diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json new file mode 100644 index 00000000000..a4b26aee84f --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2021-47622", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.400", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: Fix a deadlock in the error handler\n\nThe following deadlock has been observed on a test setup:\n\n - All tags allocated\n\n - The SCSI error handler calls ufshcd_eh_host_reset_handler()\n\n - ufshcd_eh_host_reset_handler() queues work that calls\n ufshcd_err_handler()\n\n - ufshcd_err_handler() locks up as follows:\n\nWorkqueue: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt\nCall trace:\n __switch_to+0x298/0x5d8\n __schedule+0x6cc/0xa94\n schedule+0x12c/0x298\n blk_mq_get_tag+0x210/0x480\n __blk_mq_alloc_request+0x1c8/0x284\n blk_get_request+0x74/0x134\n ufshcd_exec_dev_cmd+0x68/0x640\n ufshcd_verify_dev_init+0x68/0x35c\n ufshcd_probe_hba+0x12c/0x1cb8\n ufshcd_host_reset_and_restore+0x88/0x254\n ufshcd_reset_and_restore+0xd0/0x354\n ufshcd_err_handler+0x408/0xc58\n process_one_work+0x24c/0x66c\n worker_thread+0x3e8/0xa4c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nFix this lockup by making ufshcd_exec_dev_cmd() allocate a reserved\nrequest." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/945c3cca05d78351bba29fa65d93834cb7934c7b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d69d98d8edf90e25e4e09930dd36dd6d09dd6768", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47623.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47623.json new file mode 100644 index 00000000000..ed168a0546c --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47623.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2021-47623", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.483", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/fixmap: Fix VM debug warning on unmap\n\nUnmapping a fixmap entry is done by calling __set_fixmap()\nwith FIXMAP_PAGE_CLEAR as flags.\n\nToday, powerpc __set_fixmap() calls map_kernel_page().\n\nmap_kernel_page() is not happy when called a second time\nfor the same page.\n\n\tWARNING: CPU: 0 PID: 1 at arch/powerpc/mm/pgtable.c:194 set_pte_at+0xc/0x1e8\n\tCPU: 0 PID: 1 Comm: swapper Not tainted 5.16.0-rc3-s3k-dev-01993-g350ff07feb7d-dirty #682\n\tNIP: c0017cd4 LR: c00187f0 CTR: 00000010\n\tREGS: e1011d50 TRAP: 0700 Not tainted (5.16.0-rc3-s3k-dev-01993-g350ff07feb7d-dirty)\n\tMSR: 00029032 CR: 42000208 XER: 00000000\n\n\tGPR00: c0165fec e1011e10 c14c0000 c0ee2550 ff800000 c0f3d000 00000000 c001686c\n\tGPR08: 00001000 b00045a9 00000001 c0f58460 c0f50000 00000000 c0007e10 00000000\n\tGPR16: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n\tGPR24: 00000000 00000000 c0ee2550 00000000 c0f57000 00000ff8 00000000 ff800000\n\tNIP [c0017cd4] set_pte_at+0xc/0x1e8\n\tLR [c00187f0] map_kernel_page+0x9c/0x100\n\tCall Trace:\n\t[e1011e10] [c0736c68] vsnprintf+0x358/0x6c8 (unreliable)\n\t[e1011e30] [c0165fec] __set_fixmap+0x30/0x44\n\t[e1011e40] [c0c13bdc] early_iounmap+0x11c/0x170\n\t[e1011e70] [c0c06cb0] ioremap_legacy_serial_console+0x88/0xc0\n\t[e1011e90] [c0c03634] do_one_initcall+0x80/0x178\n\t[e1011ef0] [c0c0385c] kernel_init_freeable+0xb4/0x250\n\t[e1011f20] [c0007e34] kernel_init+0x24/0x140\n\t[e1011f30] [c0016268] ret_from_kernel_thread+0x5c/0x64\n\tInstruction dump:\n\t7fe3fb78 48019689 80010014 7c630034 83e1000c 5463d97e 7c0803a6 38210010\n\t4e800020 81250000 712a0001 41820008 <0fe00000> 9421ffe0 93e1001c 48000030\n\nImplement unmap_kernel_page() which clears an existing pte." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/033fd42c18d9b2121595b6f1e8419a115f9ac5b7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/43ae0ccc4d2722b833fb59b905af129428e06d03", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/67baac10dd5ad1e9f50e8f2659984b3b0728d54e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aec982603aa8cc0a21143681feb5f60ecc69d718", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json new file mode 100644 index 00000000000..1e259c600aa --- /dev/null +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2021-47624", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.553", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change\n\nThe refcount leak issues take place in an error handling path. When the\n3rd argument buf doesn't match with \"offline\", \"online\" or \"remove\", the\nfunction simply returns -EINVAL and forgets to decrease the reference\ncount of a rpc_xprt object and a rpc_xprt_switch object increased by\nrpc_sysfs_xprt_kobj_get_xprt() and\nrpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of\nboth unused objects.\n\nFix this issue by jumping to the error handling path labelled with\nout_put when buf matches none of \"offline\", \"online\" or \"remove\"." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json new file mode 100644 index 00000000000..8bee34b2793 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48773", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.640", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create\n\nIf there are failures then we must not leave the non-NULL pointers with\nthe error value, otherwise `rpcrdma_ep_destroy` gets confused and tries\nfree them, resulting in an Oops." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48774.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48774.json new file mode 100644 index 00000000000..0c6006afb03 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48774.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48774", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.717", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ptdma: Fix the error handling path in pt_core_init()\n\nIn order to free resources correctly in the error handling path of\npt_core_init(), 2 goto's have to be switched. Otherwise, some resources\nwill leak and we will try to release things that have not been allocated\nyet.\n\nAlso move a dev_err() to a place where it is more meaningful." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3c62fd3406e0b2277c76a6984d3979c7f3f1d129", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3e41445287afa3cf6d572778e5aab31d25e60a8d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d7de1e4820c5a42441ff7276174c8c0e63575c1b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json new file mode 100644 index 00000000000..750cbe90c58 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2022-48775", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.793", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()?\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix memory leak by calling kobject_put()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48776.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48776.json new file mode 100644 index 00000000000..0cda9bd0b1e --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48776.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48776", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.867", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: parsers: qcom: Fix missing free for pparts in cleanup\n\nMtdpart doesn't free pparts when a cleanup function is declared.\nAdd missing free for pparts in cleanup function for smem to fix the\nleak." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json new file mode 100644 index 00000000000..cd6ebd3f33d --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48777", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:02.940", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: parsers: qcom: Fix kernel panic on skipped partition\n\nIn the event of a skipped partition (case when the entry name is empty)\nthe kernel panics in the cleanup function as the name entry is NULL.\nRework the parser logic by first checking the real partition number and\nthen allocate the space and set the data for the valid partitions.\n\nThe logic was also fundamentally wrong as with a skipped partition, the\nparts number returned was incorrect by not decreasing it for the skipped\npartitions." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/65d003cca335cabc0160d3cd7daa689eaa9dd3cd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2995fe23095ceda2dc382fbe057f5e164595548", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb03cb6e03ffd9173e18e5fe87e4e3ce83820453", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json new file mode 100644 index 00000000000..6d8d0ebc4fd --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48778", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.010", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: gpmi: don't leak PM reference in error path\n\nIf gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be\ndropped." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4a7ec50298b1127c5024a750c969ea0794899545", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4cd3281a910a5adf73b2a0a82241dd67844d0b25", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/58d3111eafce9e4398654b07f0b1dac27f26ee5b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9161f365c91614e5a3f5c6dcc44c3b1b33bc59c0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a4eeeaca50199e3f19eb13ac3b7e0bbb93e22de4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48779.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48779.json new file mode 100644 index 00000000000..ce44fa6eedc --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48779.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48779", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.077", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mscc: ocelot: fix use-after-free in ocelot_vlan_del()\n\nocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if\nthis is the same as the port's pvid_vlan which we access afterwards,\nwhat we're accessing is freed memory.\n\nFix the bug by determining whether to clear ocelot_port->pvid_vlan prior\nto calling ocelot_vlan_member_del()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/c98bed60cdd7f22237ae256cc9c1c3087206b8a2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ef57640575406f57f5b3393cf57f457b0ace837e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48780.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48780.json new file mode 100644 index 00000000000..de8a00c8381 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48780.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48780", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.143", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Avoid overwriting the copies of clcsock callback functions\n\nThe callback functions of clcsock will be saved and replaced during\nthe fallback. But if the fallback happens more than once, then the\ncopies of these callback functions will be overwritten incorrectly,\nresulting in a loop call issue:\n\nclcsk->sk_error_report\n |- smc_fback_error_report() <------------------------------|\n |- smc_fback_forward_wakeup() | (loop)\n |- clcsock_callback() (incorrectly overwritten) |\n |- smc->clcsk_error_report() ------------------|\n\nSo this patch fixes the issue by saving these function pointers only\nonce in the fallback and avoiding overwriting." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1de9770d121ee9294794cca0e0be8fbfa0134ee8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7de7ba7a8bd4fde0141de8674c13514d0072f0e6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f00b6c976ae0dfbd9b891175f713f59095d23842", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48781.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48781.json new file mode 100644 index 00000000000..ff03969ad15 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48781.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48781", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.217", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - get rid of alg_memory_allocated\n\nalg_memory_allocated does not seem to be really used.