admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-28T14:00:39.133989+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-28 14:03:30 +00:00
parent 9850322afb
commit 813f86977b
50 changed files with 1490 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
CVE-2022/CVE-2022-486xx/CVE-2022-48631.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2022-48631",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.450",
"lastModified": "2024-04-28T13:15:06.450",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0\n\nWhen walking through an inode extents, the ext4_ext_binsearch_idx() function\nassumes that the extent header has been previously validated. However, there\nare no checks that verify that the number of entries (eh->eh_entries) is\nnon-zero when depth is > 0. And this will lead to problems because the\nEXT_FIRST_INDEX() and EXT_LAST_INDEX() will return garbage and result in this:\n\n[ 135.245946] ------------[ cut here ]------------\n[ 135.247579] kernel BUG at fs/ext4/extents.c:2258!\n[ 135.249045] invalid opcode: 0000 [#1] PREEMPT SMP\n[ 135.250320] CPU: 2 PID: 238 Comm: tmp118 Not tainted 5.19.0-rc8+ #4\n[ 135.252067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 04/01/2014\n[ 135.255065] RIP: 0010:ext4_ext_map_blocks+0xc20/0xcb0\n[ 135.256475] Code:\n[ 135.261433] RSP: 0018:ffffc900005939f8 EFLAGS: 00010246\n[ 135.262847] RAX: 0000000000000024 RBX: ffffc90000593b70 RCX: 0000000000000023\n[ 135.264765] RDX: ffff8880038e5f10 RSI: 0000000000000003 RDI: ffff8880046e922c\n[ 135.266670] RBP: ffff8880046e9348 R08: 0000000000000001 R09: ffff888002ca580c\n[ 135.268576] R10: 0000000000002602 R11: 0000000000000000 R12: 0000000000000024\n[ 135.270477] R13: 0000000000000000 R14: 0000000000000024 R15: 0000000000000000\n[ 135.272394] FS: 00007fdabdc56740(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000\n[ 135.274510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 135.276075] CR2: 00007ffc26bd4f00 CR3: 0000000006261004 CR4: 0000000000170ea0\n[ 135.277952] Call Trace:\n[ 135.278635] <TASK>\n[ 135.279247] ? preempt_count_add+0x6d/0xa0\n[ 135.280358] ? percpu_counter_add_batch+0x55/0xb0\n[ 135.281612] ? _raw_read_unlock+0x18/0x30\n[ 135.282704] ext4_map_blocks+0x294/0x5a0\n[ 135.283745] ? xa_load+0x6f/0xa0\n[ 135.284562] ext4_mpage_readpages+0x3d6/0x770\n[ 135.285646] read_pages+0x67/0x1d0\n[ 135.286492] ? folio_add_lru+0x51/0x80\n[ 135.287441] page_cache_ra_unbounded+0x124/0x170\n[ 135.288510] filemap_get_pages+0x23d/0x5a0\n[ 135.289457] ? path_openat+0xa72/0xdd0\n[ 135.290332] filemap_read+0xbf/0x300\n[ 135.291158] ? _raw_spin_lock_irqsave+0x17/0x40\n[ 135.292192] new_sync_read+0x103/0x170\n[ 135.293014] vfs_read+0x15d/0x180\n[ 135.293745] ksys_read+0xa1/0xe0\n[ 135.294461] do_syscall_64+0x3c/0x80\n[ 135.295284] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThis patch simply adds an extra check in __ext4_ext_check(), verifying that\neh_entries is not 0 when eh_depth is > 0."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/29a5b8a137ac8eb410cc823653a29ac0e7b7e1b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2f5e9de15e4f55fbf56f22d4a2ce406246cc462d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/958b0ee23f5ac106e7cc11472b71aa2ea9a033bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bb7eb3ca4b3b0d2c7872cf1a41c30f5e5bd65df0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/be4df018c0be5ebecf1ca510feacc23be415cefc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48632.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48632",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.517",
"lastModified": "2024-04-28T13:15:06.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48633.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48633",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.560",
"lastModified": "2024-04-28T13:15:06.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: Fix WARN_ON(lock->magic != lock) error\n\npsb_gem_unpin() calls dma_resv_lock() but the underlying ww_mutex\ngets destroyed by drm_gem_object_release() move the\ndrm_gem_object_release() call in psb_gem_free_object() to after\nthe unpin to fix the below warning:\n\n[ 79.693962] ------------[ cut here ]------------\n[ 79.693992] DEBUG_LOCKS_WARN_ON(lock->magic != lock)\n[ 79.694015] WARNING: CPU: 0 PID: 240 at kernel/locking/mutex.c:582 __ww_mutex_lock.constprop.0+0x569/0xfb0\n[ 79.694052] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer qrtr bnep ath9k ath9k_common ath9k_hw snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi snd_hda_intel ath3k snd_intel_dspcfg mac80211 snd_intel_sdw_acpi btusb snd_hda_codec btrtl btbcm btintel btmtk bluetooth at24 snd_hda_core snd_hwdep uvcvideo snd_seq libarc4 videobuf2_vmalloc ath videobuf2_memops videobuf2_v4l2 videobuf2_common snd_seq_device videodev acer_wmi intel_powerclamp coretemp mc snd_pcm joydev sparse_keymap ecdh_generic pcspkr wmi_bmof cfg80211 i2c_i801 i2c_smbus snd_timer snd r8169 rfkill lpc_ich soundcore acpi_cpufreq zram rtsx_pci_sdmmc mmc_core serio_raw rtsx_pci gma500_gfx(E) video wmi ip6_tables ip_tables i2c_dev fuse\n[ 79.694436] CPU: 0 PID: 240 Comm: plymouthd Tainted: G W E 6.0.0-rc3+ #490\n[ 79.694457] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013\n[ 79.694469] RIP: 0010:__ww_mutex_lock.constprop.0+0x569/0xfb0\n[ 79.694496] Code: ff 85 c0 0f 84 15 fb ff ff 8b 05 ca 3c 11 01 85 c0 0f 85 07 fb ff ff 48 c7 c6 30 cb 84 aa 48 c7 c7 a3 e1 82 aa e8 ac 29 f8 ff <0f> 0b e9 ed fa ff ff e8 5b 83 8a ff 85 c0 74 10 44 8b 0d 98 3c 11\n[ 79.694513] RSP: 0018:ffffad1dc048bbe0 EFLAGS: 00010282\n[ 79.694623] RAX: 0000000000000028 RBX: 0000000000000000 RCX: 0000000000000000\n[ 79.694636] RDX: 0000000000000001 RSI: ffffffffaa8b0ffc RDI: 00000000ffffffff\n[ 79.694650] RBP: ffffad1dc048bc80 R08: 0000000000000000 R09: ffffad1dc048ba90\n[ 79.694662] R10: 0000000000000003 R11: ffffffffaad62fe8 R12: ffff9ff302103138\n[ 79.694675] R13: ffff9ff306ec8000 R14: ffff9ff307779078 R15: ffff9ff3014c0270\n[ 79.694690] FS: 00007ff1cccf1740(0000) GS:ffff9ff3bc200000(0000) knlGS:0000000000000000\n[ 79.694705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 79.694719] CR2: 0000559ecbcb4420 CR3: 0000000013210000 CR4: 00000000000006f0\n[ 79.694734] Call Trace:\n[ 79.694749] <TASK>\n[ 79.694761] ? __schedule+0x47f/0x1670\n[ 79.694796] ? psb_gem_unpin+0x27/0x1a0 [gma500_gfx]\n[ 79.694830] ? lock_is_held_type+0xe3/0x140\n[ 79.694864] ? ww_mutex_lock+0x38/0xa0\n[ 79.694885] ? __cond_resched+0x1c/0x30\n[ 79.694902] ww_mutex_lock+0x38/0xa0\n[ 79.694925] psb_gem_unpin+0x27/0x1a0 [gma500_gfx]\n[ 79.694964] psb_gem_unpin+0x199/0x1a0 [gma500_gfx]\n[ 79.694996] drm_gem_object_release_handle+0x50/0x60\n[ 79.695020] ? drm_gem_object_handle_put_unlocked+0xf0/0xf0\n[ 79.695042] idr_for_each+0x4b/0xb0\n[ 79.695066] ? _raw_spin_unlock_irqrestore+0x30/0x60\n[ 79.695095] drm_gem_release+0x1c/0x30\n[ 79.695118] drm_file_free.part.0+0x1ea/0x260\n[ 79.695150] drm_release+0x6a/0x120\n[ 79.695175] __fput+0x9f/0x260\n[ 79.695203] task_work_run+0x59/0xa0\n[ 79.695227] do_exit+0x387/0xbe0\n[ 79.695250] ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90\n[ 79.695275] ? lockdep_hardirqs_on+0x7d/0x100\n[ 79.695304] do_group_exit+0x33/0xb0\n[ 79.695331] __x64_sys_exit_group+0x14/0x20\n[ 79.695353] do_syscall_64+0x58/0x80\n[ 79.695376] ? up_read+0x17/0x20\n[ 79.695401] ? lock_is_held_type+0xe3/0x140\n[ 79.695429] ? asm_exc_page_fault+0x22/0x30\n[ 79.695450] ? lockdep_hardirqs_on+0x7d/0x100\n[ 79.695473] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 79.695493] RIP: 0033:0x7ff1ccefe3f1\n[ 79.695516] Code: Unable to access opcode bytes at RIP 0x7ff1ccefe3c7.\n[ 79.695607] RSP: 002b:00007ffed4413378 EFLAGS: \n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/55c077d97fa67e9f19952bb24122a8316b089474",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b6f25c3b94f2aadbf5cbef954db4073614943d74",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48634.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48634",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.617",
"lastModified": "2024-04-28T13:15:06.617",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: Fix BUG: sleeping function called from invalid context errors\n\ngma_crtc_page_flip() was holding the event_lock spinlock while calling\ncrtc_funcs->mode_set_base() which takes ww_mutex.\n\nThe only reason to hold event_lock is to clear gma_crtc->page_flip_event\non mode_set_base() errors.\n\nInstead unlock it after setting gma_crtc->page_flip_event and on\nerrors re-take the lock and clear gma_crtc->page_flip_event it\nit is still set.\n\nThis fixes the following WARN/stacktrace:\n\n[ 512.122953] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:870\n[ 512.123004] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1253, name: gnome-shell\n[ 512.123031] preempt_count: 1, expected: 0\n[ 512.123048] RCU nest depth: 0, expected: 0\n[ 512.123066] INFO: lockdep is turned off.\n[ 512.123080] irq event stamp: 0\n[ 512.123094] hardirqs last enabled at (0): [<0000000000000000>] 0x0\n[ 512.123134] hardirqs last disabled at (0): [<ffffffff8d0ec28c>] copy_process+0x9fc/0x1de0\n[ 512.123176] softirqs last enabled at (0): [<ffffffff8d0ec28c>] copy_process+0x9fc/0x1de0\n[ 512.123207] softirqs last disabled at (0): [<0000000000000000>] 0x0\n[ 512.123233] Preemption disabled at:\n[ 512.123241] [<0000000000000000>] 0x0\n[ 512.123275] CPU: 3 PID: 1253 Comm: gnome-shell Tainted: G W 5.19.0+ #1\n[ 512.123304] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013\n[ 512.123323] Call Trace:\n[ 512.123346] <TASK>\n[ 512.123370] dump_stack_lvl+0x5b/0x77\n[ 512.123412] __might_resched.cold+0xff/0x13a\n[ 512.123458] ww_mutex_lock+0x1e/0xa0\n[ 512.123495] psb_gem_pin+0x2c/0x150 [gma500_gfx]\n[ 512.123601] gma_pipe_set_base+0x76/0x240 [gma500_gfx]\n[ 512.123708] gma_crtc_page_flip+0x95/0x130 [gma500_gfx]\n[ 512.123808] drm_mode_page_flip_ioctl+0x57d/0x5d0\n[ 512.123897] ? drm_mode_cursor2_ioctl+0x10/0x10\n[ 512.123936] drm_ioctl_kernel+0xa1/0x150\n[ 512.123984] drm_ioctl+0x21f/0x420\n[ 512.124025] ? drm_mode_cursor2_ioctl+0x10/0x10\n[ 512.124070] ? rcu_read_lock_bh_held+0xb/0x60\n[ 512.124104] ? lock_release+0x1ef/0x2d0\n[ 512.124161] __x64_sys_ioctl+0x8d/0xd0\n[ 512.124203] do_syscall_64+0x58/0x80\n[ 512.124239] ? do_syscall_64+0x67/0x80\n[ 512.124267] ? trace_hardirqs_on_prepare+0x55/0xe0\n[ 512.124300] ? do_syscall_64+0x67/0x80\n[ 512.124340] ? rcu_read_lock_sched_held+0x10/0x80\n[ 512.124377] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 512.124411] RIP: 0033:0x7fcc4a70740f\n[ 512.124442] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00 00\n[ 512.124470] RSP: 002b:00007ffda73f5390 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 512.124503] RAX: ffffffffffffffda RBX: 000055cc9e474500 RCX: 00007fcc4a70740f\n[ 512.124524] RDX: 00007ffda73f5420 RSI: 00000000c01864b0 RDI: 0000000000000009\n[ 512.124544] RBP: 00007ffda73f5420 R08: 000055cc9c0b0cb0 R09: 0000000000000034\n[ 512.124564] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000c01864b0\n[ 512.124584] R13: 0000000000000009 R14: 000055cc9df484d0 R15: 000055cc9af5d0c0\n[ 512.124647] </TASK>"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/63e37a79f7bd939314997e29c2f5a9f0ef184281",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a6ed7624bf4d0a32f2631e74828bca7b7bf15afd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c5812807e416618477d1bb0049727ce8bb8292fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e5ae504c8623476e13032670f1a6d6344d53ec9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48635.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48635",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.663",
"lastModified": "2024-04-28T13:15:06.663",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsdax: Fix infinite loop in dax_iomap_rw()\n\nI got an infinite loop and a WARNING report when executing a tail command\nin virtiofs.\n\n WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomap_iter+0x3a2/0x3d0\n Modules linked in:\n CPU: 10 PID: 964 Comm: tail Not tainted 5.19.0-rc7\n Call Trace:\n <TASK>\n dax_iomap_rw+0xea/0x620\n ? __this_cpu_preempt_check+0x13/0x20\n fuse_dax_read_iter+0x47/0x80\n fuse_file_read_iter+0xae/0xd0\n new_sync_read+0xfe/0x180\n ? 0xffffffff81000000\n vfs_read+0x14d/0x1a0\n ksys_read+0x6d/0xf0\n __x64_sys_read+0x1a/0x20\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe tail command will call read() with a count of 0. In this case,\niomap_iter() will report this WARNING, and always return 1 which casuing\nthe infinite loop in dax_iomap_rw().\n\nFixing by checking count whether is 0 in dax_iomap_rw()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/17d9c15c9b9e7fb285f7ac5367dfb5f00ff575e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/60644dffac87b1bb47bdb393aa29d5f2ffcf41a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/929ef155e1da41c06f4d8ca86ae12b851a83a744",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2022/CVE-2022-486xx/CVE-2022-48636.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2022-48636",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.710",
