13:01:10.150000
CVE-2024-7625,0,0,cf7951ec684c41cac7f2f6e12b1507a1eac20d5a4914135abea68670c2031228,2024-08-15T13:01:10.150000
CVE-2024-7628,0,0,13c6e75993fc4e0ea638854e2c037e11703f2e05b1bb0a7d2173b121da5472cd,2024-08-15T13:01:10.150000
CVE-2024-7629,1,1,bdad6e88a60b6e28b6a6165c465cef06856149a274cba51b9fec2de5ceb7e4af,2024-08-21T06:15:12.090000
CVE-2024-7630,0,0,418e383b03350a1fa5d21be50b8eebc36b3c165fb7c794a3b77aa7313e9af0aa,2024-08-19T13:00:23.117000
CVE-2024-7633,0,0,3b1df1487eb71af2061753f656e2660f3fdd60b89404cd84fa2c01a4dff29ee6,2024-08-12T13:38:45.690000
CVE-2024-7635,0,0,77137333cb856f76f03e4b50e0e5dbce5cc99fa466aafebf6530d8cfb2e96fdd,2024-08-15T18:12:33.270000
@ -260547,8 +260614,10 @@ CVE-2024-7643,0,0,561f361e340de6652f3552e8a31740bd4d6ceba659a82983fde2458aeab94c
CVE-2024-7644,0,0,af133dd73ba0f9ae2c852b6a18dbacddae25120427cf0e48515211be4d6d6b46,2024-08-15T18:19:11.080000
CVE-2024-7645,0,0,96cf494c675c38f631be8ab24881ec75b542e3b7a70aa5d3b002279709a08889,2024-08-19T17:48:06.303000
CVE-2024-7646,0,0,0e47e4757200b360ac0ac2cd875beb2809de05dd15d4a2274662b759af795194,2024-08-19T13:00:23.117000
CVE-2024-7647,1,1,2cbd04d35c060cdf36a73a46de985be78c07587b07a6c82a0150d3ba48b3ca41,2024-08-21T06:15:12.413000
CVE-2024-7648,0,0,2049ae7cbf0cab301bb3d8a4c000a0971cbb2a1bb7b1a04dd9face1c419d935f,2024-08-12T13:41:36.517000
CVE-2024-7649,0,0,3d0b3905ac20943345a47479273aed49759614ef3fae3b2688335294d499ed3d,2024-08-12T13:41:36.517000
CVE-2024-7651,1,1,ef7780d13e330a90a52a24f3e76f74d649b7ce4c67c2a1b9ac311449caebbbbe,2024-08-21T06:15:12.830000
CVE-2024-7657,0,0,b71ee6cae903ac873f30f4d097ac987c873f0095983bc9620eda1ffab659d5b8,2024-08-15T17:48:20.920000
CVE-2024-7658,0,0,832a65f53a452b2fa1561cdaae82b94e5ac7d59bc491a09b3cdc773f704d8588,2024-08-13T17:00:19.800000
CVE-2024-7659,0,0,3cb22096bf2f6ca2aa4f8495c729121ab87c6bf294191fb47bc11d37c76e5c86,2024-08-15T17:49:42.667000
@ -260574,7 +260643,7 @@ CVE-2024-7685,0,0,ef97cee3c3f9504d8f3d2a571167ba3304a1e5ad3165b46e778fa46938b199
CVE-2024-7686,0,0,f064743866c554c4f2e90ed0b10058d3ac9c7fa057a74b3ddc10388a40d22334,2024-08-20T14:03:12.533000
CVE-2024-7693,0,0,f2cd1103366bcfd179be09779784b86ac2f98679921c4f629dd8dbd0c14eefbf,2024-08-12T13:41:36.517000
CVE-2024-7694,0,0,7ad6784b26040f06619a4364e66ebaeeebc13317865a5794a53c5e6dcb080aaf,2024-08-12T13:41:36.517000
CVE-2024-7697,0,0,86f38a2ec81d6dd175dacb6d02f5a3a1a354fb4dfe19ab907d3389b4bd3a3025,2024-08-12T15:35:07.293000
CVE-2024-7697,0,1,ec740217e8324af4933e81b05285aef1954371b3c254be0eabb50b05e6bbef72,2024-08-21T06:15:13.187000
CVE-2024-7700,0,0,3e081f65a743f7c2243d16cda14609415c7128fbdf01790b4350a9589b48c796,2024-08-12T18:57:17.383000
CVE-2024-7702,0,0,e27f5381e9bb8a84bfa26aea9f03ffdd10a0850905e3e50b7398b3507d10ce49,2024-08-20T15:44:20.567000
CVE-2024-7703,0,0,4fed134c1a88e3f28368f1aeb0423ea22cd742b65dcb7d77a318829e8e6bb6ba,2024-08-19T12:59:59.177000
@ -260643,6 +260712,7 @@ CVE-2024-7850,0,0,eac62d06d40978b154610fb0b8829f684d203615f4f5ebfcbc586877034ad0
CVE-2024-7851,0,0,a3f499a96b03d0001447f268138d29dda5356c0889ebe13c4e09da447417c59f,2024-08-19T13:00:23.117000
CVE-2024-7852,0,0,d81b5371e4f0add1d395c3b1194a942c6ec099c1cdc2d46560d4b57bf5d930b7,2024-08-19T13:00:23.117000
CVE-2024-7853,0,0,602b79ace26812f03f94bfc9d8a0781cb4744715aed03debdd7aa8ad39738b45,2024-08-19T13:00:23.117000
CVE-2024-7854,1,1,f6770298cee66bfb859303fbb0734bd388c855bf73b2a6b1e34477335ab8db42,2024-08-21T06:15:13.423000
CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000
CVE-2024-7867,0,0,6a317fb9db8a508202f8841173e6c3d2bd77edc707a891aff0fcaf7f472e0f1b,2024-08-19T13:00:23.117000
CVE-2024-7868,0,0,426aac72107d4f020c4b4c2ec1e49b6873953f44556989351b1605a1e98035d8,2024-08-19T13:00:23.117000
@ -260695,6 +260765,7 @@ CVE-2024-7947,0,0,55a17b777c2727a9d5198f18e7cd79d1e697fa58892c329bf2c0ae50fc2397
CVE-2024-7948,0,0,f86f46af4e10433dfdbb63175cf759444d87e68853678aab74d0579f8baaa6ae,2024-08-20T15:44:20.567000
CVE-2024-7949,0,0,d28736f5bd3ae6cac0b634f14aa71a195aeb3974f7e232436da0812de0906ff8,2024-08-20T15:44:20.567000
CVE-2024-7958,0,0,483ea949f242fd0880547068782264d397026329e525a14dcbacca7c22e7bcec,2024-08-19T20:15:08.907000
CVE-2024-7998,1,1,3dc26ef61a5d368dd9fd15664cdb4276e656eefcf59b8003a27f54d67c7bf9bc,2024-08-21T06:15:13.830000
CVE-2024-8003,0,0,758a1d14516c7281f099a97088179c2e30fef28a491033cc2c207616771ff8ed,2024-08-20T15:44:20.567000
CVE-2024-8005,0,0,fb303ce9b5523956d31743af9e352f3e80929fff92324ad367dffd602076c37d,2024-08-20T15:44:20.567000
CVE-2024-8022,0,0,f9746f158d1ab09f6238548067d7a58a561e45999bb721069bfe7b2589b6de00,2024-08-21T00:15:05.227000

Can't render this file because it is too large.