\n\nalg_proto does have a .memory_allocated field, but no\ncorresponding .sysctl_mem.\n\nThis means sk_has_account() returns true, but all sk_prot_mem_limits()\nusers will trigger a NULL dereference [1].\n\nTHis was not a problem until SO_RESERVE_MEM addition.\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 PID: 3591 Comm: syz-executor153 Not tainted 5.17.0-rc3-syzkaller-00316-gb81b1829e7e3 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:sk_prot_mem_limits include/net/sock.h:1523 [inline]\nRIP: 0010:sock_reserve_memory+0x1d7/0x330 net/core/sock.c:1000\nCode: 08 00 74 08 48 89 ef e8 27 20 bb f9 4c 03 7c 24 10 48 8b 6d 00 48 83 c5 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 fb 1f bb f9 48 8b 6d 00 4c 89 ff 48\nRSP: 0018:ffffc90001f1fb68 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffff88814aabc000 RCX: dffffc0000000000\nRDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff90e18120\nRBP: 0000000000000008 R08: dffffc0000000000 R09: fffffbfff21c3025\nR10: fffffbfff21c3025 R11: 0000000000000000 R12: ffffffff8d109840\nR13: 0000000000001002 R14: 0000000000000001 R15: 0000000000000001\nFS: 0000555556e08300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fc74416f130 CR3: 0000000073d9e000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n sock_setsockopt+0x14a9/0x3a30 net/core/sock.c:1446\n __sys_setsockopt+0x5af/0x980 net/socket.c:2176\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xb1/0xc0 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fc7440fddc9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe98f07968 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc7440fddc9\nRDX: 0000000000000049 RSI: 0000000000000001 RDI: 0000000000000004\nRBP: 0000000000000000 R08: 0000000000000004 R09: 00007ffe98f07990\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007ffe98f0798c\nR13: 00007ffe98f079a0 R14: 00007ffe98f079e0 R15: 0000000000000000\n \nModules linked in:\n---[ end trace 0000000000000000 ]---\nRIP: 0010:sk_prot_mem_limits include/net/sock.h:1523 [inline]\nRIP: 0010:sock_reserve_memory+0x1d7/0x330 net/core/sock.c:1000\nCode: 08 00 74 08 48 89 ef e8 27 20 bb f9 4c 03 7c 24 10 48 8b 6d 00 48 83 c5 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 fb 1f bb f9 48 8b 6d 00 4c 89 ff 48\nRSP: 0018:ffffc90001f1fb68 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffff88814aabc000 RCX: dffffc0000000000\nRDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff90e18120\nRBP: 0000000000000008 R08: dffffc0000000000 R09: fffffbfff21c3025\nR10: fffffbfff21c3025 R11: 0000000000000000 R12: ffffffff8d109840\nR13: 0000000000001002 R14: 0000000000000001 R15: 0000000000000001\nFS: 0000555556e08300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fc74416f130 CR3: 0000000073d9e000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/25206111512de994dfc914f5b2972a22aa904ef3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9d06f489b9e901580159e21fdc29f73df7ed08dc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48782.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48782.json new file mode 100644 index 00000000000..6a0b660dbe0 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48782.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48782", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.290", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: fix use after free\n\nClang static analysis reports this problem\nroute.c:425:4: warning: Use of memory after it is freed\n trace_mctp_key_acquire(key);\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~\nWhen mctp_key_add() fails, key is freed but then is later\nused in trace_mctp_key_acquire(). Add an else statement\nto use the key only when mctp_key_add() is successful." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1dd3ecbec5f606b2a526c47925c8634b1a6bb81e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7e5b6a5c8c44310784c88c1c198dde79f6402f7b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48783.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48783.json new file mode 100644 index 00000000000..2124d2476b7 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48783.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48783", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.350", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: lantiq_gswip: fix use after free in gswip_remove()\n\nof_node_put(priv->ds->slave_mii_bus->dev.of_node) should be\ndone before mdiobus_free(priv->ds->slave_mii_bus)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/8c6ae46150a453f8ae9a6cd49b45f354f478587d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c61f599b8d33adfa256126a6695c734c0de331cb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/df2495f329b08ac0d0d3e6334a01955ae839005e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f48bd34137718042872d06f2c7332b3267a29165", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48784.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48784.json new file mode 100644 index 00000000000..ef7bc897e89 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48784.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48784", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.427", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: fix race in netlink owner interface destruction\n\nMy previous fix here to fix the deadlock left a race where\nthe exact same deadlock (see the original commit referenced\nbelow) can still happen if cfg80211_destroy_ifaces() already\nruns while nl80211_netlink_notify() is still marking some\ninterfaces as nl_owner_dead.\n\nThe race happens because we have two loops here - first we\ndev_close() all the netdevs, and then we destroy them. If we\nalso have two netdevs (first one need only be a wdev though)\nthen we can find one during the first iteration, close it,\nand go to the second iteration -- but then find two, and try\nto destroy also the one we didn't close yet.\n\nFix this by only iterating once." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/241e633cb379c4f332fc1baf2abec95ec840cbeb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c979f792a2baf6d0f3419587668a1a6eba46a3d2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0a6fd1527067da537e9c48390237488719948ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48785.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48785.json new file mode 100644 index 00000000000..5e4cac68450 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48785.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48785", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.493", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: use rcu-safe version of ipv6_get_lladdr()\n\nSome time ago 8965779d2c0e (\"ipv6,mcast: always hold idev->lock before mca_lock\")\nswitched ipv6_get_lladdr() to __ipv6_get_lladdr(), which is rcu-unsafe\nversion. That was OK, because idev->lock was held for these codepaths.\n\nIn 88e2ca308094 (\"mld: convert ifmcaddr6 to RCU\") these external locks were\nremoved, so we probably need to restore the original rcu-safe call.\n\nOtherwise, we occasionally get a machine crashed/stalled with the following\nin dmesg:\n\n[ 3405.966610][T230589] general protection fault, probably for non-canonical address 0xdead00000000008c: 0000 [#1] SMP NOPTI\n[ 3405.982083][T230589] CPU: 44 PID: 230589 Comm: kworker/44:3 Tainted: G O 5.15.19-cloudflare-2022.2.1 #1\n[ 3405.998061][T230589] Hardware name: SUPA-COOL-SERV\n[ 3406.009552][T230589] Workqueue: mld mld_ifc_work\n[ 3406.017224][T230589] RIP: 0010:__ipv6_get_lladdr+0x34/0x60\n[ 3406.025780][T230589] Code: 57 10 48 83 c7 08 48 89 e5 48 39 d7 74 3e 48 8d 82 38 ff ff ff eb 13 48 8b 90 d0 00 00 00 48 8d 82 38 ff ff ff 48 39 d7 74 22 <66> 83 78 32 20 77 1b 75 e4 89 ca 23 50 2c 75 dd 48 8b 50 08 48 8b\n[ 3406.055748][T230589] RSP: 0018:ffff94e4b3fc3d10 EFLAGS: 00010202\n[ 3406.065617][T230589] RAX: dead00000000005a RBX: ffff94e4b3fc3d30 RCX: 0000000000000040\n[ 3406.077477][T230589] RDX: dead000000000122 RSI: ffff94e4b3fc3d30 RDI: ffff8c3a31431008\n[ 3406.089389][T230589] RBP: ffff94e4b3fc3d10 R08: 0000000000000000 R09: 0000000000000000\n[ 3406.101445][T230589] R10: ffff8c3a31430000 R11: 000000000000000b R12: ffff8c2c37887100\n[ 3406.113553][T230589] R13: ffff8c3a39537000 R14: 00000000000005dc R15: ffff8c3a31431000\n[ 3406.125730][T230589] FS: 0000000000000000(0000) GS:ffff8c3b9fc80000(0000) knlGS:0000000000000000\n[ 3406.138992][T230589] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3406.149895][T230589] CR2: 00007f0dfea1db60 CR3: 000000387b5f2000 CR4: 0000000000350ee0\n[ 3406.162421][T230589] Call Trace:\n[ 3406.170235][T230589] \n[ 3406.177736][T230589] mld_newpack+0xfe/0x1a0\n[ 3406.186686][T230589] add_grhead+0x87/0xa0\n[ 3406.195498][T230589] add_grec+0x485/0x4e0\n[ 3406.204310][T230589] ? newidle_balance+0x126/0x3f0\n[ 3406.214024][T230589] mld_ifc_work+0x15d/0x450\n[ 3406.223279][T230589] process_one_work+0x1e6/0x380\n[ 3406.232982][T230589] worker_thread+0x50/0x3a0\n[ 3406.242371][T230589] ? rescuer_thread+0x360/0x360\n[ 3406.252175][T230589] kthread+0x127/0x150\n[ 3406.261197][T230589] ? set_kthread_struct+0x40/0x40\n[ 3406.271287][T230589] ret_from_fork+0x22/0x30\n[ 3406.280812][T230589] \n[ 3406.288937][T230589] Modules linked in: ... [last unloaded: kheaders]\n[ 3406.476714][T230589] ---[ end trace 3525a7655f2f3b9e ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/26394fc118d6115390bd5b3a0fb17096271da227", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/27f567c84f446048670376827e356f9c92033bf9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3e11ef1903cf6c2fba35594b193a3570854d9e9e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48786.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48786.json new file mode 100644 index 00000000000..aad96330fab --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48786.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48786", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.560", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: remove vsock from connected table when connect is interrupted by a signal\n\nvsock_connect() expects that the socket could already be in the\nTCP_ESTABLISHED state when the connecting task wakes up with a signal\npending. If this happens the socket will be in the connected table, and\nit is not removed when the socket state is reset. In this situation it's\ncommon for the process to retry connect(), and if the connection is\nsuccessful the socket will be added to the connected table a second\ntime, corrupting the list.\n\nPrevent this by calling vsock_remove_connected() if a signal is received\nwhile waiting for a connection. This is harmless if the socket is not in\nthe connected table, and if it is in the table then removing it will\nprevent list corruption from a double add.\n\nNote for backporting: this patch requires d5afa82c977e (\"vsock: correct\nremoval of socket from the list\"), which is in all current stable trees\nexcept 4.9.y." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0bb88f3f7e8d506f3efe46d694964117e20efbfc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2910bcb9f67551a45397735e47b6d456eb8cd549", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f326fe2aef411a6575628f92bd861463ea91df7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/787468ee7a435777521d33399d012fd591ae2f94", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/87cd1bbd6677411e17369cd4b7389ab1e1fdba44", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/addd62a8cb6fa90aa322365c62487da61f6baab8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9208492fcaecff8f43915529ae34b3bcb03877c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e3b3939fd137aab6d00d54bee0ee9244b286a608", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48787.