"lastModified": "2024-04-28T13:15:06.710",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu->lock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu->lock held.\n\nFix by checking the pavgroup pointer with lcu->lock held."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2e473351400e3dd66f0b71eddcef82ee45a584c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/49f401a98b318761ca2e15d4c7869a20043fbed4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/650a2e79d176db753654d3dde88e53a2033036ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aaba5ff2742043705bc4c02fd0b2b246e2e16da1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3a67c21b18f33c79382084af556557c442f12a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d86b4267834e6d4af62e3073e48166e349ab1b70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/db7ba07108a48c0f95b74fabbfd5d63e924f992d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5fcc9d6d71d9ff7fdbdd4b89074e6e24fffc20b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48637.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48637",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.763",
"lastModified": "2024-04-28T13:15:06.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt: prevent skb UAF after handing over to PTP worker\n\nWhen reading the timestamp is required bnxt_tx_int() hands\nover the ownership of the completed skb to the PTP worker.\nThe skb should not be used afterwards, as the worker may\nrun before the rest of our code and free the skb, leading\nto a use-after-free.\n\nSince dev_kfree_skb_any() accepts NULL make the loss of\nownership more obvious and set skb to NULL."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/08483e4c0c83b221b8891434a04cec405dee94a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/32afa1f23e42cc635ccf4c39f24514d03d1e8338",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c31f26c8f69f776759cbbdfb38e40ea91aa0dd65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48638.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48638",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.807",
"lastModified": "2024-04-28T13:15:06.807",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: cgroup_get_from_id() must check the looked-up kn is a directory\n\ncgroup has to be one kernfs dir, otherwise kernel panic is caused,\nespecially cgroup id is provide from userspace."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1e9571887f97b17cf3ffe9aa4da89090ea60988b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8484a356cee8ce3d6a8e6266ff99be326e9273ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df02452f3df069a59bc9e69c84435bf115cb6e37",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2022/CVE-2022-486xx/CVE-2022-48639.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2022-48639",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.857",
"lastModified": "2024-04-28T13:15:06.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix possible refcount leak in tc_new_tfilter()\n\ntfilter_put need to be called to put the refount got by tp->ops->get to\navoid possible refcount leak when chain->tmplt_ops != NULL and\nchain->tmplt_ops != tp->ops."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0559d91ee3a2cd81b15ad5cd507539d6da867f88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8844c750eeb03452e2b3319c27a526f447b82596",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/903f7d322c17d8e306d766404b4604e81653902a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c2e1cfefcac35e0eea229e148c8284088ce437b5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f8162aed962be8fa07445b2b5928e84ab40dd8d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48640.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48640",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.903",
"lastModified": "2024-04-28T13:15:06.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix NULL deref in bond_rr_gen_slave_id\n\nFix a NULL dereference of the struct bonding.rr_tx_counter member because\nif a bond is initially created with an initial mode != zero (Round Robin)\nthe memory required for the counter is never created and when the mode is\nchanged there is never any attempt to verify the memory is allocated upon\nswitching modes.\n\nThis causes the following Oops on an aarch64 machine:\n [ 334.686773] Unable to handle kernel paging request at virtual address ffff2c91ac905000\n [ 334.694703] Mem abort info:\n [ 334.697486] ESR = 0x0000000096000004\n [ 334.701234] EC = 0x25: DABT (current EL), IL = 32 bits\n [ 334.706536] SET = 0, FnV = 0\n [ 334.709579] EA = 0, S1PTW = 0\n [ 334.712719] FSC = 0x04: level 0 translation fault\n [ 334.717586] Data abort info:\n [ 334.720454] ISV = 0, ISS = 0x00000004\n [ 334.724288] CM = 0, WnR = 0\n [ 334.727244] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000008044d662000\n [ 334.733944] [ffff2c91ac905000] pgd=0000000000000000, p4d=0000000000000000\n [ 334.740734] Internal error: Oops: 96000004 [#1] SMP\n [ 334.745602] Modules linked in: bonding tls veth rfkill sunrpc arm_spe_pmu vfat fat acpi_ipmi ipmi_ssif ixgbe igb i40e mdio ipmi_devintf ipmi_msghandler arm_cmn arm_dsu_pmu cppc_cpufreq acpi_tad fuse zram crct10dif_ce ast ghash_ce sbsa_gwdt nvme drm_vram_helper drm_ttm_helper nvme_core ttm xgene_hwmon\n [ 334.772217] CPU: 7 PID: 2214 Comm: ping Not tainted 6.0.0-rc4-00133-g64ae13ed4784 #4\n [ 334.779950] Hardware name: GIGABYTE R272-P31-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n [ 334.789244] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n [ 334.796196] pc : bond_rr_gen_slave_id+0x40/0x124 [bonding]\n [ 334.801691] lr : bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding]\n [ 334.807962] sp : ffff8000221733e0\n [ 334.811265] x29: ffff8000221733e0 x28: ffffdbac8572d198 x27: ffff80002217357c\n [ 334.818392] x26: 000000000000002a x25: ffffdbacb33ee000 x24: ffff07ff980fa000\n [ 334.825519] x23: ffffdbacb2e398ba x22: ffff07ff98102000 x21: ffff07ff981029c0\n [ 334.832646] x20: 0000000000000001 x19: ffff07ff981029c0 x18: 0000000000000014\n [ 334.839773] x17: 0000000000000000 x16: ffffdbacb1004364 x15: 0000aaaabe2f5a62\n [ 334.846899] x14: ffff07ff8e55d968 x13: ffff07ff8e55db30 x12: 0000000000000000\n [ 334.854026] x11: ffffdbacb21532e8 x10: 0000000000000001 x9 : ffffdbac857178ec\n [ 334.861153] x8 : ffff07ff9f6e5a28 x7 : 0000000000000000 x6 : 000000007c2b3742\n [ 334.868279] x5 : ffff2c91ac905000 x4 : ffff2c91ac905000 x3 : ffff07ff9f554400\n [ 334.875406] x2 : ffff2c91ac905000 x1 : 0000000000000001 x0 : ffff07ff981029c0\n [ 334.882532] Call trace:\n [ 334.884967] bond_rr_gen_slave_id+0x40/0x124 [bonding]\n [ 334.890109] bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding]\n [ 334.896033] __bond_start_xmit+0x128/0x3a0 [bonding]\n [ 334.901001] bond_start_xmit+0x54/0xb0 [bonding]\n [ 334.905622] dev_hard_start_xmit+0xb4/0x220\n [ 334.909798] __dev_queue_xmit+0x1a0/0x720\n [ 334.913799] arp_xmit+0x3c/0xbc\n [ 334.916932] arp_send_dst+0x98/0xd0\n [ 334.920410] arp_solicit+0xe8/0x230\n [ 334.923888] neigh_probe+0x60/0xb0\n [ 334.927279] __neigh_event_send+0x3b0/0x470\n [ 334.931453] neigh_resolve_output+0x70/0x90\n [ 334.935626] ip_finish_output2+0x158/0x514\n [ 334.939714] __ip_finish_output+0xac/0x1a4\n [ 334.943800] ip_finish_output+0x40/0xfc\n [ 334.947626] ip_output+0xf8/0x1a4\n [ 334.950931] ip_send_skb+0x5c/0x100\n [ 334.954410] ip_push_pending_frames+0x3c/0x60\n [ 334.958758] raw_sendmsg+0x458/0x6d0\n [ 334.962325] inet_sendmsg+0x50/0x80\n [ 334.965805] sock_sendmsg+0x60/0x6c\n [ 334.969286] __sys_sendto+0xc8/0x134\n [ 334.972853] __arm64_sys_sendto+0x34/0x4c\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0e400d602f46360752e4b32ce842dba3808e15e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2c8e8ab53acfc78da0b4a65f30cb5d306e7d78f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ec3a6f4ffe556a28f6f5028bf7c4412557e7051b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

44
CVE-2022/CVE-2022-486xx/CVE-2022-48641.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2022-48641",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:06.950",
"lastModified": "2024-04-28T13:15:06.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ebtables: fix memory leak when blob is malformed\n\nThe bug fix was incomplete, it \"replaced\" crash with a memory leak.\nThe old code had an assignment to \"ret\" embedded into the conditional,\nrestore this."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1e98318af2f163eadaff815abcef38d27ca92c1e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/38cf372b17f0a5f35c1b716a100532d539f0eb33",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/62ce44c4fff947eebdf10bb582267e686e6835c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/754e8b74281dd54a324698803483f47cf3355ae1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d5917b7af7cae0e2804f9d127a03268035098b7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48642.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48642",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.000",
"lastModified": "2024-04-28T13:15:07.000",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()\n\nIt seems to me that percpu memory for chain stats started leaking since\ncommit 3bc158f8d0330f0a (\"netfilter: nf_tables: map basechain priority to\nhardware priority\") when nft_chain_offload_priority() returned an error."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48643.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48643",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.040",
"lastModified": "2024-04-28T13:15:07.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()\n\nsyzbot is reporting underflow of nft_counters_enabled counter at\nnf_tables_addchain() [1], for commit 43eb8949cfdffa76 (\"netfilter:\nnf_tables: do not leave chain stats enabled on error\") missed that\nnf_tables_chain_destroy() after nft_basechain_init() in the error path of\nnf_tables_addchain() decrements the counter because nft_basechain_init()\nmakes nft_is_base_chain() return true by setting NFT_CHAIN_BASE flag.\n\nIncrement the counter immediately after returning from\nnft_basechain_init()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/710e3f526bd23a0d33435dedc52c3144de284378",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8bcad2a931313aeba076b76922d5813ef97d0a91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/91aa52652f4b37089aff3cb53e83049d826fef6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/921ebde3c0d22c8cba74ce8eb3cc4626abff1ccd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2022/CVE-2022-486xx/CVE-2022-48644.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2022-48644",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.087",