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48787.json new file mode 100644 index 00000000000..8206f18e4bc --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48787.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2022-48787", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.633", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: fix use-after-free\n\nIf no firmware was present at all (or, presumably, all of the\nfirmware files failed to parse), we end up unbinding by calling\ndevice_release_driver(), which calls remove(), which then in\niwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. However\nthe new code I added will still erroneously access it after it\nwas freed.\n\nSet 'failure=false' in this case to avoid the access, all data\nwas already freed anyway." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/008508c16af0087cda0394e1ac6f0493b01b6063", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/494de920d98f125b099f27a2d274850750aff957", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7d6475179b85a83186ccce59cdc359d4f07d0bcb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9958b9cbb22145295ee1ffaea0904c383da2c05d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bea2662e7818e15d7607d17d57912ac984275d94", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d3b98fe36f8a06ce654049540773256ab59cb53d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ddd46059f7d99119b62d44c519df7a79f2e6a515", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48788.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48788.json new file mode 100644 index 00000000000..52f5ad0df73 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48788.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2022-48788", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.703", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: fix possible use-after-free in transport error_recovery work\n\nWhile nvme_rdma_submit_async_event_work is checking the ctrl and queue\nstate before preparing the AER command and scheduling io_work, in order\nto fully prevent a race where this check is not reliable the error\nrecovery work must flush async_event_work before continuing to destroy\nthe admin queue after setting the ctrl state to RESETTING such that\nthere is no race .submit_async_event and the error recovery handler\nitself changing the ctrl state." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/324f5bdc52ecb6a6dadb31a62823ef8c709d1439", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5593f72d1922403c11749532e3a0aa4cf61414e9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/646952b2210f19e584d2bf9eb5d092abdca2fcc1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b6bb1722f34bbdbabed27acdceaf585d300c5fd2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d411b2a5da68b8a130c23097014434ac140a2ace", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ea86027ac467a055849c4945906f799e7f65ab99", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48789.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48789.json new file mode 100644 index 00000000000..ed9e218e6b6 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48789.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48789", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.773", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix possible use-after-free in transport error_recovery work\n\nWhile nvme_tcp_submit_async_event_work is checking the ctrl and queue\nstate before preparing the AER command and scheduling io_work, in order\nto fully prevent a race where this check is not reliable the error\nrecovery work must flush async_event_work before continuing to destroy\nthe admin queue after setting the ctrl state to RESETTING such that\nthere is no race .submit_async_event and the error recovery handler\nitself changing the ctrl state." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5e42fca37ccc76f39f73732661bd47254cad5982", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61a26ffd5ad3ece456d74c4c79f7b5e3f440a141", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bb0d8fb35c4ff00a503c2c4dca4cce8d102a21c4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e192184cf8bce8dd55d619f5611a2eaba996fa05", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff9fc7ebf5c06de1ef72a69f9b1ab40af8b07f9e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48790.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48790.json new file mode 100644 index 00000000000..ffe45bb9eea --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48790.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2022-48790", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.843", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix a possible use-after-free in controller reset during load\n\nUnlike .queue_rq, in .submit_async_event drivers may not check the ctrl\nreadiness for AER submission. This may lead to a use-after-free\ncondition that was observed with nvme-tcp.\n\nThe race condition may happen in the following scenario:\n1. driver executes its reset_ctrl_work\n2. -> nvme_stop_ctrl - flushes ctrl async_event_work\n3. ctrl sends AEN which is received by the host, which in turn\n schedules AEN handling\n4. teardown admin queue (which releases the queue socket)\n5. AEN processed, submits another AER, calling the driver to submit\n6. driver attempts to send the cmd\n==> use-after-free\n\nIn order to fix that, add ctrl state check to validate the ctrl\nis actually able to accept the AER submission.\n\nThis addresses the above race in controller resets because the driver\nduring teardown should:\n1. change ctrl state to RESETTING\n2. flush async_event_work (as well as other async work elements)\n\nSo after 1,2, any other AER command will find the\nctrl state to be RESETTING and bail out without submitting the AER." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ead57ceb21bbf15963b4874c2ac67143455382f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0fa0f99fc84e41057cbdd2efbfe91c6b2f47dd9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70356b756a58704e5c8818cb09da5854af87e765", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9e956a2596ae276124ef0d96829c013dd0faf861", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a25e460fbb0340488d119fb2e28fe3f829b7417e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e043fb5a0336ee74614e26f0d9f36f1f5bb6d606", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48791.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48791.json new file mode 100644 index 00000000000..0ae8c8556ba --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48791.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48791", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.910", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm8001: Fix use-after-free for aborted TMF sas_task\n\nCurrently a use-after-free may occur if a TMF sas_task is aborted before we\nhandle the IO completion in mpi_ssp_completion(). The abort occurs due to\ntimeout.\n\nWhen the timeout occurs, the SAS_TASK_STATE_ABORTED flag is set and the\nsas_task is freed in pm8001_exec_internal_tmf_task().\n\nHowever, if the I/O completion occurs later, the I/O completion still\nthinks that the sas_task is available. Fix this by clearing the ccb->task\nif the TMF times out - the I/O completion handler does nothing if this\npointer is cleared." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3c334cdfd94945b8edb94022a0371a8665b17366", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/510b21442c3a2e3ecc071ba3e666b320e7acdd61", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61f162aa4381845acbdc7f2be4dfb694d027c018", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d872e7b5fe38f325f5206b6872746fa02c2b4819", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48792.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48792.json new file mode 100644 index 00000000000..bf562349761 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48792.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48792", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:03.983", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task\n\nCurrently a use-after-free may occur if a sas_task is aborted by the upper\nlayer before we handle the I/O completion in mpi_ssp_completion() or\nmpi_sata_completion().\n\nIn this case, the following are the two steps in handling those I/O\ncompletions:\n\n - Call complete() to inform the upper layer handler of completion of\n the I/O.\n\n - Release driver resources associated with the sas_task in\n pm8001_ccb_task_free() call.\n\nWhen complete() is called, the upper layer may free the sas_task. As such,\nwe should not touch the associated sas_task afterwards, but we do so in the\npm8001_ccb_task_free() call.\n\nFix by swapping the complete() and pm8001_ccb_task_free() calls ordering." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/d9d93f32534a0a80a1c26bdb0746d90a7b19c2c2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/df7abcaa1246e2537ab4016077b5443bb3c09378", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f61f9fccb2cb4bb275674a79d638704db6bc2171", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe9ac3eaa2e387a5742b380b73a5a6bc237bf184", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48793.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48793.json new file mode 100644 index 00000000000..956b119d0fb --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48793.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48793", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.067", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: nSVM: fix potential NULL derefernce on nested migration\n\nTurns out that due to review feedback and/or rebases\nI accidentally moved the call to nested_svm_load_cr3 to be too early,\nbefore the NPT is enabled, which is very wrong to do.\n\nKVM can't even access guest memory at that point as nested NPT\nis needed for that, and of course it won't initialize the walk_mmu,\nwhich is main issue the patch was addressing.\n\nFix this for real." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/352193edda48e08e8824a7ece09aec830a603cfe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/74b426bea4f7e3b081add2b88d4fba16d3af7ab6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e1779c2714c3023e4629825762bcbc43a3b943df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48794.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48794.json new file mode 100644 index 00000000000..72e1a4d02ee --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48794.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48794", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.147", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: at86rf230: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. In the Tx case we then leak\nthe skb structure.\n\nFree the skb structure upon error before returning when appropriate.\n\nAs the 'is_tx = 0' cannot be moved in the complete handler because of a\npossible race between the delay in switching to STATE_RX_AACK_ON and a\nnew interrupt, we introduce an intermediate 'was_tx' boolean just for\nthis purpose.\n\nThere is no Fixes tag applying here, many changes have been made on this\narea and the issue kind of always existed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48795.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48795.json new file mode 100644 index 00000000000..98701ee4e5d --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48795.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48795", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.220", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: Fix data TLB miss in sba_unmap_sg\n\nRolf Eike Beer reported the following bug:\n\n[1274934.746891] Bad Address (null pointer deref?): Code=15 (Data TLB miss fault) at addr 0000004140000018\n[1274934.746891] CPU: 3 PID: 5549 Comm: cmake Not tainted 5.15.4-gentoo-parisc64 #4\n[1274934.746891] Hardware name: 9000/785/C8000\n[1274934.746891]\n[1274934.746891] YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n[1274934.746891] PSW: 00001000000001001111111000001110 Not tainted\n[1274934.746891] r00-03 000000ff0804fe0e 0000000040bc9bc0 00000000406760e4 0000004140000000\n[1274934.746891] r04-07 0000000040b693c0 0000004140000000 000000004a2b08b0 0000000000000001\n[1274934.746891] r08-11 0000000041f98810 0000000000000000 000000004a0a7000 0000000000000001\n[1274934.746891] r12-15 0000000040bddbc0 0000000040c0cbc0 0000000040bddbc0 0000000040bddbc0\n[1274934.746891] r16-19 0000000040bde3c0 0000000040bddbc0 0000000040bde3c0 0000000000000007\n[1274934.746891] r20-23 0000000000000006 000000004a368950 0000000000000000 0000000000000001\n[1274934.746891] r24-27 0000000000001fff 000000000800000e 000000004a1710f0 0000000040b693c0\n[1274934.746891] r28-31 0000000000000001 0000000041f988b0 0000000041f98840 000000004a171118\n[1274934.746891] sr00-03 00000000066e5800 0000000000000000 0000000000000000 00000000066e5800\n[1274934.746891] sr04-07 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n[1274934.746891]\n[1274934.746891] IASQ: 0000000000000000 0000000000000000 IAOQ: 00000000406760e8 00000000406760ec\n[1274934.746891] IIR: 48780030 ISR: 0000000000000000 IOR: 0000004140000018\n[1274934.746891] CPU: 3 CR30: 00000040e3a9c000 CR31: ffffffffffffffff\n[1274934.746891] ORIG_R28: 0000000040acdd58\n[1274934.746891] IAOQ[0]: sba_unmap_sg+0xb0/0x118\n[1274934.746891] IAOQ[1]: sba_unmap_sg+0xb4/0x118\n[1274934.746891] RP(r2): sba_unmap_sg+0xac/0x118\n[1274934.746891] Backtrace:\n[1274934.746891] [<00000000402740cc>] dma_unmap_sg_attrs+0x6c/0x70\n[1274934.746891] [<000000004074d6bc>] scsi_dma_unmap+0x54/0x60\n[1274934.746891] [<00000000407a3488>] mptscsih_io_done+0x150/0xd70\n[1274934.746891] [<0000000040798600>] mpt_interrupt+0x168/0xa68\n[1274934.746891] [<0000000040255a48>] __handle_irq_event_percpu+0xc8/0x278\n[1274934.746891] [<0000000040255c34>] handle_irq_event_percpu+0x3c/0xd8\n[1274934.746891] [<000000004025ecb4>] handle_percpu_irq+0xb4/0xf0\n[1274934.746891] [<00000000402548e0>] generic_handle_irq+0x50/0x70\n[1274934.746891] [<000000004019a254>] call_on_stack+0x18/0x24\n[1274934.746891]\n[1274934.746891] Kernel panic - not syncing: Bad Address (null pointer deref?)\n\nThe bug is caused by overrunning the sglist and incorrectly testing\nsg_dma_len(sglist) before nents. Normally this doesn't cause a crash,\nbut in this case sglist crossed a page boundary. This occurs in the\nfollowing code:\n\n\twhile (sg_dma_len(sglist) && nents--) {\n\nThe fix is simply to test nents first and move the decrement of nents\ninto the loop." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/867e50231c7605547d9334904d70a181f39f2d9e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8c8e949ae81e7f5ab58f9f9f8e9b573b93173dd2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7d6f44a0fa716a82969725516dc0b16bc7cd514", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/de75676ee99bf9f25b1124ff301b3f7b8ba597d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e40ae3133ed87d6d526f3c8fc6a5f9a2d72dcdbf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/efccc9b0c7e28d0eb7918a236e59f60dc23db4c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f23f0444ead4d941165aa82ce2fcbb997dc00e97", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8f519d7df66c334b5e08f896ac70ee3b53add3b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48796.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48796.json new file mode 100644 index 00000000000..a4881e1d6b4 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48796.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48796", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.293", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix potential use-after-free during probe\n\nKasan has reported the following use after free on dev->iommu.\nwhen a device probe fails and it is in process of freeing dev->iommu\nin dev_iommu_free function, a deferred_probe_work_func runs in parallel\nand tries to access dev->iommu->fwspec in of_iommu_configure path thus\ncausing use after free.\n\nBUG: KASAN: use-after-free in of_iommu_configure+0xb4/0x4a4\nRead of size 8 at addr ffffff87a2f1acb8 by task kworker/u16:2/153\n\nWorkqueue: events_unbound deferred_probe_work_func\nCall trace:\n dump_backtrace+0x0/0x33c\n show_stack+0x18/0x24\n dump_stack_lvl+0x16c/0x1e0\n print_address_description+0x84/0x39c\n __kasan_report+0x184/0x308\n kasan_report+0x50/0x78\n __asan_load8+0xc0/0xc4\n of_iommu_configure+0xb4/0x4a4\n of_dma_configure_id+0x2fc/0x4d4\n platform_dma_configure+0x40/0x5c\n really_probe+0x1b4/0xb74\n driver_probe_device+0x11c/0x228\n __device_attach_driver+0x14c/0x304\n bus_for_each_drv+0x124/0x1b0\n __device_attach+0x25c/0x334\n device_initial_probe+0x24/0x34\n bus_probe_device+0x78/0x134\n deferred_probe_work_func+0x130/0x1a8\n process_one_work+0x4c8/0x970\n worker_thread+0x5c8/0xaec\n kthread+0x1f8/0x220\n ret_from_fork+0x10/0x18\n\nAllocated by task 1:\n ____kasan_kmalloc+0xd4/0x114\n __kasan_kmalloc+0x10/0x1c\n kmem_cache_alloc_trace+0xe4/0x3d4\n __iommu_probe_device+0x90/0x394\n probe_iommu_group+0x70/0x9c\n bus_for_each_dev+0x11c/0x19c\n bus_iommu_probe+0xb8/0x7d4\n bus_set_iommu+0xcc/0x13c\n arm_smmu_bus_init+0x44/0x130 [arm_smmu]\n arm_smmu_device_probe+0xb88/0xc54 [arm_smmu]\n platform_drv_probe+0xe4/0x13c\n really_probe+0x2c8/0xb74\n driver_probe_device+0x11c/0x228\n device_driver_attach+0xf0/0x16c\n __driver_attach+0x80/0x320\n bus_for_each_dev+0x11c/0x19c\n driver_attach+0x38/0x48\n bus_add_driver+0x1dc/0x3a4\n driver_register+0x18c/0x244\n __platform_driver_register+0x88/0x9c\n init_module+0x64/0xff4 [arm_smmu]\n do_one_initcall+0x17c/0x2f0\n do_init_module+0xe8/0x378\n load_module+0x3f80/0x4a40\n __se_sys_finit_module+0x1a0/0x1e4\n __arm64_sys_finit_module+0x44/0x58\n el0_svc_common+0x100/0x264\n do_el0_svc+0x38/0xa4\n el0_svc+0x20/0x30\n el0_sync_handler+0x68/0xac\n el0_sync+0x160/0x180\n\nFreed by task 1:\n kasan_set_track+0x4c/0x84\n kasan_set_free_info+0x28/0x4c\n ____kasan_slab_free+0x120/0x15c\n __kasan_slab_free+0x18/0x28\n slab_free_freelist_hook+0x204/0x2fc\n kfree+0xfc/0x3a4\n __iommu_probe_device+0x284/0x394\n probe_iommu_group+0x70/0x9c\n bus_for_each_dev+0x11c/0x19c\n bus_iommu_probe+0xb8/0x7d4\n bus_set_iommu+0xcc/0x13c\n arm_smmu_bus_init+0x44/0x130 [arm_smmu]\n arm_smmu_device_probe+0xb88/0xc54 [arm_smmu]\n platform_drv_probe+0xe4/0x13c\n really_probe+0x2c8/0xb74\n driver_probe_device+0x11c/0x228\n device_driver_attach+0xf0/0x16c\n __driver_attach+0x80/0x320\n bus_for_each_dev+0x11c/0x19c\n driver_attach+0x38/0x48\n bus_add_driver+0x1dc/0x3a4\n driver_register+0x18c/0x244\n __platform_driver_register+0x88/0x9c\n init_module+0x64/0xff4 [arm_smmu]\n do_one_initcall+0x17c/0x2f0\n do_init_module+0xe8/0x378\n load_module+0x3f80/0x4a40\n __se_sys_finit_module+0x1a0/0x1e4\n __arm64_sys_finit_module+0x44/0x58\n el0_svc_common+0x100/0x264\n do_el0_svc+0x38/0xa4\n el0_svc+0x20/0x30\n el0_sync_handler+0x68/0xac\n el0_sync+0x160/0x180\n\nFix this by setting dev->iommu to NULL first and\nthen freeing dev_iommu structure in dev_iommu_free\nfunction." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/65ab30f6a6952fa9ee13009862736cf8d110e6e5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b54240ad494300ff0994c4539a531727874381f4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cb86e511e78e796de6947b8f3acca1b7c76fb2ff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f74fc4b5bd533ea3d30ce47cccb8ef8d21fda85a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48797.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48797.json new file mode 100644 index 00000000000..f0927757c84 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48797.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48797", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.360", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: don't try to NUMA-migrate COW pages that have other uses\n\nOded Gabbay reports that enabling NUMA balancing causes corruption with\nhis Gaudi accelerator test load:\n\n \"All the details are in the bug, but the bottom line is that somehow,\n this patch causes corruption when the numa balancing feature is\n enabled AND we don't use process affinity AND we use GUP to pin pages\n so our accelerator can DMA to/from system memory.\n\n Either disabling numa balancing, using process affinity to bind to\n specific numa-node or reverting this patch causes the bug to\n disappear\"\n\nand Oded bisected the issue to commit 09854ba94c6a (\"mm: do_wp_page()\nsimplification\").\n\nNow, the NUMA balancing shouldn't actually be changing the writability\nof a page, and as such shouldn't matter for COW. But it appears it\ndoes. Suspicious.\n\nHowever, regardless of that, the condition for enabling NUMA faults in\nchange_pte_range() is nonsensical. It uses \"page_mapcount(page)\" to\ndecide if a COW page should be NUMA-protected or not, and that makes\nabsolutely no sense.\n\nThe number of mappings a page has is irrelevant: not only does GUP get a\nreference to a page as in Oded's case, but the other mappings migth be\npaged out and the only reference to them would be in the page count.\n\nSince we should never try to NUMA-balance a page that we can't move\nanyway due to other references, just fix the code to use 'page_count()'.\nOded confirms that that fixes his issue.\n\nNow, this does imply that something in NUMA balancing ends up changing\npage protections (other than the obvious one of making the page\ninaccessible to get the NUMA faulting information). Otherwise the COW\nsimplification wouldn't matter - since doing the GUP on the page would\nmake sure it's writable.\n\nThe cause of that permission change would be good to figure out too,\nsince it clearly results in spurious COW events - but fixing the\nnonsensical test that just happened to work before is obviously the\nCorrectThing(tm) to do regardless." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/254090925e16abd914c87b4ad1b489440d89c4c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80d47f5de5e311cbc0d01ebb6ee684e8f4c196c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b3dc4b9d3ca68b370c4aeab5355007eedf948849", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d187eeb02d18446e5e54ed6bcbf8b47e6551daea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48798.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48798.json new file mode 100644 index 00000000000..988b134f933 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48798.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48798", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.430", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cio: verify the driver availability for path_event call\n\nIf no driver is attached to a device or the driver does not provide the\npath_event function, an FCES path-event on this device could end up in a\nkernel-panic. Verify the driver availability before the path_event\nfunction call." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/a0619027f11590b2070624297530c34dc7f91bcd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dd9cb842fa9d90653a9b48aba52f89c069f3bc50", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe990b7bf6ac93f1d850d076b8f0e758268aa4ab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48799.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48799.json new file mode 100644 index 00000000000..d8d18686139 --- /dev/null +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48799.