"lastModified": "2024-04-28T13:15:07.087",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: avoid disabling offload when it was never enabled\n\nIn an incredibly strange API design decision, qdisc->destroy() gets\ncalled even if qdisc->init() never succeeded, not exclusively since\ncommit 87b60cfacf9f (\"net_sched: fix error recovery at qdisc creation\"),\nbut apparently also earlier (in the case of qdisc_create_dflt()).\n\nThe taprio qdisc does not fully acknowledge this when it attempts full\noffload, because it starts off with q->flags = TAPRIO_FLAGS_INVALID in\ntaprio_init(), then it replaces q->flags with TCA_TAPRIO_ATTR_FLAGS\nparsed from netlink (in taprio_change(), tail called from taprio_init()).\n\nBut in taprio_destroy(), we call taprio_disable_offload(), and this\ndetermines what to do based on FULL_OFFLOAD_IS_ENABLED(q->flags).\n\nBut looking at the implementation of FULL_OFFLOAD_IS_ENABLED()\n(a bitwise check of bit 1 in q->flags), it is invalid to call this macro\non q->flags when it contains TAPRIO_FLAGS_INVALID, because that is set\nto U32_MAX, and therefore FULL_OFFLOAD_IS_ENABLED() will return true on\nan invalid set of flags.\n\nAs a result, it is possible to crash the kernel if user space forces an\nerror between setting q->flags = TAPRIO_FLAGS_INVALID, and the calling\nof taprio_enable_offload(). This is because drivers do not expect the\noffload to be disabled when it was never enabled.\n\nThe error that we force here is to attach taprio as a non-root qdisc,\nbut instead as child of an mqprio root qdisc:\n\n$ tc qdisc add dev swp0 root handle 1: \\\n\tmqprio num_tc 8 map 0 1 2 3 4 5 6 7 \\\n\tqueues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0\n$ tc qdisc replace dev swp0 parent 1:1 \\\n\ttaprio num_tc 8 map 0 1 2 3 4 5 6 7 \\\n\tqueues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 base-time 0 \\\n\tsched-entry S 0x7f 990000 sched-entry S 0x80 100000 \\\n\tflags 0x0 clockid CLOCK_TAI\nUnable to handle kernel paging request at virtual address fffffffffffffff8\n[fffffffffffffff8] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 96000004 [#1] PREEMPT SMP\nCall trace:\n taprio_dump+0x27c/0x310\n vsc9959_port_setup_tc+0x1f4/0x460\n felix_port_setup_tc+0x24/0x3c\n dsa_slave_setup_tc+0x54/0x27c\n taprio_disable_offload.isra.0+0x58/0xe0\n taprio_destroy+0x80/0x104\n qdisc_create+0x240/0x470\n tc_modify_qdisc+0x1fc/0x6b0\n rtnetlink_rcv_msg+0x12c/0x390\n netlink_rcv_skb+0x5c/0x130\n rtnetlink_rcv+0x1c/0x2c\n\nFix this by keeping track of the operations we made, and undo the\noffload only if we actually did it.\n\nI've added \"bool offloaded\" inside a 4 byte hole between \"int clockid\"\nand \"atomic64_t picos_per_byte\". Now the first cache line looks like\nbelow:\n\n$ pahole -C taprio_sched net/sched/sch_taprio.o\nstruct taprio_sched {\n struct Qdisc * * qdiscs; /* 0 8 */\n struct Qdisc * root; /* 8 8 */\n u32 flags; /* 16 4 */\n enum tk_offsets tk_offset; /* 20 4 */\n int clockid; /* 24 4 */\n bool offloaded; /* 28 1 */\n\n /* XXX 3 bytes hole, try to pack */\n\n atomic64_t picos_per_byte; /* 32 0 */\n\n /* XXX 8 bytes hole, try to pack */\n\n spinlock_t current_entry_lock; /* 40 0 */\n\n /* XXX 8 bytes hole, try to pack */\n\n struct sched_entry * current_entry; /* 48 8 */\n struct sched_gate_list * oper_sched; /* 56 8 */\n /* --- cacheline 1 boundary (64 bytes) --- */"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/586def6ebed195f3594a4884f7c5334d0e1ad1bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c7c9c7eb305ab8b4e93e4e4e1b78d8cfcbc26323",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d12a1eb07003e597077329767c6aa86a7e972c76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/db46e3a88a09c5cf7e505664d01da7238cd56c92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f58e43184226e5e9662088ccf1389e424a3a4cbd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48645.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48645",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.140",
"lastModified": "2024-04-28T13:15:07.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: deny offload of tc-based TSN features on VF interfaces\n\nTSN features on the ENETC (taprio, cbs, gate, police) are configured\nthrough a mix of command BD ring messages and port registers:\nenetc_port_rd(), enetc_port_wr().\n\nPort registers are a region of the ENETC memory map which are only\naccessible from the PCIe Physical Function. They are not accessible from\nthe Virtual Functions.\n\nMoreover, attempting to access these registers crashes the kernel:\n\n$ echo 1 > /sys/bus/pci/devices/0000\\:00\\:00.0/sriov_numvfs\npci 0000:00:01.0: [1957:ef00] type 00 class 0x020001\nfsl_enetc_vf 0000:00:01.0: Adding to iommu group 15\nfsl_enetc_vf 0000:00:01.0: enabling device (0000 -> 0002)\nfsl_enetc_vf 0000:00:01.0 eno0vf0: renamed from eth0\n$ tc qdisc replace dev eno0vf0 root taprio num_tc 8 map 0 1 2 3 4 5 6 7 \\\n\tqueues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 base-time 0 \\\n\tsched-entry S 0x7f 900000 sched-entry S 0x80 100000 flags 0x2\nUnable to handle kernel paging request at virtual address ffff800009551a08\nInternal error: Oops: 96000007 [#1] PREEMPT SMP\npc : enetc_setup_tc_taprio+0x170/0x47c\nlr : enetc_setup_tc_taprio+0x16c/0x47c\nCall trace:\n enetc_setup_tc_taprio+0x170/0x47c\n enetc_setup_tc+0x38/0x2dc\n taprio_change+0x43c/0x970\n taprio_init+0x188/0x1e0\n qdisc_create+0x114/0x470\n tc_modify_qdisc+0x1fc/0x6c0\n rtnetlink_rcv_msg+0x12c/0x390\n\nSplit enetc_setup_tc() into separate functions for the PF and for the\nVF drivers. Also remove enetc_qos.o from being included into\nenetc-vf.ko, since it serves absolutely no purpose there."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/23022b74b1a23bed044f6bc96cf92f6ca5f3e75f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/510e703e4ed0e011db860bc21228aff48fc9eea7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5641c751fe2f92d3d9e8a8e03c1263ac8caa0b42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48646.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48646",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.187",
"lastModified": "2024-04-28T13:15:07.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc/siena: fix null pointer dereference in efx_hard_start_xmit\n\nLike in previous patch for sfc, prevent potential (but unlikely) NULL\npointer dereference."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/589c6eded10c77a12b7b2cf235b6b19a2bdb91fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a4eadca702dff0768dd01be6789bbec2a18e5b0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48647.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48647",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.237",
"lastModified": "2024-04-28T13:15:07.237",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix TX channel offset when using legacy interrupts\n\nIn legacy interrupt mode the tx_channel_offset was hardcoded to 1, but\nthat's not correct if efx_sepparate_tx_channels is false. In that case,\nthe offset is 0 because the tx queues are in the single existing channel\nat index 0, together with the rx queue.\n\nWithout this fix, as soon as you try to send any traffic, it tries to\nget the tx queues from an uninitialized channel getting these errors:\n WARNING: CPU: 1 PID: 0 at drivers/net/ethernet/sfc/tx.c:540 efx_hard_start_xmit+0x12e/0x170 [sfc]\n [...]\n RIP: 0010:efx_hard_start_xmit+0x12e/0x170 [sfc]\n [...]\n Call Trace:\n <IRQ>\n dev_hard_start_xmit+0xd7/0x230\n sch_direct_xmit+0x9f/0x360\n __dev_queue_xmit+0x890/0xa40\n [...]\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000020\n [...]\n RIP: 0010:efx_hard_start_xmit+0x153/0x170 [sfc]\n [...]\n Call Trace:\n <IRQ>\n dev_hard_start_xmit+0xd7/0x230\n sch_direct_xmit+0x9f/0x360\n __dev_queue_xmit+0x890/0xa40\n [...]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/360910b88d1466a90644a4e0533803b594344a2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5f623a77cfc2d501d72bcb4f9ee71721e6c766ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b4afd3878f961d3517f27b3213730fceef77945c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f232af4295653afa4ade3230462b3be15ad16419",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48648.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48648",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.290",
"lastModified": "2024-04-28T13:15:07.290",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix null pointer dereference in efx_hard_start_xmit\n\nTrying to get the channel from the tx_queue variable here is wrong\nbecause we can only be here if tx_queue is NULL, so we shouldn't\ndereference it. As the above comment in the code says, this is very\nunlikely to happen, but it's wrong anyway so let's fix it.\n\nI hit this issue because of a different bug that caused tx_queue to be\nNULL. If that happens, this is the error message that we get here:\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000020\n [...]\n RIP: 0010:efx_hard_start_xmit+0x153/0x170 [sfc]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a242eb2913a4aa3d6fbdb86559f27628e9466f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8547c7bfc0617e7184e4da65b9b96681fcfe9998",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b3b41d4d95d3822b2e459ecbc80d030ea6aec5e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b3b952168ee1f220ba729fa100fd9d5aa752eb03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48649.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48649",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.333",
"lastModified": "2024-04-28T13:15:07.333",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slab_common: fix possible double free of kmem_cache\n\nWhen doing slub_debug test, kfence's 'test_memcache_typesafe_by_rcu'\nkunit test case cause a use-after-free error:\n\n BUG: KASAN: use-after-free in kobject_del+0x14/0x30\n Read of size 8 at addr ffff888007679090 by task kunit_try_catch/261\n\n CPU: 1 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.0.0-rc5-next-20220916 #17\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Call Trace:\n <TASK>\n dump_stack_lvl+0x34/0x48\n print_address_description.constprop.0+0x87/0x2a5\n print_report+0x103/0x1ed\n kasan_report+0xb7/0x140\n kobject_del+0x14/0x30\n kmem_cache_destroy+0x130/0x170\n test_exit+0x1a/0x30\n kunit_try_run_case+0xad/0xc0\n kunit_generic_run_threadfn_adapter+0x26/0x50\n kthread+0x17b/0x1b0\n </TASK>\n\nThe cause is inside kmem_cache_destroy():\n\nkmem_cache_destroy\n acquire lock/mutex\n shutdown_cache\n schedule_work(kmem_cache_release) (if RCU flag set)\n release lock/mutex\n kmem_cache_release (if RCU flag not set)\n\nIn some certain timing, the scheduled work could be run before\nthe next RCU flag checking, which can then get a wrong value\nand lead to double kmem_cache_release().\n\nFix it by caching the RCU flag inside protected area, just like 'refcnt'"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/c673c6ceac53fb2e631c9fbbd79957099a08927f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d71608a877362becdc94191f190902fac1e64d35",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48650.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48650",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.380",
"lastModified": "2024-04-28T13:15:07.380",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn't find a command, but it missed to clean\nup the allocated memory for the management command."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/601be20fc6a1b762044d2398befffd6bf236cebf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6a4236ed47f5b0a57eb6b8fb1c351b15b3d341d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/89df49e561b4a8948521fc3f8a013012eaa08f82",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2022/CVE-2022-486xx/CVE-2022-48651.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2022-48651",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.423",
"lastModified": "2024-04-28T13:15:07.423",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb->mac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb->mac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb->mac_header when sock->type is SOCK_RAW\n and skb->protocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn't reset skb->mac_header as dev_queue_xmit()\n\nIn this case, skb->mac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb->head + skb->mac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/25efdbe5fe542c3063d1948cc4e98abcb57621ca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/346e94aa4a99378592c46d6a34c72703a32bd5be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/81225b2ea161af48e093f58e8dfee6d705b16af4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8d06006c7eb75587d986da46c48ba9274f94e8e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ab4a733874ead120691e8038272d22f8444d3638",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b583e6b25bf9321c91154f6c78d2173ef12c4241",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bffcdade259c05ab3436b5fab711612093c275ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e2b46cd5796f083e452fbc624f65b80328b0c1a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48652.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48652",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.477",