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2022-48799", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.490", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix list corruption in perf_cgroup_switch()\n\nThere's list corruption on cgrp_cpuctx_list. This happens on the\nfollowing path:\n\n perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list)\n cpu_ctx_sched_in\n ctx_sched_in\n ctx_pinned_sched_in\n merge_sched_in\n perf_cgroup_event_disable: remove the event from the list\n\nUse list_for_each_entry_safe() to allow removing an entry during\niteration." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2142bc1469a316fddd10012d76428f7265258f81", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/30d9f3cbe47e1018ddc8069ac5b5c9e66fbdf727", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5d76ed4223403f90421782adb2f20a9ecbc93186", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f4e5ce638e6a490b976ade4a40017b40abb2da0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7969fe91c9830e045901970e9d755b7505881d4a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2ed7b29d0673ba361546e2d87dbbed149456c45", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f6b5d51976fcefef5732da3e3feb3ccff680f7c8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48800.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48800.json new file mode 100644 index 00000000000..b0657bf340d --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48800.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48800", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.563", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: vmscan: remove deadlock due to throttling failing to make progress\n\nA soft lockup bug in kcompactd was reported in a private bugzilla with\nthe following visible in dmesg;\n\n watchdog: BUG: soft lockup - CPU#33 stuck for 26s! [kcompactd0:479]\n watchdog: BUG: soft lockup - CPU#33 stuck for 52s! [kcompactd0:479]\n watchdog: BUG: soft lockup - CPU#33 stuck for 78s! [kcompactd0:479]\n watchdog: BUG: soft lockup - CPU#33 stuck for 104s! [kcompactd0:479]\n\nThe machine had 256G of RAM with no swap and an earlier failed\nallocation indicated that node 0 where kcompactd was run was potentially\nunreclaimable;\n\n Node 0 active_anon:29355112kB inactive_anon:2913528kB active_file:0kB\n inactive_file:0kB unevictable:64kB isolated(anon):0kB isolated(file):0kB\n mapped:8kB dirty:0kB writeback:0kB shmem:26780kB shmem_thp:\n 0kB shmem_pmdmapped: 0kB anon_thp: 23480320kB writeback_tmp:0kB\n kernel_stack:2272kB pagetables:24500kB all_unreclaimable? yes\n\nVlastimil Babka investigated a crash dump and found that a task\nmigrating pages was trying to drain PCP lists;\n\n PID: 52922 TASK: ffff969f820e5000 CPU: 19 COMMAND: \"kworker/u128:3\"\n Call Trace:\n __schedule\n schedule\n schedule_timeout\n wait_for_completion\n __flush_work\n __drain_all_pages\n __alloc_pages_slowpath.constprop.114\n __alloc_pages\n alloc_migration_target\n migrate_pages\n migrate_to_node\n do_migrate_pages\n cpuset_migrate_mm_workfn\n process_one_work\n worker_thread\n kthread\n ret_from_fork\n\nThis failure is specific to CONFIG_PREEMPT=n builds. The root of the\nproblem is that kcompact0 is not rescheduling on a CPU while a task that\nhas isolated a large number of the pages from the LRU is waiting on\nkcompact0 to reschedule so the pages can be released. While\nshrink_inactive_list() only loops once around too_many_isolated, reclaim\ncan continue without rescheduling if sc->skipped_deactivate == 1 which\ncould happen if there was no file LRU and the inactive anon list was not\nlow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3980cff6349687f73d5109f156f23cb261c24164", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b485c6f1f9f54b81443efda5f3d8a5036ba2cd91", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48801.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48801.json new file mode 100644 index 00000000000..5d2e6b1cd68 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48801.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48801", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.630", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL\n\nIf we fail to copy the just created file descriptor to userland, we\ntry to clean up by putting back 'fd' and freeing 'ib'. The code uses\nput_unused_fd() for the former which is wrong, as the file descriptor\nwas already published by fd_install() which gets called internally by\nanon_inode_getfd().\n\nThis makes the error handling code leaving a half cleaned up file\ndescriptor table around and a partially destructed 'file' object,\nallowing userland to play use-after-free tricks on us, by abusing\nthe still usable fd and making the code operate on a dangling\n'file->private_data' pointer.\n\nInstead of leaving the kernel in a partially corrupted state, don't\nattempt to explicitly clean up and leave this to the process exit\npath that'll release any still valid fds, including the one created\nby the previous call to anon_inode_getfd(). Simply return -EFAULT to\nindicate the error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/202071d2518537866d291aa7cf26af54e674f4d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7f54894aa7517d2b6c797a499b9f491e9db9083", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c72ea20503610a4a7ba26c769357d31602769c01", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48802.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48802.json new file mode 100644 index 00000000000..260dcfbdacf --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48802.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48802", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.690", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: task_mmu.c: don't read mapcount for migration entry\n\nThe syzbot reported the below BUG:\n\n kernel BUG at include/linux/page-flags.h:785!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 1 PID: 4392 Comm: syz-executor560 Not tainted 5.16.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n RIP: 0010:PageDoubleMap include/linux/page-flags.h:785 [inline]\n RIP: 0010:__page_mapcount+0x2d2/0x350 mm/util.c:744\n Call Trace:\n page_mapcount include/linux/mm.h:837 [inline]\n smaps_account+0x470/0xb10 fs/proc/task_mmu.c:466\n smaps_pte_entry fs/proc/task_mmu.c:538 [inline]\n smaps_pte_range+0x611/0x1250 fs/proc/task_mmu.c:601\n walk_pmd_range mm/pagewalk.c:128 [inline]\n walk_pud_range mm/pagewalk.c:205 [inline]\n walk_p4d_range mm/pagewalk.c:240 [inline]\n walk_pgd_range mm/pagewalk.c:277 [inline]\n __walk_page_range+0xe23/0x1ea0 mm/pagewalk.c:379\n walk_page_vma+0x277/0x350 mm/pagewalk.c:530\n smap_gather_stats.part.0+0x148/0x260 fs/proc/task_mmu.c:768\n smap_gather_stats fs/proc/task_mmu.c:741 [inline]\n show_smap+0xc6/0x440 fs/proc/task_mmu.c:822\n seq_read_iter+0xbb0/0x1240 fs/seq_file.c:272\n seq_read+0x3e0/0x5b0 fs/seq_file.c:162\n vfs_read+0x1b5/0x600 fs/read_write.c:479\n ksys_read+0x12d/0x250 fs/read_write.c:619\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe reproducer was trying to read /proc/$PID/smaps when calling\nMADV_FREE at the mean time. MADV_FREE may split THPs if it is called\nfor partial THP. It may trigger the below race:\n\n CPU A CPU B\n ----- -----\n smaps walk: MADV_FREE:\n page_mapcount()\n PageCompound()\n split_huge_page()\n page = compound_head(page)\n PageDoubleMap(page)\n\nWhen calling PageDoubleMap() this page is not a tail page of THP anymore\nso the BUG is triggered.\n\nThis could be fixed by elevated refcount of the page before calling\nmapcount, but that would prevent it from counting migration entries, and\nit seems overkilling because the race just could happen when PMD is\nsplit so all PTE entries of tail pages are actually migration entries,\nand smaps_account() does treat migration entries as mapcount == 1 as\nKirill pointed out.\n\nAdd a new parameter for smaps_account() to tell this entry is migration\nentry then skip calling page_mapcount(). Don't skip getting mapcount\nfor device private entries since they do track references with mapcount.\n\nPagemap also has the similar issue although it was not reported. Fixed\nit as well.\n\n[shy828301@gmail.com: v4]\n Link: https://lkml.kernel.org/r/20220203182641.824731-1-shy828301@gmail.com\n[nathan@kernel.org: avoid unused variable warning in pagemap_pmd_range()]\n Link: https://lkml.kernel.org/r/20220207171049.1102239-1-nathan@kernel.org" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/05d3f8045efa59457b323caf00bdb9273b7962fa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/24d7275ce2791829953ed4e72f68277ceb2571c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a8dd0cfa37792863b6c4bf9542975212a6715d49", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/db3f3636e4aed2cba3e4e7897a053323f7a62249", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48803.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48803.json new file mode 100644 index 00000000000..a3231168f02 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48803.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48803", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.760", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: ti: Fix missing sentinel for clk_div_table\n\n_get_table_maxdiv() tries to access \"clk_div_table\" array out of bound\ndefined in phy-j721e-wiz.c. Add a sentinel entry to prevent\nthe following global-out-of-bounds error reported by enabling KASAN.\n\n[ 9.552392] BUG: KASAN: global-out-of-bounds in _get_maxdiv+0xc0/0x148\n[ 9.558948] Read of size 4 at addr ffff8000095b25a4 by task kworker/u4:1/38\n[ 9.565926]\n[ 9.567441] CPU: 1 PID: 38 Comm: kworker/u4:1 Not tainted 5.16.0-116492-gdaadb3bd0e8d-dirty #360\n[ 9.576242] Hardware name: Texas Instruments J721e EVM (DT)\n[ 9.581832] Workqueue: events_unbound deferred_probe_work_func\n[ 9.587708] Call trace:\n[ 9.590174] dump_backtrace+0x20c/0x218\n[ 9.594038] show_stack+0x18/0x68\n[ 9.597375] dump_stack_lvl+0x9c/0xd8\n[ 9.601062] print_address_description.constprop.0+0x78/0x334\n[ 9.606830] kasan_report+0x1f0/0x260\n[ 9.610517] __asan_load4+0x9c/0xd8\n[ 9.614030] _get_maxdiv+0xc0/0x148\n[ 9.617540] divider_determine_rate+0x88/0x488\n[ 9.622005] divider_round_rate_parent+0xc8/0x124\n[ 9.626729] wiz_clk_div_round_rate+0x54/0x68\n[ 9.631113] clk_core_determine_round_nolock+0x124/0x158\n[ 9.636448] clk_core_round_rate_nolock+0x68/0x138\n[ 9.641260] clk_core_set_rate_nolock+0x268/0x3a8\n[ 9.645987] clk_set_rate+0x50/0xa8\n[ 9.649499] cdns_sierra_phy_init+0x88/0x248\n[ 9.653794] phy_init+0x98/0x108\n[ 9.657046] cdns_pcie_enable_phy+0xa0/0x170\n[ 9.661340] cdns_pcie_init_phy+0x250/0x2b0\n[ 9.665546] j721e_pcie_probe+0x4b8/0x798\n[ 9.669579] platform_probe+0x8c/0x108\n[ 9.673350] really_probe+0x114/0x630\n[ 9.677037] __driver_probe_device+0x18c/0x220\n[ 9.681505] driver_probe_device+0xac/0x150\n[ 9.685712] __device_attach_driver+0xec/0x170\n[ 9.690178] bus_for_each_drv+0xf0/0x158\n[ 9.694124] __device_attach+0x184/0x210\n[ 9.698070] device_initial_probe+0x14/0x20\n[ 9.702277] bus_probe_device+0xec/0x100\n[ 9.706223] deferred_probe_work_func+0x124/0x180\n[ 9.710951] process_one_work+0x4b0/0xbc0\n[ 9.714983] worker_thread+0x74/0x5d0\n[ 9.718668] kthread+0x214/0x230\n[ 9.721919] ret_from_fork+0x10/0x20\n[ 9.725520]\n[ 9.727032] The buggy address belongs to the variable:\n[ 9.732183] clk_div_table+0x24/0x440" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3c75d1017cb362b6a4e0935746ef5da28250919f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5b0c9569135a37348c1267c81e8b0274b21a86ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6d1e6bcb31663ee83aaea1f171f3dbfe95dd4a69", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7a360e546ad9e7c3fd53d6bb60348c660cd28f54", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48804.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48804.json new file mode 100644 index 00000000000..ca4e7a4329d --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48804.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48804", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.830", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt_ioctl: fix array_index_nospec in vt_setactivate\n\narray_index_nospec ensures that an out-of-bounds value is set to zero\non the transient path. Decreasing the value by one afterwards causes\na transient integer underflow. vsa.console should be decreased first\nand then sanitized with array_index_nospec.\n\nKasper Acknowledgements: Jakob Koschel, Brian Johannesmeyer, Kaveh\nRazavi, Herbert Bos, Cristiano Giuffrida from the VUSec group at VU\nAmsterdam." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/170325aba4608bde3e7d21c9c19b7bc266ac0885", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2a45a6bd1e6d651770aafff57ab3e1d3bb0b42e0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61cc70d9e8ef5b042d4ed87994d20100ec8896d9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6550bdf52846f85a2a3726a5aa0c7c4399f2fc02", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/778302ca09498b448620edd372dc908bebf80bdf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/830c5aa302ec16b4ee641aec769462c37f802c90", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ae3d57411562260ee3f4fd5e875f410002341104", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffe54289b02e9c732d6f04c8ebbe3b2d90d32118", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48805.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48805.json new file mode 100644 index 00000000000..b5cb4587edd --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48805.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48805", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.907", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup\n\nax88179_rx_fixup() contains several out-of-bounds accesses that can be\ntriggered by a malicious (or defective) USB device, in particular:\n\n - The metadata array (hdr_off..hdr_off+2*pkt_cnt) can be out of bounds,\n causing OOB reads and (on big-endian systems) OOB endianness flips.\n - A packet can overlap the metadata array, causing a later OOB\n endianness flip to corrupt data used by a cloned SKB that has already\n been handed off into the network stack.\n - A packet SKB can be constructed whose tail is far beyond its end,\n causing out-of-bounds heap data to be considered part of the SKB's\n data.\n\nI have tested that this can be used by a malicious USB device to send a\nbogus ICMPv6 Echo Request and receive an ICMPv6 Echo Reply in response\nthat contains random kernel heap data.\nIt's probably also possible to get OOB writes from this on a\nlittle-endian system somehow - maybe by triggering skb_cow() via IP\noptions processing -, but I haven't tested that." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1668781ed24da43498799aa4f65714a7de201930", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/63f0cfb36c1f1964a59ce544156677601e2d8740", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/711b6bf3fb052f0a6b5b3205d50e30c0c2980382", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/758290defe93a865a2880d10c5d5abd288b64b5d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9681823f96a811268265f35307072ad80713c274", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a0fd5492ee769029a636f1fb521716b022b1423d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffd0393adcdcefab7e131488e10dcfde5e02d6eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48806.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48806.json new file mode 100644 index 00000000000..86e76cac16a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48806.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48806", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:04.980", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\neeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX\n\nCommit effa453168a7 (\"i2c: i801: Don't silently correct invalid transfer\nsize\") revealed that ee1004_eeprom_read() did not properly limit how\nmany bytes to read at once.\n\nIn particular, i2c_smbus_read_i2c_block_data_or_emulated() takes the\nlength to read as an u8. If count == 256 after taking into account the\noffset and page boundary, the cast to u8 overflows. And this is common\nwhen user space tries to read the entire EEPROM at once.\n\nTo fix it, limit each read to I2C_SMBUS_BLOCK_MAX (32) bytes, already\nthe maximum length i2c_smbus_read_i2c_block_data_or_emulated() allows." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3937c35493ee2847aaefcfa5460e94b7443eef49", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9443ddeb3754e9e382a396b50adc1961301713ce", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9a5f471ae380f9fcb9756d453c12ca1f8595a93c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a37960df7eac3cc8094bd1ab84864e9e32c91345", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c0689e46be23160d925dca95dfc411f1a0462708", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48807.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48807.json new file mode 100644 index 00000000000..0c64b63aac8 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48807.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48807", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.050", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix KASAN error in LAG NETDEV_UNREGISTER handler\n\nCurrently, the same handler is called for both a NETDEV_BONDING_INFO\nLAG unlink notification as for a NETDEV_UNREGISTER call. This is\ncausing a problem though, since the netdev_notifier_info passed has\na different structure depending on which event is passed. The problem\nmanifests as a call trace from a BUG: KASAN stack-out-of-bounds error.\n\nFix this by creating a handler specific to NETDEV_UNREGISTER that only\nis passed valid elements in the netdev_notifier_info struct for the\nNETDEV_UNREGISTER event.\n\nAlso included is the removal of an unbalanced dev_put on the peer_netdev\nand related braces." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/bea1898f65b9b7096cb4e73e97c83b94718f1fa1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f9daedc3ab8f673e3a9374b91a89fbf1174df469", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/faa9bcf700ca1a0d09f92502a6b65d3ce313fb46", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48808.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48808.json new file mode 100644 index 00000000000..d340a9dbe63 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48808.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48808", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.120", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix panic when DSA master device unbinds on shutdown\n\nRafael reports that on a system with LX2160A and Marvell DSA switches,\nif a reboot occurs while the DSA master (dpaa2-eth) is up, the following\npanic can be seen:\n\nsystemd-shutdown[1]: Rebooting.\nUnable to handle kernel paging request at virtual address 00a0000800000041\n[00a0000800000041] address between user and kernel address ranges\nInternal error: Oops: 96000004 [#1] PREEMPT SMP\nCPU: 6 PID: 1 Comm: systemd-shutdow Not tainted 5.16.5-00042-g8f5585009b24 #32\npc : dsa_slave_netdevice_event+0x130/0x3e4\nlr : raw_notifier_call_chain+0x50/0x6c\nCall trace:\n dsa_slave_netdevice_event+0x130/0x3e4\n raw_notifier_call_chain+0x50/0x6c\n call_netdevice_notifiers_info+0x54/0xa0\n __dev_close_many+0x50/0x130\n dev_close_many+0x84/0x120\n unregister_netdevice_many+0x130/0x710\n unregister_netdevice_queue+0x8c/0xd0\n unregister_netdev+0x20/0x30\n dpaa2_eth_remove+0x68/0x190\n fsl_mc_driver_remove+0x20/0x5c\n __device_release_driver+0x21c/0x220\n device_release_driver_internal+0xac/0xb0\n device_links_unbind_consumers+0xd4/0x100\n __device_release_driver+0x94/0x220\n device_release_driver+0x28/0x40\n bus_remove_device+0x118/0x124\n device_del+0x174/0x420\n fsl_mc_device_remove+0x24/0x40\n __fsl_mc_device_remove+0xc/0x20\n device_for_each_child+0x58/0xa0\n dprc_remove+0x90/0xb0\n fsl_mc_driver_remove+0x20/0x5c\n __device_release_driver+0x21c/0x220\n device_release_driver+0x28/0x40\n bus_remove_device+0x118/0x124\n device_del+0x174/0x420\n fsl_mc_bus_remove+0x80/0x100\n fsl_mc_bus_shutdown+0xc/0x1c\n platform_shutdown+0x20/0x30\n device_shutdown+0x154/0x330\n __do_sys_reboot+0x1cc/0x250\n __arm64_sys_reboot+0x20/0x30\n invoke_syscall.constprop.0+0x4c/0xe0\n do_el0_svc+0x4c/0x150\n el0_svc+0x24/0xb0\n el0t_64_sync_handler+0xa8/0xb0\n el0t_64_sync+0x178/0x17c\n\nIt can be seen from the stack trace that the problem is that the\nderegistration of the master causes a dev_close(), which gets notified\nas NETDEV_GOING_DOWN to dsa_slave_netdevice_event().\nBut dsa_switch_shutdown() has already run, and this has unregistered the\nDSA slave interfaces, and yet, the NETDEV_GOING_DOWN handler attempts to\ncall dev_close_many() on those slave interfaces, leading to the problem.\n\nThe previous attempt to avoid the NETDEV_GOING_DOWN on the master after\ndsa_switch_shutdown() was called seems improper. Unregistering the slave\ninterfaces is unnecessary and unhelpful. Instead, after the slaves have\nstopped being uppers of the DSA master, we can now reset to NULL the\nmaster->dsa_ptr pointer, which will make DSA start ignoring all future\nnotifier events on the master." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/89b60402d43cdab4387dbbf24afebda5cf092ae7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ee534378f00561207656663d93907583958339ae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff45899e732e57088985e3a497b1d9100571c0f5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48809.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48809.json new file mode 100644 index 00000000000..bbd699c7893 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48809.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48809", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.190", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix a memleak when uncloning an skb dst and its metadata\n\nWhen uncloning an skb dst and its associated metadata, a new\ndst+metadata is allocated and later replaces the old one in the skb.\nThis is helpful to have a non-shared dst+metadata attached to a specific\nskb.\n\nThe issue is the uncloned dst+metadata is initialized with a refcount of\n1, which is increased to 2 before attaching it to the skb. When\ntun_dst_unclone returns, the dst+metadata is only referenced from a\nsingle place (the skb) while its refcount is 2. Its refcount will never\ndrop to 0 (when the skb is consumed), leading to a memory leak.\n\nFix this by removing the call to dst_hold in tun_dst_unclone, as the\ndst+metadata refcount is already 1." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00e6d6c3bc14dfe32824e2c515f0e0f2d6ecf2f1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0be943916d781df2b652793bb2d3ae4f9624c10a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4ac84498fbe84a00e7aef185e2bb3e40ce71eca4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b1087b998e273f07be13dcb5f3ca4c309c7f108", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9eeabdf17fa0ab75381045c867c370f4cc75a613", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a80817adc2a4c1ba26a7aa5f3ed886e4a18dff88", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c1ff27d100e2670b03cbfddb9117e5f9fc672540", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fdcb263fa5cda15b8cb24a641fa2718c47605314", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48810.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48810.json new file mode 100644 index 00000000000..613a9ac87d8 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48810.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48810", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.280", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path\n\nip[6]mr_free_table() can only be called under RTNL lock.