"lastModified": "2024-04-28T13:15:07.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix crash by keep old cfg when update TCs more than queues\n\nThere are problems if allocated queues less than Traffic Classes.\n\nCommit a632b2a4c920 (\"ice: ethtool: Prohibit improper channel config\nfor DCB\") already disallow setting less queues than TCs.\n\nAnother case is if we first set less queues, and later update more TCs\nconfig due to LLDP, ice_vsi_cfg_tc() will failed but left dirty\nnum_txq/rxq and tc_cfg in vsi, that will cause invalid pointer access.\n\n[ 95.968089] ice 0000:3b:00.1: More TCs defined than queues/rings allocated.\n[ 95.968092] ice 0000:3b:00.1: Trying to use more Rx queues (8), than were allocated (1)!\n[ 95.968093] ice 0000:3b:00.1: Failed to config TC for VSI index: 0\n[ 95.969621] general protection fault: 0000 [#1] SMP NOPTI\n[ 95.969705] CPU: 1 PID: 58405 Comm: lldpad Kdump: loaded Tainted: G U W O --------- -t - 4.18.0 #1\n[ 95.969867] Hardware name: O.E.M/BC11SPSCB10, BIOS 8.23 12/30/2021\n[ 95.969992] RIP: 0010:devm_kmalloc+0xa/0x60\n[ 95.970052] Code: 5c ff ff ff 31 c0 5b 5d 41 5c c3 b8 f4 ff ff ff eb f4 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 89 d1 <8b> 97 60 02 00 00 48 8d 7e 18 48 39 f7 72 3f 55 89 ce 53 48 8b 4c\n[ 95.970344] RSP: 0018:ffffc9003f553888 EFLAGS: 00010206\n[ 95.970425] RAX: dead000000000200 RBX: ffffea003c425b00 RCX: 00000000006080c0\n[ 95.970536] RDX: 00000000006080c0 RSI: 0000000000000200 RDI: dead000000000200\n[ 95.970648] RBP: dead000000000200 R08: 00000000000463c0 R09: ffff888ffa900000\n[ 95.970760] R10: 0000000000000000 R11: 0000000000000002 R12: ffff888ff6b40100\n[ 95.970870] R13: ffff888ff6a55018 R14: 0000000000000000 R15: ffff888ff6a55460\n[ 95.970981] FS: 00007f51b7d24700(0000) GS:ffff88903ee80000(0000) knlGS:0000000000000000\n[ 95.971108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 95.971197] CR2: 00007fac5410d710 CR3: 0000000f2c1de002 CR4: 00000000007606e0\n[ 95.971309] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 95.971419] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 95.971530] PKRU: 55555554\n[ 95.971573] Call Trace:\n[ 95.971622] ice_setup_rx_ring+0x39/0x110 [ice]\n[ 95.971695] ice_vsi_setup_rx_rings+0x54/0x90 [ice]\n[ 95.971774] ice_vsi_open+0x25/0x120 [ice]\n[ 95.971843] ice_open_internal+0xb8/0x1f0 [ice]\n[ 95.971919] ice_ena_vsi+0x4f/0xd0 [ice]\n[ 95.971987] ice_dcb_ena_dis_vsi.constprop.5+0x29/0x90 [ice]\n[ 95.972082] ice_pf_dcb_cfg+0x29a/0x380 [ice]\n[ 95.972154] ice_dcbnl_setets+0x174/0x1b0 [ice]\n[ 95.972220] dcbnl_ieee_set+0x89/0x230\n[ 95.972279] ? dcbnl_ieee_del+0x150/0x150\n[ 95.972341] dcb_doit+0x124/0x1b0\n[ 95.972392] rtnetlink_rcv_msg+0x243/0x2f0\n[ 95.972457] ? dcb_doit+0x14d/0x1b0\n[ 95.972510] ? __kmalloc_node_track_caller+0x1d3/0x280\n[ 95.972591] ? rtnl_calcit.isra.31+0x100/0x100\n[ 95.972661] netlink_rcv_skb+0xcf/0xf0\n[ 95.972720] netlink_unicast+0x16d/0x220\n[ 95.972781] netlink_sendmsg+0x2ba/0x3a0\n[ 95.975891] sock_sendmsg+0x4c/0x50\n[ 95.979032] ___sys_sendmsg+0x2e4/0x300\n[ 95.982147] ? kmem_cache_alloc+0x13e/0x190\n[ 95.985242] ? __wake_up_common_lock+0x79/0x90\n[ 95.988338] ? __check_object_size+0xac/0x1b0\n[ 95.991440] ? _copy_to_user+0x22/0x30\n[ 95.994539] ? move_addr_to_user+0xbb/0xd0\n[ 95.997619] ? __sys_sendmsg+0x53/0x80\n[ 96.000664] __sys_sendmsg+0x53/0x80\n[ 96.003747] do_syscall_64+0x5b/0x1d0\n[ 96.006862] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\nOnly update num_txq/rxq when passed check, and restore tc_cfg if setup\nqueue map failed."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7c945e5b4787db47d728120b56c934ba05f99864",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a509702cac95a8b450228a037c8542f57e538e5b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48653.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48653",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.530",
"lastModified": "2024-04-28T13:15:07.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Don't double unplug aux on peer initiated reset\n\nIn the IDC callback that is accessed when the aux drivers request a reset,\nthe function to unplug the aux devices is called. This function is also\ncalled in the ice_prepare_for_reset function. This double call is causing\na \"scheduling while atomic\" BUG.\n\n[ 662.676430] ice 0000:4c:00.0 rocep76s0: cqp opcode = 0x1 maj_err_code = 0xffff min_err_code = 0x8003\n\n[ 662.676609] ice 0000:4c:00.0 rocep76s0: [Modify QP Cmd Error][op_code=8] status=-29 waiting=1 completion_err=1 maj=0xffff min=0x8003\n\n[ 662.815006] ice 0000:4c:00.0 rocep76s0: ICE OICR event notification: oicr = 0x10000003\n\n[ 662.815014] ice 0000:4c:00.0 rocep76s0: critical PE Error, GLPE_CRITERR=0x00011424\n\n[ 662.815017] ice 0000:4c:00.0 rocep76s0: Requesting a reset\n\n[ 662.815475] BUG: scheduling while atomic: swapper/37/0/0x00010002\n\n[ 662.815475] BUG: scheduling while atomic: swapper/37/0/0x00010002\n[ 662.815477] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs rfkill 8021q garp mrp stp llc vfat fat rpcrdma intel_rapl_msr intel_rapl_common sunrpc i10nm_edac rdma_ucm nfit ib_srpt libnvdimm ib_isert iscsi_target_mod x86_pkg_temp_thermal intel_powerclamp coretemp target_core_mod snd_hda_intel ib_iser snd_intel_dspcfg libiscsi snd_intel_sdw_acpi scsi_transport_iscsi kvm_intel iTCO_wdt rdma_cm snd_hda_codec kvm iw_cm ipmi_ssif iTCO_vendor_support snd_hda_core irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel snd_hwdep snd_seq snd_seq_device rapl snd_pcm snd_timer isst_if_mbox_pci pcspkr isst_if_mmio irdma intel_uncore idxd acpi_ipmi joydev isst_if_common snd mei_me idxd_bus ipmi_si soundcore i2c_i801 mei ipmi_devintf i2c_smbus i2c_ismt ipmi_msghandler acpi_power_meter acpi_pad rv(OE) ib_uverbs ib_cm ib_core xfs libcrc32c ast i2c_algo_bit drm_vram_helper drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops drm_ttm_helpe\n r ttm\n[ 662.815546] nvme nvme_core ice drm crc32c_intel i40e t10_pi wmi pinctrl_emmitsburg dm_mirror dm_region_hash dm_log dm_mod fuse\n[ 662.815557] Preemption disabled at:\n[ 662.815558] [<0000000000000000>] 0x0\n[ 662.815563] CPU: 37 PID: 0 Comm: swapper/37 Kdump: loaded Tainted: G S OE 5.17.1 #2\n[ 662.815566] Hardware name: Intel Corporation D50DNP/D50DNP, BIOS SE5C6301.86B.6624.D18.2111021741 11/02/2021\n[ 662.815568] Call Trace:\n[ 662.815572] <IRQ>\n[ 662.815574] dump_stack_lvl+0x33/0x42\n[ 662.815581] __schedule_bug.cold.147+0x7d/0x8a\n[ 662.815588] __schedule+0x798/0x990\n[ 662.815595] schedule+0x44/0xc0\n[ 662.815597] schedule_preempt_disabled+0x14/0x20\n[ 662.815600] __mutex_lock.isra.11+0x46c/0x490\n[ 662.815603] ? __ibdev_printk+0x76/0xc0 [ib_core]\n[ 662.815633] device_del+0x37/0x3d0\n[ 662.815639] ice_unplug_aux_dev+0x1a/0x40 [ice]\n[ 662.815674] ice_schedule_reset+0x3c/0xd0 [ice]\n[ 662.815693] irdma_iidc_event_handler.cold.7+0xb6/0xd3 [irdma]\n[ 662.815712] ? bitmap_find_next_zero_area_off+0x45/0xa0\n[ 662.815719] ice_send_event_to_aux+0x54/0x70 [ice]\n[ 662.815741] ice_misc_intr+0x21d/0x2d0 [ice]\n[ 662.815756] __handle_irq_event_percpu+0x4c/0x180\n[ 662.815762] handle_irq_event_percpu+0xf/0x40\n[ 662.815764] handle_irq_event+0x34/0x60\n[ 662.815766] handle_edge_irq+0x9a/0x1c0\n[ 662.815770] __common_interrupt+0x62/0x100\n[ 662.815774] common_interrupt+0xb4/0xd0\n[ 662.815779] </IRQ>\n[ 662.815780] <TASK>\n[ 662.815780] asm_common_interrupt+0x1e/0x40\n[ 662.815785] RIP: 0010:cpuidle_enter_state+0xd6/0x380\n[ 662.815789] Code: 49 89 c4 0f 1f 44 00 00 31 ff e8 65 d7 95 ff 45 84 ff 74 12 9c 58 f6 c4 02 0f 85 64 02 00 00 31 ff e8 ae c5 9c ff fb 45 85 f6 <0f> 88 12 01 00 00 49 63 d6 4c 2b 24 24 48 8d 04 52 48 8d 04 82 49\n[ 662.815791] RSP: 0018:ff2c2c4f18edbe80 EFLAGS: 00000202\n[ 662.815793] RAX: ff280805df140000 RBX: 0000000000000002 RCX: 000000000000001f\n[ 662.815795] RDX: 0000009a52da2d08 R\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/149979e87eb7a365d3d0b259bed79d84ff585a93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/23c619190318376769ad7b61504c2ea0703fb783",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/34447d64b8d28e4d6a73d73f07c879959d68fbfe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2022/CVE-2022-486xx/CVE-2022-48654.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2022-48654",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.580",
"lastModified": "2024-04-28T13:15:07.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()\n\nnf_osf_find() incorrectly returns true on mismatch, this leads to\ncopying uninitialized memory area in nft_osf which can be used to leak\nstale kernel stack data to userspace."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/559c36c5a8d730c49ef805a72b213d3bba155cc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d75fef3e61e797fab5c3fbba88caa74ab92ad47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/633c81c0449663f57d4138326d036dc6cfad674e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/721ea8ac063d70c2078c4e762212705de6151764",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/816eab147e5c6f6621922b8515ad9010ceb1735e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48655.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48655",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.623",
"lastModified": "2024-04-28T13:15:07.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Harden accesses to the reset domains\n\nAccessing reset domains descriptors by the index upon the SCMI drivers\nrequests through the SCMI reset operations interface can potentially\nlead to out-of-bound violations if the SCMI driver misbehave.\n\nAdd an internal consistency check before any such domains descriptors\naccesses."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f08a1b26cfc53b7715abc46857c6023bb1b87de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8e65edf0d37698f7a6cb174608d3ec7976baf49e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e9076ffbcaed5da6c182b144ef9f6e24554af268",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48656.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48656",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.663",
"lastModified": "2024-04-28T13:15:07.663",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()\n\nWe should call of_node_put() for the reference returned by\nof_parse_phandle() in fail path or when it is not used anymore.\nHere we only need to move the of_node_put() before the check."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/a17df55bf6d536712da6902a83db82b82e67d5a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aa11dae059a439af82bae541b134f8f53ac177b5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd5a6c5a08752b613e83ad2cb5133e72a64b876d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f9fdb0b86f087c2b7f6c6168dd0985a3c1eda87e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48657.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48657",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.717",
"lastModified": "2024-04-28T13:15:07.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: topology: fix possible overflow in amu_fie_setup()\n\ncpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*,\nwhile freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'.\nMultiplying max frequency by 1000 can potentially result in overflow --\nmultiplying by 1000ULL instead should avoid that...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3c3edb82d67b2be9231174ac2af4af60d4af7549",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/904f881b57360cf85de962d84d8614d94431f60e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bb6d99e27cbe6b30e4e3bbd32927fd3b0bdec6eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d4955c0ad77dbc684fc716387070ac24801b8bca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48658.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48658",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.760",