\n\nRTNL: assertion failed at net/core/dev.c (10367)\nWARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367 unregister_netdevice_many+0x1246/0x1850 net/core/dev.c:10367\nModules linked in:\nCPU: 1 PID: 5890 Comm: syz-executor.2 Not tainted 5.16.0-syzkaller-11627-g422ee58dc0ef #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:unregister_netdevice_many+0x1246/0x1850 net/core/dev.c:10367\nCode: 0f 85 9b ee ff ff e8 69 07 4b fa ba 7f 28 00 00 48 c7 c6 00 90 ae 8a 48 c7 c7 40 90 ae 8a c6 05 6d b1 51 06 01 e8 8c 90 d8 01 <0f> 0b e9 70 ee ff ff e8 3e 07 4b fa 4c 89 e7 e8 86 2a 59 fa e9 ee\nRSP: 0018:ffffc900046ff6e0 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff888050f51d00 RSI: ffffffff815fa008 RDI: fffff520008dfece\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815f3d6e R11: 0000000000000000 R12: 00000000fffffff4\nR13: dffffc0000000000 R14: ffffc900046ff750 R15: ffff88807b7dc000\nFS: 00007f4ab736e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fee0b4f8990 CR3: 000000001e7d2000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n mroute_clean_tables+0x244/0xb40 net/ipv6/ip6mr.c:1509\n ip6mr_free_table net/ipv6/ip6mr.c:389 [inline]\n ip6mr_rules_init net/ipv6/ip6mr.c:246 [inline]\n ip6mr_net_init net/ipv6/ip6mr.c:1306 [inline]\n ip6mr_net_init+0x3f0/0x4e0 net/ipv6/ip6mr.c:1298\n ops_init+0xaf/0x470 net/core/net_namespace.c:140\n setup_net+0x54f/0xbb0 net/core/net_namespace.c:331\n copy_net_ns+0x318/0x760 net/core/net_namespace.c:475\n create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110\n copy_namespaces+0x391/0x450 kernel/nsproxy.c:178\n copy_process+0x2e0c/0x7300 kernel/fork.c:2167\n kernel_clone+0xe7/0xab0 kernel/fork.c:2555\n __do_sys_clone+0xc8/0x110 kernel/fork.c:2672\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f4ab89f9059\nCode: Unable to access opcode bytes at RIP 0x7f4ab89f902f.\nRSP: 002b:00007f4ab736e118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038\nRAX: ffffffffffffffda RBX: 00007f4ab8b0bf60 RCX: 00007f4ab89f9059\nRDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000040200000\nRBP: 00007f4ab8a5308d R08: 0000000020000300 R09: 0000000020000300\nR10: 00000000200002c0 R11: 0000000000000206 R12: 0000000000000000\nR13: 00007ffc3977cc1f R14: 00007f4ab736e300 R15: 0000000000022000\n " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/09ac0fcb0a82d647f2c61d3d488d367b7ee5bd51", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/12b6703e9546902c56b4b9048b893ad49d62bdd4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/16dcfde98a25340ff0f7879a16bea141d824a196", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3cab045c99dbb9a94eb2d1d405f399916eec698a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5611a00697c8ecc5aad04392bea629e9d6a20463", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80c529322600dfb1f985b5e3f14c3c6f522ce154", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b541845dfc4e7df551955e70deec0921d6b297c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/feb9597e22755dce782aae26ac0590c06737e049", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48811.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48811.json new file mode 100644 index 00000000000..b532a619406 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48811.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48811", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.367", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: don't release napi in __ibmvnic_open()\n\nIf __ibmvnic_open() encounters an error such as when setting link state,\nit calls release_resources() which frees the napi structures needlessly.\nInstead, have __ibmvnic_open() only clean up the work it did so far (i.e.\ndisable napi and irqs) and leave the rest to the callers.\n\nIf caller of __ibmvnic_open() is ibmvnic_open(), it should release the\nresources immediately. If the caller is do_reset() or do_hard_reset(),\nthey will release the resources on the next reset.\n\nThis fixes following crash that occurred when running the drmgr command\nseveral times to add/remove a vnic interface:\n\n\t[102056] ibmvnic 30000003 env3: Disabling rx_scrq[6] irq\n\t[102056] ibmvnic 30000003 env3: Disabling rx_scrq[7] irq\n\t[102056] ibmvnic 30000003 env3: Replenished 8 pools\n\tKernel attempted to read user page (10) - exploit attempt? (uid: 0)\n\tBUG: Kernel NULL pointer dereference on read at 0x00000010\n\tFaulting instruction address: 0xc000000000a3c840\n\tOops: Kernel access of bad area, sig: 11 [#1]\n\tLE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries\n\t...\n\tCPU: 9 PID: 102056 Comm: kworker/9:2 Kdump: loaded Not tainted 5.16.0-rc5-autotest-g6441998e2e37 #1\n\tWorkqueue: events_long __ibmvnic_reset [ibmvnic]\n\tNIP: c000000000a3c840 LR: c0080000029b5378 CTR: c000000000a3c820\n\tREGS: c0000000548e37e0 TRAP: 0300 Not tainted (5.16.0-rc5-autotest-g6441998e2e37)\n\tMSR: 8000000000009033 CR: 28248484 XER: 00000004\n\tCFAR: c0080000029bdd24 DAR: 0000000000000010 DSISR: 40000000 IRQMASK: 0\n\tGPR00: c0080000029b55d0 c0000000548e3a80 c0000000028f0200 0000000000000000\n\t...\n\tNIP [c000000000a3c840] napi_enable+0x20/0xc0\n\tLR [c0080000029b5378] __ibmvnic_open+0xf0/0x430 [ibmvnic]\n\tCall Trace:\n\t[c0000000548e3a80] [0000000000000006] 0x6 (unreliable)\n\t[c0000000548e3ab0] [c0080000029b55d0] __ibmvnic_open+0x348/0x430 [ibmvnic]\n\t[c0000000548e3b40] [c0080000029bcc28] __ibmvnic_reset+0x500/0xdf0 [ibmvnic]\n\t[c0000000548e3c60] [c000000000176228] process_one_work+0x288/0x570\n\t[c0000000548e3d00] [c000000000176588] worker_thread+0x78/0x660\n\t[c0000000548e3da0] [c0000000001822f0] kthread+0x1c0/0x1d0\n\t[c0000000548e3e10] [c00000000000cf64] ret_from_kernel_thread+0x5c/0x64\n\tInstruction dump:\n\t7d2948f8 792307e0 4e800020 60000000 3c4c01eb 384239e0 f821ffd1 39430010\n\t38a0fff6 e92d1100 f9210028 39200000 f9010020 60420000 e9210020\n\t---[ end trace 5f8033b08fd27706 ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/61772b0908c640d0309c40f7d41d062ca4e979fa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/960dfaf3b578dd23af012590e809ae2d58ba1827", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e08cb9056fb2564d1f6bad789bdf79ab09bf2f81", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48812.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48812.json new file mode 100644 index 00000000000..1938725011e --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48812.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48812", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.430", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: lantiq_gswip: don't use devres for mdiobus\n\nAs explained in commits:\n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\")\n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\")\n\nmdiobus_free() will panic when called from devm_mdiobus_free() <-\ndevres_release_all() <- __device_release_driver(), and that mdiobus was\nnot previously unregistered.\n\nThe GSWIP switch is a platform device, so the initial set of constraints\nthat I thought would cause this (I2C or SPI buses which call ->remove on\n->shutdown) do not apply. But there is one more which applies here.\n\nIf the DSA master itself is on a bus that calls ->remove from ->shutdown\n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link\nbetween the switch and the DSA master, and device_links_unbind_consumers()\nwill unbind the GSWIP switch driver on shutdown.\n\nSo the same treatment must be applied to all DSA switch drivers, which\nis: either use devres for both the mdiobus allocation and registration,\nor don't use devres at all.\n\nThe gswip driver has the code structure in place for orderly mdiobus\nremoval, so just replace devm_mdiobus_alloc() with the non-devres\nvariant, and add manual free where necessary, to ensure that we don't\nlet devres free a still-registered bus." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0d120dfb5d67edc5bcd1804e167dba2b30809afd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2443ba2fe396bdde187a2fdfa6a57375643ae93c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b5652bc50dde7b84e93dfb25479b64b817e377c1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e177d2e85ebcd3008c4b2abc293f4118e04eedef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48813.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48813.json new file mode 100644 index 00000000000..32c50d90177 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48813.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48813", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.493", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: felix: don't use devres for mdiobus\n\nAs explained in commits:\n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\")\n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\")\n\nmdiobus_free() will panic when called from devm_mdiobus_free() <-\ndevres_release_all() <- __device_release_driver(), and that mdiobus was\nnot previously unregistered.\n\nThe Felix VSC9959 switch is a PCI device, so the initial set of\nconstraints that I thought would cause this (I2C or SPI buses which call\n->remove on ->shutdown) do not apply. But there is one more which\napplies here.\n\nIf the DSA master itself is on a bus that calls ->remove from ->shutdown\n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link\nbetween the switch and the DSA master, and device_links_unbind_consumers()\nwill unbind the felix switch driver on shutdown.\n\nSo the same treatment must be applied to all DSA switch drivers, which\nis: either use devres for both the mdiobus allocation and registration,\nor don't use devres at all.\n\nThe felix driver has the code structure in place for orderly mdiobus\nremoval, so just replace devm_mdiobus_alloc_size() with the non-devres\nvariant, and add manual free where necessary, to ensure that we don't\nlet devres free a still-registered bus." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/209bdb7ec6a28c7cdf580a0a98afbc9fc3b98932", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8cda7577a0b4018572f31e0caadfabd305ea2786", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/95e5402f9430b3c7d885dd3ec4c8c02c17936923", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9db6f056efd089e80d81c774c01b639adf30c097", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48814.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48814.json new file mode 100644 index 00000000000..7787222aa45 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48814.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48814", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.563", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: seville: register the mdiobus under devres\n\nAs explained in commits:\n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\")\n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\")\n\nmdiobus_free() will panic when called from devm_mdiobus_free() <-\ndevres_release_all() <- __device_release_driver(), and that mdiobus was\nnot previously unregistered.\n\nThe Seville VSC9959 switch is a platform device, so the initial set of\nconstraints that I thought would cause this (I2C or SPI buses which call\n->remove on ->shutdown) do not apply. But there is one more which\napplies here.\n\nIf the DSA master itself is on a bus that calls ->remove from ->shutdown\n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link\nbetween the switch and the DSA master, and device_links_unbind_consumers()\nwill unbind the seville switch driver on shutdown.\n\nSo the same treatment must be applied to all DSA switch drivers, which\nis: either use devres for both the mdiobus allocation and registration,\nor don't use devres at all.