"lastModified": "2024-04-28T13:15:07.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.\n\nCommit 5a836bf6b09f (\"mm: slub: move flush_cpu_slab() invocations\n__free_slab() invocations out of IRQ context\") moved all flush_cpu_slab()\ninvocations to the global workqueue to avoid a problem related\nwith deactivate_slab()/__free_slab() being called from an IRQ context\non PREEMPT_RT kernels.\n\nWhen the flush_all_cpu_locked() function is called from a task context\nit may happen that a workqueue with WQ_MEM_RECLAIM bit set ends up\nflushing the global workqueue, this will cause a dependency issue.\n\n workqueue: WQ_MEM_RECLAIM nvme-delete-wq:nvme_delete_ctrl_work [nvme_core]\n is flushing !WQ_MEM_RECLAIM events:flush_cpu_slab\n WARNING: CPU: 37 PID: 410 at kernel/workqueue.c:2637\n check_flush_dependency+0x10a/0x120\n Workqueue: nvme-delete-wq nvme_delete_ctrl_work [nvme_core]\n RIP: 0010:check_flush_dependency+0x10a/0x120[ 453.262125] Call Trace:\n __flush_work.isra.0+0xbf/0x220\n ? __queue_work+0x1dc/0x420\n flush_all_cpus_locked+0xfb/0x120\n __kmem_cache_shutdown+0x2b/0x320\n kmem_cache_destroy+0x49/0x100\n bioset_exit+0x143/0x190\n blk_release_queue+0xb9/0x100\n kobject_cleanup+0x37/0x130\n nvme_fc_ctrl_free+0xc6/0x150 [nvme_fc]\n nvme_free_ctrl+0x1ac/0x2b0 [nvme_core]\n\nFix this bug by creating a workqueue for the flush operation with\nthe WQ_MEM_RECLAIM bit set."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/61703b248be993eb4997b00ae5d3318e6d8f3c5b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df6cb39335cf5a1b918e8dbd8ba7cd9f1d00e45a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e45cc288724f0cfd497bb5920bcfa60caa335729",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2022/CVE-2022-486xx/CVE-2022-48659.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2022-48659",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.800",
"lastModified": "2024-04-28T13:15:07.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: fix to return errno if kmalloc() fails\n\nIn create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to\nout-of-memory, if it fails, return errno correctly rather than\ntriggering panic via BUG_ON();\n\nkernel BUG at mm/slub.c:5893!\nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP\n\nCall trace:\n sysfs_slab_add+0x258/0x260 mm/slub.c:5973\n __kmem_cache_create+0x60/0x118 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335\n kmem_cache_create+0x1c/0x28 mm/slab_common.c:390\n f2fs_kmem_cache_create fs/f2fs/f2fs.h:2766 [inline]\n f2fs_init_xattr_caches+0x78/0xb4 fs/f2fs/xattr.c:808\n f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149\n mount_bdev+0x1b8/0x210 fs/super.c:1400\n f2fs_mount+0x44/0x58 fs/f2fs/super.c:4512\n legacy_get_tree+0x30/0x74 fs/fs_context.c:610\n vfs_get_tree+0x40/0x140 fs/super.c:1530\n do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040\n path_mount+0x358/0x914 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __arm64_sys_mount+0x2f8/0x408 fs/namespace.c:3568"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/016b150992eebc32c4a18f783cf2bb6e2545a3d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/02bcd951aa3c2cea95fb241c20802e9501940296",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2d6e55e0c03804e1e227b80a5746e086d6c6696c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/379ac7905ff3f0a6a4e507d3e9f710ec4fab9124",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7e9c323c52b379d261a72dc7bd38120a761a93cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a1d83a19cec3bfeb2b3547a1f7631e432a766d1c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e9219fa63c5c25804af82c7aa54d1ec770ebe457",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e996821717c5cf8aa1e1abdb6b3d900a231e3755",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48660.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48660",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.853",
"lastModified": "2024-04-28T13:15:07.853",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Set lineevent_state::irq after IRQ register successfully\n\nWhen running gpio test on nxp-ls1028 platform with below command\ngpiomon --num-events=3 --rising-edge gpiochip1 25\nThere will be a warning trace as below:\nCall trace:\nfree_irq+0x204/0x360\nlineevent_free+0x64/0x70\ngpio_ioctl+0x598/0x6a0\n__arm64_sys_ioctl+0xb4/0x100\ninvoke_syscall+0x5c/0x130\n......\nel0t_64_sync+0x1a0/0x1a4\nThe reason of this issue is that calling request_threaded_irq()\nfunction failed, and then lineevent_free() is invoked to release\nthe resource. Since the lineevent_state::irq was already set, so\nthe subsequent invocation of free_irq() would trigger the above\nwarning call trace. To fix this issue, set the lineevent_state::irq\nafter the IRQ register successfully."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/657803b918e097e47d99d1489da83a603c36bcdd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/69bef19d6b9700e96285f4b4e28691cda3dcd0d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/97da736cd11ae73bdf2f5e21e24446b8349e0168",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b1489043d3b9004dd8d5a0357b08b5f0e6691c43",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48661.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48661",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.897",
"lastModified": "2024-04-28T13:15:07.897",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mockup: Fix potential resource leakage when register a chip\n\nIf creation of software node fails, the locally allocated string\narray is left unfreed. Free it on error path."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/02743c4091ccfb246f5cdbbe3f44b152d5d12933",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/41f857033c44442a27f591fda8d986e7c9e42872",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9b26723e058faaf11b532fb4aa16d6849d581790",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2022/CVE-2022-486xx/CVE-2022-48662.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48662",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.937",
"lastModified": "2024-04-28T13:15:07.937",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Really move i915_gem_context.link under ref protection\n\ni915_perf assumes that it can use the i915_gem_context reference to\nprotect its i915->gem.contexts.list iteration. However, this requires\nthat we do not remove the context from the list until after we drop the\nfinal reference and release the struct. If, as currently, we remove the\ncontext from the list during context_close(), the link.next pointer may\nbe poisoned while we are holding the context reference and cause a GPF:\n\n[ 4070.573157] i915 0000:00:02.0: [drm:i915_perf_open_ioctl [i915]] filtering on ctx_id=0x1fffff ctx_id_mask=0x1fffff\n[ 4070.574881] general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP\n[ 4070.574897] CPU: 1 PID: 284392 Comm: amd_performance Tainted: G E 5.17.9 #180\n[ 4070.574903] Hardware name: Intel Corporation NUC7i5BNK/NUC7i5BNB, BIOS BNKBL357.86A.0052.2017.0918.1346 09/18/2017\n[ 4070.574907] RIP: 0010:oa_configure_all_contexts.isra.0+0x222/0x350 [i915]\n[ 4070.574982] Code: 08 e8 32 6e 10 e1 4d 8b 6d 50 b8 ff ff ff ff 49 83 ed 50 f0 41 0f c1 04 24 83 f8 01 0f 84 e3 00 00 00 85 c0 0f 8e fa 00 00 00 <49> 8b 45 50 48 8d 70 b0 49 8d 45 50 48 39 44 24 10 0f 85 34 fe ff\n[ 4070.574990] RSP: 0018:ffffc90002077b78 EFLAGS: 00010202\n[ 4070.574995] RAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000000\n[ 4070.575000] RDX: 0000000000000001 RSI: ffffc90002077b20 RDI: ffff88810ddc7c68\n[ 4070.575004] RBP: 0000000000000001 R08: ffff888103242648 R09: fffffffffffffffc\n[ 4070.575008] R10: ffffffff82c50bc0 R11: 0000000000025c80 R12: ffff888101bf1860\n[ 4070.575012] R13: dead0000000000b0 R14: ffffc90002077c04 R15: ffff88810be5cabc\n[ 4070.575016] FS: 00007f1ed50c0780(0000) GS:ffff88885ec80000(0000) knlGS:0000000000000000\n[ 4070.575021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4070.575025] CR2: 00007f1ed5590280 CR3: 000000010ef6f005 CR4: 00000000003706e0\n[ 4070.575029] Call Trace:\n[ 4070.575033] <TASK>\n[ 4070.575037] lrc_configure_all_contexts+0x13e/0x150 [i915]\n[ 4070.575103] gen8_enable_metric_set+0x4d/0x90 [i915]\n[ 4070.575164] i915_perf_open_ioctl+0xbc0/0x1500 [i915]\n[ 4070.575224] ? asm_common_interrupt+0x1e/0x40\n[ 4070.575232] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575290] drm_ioctl_kernel+0x85/0x110\n[ 4070.575296] ? update_load_avg+0x5f/0x5e0\n[ 4070.575302] drm_ioctl+0x1d3/0x370\n[ 4070.575307] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575382] ? gen8_gt_irq_handler+0x46/0x130 [i915]\n[ 4070.575445] __x64_sys_ioctl+0x3c4/0x8d0\n[ 4070.575451] ? __do_softirq+0xaa/0x1d2\n[ 4070.575456] do_syscall_64+0x35/0x80\n[ 4070.575461] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 4070.575467] RIP: 0033:0x7f1ed5c10397\n[ 4070.575471] Code: 3c 1c e8 1c ff ff ff 85 c0 79 87 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a9 da 0d 00 f7 d8 64 89 01 48\n[ 4070.575478] RSP: 002b:00007ffd65c8d7a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 4070.575484] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f1ed5c10397\n[ 4070.575488] RDX: 00007ffd65c8d7c0 RSI: 0000000040106476 RDI: 0000000000000006\n[ 4070.575492] RBP: 00005620972f9c60 R08: 000000000000000a R09: 0000000000000005\n[ 4070.575496] R10: 000000000000000d R11: 0000000000000246 R12: 000000000000000a\n[ 4070.575500] R13: 000000000000000d R14: 0000000000000000 R15: 00007ffd65c8d7c0\n[ 4070.575505] </TASK>\n[ 4070.575507] Modules linked in: nls_ascii(E) nls_cp437(E) vfat(E) fat(E) i915(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) crct10dif_pclmul(E) crc32_pclmul(E) crc32c_intel(E) aesni_intel(E) crypto_simd(E) intel_gtt(E) cryptd(E) ttm(E) rapl(E) intel_cstate(E) drm_kms_helper(E) cfbfillrect(E) syscopyarea(E) cfbimgblt(E) intel_uncore(E) sysfillrect(E) mei_me(E) sysimgblt(E) i2c_i801(E) fb_sys_fops(E) mei(E) intel_pch_thermal(E) i2c_smbus\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/713fa3e4591f65f804bdc88e8648e219fabc9ee1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d119888b09bd567e07c6b93a07f175df88857e02",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f799e0568d6c153368b177e0bbbde7dcc4ce7f1d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48663.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48663",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.980",
"lastModified": "2024-04-28T13:15:07.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mockup: fix NULL pointer dereference when removing debugfs\n\nWe now remove the device's debugfs entries when unbinding the driver.\nThis now causes a NULL-pointer dereference on module exit because the\nplatform devices are unregistered *after* the global debugfs directory\nhas been recursively removed. Fix it by unregistering the devices first."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2022/CVE-2022-486xx/CVE-2022-48664.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-48664",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:08.030",
"lastModified": "2024-04-28T13:15:08.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix hang during unmount when stopping a space reclaim worker\n\nOften when running generic/562 from fstests we can hang during unmount,\nresulting in a trace like this:\n\n Sep 07 11:52:00 debian9 unknown: run fstests generic/562 at 2022-09-07 11:52:00\n Sep 07 11:55:32 debian9 kernel: INFO: task umount:49438 blocked for more than 120 seconds.\n Sep 07 11:55:32 debian9 kernel: Not tainted 6.0.0-rc2-btrfs-next-122 #1\n Sep 07 11:55:32 debian9 kernel: \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n Sep 07 11:55:32 debian9 kernel: task:umount state:D stack: 0 pid:49438 ppid: 25683 flags:0x00004000\n Sep 07 11:55:32 debian9 kernel: Call Trace:\n Sep 07 11:55:32 debian9 kernel: <TASK>\n Sep 07 11:55:32 debian9 kernel: __schedule+0x3c8/0xec0\n Sep 07 11:55:32 debian9 kernel: ? rcu_read_lock_sched_held+0x12/0x70\n Sep 07 11:55:32 debian9 kernel: schedule+0x5d/0xf0\n Sep 07 11:55:32 debian9 kernel: schedule_timeout+0xf1/0x130\n Sep 07 11:55:32 debian9 kernel: ? lock_release+0x224/0x4a0\n Sep 07 11:55:32 debian9 kernel: ? lock_acquired+0x1a0/0x420\n Sep 07 11:55:32 debian9 kernel: ? trace_hardirqs_on+0x2c/0xd0\n Sep 07 11:55:32 debian9 kernel: __wait_for_common+0xac/0x200\n Sep 07 11:55:32 debian9 kernel: ? usleep_range_state+0xb0/0xb0\n Sep 07 11:55:32 debian9 kernel: __flush_work+0x26d/0x530\n Sep 07 11:55:32 debian9 kernel: ? flush_workqueue_prep_pwqs+0x140/0x140\n Sep 07 11:55:32 debian9 kernel: ? trace_clock_local+0xc/0x30\n Sep 07 11:55:32 debian9 kernel: __cancel_work_timer+0x11f/0x1b0\n Sep 07 11:55:32 debian9 kernel: ? close_ctree+0x12b/0x5b3 [btrfs]\n Sep 07 11:55:32 debian9 kernel: ? __trace_bputs+0x10b/0x170\n Sep 07 11:55:32 debian9 kernel: close_ctree+0x152/0x5b3 [btrfs]\n Sep 07 11:55:32 debian9 kernel: ? evict_inodes+0x166/0x1c0\n Sep 07 11:55:32 debian9 kernel: generic_shutdown_super+0x71/0x120\n Sep 07 11:55:32 debian9 kernel: kill_anon_super+0x14/0x30\n Sep 07 11:55:32 debian9 kernel: btrfs_kill_super+0x12/0x20 [btrfs]\n Sep 07 11:55:32 debian9 kernel: deactivate_locked_super+0x2e/0xa0\n Sep 07 11:55:32 debian9 kernel: cleanup_mnt+0x100/0x160\n Sep 07 11:55:32 debian9 kernel: task_work_run+0x59/0xa0\n Sep 07 11:55:32 debian9 kernel: exit_to_user_mode_prepare+0x1a6/0x1b0\n Sep 07 11:55:32 debian9 kernel: syscall_exit_to_user_mode+0x16/0x40\n Sep 07 11:55:32 debian9 kernel: do_syscall_64+0x48/0x90\n Sep 07 11:55:32 debian9 kernel: entry_SYSCALL_64_after_hwframe+0x63/0xcd\n Sep 07 11:55:32 debian9 kernel: RIP: 0033:0x7fcde59a57a7\n Sep 07 11:55:32 debian9 kernel: RSP: 002b:00007ffe914217c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n Sep 07 11:55:32 debian9 kernel: RAX: 0000000000000000 RBX: 00007fcde5ae8264 RCX: 00007fcde59a57a7\n Sep 07 11:55:32 debian9 kernel: RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055b57556cdd0\n Sep 07 11:55:32 debian9 kernel: RBP: 000055b57556cba0 R08: 0000000000000000 R09: 00007ffe91420570\n Sep 07 11:55:32 debian9 kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n Sep 07 11:55:32 debian9 kernel: R13: 000055b57556cdd0 R14: 000055b57556ccb8 R15: 0000000000000000\n Sep 07 11:55:32 debian9 kernel: </TASK>\n\nWhat happens is the following:\n\n1) The cleaner kthread tries to start a transaction to delete an unused\n block group, but the metadata reservation can not be satisfied right\n away, so a reservation ticket is created and it starts the async\n metadata reclaim task (fs_info->async_reclaim_work);\n\n2) Writeback for all the filler inodes with an i_size of 2K starts\n (generic/562 creates a lot of 2K files with the goal of filling\n metadata space). We try to create an inline extent for them, but we\n fail when trying to insert the inline extent with -ENOSPC (at\n cow_file_range_inline()) - since this is not critical, we fallback\n to non-inline mode (back to cow_file_range()), reserve extents\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6ac5b52e3f352f9cb270c89e6e1d4dadb564ddb8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a362bb864b8db4861977d00bd2c3222503ccc34b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c338bea1fec5504290dc0acf026c9e7dba25004b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d8a76a2e514fbbb315a6dfff2d342de2de833994",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48665.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48665",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:08.073",
"lastModified": "2024-04-28T13:15:08.073",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix overflow for large capacity partition\n\nUsing int type for sector index, there will be overflow in a large\ncapacity partition.\n\nFor example, if storage with sector size of 512 bytes and partition\ncapacity is larger than 2TB, there will be overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/17244f71765dfec39e84493993993e896c376d09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48666.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48666",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:08.113",
"lastModified": "2024-04-28T13:15:08.113",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix a use-after-free\n\nThere are two .exit_cmd_priv implementations. Both implementations use\nresources associated with the SCSI host. Make sure that these resources are\nstill available when .exit_cmd_priv is called by waiting inside\nscsi_remove_host() until the tag set has been freed.\n\nThis commit fixes the following use-after-free:\n\n==================================================================\nBUG: KASAN: use-after-free in srp_exit_cmd_priv+0x27/0xd0 [ib_srp]\nRead of size 8 at addr ffff888100337000 by task multipathd/16727\nCall Trace:\n <TASK>\n dump_stack_lvl+0x34/0x44\n print_report.cold+0x5e/0x5db\n kasan_report+0xab/0x120\n srp_exit_cmd_priv+0x27/0xd0 [ib_srp]\n scsi_mq_exit_request+0x4d/0x70\n blk_mq_free_rqs+0x143/0x410\n __blk_mq_free_map_and_rqs+0x6e/0x100\n blk_mq_free_tag_set+0x2b/0x160\n scsi_host_dev_release+0xf3/0x1a0\n device_release+0x54/0xe0\n kobject_put+0xa5/0x120\n device_release+0x54/0xe0\n kobject_put+0xa5/0x120\n scsi_device_dev_release_usercontext+0x4c1/0x4e0\n execute_in_process_context+0x23/0x90\n device_release+0x54/0xe0\n kobject_put+0xa5/0x120\n scsi_disk_release+0x3f/0x50\n device_release+0x54/0xe0\n kobject_put+0xa5/0x120\n disk_release+0x17f/0x1b0\n device_release+0x54/0xe0\n kobject_put+0xa5/0x120\n dm_put_table_device+0xa3/0x160 [dm_mod]\n dm_put_device+0xd0/0x140 [dm_mod]\n free_priority_group+0xd8/0x110 [dm_multipath]\n free_multipath+0x94/0xe0 [dm_multipath]\n dm_table_destroy+0xa2/0x1e0 [dm_mod]\n __dm_destroy+0x196/0x350 [dm_mod]\n dev_remove+0x10c/0x160 [dm_mod]\n ctl_ioctl+0x2c2/0x590 [dm_mod]\n dm_ctl_ioctl+0x5/0x10 [dm_mod]\n __x64_sys_ioctl+0xb4/0xf0\n dm_ctl_ioctl+0x5/0x10 [dm_mod]\n __x64_sys_ioctl+0xb4/0xf0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2e7eb4c1e8af8385de22775bd0be552f59b28c9a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8fe4ce5836e932f5766317cb651c1ff2a4cd0506",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48667.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48667",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:08.157",
"lastModified": "2024-04-28T13:15:08.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in insert range\n\ninsert range doesn't discard the affected cached region\nso can risk temporarily corrupting file data.\n\nAlso includes some minor cleanup (avoiding rereading\ninode size repeatedly unnecessarily) to make it clearer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0cdde8460c304283d4ebe3f767a70215d1ab9d4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9c8b7a293f50253e694f19161c045817a938e551",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2022/CVE-2022-486xx/CVE-2022-48668.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-48668",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:08.203",
"lastModified": "2024-04-28T13:15:08.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in collapse range\n\ncollapse range doesn't discard the affected cached region\nso can risk temporarily corrupting the file data. This\nfixes xfstest generic/031\n\nI also decided to merge a minor cleanup to this into the same patch\n(avoiding rereading inode size repeatedly unnecessarily) to make it\nclearer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

63
CVE-2024/CVE-2024-250xx/CVE-2024-25050.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-25050",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-04-28T13:15:08.257",
"lastModified": "2024-04-28T13:15:08.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/283242",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7149616",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7149672",
"source": "psirt@us.ibm.com"
}
]
}

12
CVE-2024/CVE-2024-266xx/CVE-2024-26605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26605",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-26T16:28:00.207",
"lastModified": "2024-04-17T17:47:46.583",
"vulnStatus": "Analyzed",
"lastModified": "2024-04-28T12:15:19.740",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -70,6 +70,10 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0f7908a016c092cfdaa16d785fa5099d867bc1a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1e560864159d002b453da42bd2c13a1805515a20",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -77,6 +81,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0f4478838be1f1d330061201898fef65bf8fd7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef90508574d7af48420bdc5f7b9a4f1cdd26bc70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

6
CVE-2024/CVE-2024-266xx/CVE-2024-26678.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26678",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-02T07:15:44.307",
"lastModified": "2024-04-04T14:15:09.513",
"lastModified": "2024-04-28T12:15:20.717",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -27,6 +27,10 @@
{
"url": "https://git.kernel.org/stable/c/4adeeff8c12321cd453412a659c3c0eeb9bb2397",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d327e961573fc335af0ae8a160302205327e1f4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

18
CVE-2024/CVE-2024-268xx/CVE-2024-26811.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26811",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-08T10:15:08.540",
"lastModified": "2024-04-14T04:15:54.290",
"lastModified": "2024-04-28T12:15:20.780",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -24,6 +24,10 @@
"url": "https://git.kernel.org/stable/c/76af689a45aa44714b46d1a7de4ffdf851ded896",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/88b7f1143b15b29cccb8392b4f38e75b7bb3e300",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a637fabac554270a851033f5ab402ecb90bc479c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
@ -31,18 +35,6 @@
{
"url": "https://git.kernel.org/stable/c/a677ebd8ca2f2632ccdecbad7b87641274e15aac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XCNJZBDMGJXRIKLGKM4RRJU4XCHPX62/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG6L4FXO4WNWUM6W7USOH2YTRVWREM3V/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RO3RO34MLQ6WT3A7O6STQUVXW43N6W3K/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-269xx/CVE-2024-26920.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26920",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T16:15:08.407",
"lastModified": "2024-04-17T16:51:07.347",
"lastModified": "2024-04-28T12:15:20.843",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,10 @@
"url": "https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2a3073d58382157ab396734ed4e421ba9e969db1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

18
CVE-2024/CVE-2024-269xx/CVE-2024-26922.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26922",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-23T13:15:46.643",
"lastModified": "2024-04-24T13:39:42.883",
"lastModified": "2024-04-28T12:15:20.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,9 +16,25 @@
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/212e3baccdb1939606420d88f7f52d346b49a284",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6fef2d4c00b5b8561ad68dd2b68173f5c6af1e75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8b12fc7b032633539acdf7864888b0ebd49e90f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b1f04b9b1c5317f562a455384c5f7473e46bdbaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef13eeca7c79136bc38e21eb67322c1cbd5c40ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

18
CVE-2024/CVE-2024-269xx/CVE-2024-26924.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26924",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-25T06:15:57.407",
"lastModified": "2024-04-25T13:18:20.370",
"lastModified": "2024-04-28T12:15:20.957",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,9 +16,25 @@
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/14b001ba221136c15f894577253e8db535b99487",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3cfc9ec039af60dbd8965ae085b2c2ccdcfbe1cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/41d8fdf3afaff312e17466e4ab732937738d5644",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7a1679e2d9bfa3b5f8755c2c7113e54b7d42bd46",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ebf7c9746f073035ee26209e38c3a1170f7b349a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

18
CVE-2024/CVE-2024-269xx/CVE-2024-26926.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26926",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-25T06:15:57.780",
"lastModified": "2024-04-25T13:18:20.370",
"lastModified": "2024-04-28T12:15:21.013",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,9 +16,25 @@
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1d7f1049035b2060342f11eff957cf567d810bdc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2fd6dbc98be1105a1d8e9e31575da8873ef115c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a6d2a8b211c874971ee4cf3ddd167408177f6e76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aaef73821a3b0194a01bd23ca77774f704a04d40",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f01d6619045704d78613b14e2e0420bfdb7f1c15",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2024/CVE-2024-269xx/CVE-2024-26927.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2024-26927",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T12:15:21.063",
"lastModified": "2024-04-28T12:15:21.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Add some bounds checking to firmware data\n\nSmatch complains about \"head->full_size - head->header_size\" can\nunderflow. To some extent, we're always going to have to trust the\nfirmware a bit. However, it's easy enough to add a check for negatives,\nand let's add a upper bounds check as well."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/044e220667157fb9d59320341badec59cf45ba48",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/98f681b0f84cfc3a1d83287b77697679e0398306",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9eeb8e1231f6450c574c1db979122e171a1813ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ced7df8b3c5c4751244cad79011e86cf1f809153",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d133d67e7e724102d1e53009c4f88afaaf3e167c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2024/CVE-2024-269xx/CVE-2024-26928.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-26928",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T12:15:21.140",
"lastModified": "2024-04-28T12:15:21.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_debug_files_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/229042314602db62559ecacba127067c22ee7b88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3402faf78b2516b0af1259baff50cc8453ef0bd1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a65f2b56334ba4dc30bd5ee9ce5b2691b973344d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca545b7f0823f19db0f1148d59bc5e1a56634502",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

56
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-04-28T08:00:37.582805+00:00
2024-04-28T14:00:39.133989+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-04-28T07:15:08.917000+00:00
2024-04-28T13:15:08.257000+00:00
```
### Last Data Feed Release
@ -33,33 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
246971
247012
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `41`
- [CVE-2022-48647](CVE-2022/CVE-2022-486xx/CVE-2022-48647.json) (`2024-04-28T13:15:07.237`)
- [CVE-2022-48648](CVE-2022/CVE-2022-486xx/CVE-2022-48648.json) (`2024-04-28T13:15:07.290`)
- [CVE-2022-48649](CVE-2022/CVE-2022-486xx/CVE-2022-48649.json) (`2024-04-28T13:15:07.333`)
- [CVE-2022-48650](CVE-2022/CVE-2022-486xx/CVE-2022-48650.json) (`2024-04-28T13:15:07.380`)
- [CVE-2022-48651](CVE-2022/CVE-2022-486xx/CVE-2022-48651.json) (`2024-04-28T13:15:07.423`)
- [CVE-2022-48652](CVE-2022/CVE-2022-486xx/CVE-2022-48652.json) (`2024-04-28T13:15:07.477`)
- [CVE-2022-48653](CVE-2022/CVE-2022-486xx/CVE-2022-48653.json) (`2024-04-28T13:15:07.530`)
- [CVE-2022-48654](CVE-2022/CVE-2022-486xx/CVE-2022-48654.json) (`2024-04-28T13:15:07.580`)
- [CVE-2022-48655](CVE-2022/CVE-2022-486xx/CVE-2022-48655.json) (`2024-04-28T13:15:07.623`)
- [CVE-2022-48656](CVE-2022/CVE-2022-486xx/CVE-2022-48656.json) (`2024-04-28T13:15:07.663`)
- [CVE-2022-48657](CVE-2022/CVE-2022-486xx/CVE-2022-48657.json) (`2024-04-28T13:15:07.717`)
- [CVE-2022-48658](CVE-2022/CVE-2022-486xx/CVE-2022-48658.json) (`2024-04-28T13:15:07.760`)
- [CVE-2022-48659](CVE-2022/CVE-2022-486xx/CVE-2022-48659.json) (`2024-04-28T13:15:07.800`)
- [CVE-2022-48660](CVE-2022/CVE-2022-486xx/CVE-2022-48660.json) (`2024-04-28T13:15:07.853`)
- [CVE-2022-48661](CVE-2022/CVE-2022-486xx/CVE-2022-48661.json) (`2024-04-28T13:15:07.897`)
- [CVE-2022-48662](CVE-2022/CVE-2022-486xx/CVE-2022-48662.json) (`2024-04-28T13:15:07.937`)
- [CVE-2022-48663](CVE-2022/CVE-2022-486xx/CVE-2022-48663.json) (`2024-04-28T13:15:07.980`)
- [CVE-2022-48664](CVE-2022/CVE-2022-486xx/CVE-2022-48664.json) (`2024-04-28T13:15:08.030`)
- [CVE-2022-48665](CVE-2022/CVE-2022-486xx/CVE-2022-48665.json) (`2024-04-28T13:15:08.073`)
- [CVE-2022-48666](CVE-2022/CVE-2022-486xx/CVE-2022-48666.json) (`2024-04-28T13:15:08.113`)
- [CVE-2022-48667](CVE-2022/CVE-2022-486xx/CVE-2022-48667.json) (`2024-04-28T13:15:08.157`)
- [CVE-2022-48668](CVE-2022/CVE-2022-486xx/CVE-2022-48668.json) (`2024-04-28T13:15:08.203`)
- [CVE-2024-25050](CVE-2024/CVE-2024-250xx/CVE-2024-25050.json) (`2024-04-28T13:15:08.257`)
- [CVE-2024-26927](CVE-2024/CVE-2024-269xx/CVE-2024-26927.json) (`2024-04-28T12:15:21.063`)
- [CVE-2024-26928](CVE-2024/CVE-2024-269xx/CVE-2024-26928.json) (`2024-04-28T12:15:21.140`)
### CVEs modified in the last Commit
Recently modified CVEs: `14`
Recently modified CVEs: `7`
- [CVE-2022-26125](CVE-2022/CVE-2022-261xx/CVE-2022-26125.json) (`2024-04-28T07:15:06.517`)
- [CVE-2022-26126](CVE-2022/CVE-2022-261xx/CVE-2022-26126.json) (`2024-04-28T07:15:07.730`)
- [CVE-2022-26127](CVE-2022/CVE-2022-261xx/CVE-2022-26127.json) (`2024-04-28T07:15:07.867`)
- [CVE-2022-26128](CVE-2022/CVE-2022-261xx/CVE-2022-26128.json) (`2024-04-28T07:15:07.963`)
- [CVE-2022-26129](CVE-2022/CVE-2022-261xx/CVE-2022-26129.json) (`2024-04-28T07:15:08.080`)
- [CVE-2022-37035](CVE-2022/CVE-2022-370xx/CVE-2022-37035.json) (`2024-04-28T07:15:08.190`)
- [CVE-2023-38406](CVE-2023/CVE-2023-384xx/CVE-2023-38406.json) (`2024-04-28T07:15:08.367`)
- [CVE-2023-38407](CVE-2023/CVE-2023-384xx/CVE-2023-38407.json) (`2024-04-28T07:15:08.463`)
- [CVE-2023-46752](CVE-2023/CVE-2023-467xx/CVE-2023-46752.json) (`2024-04-28T07:15:08.540`)
- [CVE-2023-46753](CVE-2023/CVE-2023-467xx/CVE-2023-46753.json) (`2024-04-28T07:15:08.623`)
- [CVE-2023-47234](CVE-2023/CVE-2023-472xx/CVE-2023-47234.json) (`2024-04-28T07:15:08.703`)
- [CVE-2023-47235](CVE-2023/CVE-2023-472xx/CVE-2023-47235.json) (`2024-04-28T07:15:08.770`)
- [CVE-2024-31948](CVE-2024/CVE-2024-319xx/CVE-2024-31948.json) (`2024-04-28T07:15:08.843`)
- [CVE-2024-31949](CVE-2024/CVE-2024-319xx/CVE-2024-31949.json) (`2024-04-28T07:15:08.917`)
- [CVE-2024-26605](CVE-2024/CVE-2024-266xx/CVE-2024-26605.json) (`2024-04-28T12:15:19.740`)
- [CVE-2024-26678](CVE-2024/CVE-2024-266xx/CVE-2024-26678.json) (`2024-04-28T12:15:20.717`)
- [CVE-2024-26811](CVE-2024/CVE-2024-268xx/CVE-2024-26811.json) (`2024-04-28T12:15:20.780`)
- [CVE-2024-26920](CVE-2024/CVE-2024-269xx/CVE-2024-26920.json) (`2024-04-28T12:15:20.843`)
- [CVE-2024-26922](CVE-2024/CVE-2024-269xx/CVE-2024-26922.json) (`2024-04-28T12:15:20.900`)
- [CVE-2024-26924](CVE-2024/CVE-2024-269xx/CVE-2024-26924.json) (`2024-04-28T12:15:20.957`)
- [CVE-2024-26926](CVE-2024/CVE-2024-269xx/CVE-2024-26926.json) (`2024-04-28T12:15:21.013`)
## Download and Usage

83
_state.csv
View File

@ -194390,11 +194390,11 @@ CVE-2022-26121,0,0,4817365b3bafeb84d119c418106e525a51ee13efbb3dbeff4f67392c24807
CVE-2022-26122,0,0,164e09a43d54baa84f677905fe92592c3975ef059fd5c9aad24fb02dab655a90,2022-11-04T13:20:04.217000
CVE-2022-26123,0,0,1787ce5646f40762dea206165529e10857c399b1641402cf9a38d3372b8e1c52,2023-11-07T03:44:55.963000
CVE-2022-26124,0,0,e20bb143cce5026d61c911367e43a77e98b0573f5e60aa8ccd3e2b66894fc66e,2022-11-17T15:30:49.277000
CVE-2022-26125,0,1,3a905a5274655d3dfdcf4f2478bcbec125449c70b1d71699ad8d163cf22d48bb,2024-04-28T07:15:06.517000
CVE-2022-26126,0,1,32dfa62d61a5d16f68bd723c2983b613f1a7c7b8e207663a6170c469abb99101,2024-04-28T07:15:07.730000
CVE-2022-26127,0,1,162a6115c253725d88345b3571e46cb238048a196a7344dc52efb4e4459ecb24,2024-04-28T07:15:07.867000
CVE-2022-26128,0,1,4149c1ef554e8b47bab5fb405b73b0533394c6970d1244b41e94f3318f660640,2024-04-28T07:15:07.963000
CVE-2022-26129,0,1,d3a579058fad1bafab753d65dd8d570687fab27eb8c3ac9e47fc69e06a3a3083,2024-04-28T07:15:08.080000
CVE-2022-26125,0,0,3a905a5274655d3dfdcf4f2478bcbec125449c70b1d71699ad8d163cf22d48bb,2024-04-28T07:15:06.517000
CVE-2022-26126,0,0,32dfa62d61a5d16f68bd723c2983b613f1a7c7b8e207663a6170c469abb99101,2024-04-28T07:15:07.730000
CVE-2022-26127,0,0,162a6115c253725d88345b3571e46cb238048a196a7344dc52efb4e4459ecb24,2024-04-28T07:15:07.867000
CVE-2022-26128,0,0,4149c1ef554e8b47bab5fb405b73b0533394c6970d1244b41e94f3318f660640,2024-04-28T07:15:07.963000
CVE-2022-26129,0,0,d3a579058fad1bafab753d65dd8d570687fab27eb8c3ac9e47fc69e06a3a3083,2024-04-28T07:15:08.080000
CVE-2022-2613,0,0,2705769156bba6f27f784ac788bc68d117dccf546508708f0b6cf796aa748101,2023-11-07T03:46:44.133000
CVE-2022-26130,0,0,e3cfbac27b943eb46061ce2deac038d92c7f0bb2ed8b82045deb01a11bdc767d,2022-05-16T12:34:17.893000
CVE-2022-26131,0,0,e201a577539ce448fa5c37858b58af9176e209c969b7e93a64a87874412b5ef2,2022-03-23T18:37:02.983000
@ -203241,7 +203241,7 @@ CVE-2022-37030,0,0,8f33637a81167f5ddefcdba1ee0ddd47e6e6f46cd13bd9a8d636e6853308b
CVE-2022-37032,0,0,5be58f7878276ea99f42f58c3ccbb77313c8c805ffd516718db748fea2c56c56,2023-03-08T01:06:27.520000
CVE-2022-37033,0,0,1fdc1bfa1968a69f481337828bd0ceb6341ce6fc7739ce9df70ebe7913ae70bc,2023-02-09T19:35:45.170000
CVE-2022-37034,0,0,37ec1704ae51432d44e0803811edc93de7505f72476371588763cb55920c9769,2023-02-09T19:14:44.047000
CVE-2022-37035,0,1,f1259700ff9749e2754c31c6fe016e45e7428831f40a36d5cfa02dd8b8bef26b,2024-04-28T07:15:08.190000
CVE-2022-37035,0,0,f1259700ff9749e2754c31c6fe016e45e7428831f40a36d5cfa02dd8b8bef26b,2024-04-28T07:15:08.190000
CVE-2022-3704,0,0,d58f2c6681dbe21a939d7a09efe08bbbea7decdb863ad09cc08683ac417189b5,2024-04-11T01:16:34.983000
CVE-2022-37041,0,0,a2d358dc549a4429d7e464cfca222df490a2e633b45fba19ac0ad59ad8c71a53,2022-08-16T14:55:48.720000
CVE-2022-37042,0,0,7000889787dba91614b79b16d59d293fc241938c8c25803696791966a91ec98d,2023-08-08T14:22:24.967000
@ -211492,9 +211492,47 @@ CVE-2022-48628,0,0,53833f4c493a0dc2eadce20e074749d0beda4aee81d045b4d048c848f17d5
CVE-2022-48629,0,0,fa048196d2bfc6b10ff3d7f516159c362398b51507f15ab4e218ad5e1ec3c673,2024-03-21T02:44:43.813000
CVE-2022-4863,0,0,5b47f8c32121fc9ba1e1299b8649a0bce6cf67f9d99ee5110f7455ebd1e4dead,2023-01-10T15:19:48.147000
CVE-2022-48630,0,0,26afba4db4805d2283d63a9f1d531c327a9cf50344f18251b67823896e3a11fb,2024-03-05T13:41:01.900000
CVE-2022-48631,1,1,a5676bdf27bdbfe41d682a1d7e889ee064e776a7d5e345ec9c2157eb249074b1,2024-04-28T13:15:06.450000
CVE-2022-48632,1,1,0c6bfe18afea0723c6dd32c98ee7199f9491ff7a87b66a7b86e490329d97dfe9,2024-04-28T13:15:06.517000
CVE-2022-48633,1,1,c18b2d7166d66e5c16736c9e4e35dceb64f08cdce2ed3b80013c26985c215835,2024-04-28T13:15:06.560000
CVE-2022-48634,1,1,23cc0f58cf2cb8c9ad1f7ff81f050ce3d6957f40a9593fbdda7fc7e6e425ba04,2024-04-28T13:15:06.617000
CVE-2022-48635,1,1,d07ed57cfa5bb3790aa15af971d4097a0fcd504ea9bb701b00814926ca64b77f,2024-04-28T13:15:06.663000
CVE-2022-48636,1,1,662758f9b191c0ff0d971f4d575106ca8ea71019c44ab43bc74c8ca22dac5683,2024-04-28T13:15:06.710000
CVE-2022-48637,1,1,b20e16f1ea5b6434beaace0a80a64f46a6ad728612cfb79ab7c98c4ff317eb0f,2024-04-28T13:15:06.763000
CVE-2022-48638,1,1,946b47c6ecebff4ba9d7425805decd48e6653c549156f31173c9d9312caa05c4,2024-04-28T13:15:06.807000
CVE-2022-48639,1,1,9b709c8e7b81c544726a8f5e924b862fe902bdf6d83893ef12714140fe9842f4,2024-04-28T13:15:06.857000
CVE-2022-4864,0,0,d23161698d876889bbe57cc3b493d8a62ae4301980779460573eee0ceb3a8d84,2023-10-11T15:24:48.003000
CVE-2022-48640,1,1,24436b8339b037d62d66b09ff14431da8fcd5643d49925a1a705c470a659c36c,2024-04-28T13:15:06.903000
CVE-2022-48641,1,1,99b0880cd517c089b106c2d8ba5739f7ce27c9e220758a69a972a9e60a763a1d,2024-04-28T13:15:06.950000
CVE-2022-48642,1,1,2d94253e945d6866d109dd6a5b26080715fc9278e0b9c4894a21526f9c7d66c9,2024-04-28T13:15:07
CVE-2022-48643,1,1,9834da3f3b73b3398abe808c9d97bff3b2214eece9eed0bf88c1859f0de6c699,2024-04-28T13:15:07.040000
CVE-2022-48644,1,1,00713bd6f4b99ddf3b86bbdfa5292ec81d494de2d76c5c619cbba06460208011,2024-04-28T13:15:07.087000
CVE-2022-48645,1,1,bbdf322cee9be8993e4c48e7956c093ee89681f0d434dcc98ecf223a4e038730,2024-04-28T13:15:07.140000
CVE-2022-48646,1,1,c82aa7c8cc4fc94ac74b261d5e2af07dccbb3af297b3eb9b48d1af4596a60ca7,2024-04-28T13:15:07.187000
CVE-2022-48647,1,1,48b7517100cefd25633cf2b1fb67d74b4b09369747490f4740ac5676ded62851,2024-04-28T13:15:07.237000
CVE-2022-48648,1,1,8f25bb48e08475c98f7921cdcdf98358ce428fd24457c655496a2aed1e08293d,2024-04-28T13:15:07.290000
CVE-2022-48649,1,1,3f765f0e12dc1f14874e8228bb63b3d5759c3f7f355069a363179954aef708b2,2024-04-28T13:15:07.333000
CVE-2022-4865,0,0,ca348115ae41e38a1bc69af0c75dfb35364aad74f0d955859af486be9af48649,2023-01-06T21:22:00.620000
CVE-2022-48650,1,1,26c6a4b499d37a76ea121cecc70ddcf9acece46f3a87fb58b34784df4e27eb1c,2024-04-28T13:15:07.380000
CVE-2022-48651,1,1,328926df4fae0978dca24aaf56369bd6a41458c033d80b039b398e25c07005ff,2024-04-28T13:15:07.423000
CVE-2022-48652,1,1,02debbba1f3ecca1f604063950d4928ddd135df82b2f52cfc87e0525db0bbc15,2024-04-28T13:15:07.477000
CVE-2022-48653,1,1,3e7c7db3083eba826d409432d5f3c88395b0cfd8ba3bfca84e3408e808050842,2024-04-28T13:15:07.530000
CVE-2022-48654,1,1,1829bc0ce90607635e2db98db797a7c52be87c65198822782385247e6ecf77a3,2024-04-28T13:15:07.580000
CVE-2022-48655,1,1,7dc54b79aac20bb52f8b382bfdecb551d110780447260baa8efbbff8230425b2,2024-04-28T13:15:07.623000
CVE-2022-48656,1,1,2efcea6c4080fd14ada67c73ca74faa4ae57157765ea0a170f338b9950a0dc84,2024-04-28T13:15:07.663000
CVE-2022-48657,1,1,c02c107e1bc82d8a75af1061abf274616445ae474fd3d22b4a49a1f6c415a801,2024-04-28T13:15:07.717000
CVE-2022-48658,1,1,40e0037fcf2a01d381be7fee19ec87df91a9936882529ca8cfbed96d8a9012b6,2024-04-28T13:15:07.760000
CVE-2022-48659,1,1,224ab9e3b3e6ca3e8c424ffc484e89c297ec5f44dbe8e79342bc4cb816e53f31,2024-04-28T13:15:07.800000
CVE-2022-4866,0,0,64c9ea7b26626d61a99b74354dc5f958961e6d20aa6371d15f635281a82cc0f0,2023-01-06T21:24:01.587000
CVE-2022-48660,1,1,27334ab996065bca78183ccf6549d46fb3577019685d2eb75841c1aa04b5a897,2024-04-28T13:15:07.853000
CVE-2022-48661,1,1,3a06bc7f1a6b2481f2f6c2253bdc78092c7c1bef4c1ba4ec7e0ea3f28ff34a87,2024-04-28T13:15:07.897000
CVE-2022-48662,1,1,944a91044fa7de58a43e6d45d0acb736abc71697ab08eb5dde790be7dc108ada,2024-04-28T13:15:07.937000
CVE-2022-48663,1,1,a359b3d001ae6e201d973a386a730cacdf672d3e6a7d9b5fa3a4dc4bbe8845c4,2024-04-28T13:15:07.980000
CVE-2022-48664,1,1,64a2f7ff093f6c01aa0a962903ea7d23b07dad2fd621b16d49360cb55fe1a002,2024-04-28T13:15:08.030000
CVE-2022-48665,1,1,d890717479e0d527d5c8a7bb6c08bba9286703cce0c61ab17a230e3c62560c58,2024-04-28T13:15:08.073000
CVE-2022-48666,1,1,ea1392e9c51634e3687131dcf88468907b54e80c1c9ec07fc6690b140ce38a59,2024-04-28T13:15:08.113000
CVE-2022-48667,1,1,28b61d90eb37a733451b6b479bdbbc0036411506ed062bf5c20640e47715c596,2024-04-28T13:15:08.157000
CVE-2022-48668,1,1,e841390e2ac8e165beff069e8bf84f9207b943c91d81fd9917f5bacd7ba59a8e,2024-04-28T13:15:08.203000
CVE-2022-4867,0,0,df30bf033a8b71c87ccc147259fbbc1d4b447580323b889a3d7676505e257148,2023-01-06T21:26:37.597000
CVE-2022-4868,0,0,49bc3762269009af54870f2860cabd5c2f0372571503d002526079fe993a74bc,2023-01-06T21:20:41.477000
CVE-2022-48682,0,0,a9e8566df4d423615eab0842eba8f88c67d4de5de15c1876586d34ed294d4bbf,2024-04-26T12:58:17.720000
@ -227418,8 +227456,8 @@ CVE-2023-38402,0,0,286f28e4fe504787a7a2745fb756d4db7548f380413d9739c731327091931
CVE-2023-38403,0,0,9051c29e85ddbbf1a753a26f072afca3669d63e314e23667ddda5c6f2a3ae049,2024-01-09T02:53:19.040000
CVE-2023-38404,0,0,3dc6ba7796bd771a65b22048e59c9ab5fef46da9252fb3726f228bc9dd4b4359,2023-07-27T23:45:52.217000
CVE-2023-38405,0,0,c9debfd5593845ef6520958dbc49abb74fd74ee699fbdda9849aeefe8e69acd0,2023-07-27T03:46:14.810000
CVE-2023-38406,0,1,80db54cfbbd0fa8480b91b9c09dce70943da5a2cae85e18029363308bd7a260e,2024-04-28T07:15:08.367000
CVE-2023-38407,0,1,9a208c073e5b7b4636ccaf26fbdd73e9008e152a34acdb22805b2c6218d358c2,2024-04-28T07:15:08.463000
CVE-2023-38406,0,0,80db54cfbbd0fa8480b91b9c09dce70943da5a2cae85e18029363308bd7a260e,2024-04-28T07:15:08.367000
CVE-2023-38407,0,0,9a208c073e5b7b4636ccaf26fbdd73e9008e152a34acdb22805b2c6218d358c2,2024-04-28T07:15:08.463000
CVE-2023-38408,0,0,a5b3564bc29fbafca29af20a4fd1ef12d39f0184d3edb95cb86e49e205895556,2024-04-04T06:15:08.430000
CVE-2023-38409,0,0,6490e149eaf901300003e5cb5fe2beb3e6bba4dd1431a86db788223f5e63097f,2023-07-27T03:49:09.943000
CVE-2023-3841,0,0,61d45d034c43bdfe7db00d574171e298c10908077b0cbed791a92ef272a288fa,2024-04-11T01:21:25.730000
@ -232922,8 +232960,8 @@ CVE-2023-46749,0,0,a2089177ea5380efb05c5d3a1436d829b25523c5d5d54acf7398db8cf292a
CVE-2023-4675,0,0,dd676e055674143cc78a06d81557fc2a93b0ada038e81404b0bdf54e59245baf,2024-01-05T18:20:40.117000
CVE-2023-46750,0,0,66b39c3a71c2890443b8332121f3f3f60f084ba51e0b36d50fa4b0931cba41ec,2023-12-18T20:10:48.703000
CVE-2023-46751,0,0,45a144f3c1775a10264a3155a26ea2f8a4aa63b1131f06d5ae9cfed17ca26b82,2023-12-16T01:15:07.820000
CVE-2023-46752,0,1,f8928e44d875066972d459ff01172ce8b553ed215057e314a1c0e6e44e3499fd,2024-04-28T07:15:08.540000
CVE-2023-46753,0,1,0638e0e337897b4eeaac62fd219e474695a2308a11c82b93af2f0922a2bc56a4,2024-04-28T07:15:08.623000
CVE-2023-46752,0,0,f8928e44d875066972d459ff01172ce8b553ed215057e314a1c0e6e44e3499fd,2024-04-28T07:15:08.540000
CVE-2023-46753,0,0,0638e0e337897b4eeaac62fd219e474695a2308a11c82b93af2f0922a2bc56a4,2024-04-28T07:15:08.623000
CVE-2023-46754,0,0,3bcdb9454e97a5da3b1021ec9456a5bee1e2f54bdc102a57e5b6db01fdebcf57,2023-11-07T15:56:54.830000
CVE-2023-46755,0,0,131604a0a81f24eaaf797185c7fc58f8f04f133be80fcd208739551450526ae4,2023-11-14T20:04:51.430000
CVE-2023-46756,0,0,3a18f206aeab613b95265a1774da8f0da113fcae944e8c9524e9269646e68539,2023-11-15T16:20:22.913000
@ -233265,8 +233303,8 @@ CVE-2023-4723,0,0,f6c1ffe60bbd1c1916dfe81b644532f2801b498c64cbf9c5b540830e9916a4
CVE-2023-47230,0,0,98e54ec85149eb5b7a886246e70faa9789424eff695d2b80f1f18594563dc7f2,2023-11-16T23:42:46.737000
CVE-2023-47231,0,0,52a0fc4892df54cf36480ba4cd483981c6f7b112e09729fb822f624c1979cdea,2023-11-15T16:21:11.800000
CVE-2023-47233,0,0,8437cc40c7f2fdf5cac54a094e069e62b40f927de3f1b086eaf36914b54f667e,2024-03-25T01:15:54.803000
CVE-2023-47234,0,1,2789fb6053c1e8a11522a688aee6f2a244ebebed599b2e822033da845b9ed62d,2024-04-28T07:15:08.703000
CVE-2023-47235,0,1,15f2454b87d18384661fef3e851716f49203fc6cf99784f467ee56364a4d98f7,2024-04-28T07:15:08.770000
CVE-2023-47234,0,0,2789fb6053c1e8a11522a688aee6f2a244ebebed599b2e822033da845b9ed62d,2024-04-28T07:15:08.703000
CVE-2023-47235,0,0,15f2454b87d18384661fef3e851716f49203fc6cf99784f467ee56364a4d98f7,2024-04-28T07:15:08.770000
CVE-2023-47236,0,0,b0b312089de1fa4b30acc4988ffca55daee03fe17197415e08738b0e7d2a16c8,2023-12-28T20:07:16.600000
CVE-2023-47237,0,0,300757c13e0afaa0d3ea72a8a7866748846c7ae9f4f522d4cbba9d38a9f2ce25,2023-11-15T02:25:41.300000
CVE-2023-47238,0,0,66d5330fa3782d388bd9bee2a81da2820e2ebb34194b1a721643b50ddf6a49cb,2023-11-15T02:25:33.170000
@ -242560,6 +242598,7 @@ CVE-2024-25030,0,0,fc3de3fd573e21787e1c0bdd960fb3a4c590b360d40ba7c7d9e34380b9c90
CVE-2024-2504,0,0,b952b345d554f248180cfc37dd33de3d29aef92bb40f82f2454b4ee2e2c1523d,2024-04-10T13:23:38.787000
CVE-2024-25046,0,0,64b67efbc5b2947bdef146aee983b6003b7daa23659b2bfe93519b90947330ac,2024-04-03T17:24:18.150000
CVE-2024-25048,0,0,f98b5f829311c9c9a726d02cd66b8a93a4755ae4aa235bf4cd2af7701d9667d0,2024-04-27T12:15:10.517000
CVE-2024-25050,1,1,1ff20d693c75735252bb078c1b9df844137fdb7eca3fe844e495a58addd9c2a1,2024-04-28T13:15:08.257000
CVE-2024-25062,0,0,9596ed5cf07a8bc8469d4afc28fc727a431af7cff3b6b8e84435c301d9955756,2024-02-13T00:40:40.503000
CVE-2024-25063,0,0,ada8a3e76748f7f6ba8d6378c081423ac8f962f095964d00e876ad6b7009736e,2024-03-04T22:45:02.117000
CVE-2024-25064,0,0,1c648660fe74d25bd4bc9587030796b3cc77cb44c915d4df3e4024ac11525ccf,2024-03-04T22:43:15.337000
@ -243431,7 +243470,7 @@ CVE-2024-26601,0,0,30ccc6d67db0573a68b804997cf6e9843de67fe7ac91aac1c32f4e8d41a6e
CVE-2024-26602,0,0,74a07df687505b0074c6bd2fd2ef070cc30b5b21b7d32767a6a2de77b8e2bf18,2024-04-17T18:01:43.820000
CVE-2024-26603,0,0,ea875115abb5a013b43aabc1c8e80523fdf49c8e0a84f2554de163f8ad2e5b2f,2024-04-17T18:00:07.600000
CVE-2024-26604,0,0,3af54300b651d19d656a5097d70c7e0dbb5923d92e6dfc43928a15db003f16f1,2024-04-17T17:55:23.003000
CVE-2024-26605,0,0,9f5d4199e87471cbde5b1d897189efd0d3f6dda9d44375cbc6d4860e73662dc7,2024-04-17T17:47:46.583000
CVE-2024-26605,0,1,21a2f4f8a64c6ad503f7877dcf796b66ec78707bc2832cb2fd27454941c8959a,2024-04-28T12:15:19.740000
CVE-2024-26606,0,0,56db6ea7b3f11089282e8c2efeec91504e5b4f22fb3c1e49d0fdce8d6f368323,2024-04-17T17:49:01.227000
CVE-2024-26607,0,0,10f708b618964c31a16152436a6b5d9b9b34324402ac957d6db7b57f6219ed49,2024-02-29T13:49:29.390000
CVE-2024-26608,0,0,9db678542933ad0e36202af80b187252a408347bbb9057cd73da20b3710cb095,2024-03-12T12:40:13.500000
@ -243507,7 +243546,7 @@ CVE-2024-26674,0,0,f1d8576ca0aa47350de64417aeef31f1b238573e2983d0df225d9682a3d84
CVE-2024-26675,0,0,18ad8d54c05969c4deea09aefa255ac7a86e9958e19c92f65fea4e21f81e5a90,2024-04-02T12:50:42.233000
CVE-2024-26676,0,0,1d6462abc387a07745aa4cbe7883c8d5a9e7ba60d572c150c39ead906ad157a1,2024-04-02T12:50:42.233000
CVE-2024-26677,0,0,6b321906db4a8761a068972f50c35aaee56cfe9a508eaeb0f87a01adffdeee4c,2024-04-02T12:50:42.233000
CVE-2024-26678,0,0,9e85aecf537bdeaa0ac7cd8b6cd4c2c9592e9799efc1a2290261b5b48890a1ad,2024-04-04T14:15:09.513000
CVE-2024-26678,0,1,64bb303dae4cf9ca5eb7c0f51b50259620ff4e12c1339c5a90eab449566d6e8c,2024-04-28T12:15:20.717000
CVE-2024-26679,0,0,6e5fcbfaaf09c0a754213ce2a73da4984a33e97ebf7103133863657d55ddb43a,2024-04-02T12:50:42.233000
CVE-2024-2668,0,0,2c5c7d7e871bf3c3e279c8ec5f5070d2c93662f77758756938dcf48d2daff597,2024-04-11T01:25:31.137000
CVE-2024-26680,0,0,7cba00bff493eedad4949f635084d20f9b62c12fbba2060341caa87d798b6aa5,2024-04-02T12:50:42.233000
@ -243654,7 +243693,7 @@ CVE-2024-26808,0,0,4f31bc304a07232a3baf91061957b820ea1892642e797b2566eb9414b09af
CVE-2024-26809,0,0,9fe73261a4fc78e6c4eacdd5a51592c430457963a39614d59847053f3066f6fb,2024-04-04T12:48:22.650000
CVE-2024-2681,0,0,cb05086c2c8d183d14408cf45e04435cc7af702ab8c219dc1bd4df4ce50beae6,2024-04-11T01:25:32.153000
CVE-2024-26810,0,0,1b304a2ab8dd45b7f8b668d3ded5617945895b32843d6ccf223d08b5069900cd,2024-04-13T12:15:11.527000
CVE-2024-26811,0,0,8c27540c85b7b58fd32e2eb371d005ef60333ea96473bcd9ab259f1ab620b419,2024-04-14T04:15:54.290000
CVE-2024-26811,0,1,e7cc997576905d8c8534c8e86bbdae72d12ef65c9dddf012261867f36ff295d1,2024-04-28T12:15:20.780000
CVE-2024-26812,0,0,a42c8187b68beb1cc0b158f76e6d556e04202cce9b8d74f10baf062b3b08439c,2024-04-13T12:15:11.580000
CVE-2024-26813,0,0,e26d7e44e13f3412bd160f19d0ae99bd36159f47f75a2e8fb78ec9249e2769c3,2024-04-13T12:15:11.633000
CVE-2024-26814,0,0,cc1f4c4ee0ddb8caf435f1369c8b74e01b83a1ebb078466c399be2b768271bff,2024-04-13T12:15:11.683000
@ -243773,13 +243812,15 @@ CVE-2024-26917,0,0,76ac629e9c8e03234b1cc0f2056c3a72474e19f6de790dc934c6f9ce7aac4
CVE-2024-26918,0,0,856369cd1dea2e2c11af16942fbef9a6c4bc54310e835905719eaafb6e04f03b,2024-04-17T16:51:07.347000
CVE-2024-26919,0,0,8ce229e6f304423499a3d2dbc331713eb1fbfa99e3cc0b71da0db8b8b65f091c,2024-04-17T16:51:07.347000
CVE-2024-2692,0,0,aefc05ddca23ffc90de039367cc7fed9a06f50bd32c460cfe2bbf1c8645c8f06,2024-04-04T12:48:41.700000
CVE-2024-26920,0,0,8ad9dc4497d0ab325621ba9253d9bafe6f0648f6e0dcc53db528add7b30825c1,2024-04-17T16:51:07.347000
CVE-2024-26920,0,1,ab68bff7605fe8a2c0c2b7554be56c143969bd1f023d7401c4b30330e5225371,2024-04-28T12:15:20.843000
CVE-2024-26921,0,0,76d623900726b55efb66263c05dcf2e665a9ce9fb4f9ecc19bf3b35e90cf98c7,2024-04-18T13:04:28.900000
CVE-2024-26922,0,0,568c54f02287b1d7fb902390d617a12e7e604e44948c34f27405b196aec957ed,2024-04-24T13:39:42.883000
CVE-2024-26922,0,1,f2b5eff23cb85e28193666d928a98191bac308d361a6835a02e59fdb59b1fc3a,2024-04-28T12:15:20.900000
CVE-2024-26923,0,0,44a3ec3dbab6336e995abfc3c047bd3ffd7a885768d8e65e783b64087543b58b,2024-04-25T13:18:20.370000
CVE-2024-26924,0,0,2e3c70bf6777ef387de99918bdd4a70142400eb77d18332f456cd667a5d74904,2024-04-25T13:18:20.370000
CVE-2024-26924,0,1,1526730b9fbd81129aa9bf942ae0242de8c1bb8745b3eaaedfea283db7d0962b,2024-04-28T12:15:20.957000
CVE-2024-26925,0,0,205e70a4a50c2237fc125a81400662661ac0821c29e77dd6328c788eab96e62d,2024-04-25T13:18:20.370000
CVE-2024-26926,0,0,93c0598719163f77484ee68f62b48da396c03e8db3db05692a0ec6fecc43f383,2024-04-25T13:18:20.370000
CVE-2024-26926,0,1,27538b39a6ce8cff6b945e0dcf0558dffe5ab1f587fa0cef51d76894a92d7110,2024-04-28T12:15:21.013000
CVE-2024-26927,1,1,358a76a28dec44d81b994014608f2336c3d8deaca69615401fde87ad990f94f8,2024-04-28T12:15:21.063000
CVE-2024-26928,1,1,2fa0f571e33c7f9a9e6ea426f333f043bad7e2411c53ef713939a51acb481415,2024-04-28T12:15:21.140000
CVE-2024-2693,0,0,0523f248585c70810eb494560526f8a16efe419cf7f3014aa23838648b0d3e89,2024-04-10T13:23:38.787000
CVE-2024-2700,0,0,ec51b942504a96d4888f64f81c70906fd44973b0d1ace8e2f862241f82ce29e0,2024-04-17T20:15:08.240000
CVE-2024-2702,0,0,d714950951d2438da53d97b453b8470335efdb106b4a3aaafe4c816e98d263df,2024-03-20T13:00:16.367000
@ -246065,8 +246106,8 @@ CVE-2024-31941,0,0,b8dc065fda42126e32d28a44ef547549a83996a827e764074359d3e3ec8c1
CVE-2024-31942,0,0,ceae4b513a0b6e905236b05cb5dd98d07a79c0420729857e9c51c87c35b65b17,2024-04-15T13:15:31.997000
CVE-2024-31943,0,0,d050ed16bd2fd56e0b74cc5712c1eb7ef94538d6cfa9c00022a6cfa048bd2dcc,2024-04-10T19:49:51.183000
CVE-2024-31944,0,0,d1cf01bee95ac2d1b4f198f30f665ce7f3dae041b6378dd5d37f86b95341e18f,2024-04-10T19:49:51.183000
CVE-2024-31948,0,1,61f6d35222c1e3f11e25e4eb10990c24f6ea2b07724ec51b46fb0ba4b709b0cc,2024-04-28T07:15:08.843000
CVE-2024-31949,0,1,d55253e38f8bc425df8f875d525d4d6b96cb3180b7d665ec7de9778e227e2105,2024-04-28T07:15:08.917000
CVE-2024-31948,0,0,61f6d35222c1e3f11e25e4eb10990c24f6ea2b07724ec51b46fb0ba4b709b0cc,2024-04-28T07:15:08.843000
CVE-2024-31949,0,0,d55253e38f8bc425df8f875d525d4d6b96cb3180b7d665ec7de9778e227e2105,2024-04-28T07:15:08.917000
CVE-2024-31950,0,0,6cefb0ca8246a802eee33ecaeabf30a3794c53c92173f69e19945e3bf38104d7,2024-04-08T18:48:40.217000
CVE-2024-31951,0,0,a02cb6e83819b8aefe87f14fcbaf10a3986c9b6174676e08f67eb54fe256f190,2024-04-08T18:48:40.217000
CVE-2024-31978,0,0,905fe24a9cf546b211ed3cfae7258dc772856eb0550beb1f55c95bc3799601d2,2024-04-09T12:48:04.090000

Can't render this file because it is too large.