\n\nThe seville driver has a code structure that could accommodate both the\nmdiobus_unregister and mdiobus_free calls, but it has an external\ndependency upon mscc_miim_setup() from mdio-mscc-miim.c, which calls\ndevm_mdiobus_alloc_size() on its behalf. So rather than restructuring\nthat, and exporting yet one more symbol mscc_miim_teardown(), let's work\nwith devres and replace of_mdiobus_register with the devres variant.\nWhen we use all-devres, we can ensure that devres doesn't free a\nstill-registered bus (it either runs both callbacks, or none)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e816362d823cd46c666e64d8bffe329ee22f4cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1d13e7221035947c62800c9d3d99b4ed570e27e7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bd488afc3b39e045ba71aab472233f2a78726e7b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48815.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48815.json new file mode 100644 index 00000000000..81c9259ff46 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48815.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48815", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.623", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: bcm_sf2: don't use devres for mdiobus\n\nAs explained in commits:\n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\")\n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\")\n\nmdiobus_free() will panic when called from devm_mdiobus_free() <-\ndevres_release_all() <- __device_release_driver(), and that mdiobus was\nnot previously unregistered.\n\nThe Starfighter 2 is a platform device, so the initial set of\nconstraints that I thought would cause this (I2C or SPI buses which call\n->remove on ->shutdown) do not apply. But there is one more which\napplies here.\n\nIf the DSA master itself is on a bus that calls ->remove from ->shutdown\n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link\nbetween the switch and the DSA master, and device_links_unbind_consumers()\nwill unbind the bcm_sf2 switch driver on shutdown.\n\nSo the same treatment must be applied to all DSA switch drivers, which\nis: either use devres for both the mdiobus allocation and registration,\nor don't use devres at all.\n\nThe bcm_sf2 driver has the code structure in place for orderly mdiobus\nremoval, so just replace devm_mdiobus_alloc() with the non-devres\nvariant, and add manual free where necessary, to ensure that we don't\nlet devres free a still-registered bus." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/08e1a3554e99a1a5bd2835907381e2383ee85cae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/08f1a20822349004bb9cc1b153ecb516e9f2889d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2770b795294ed312375c11ef1d0b810499c66b83", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/caabb5f64f5c32fceed93356bb688ef1ec6c5783", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48816.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48816.json new file mode 100644 index 00000000000..162dc0a43bf --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48816.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48816", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.687", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: lock against ->sock changing during sysfs read\n\n->sock can be set to NULL asynchronously unless ->recv_mutex is held.\nSo it is important to hold that mutex. Otherwise a sysfs read can\ntrigger an oops.\nCommit 17f09d3f619a (\"SUNRPC: Check if the xprt is connected before\nhandling sysfs reads\") appears to attempt to fix this problem, but it\nonly narrows the race window." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48817.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48817.json new file mode 100644 index 00000000000..d88bbdd7b7f --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48817.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48817", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.747", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: ar9331: register the mdiobus under devres\n\nAs explained in commits:\n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\")\n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\")\n\nmdiobus_free() will panic when called from devm_mdiobus_free() <-\ndevres_release_all() <- __device_release_driver(), and that mdiobus was\nnot previously unregistered.\n\nThe ar9331 is an MDIO device, so the initial set of constraints that I\nthought would cause this (I2C or SPI buses which call ->remove on\n->shutdown) do not apply. But there is one more which applies here.\n\nIf the DSA master itself is on a bus that calls ->remove from ->shutdown\n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link\nbetween the switch and the DSA master, and device_links_unbind_consumers()\nwill unbind the ar9331 switch driver on shutdown.\n\nSo the same treatment must be applied to all DSA switch drivers, which\nis: either use devres for both the mdiobus allocation and registration,\nor don't use devres at all.\n\nThe ar9331 driver doesn't have a complex code structure for mdiobus\nremoval, so just replace of_mdiobus_register with the devres variant in\norder to be all-devres and ensure that we don't free a still-registered\nbus." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/475ce5dcf2d88fd4f3c213a0ac944e3e40702970", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/50facd86e9fbc4b93fe02e5fe05776047f45dbfb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aae1c6a1d3d696fc33b609fb12fe744a556d1dc5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f1842a8cb71de4d7eb75a86f76e88c7ee739218c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48818.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48818.json new file mode 100644 index 00000000000..0ab2ccfc644 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48818.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48818", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.813", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: don't use devres for mdiobus\n\nAs explained in commits:\n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\")\n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\")\n\nmdiobus_free() will panic when called from devm_mdiobus_free() <-\ndevres_release_all() <- __device_release_driver(), and that mdiobus was\nnot previously unregistered.\n\nThe mv88e6xxx is an MDIO device, so the initial set of constraints that\nI thought would cause this (I2C or SPI buses which call ->remove on\n->shutdown) do not apply. But there is one more which applies here.\n\nIf the DSA master itself is on a bus that calls ->remove from ->shutdown\n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link\nbetween the switch and the DSA master, and device_links_unbind_consumers()\nwill unbind the Marvell switch driver on shutdown.\n\nsystemd-shutdown[1]: Powering off.\nmv88e6085 0x0000000008b96000:00 sw_gl0: Link is Down\nfsl-mc dpbp.9: Removing from iommu group 7\nfsl-mc dpbp.8: Removing from iommu group 7\n------------[ cut here ]------------\nkernel BUG at drivers/net/phy/mdio_bus.c:677!\nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 1 Comm: systemd-shutdow Not tainted 5.16.5-00040-gdc05f73788e5 #15\npc : mdiobus_free+0x44/0x50\nlr : devm_mdiobus_free+0x10/0x20\nCall trace:\n mdiobus_free+0x44/0x50\n devm_mdiobus_free+0x10/0x20\n devres_release_all+0xa0/0x100\n __device_release_driver+0x190/0x220\n device_release_driver_internal+0xac/0xb0\n device_links_unbind_consumers+0xd4/0x100\n __device_release_driver+0x4c/0x220\n device_release_driver_internal+0xac/0xb0\n device_links_unbind_consumers+0xd4/0x100\n __device_release_driver+0x94/0x220\n device_release_driver+0x28/0x40\n bus_remove_device+0x118/0x124\n device_del+0x174/0x420\n fsl_mc_device_remove+0x24/0x40\n __fsl_mc_device_remove+0xc/0x20\n device_for_each_child+0x58/0xa0\n dprc_remove+0x90/0xb0\n fsl_mc_driver_remove+0x20/0x5c\n __device_release_driver+0x21c/0x220\n device_release_driver+0x28/0x40\n bus_remove_device+0x118/0x124\n device_del+0x174/0x420\n fsl_mc_bus_remove+0x80/0x100\n fsl_mc_bus_shutdown+0xc/0x1c\n platform_shutdown+0x20/0x30\n device_shutdown+0x154/0x330\n kernel_power_off+0x34/0x6c\n __do_sys_reboot+0x15c/0x250\n __arm64_sys_reboot+0x20/0x30\n invoke_syscall.constprop.0+0x4c/0xe0\n do_el0_svc+0x4c/0x150\n el0_svc+0x24/0xb0\n el0t_64_sync_handler+0xa8/0xb0\n el0t_64_sync+0x178/0x17c\n\nSo the same treatment must be applied to all DSA switch drivers, which\nis: either use devres for both the mdiobus allocation and registration,\nor don't use devres at all.\n\nThe Marvell driver already has a good structure for mdiobus removal, so\njust plug in mdiobus_free and get rid of devres." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1b451c3994a2d322f8e55032c62c8b47b7d95900", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b626d45127d6f5ada7d815b83cfdc09e8cb1394", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8ccebe77df6e0d88c72ba5e69cf1835927e53b6c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f53a2ce893b2c7884ef94471f170839170a4eba0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48819.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48819.json new file mode 100644 index 00000000000..8a42e956fa4 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48819.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48819", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.883", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case\n\nsyzbot found that mixing sendpage() and sendmsg(MSG_ZEROCOPY)\ncalls over the same TCP socket would again trigger the\ninfamous warning in inet_sock_destruct()\n\n\tWARN_ON(sk_forward_alloc_get(sk));\n\nWhile Talal took into account a mix of regular copied data\nand MSG_ZEROCOPY one in the same skb, the sendpage() path\nhas been forgotten.\n\nWe want the charging to happen for sendpage(), because\npages could be coming from a pipe. What is missing is the\ndowngrading of pure zerocopy status to make sure\nsk_forward_alloc will stay synced.\n\nAdd tcp_downgrade_zcopy_pure() helper so that we can\nuse it from the two callers." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/47f3860c4931175f112f28dcac66eacca9b1040f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8d9d938514f46c4892aff6bfe32f425e84d81cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48820.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48820.json new file mode 100644 index 00000000000..0d6586e73a6 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48820.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48820", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:05.943", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable()\n\nThis error path needs to decrement \"usbphyc->n_pll_cons.counter\" before\nreturning." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ad1a88fa3eb0ded7798f52b79bc33f75fc9a6d2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/94b16ca86ab688ed6fad4548f70137f93cf1f0a9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cfc826c88a79e22ba5d8001556eb2c7efd8a01b6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48821.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48821.json new file mode 100644 index 00000000000..cf283ef10ae --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48821.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48821", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.010", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: avoid double fput() on failed usercopy\n\nIf the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF\nioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact,\ndma_buf_fd() called fd_install() before, i.e. \"consumed\" one reference,\nleaving us with none.\n\nCalling dma_buf_put() will therefore put a reference we no longer own,\nleading to a valid file descritor table entry for an already released\n'file' object which is a straight use-after-free.\n\nSimply avoid calling dma_buf_put() and rely on the process exit code to\ndo the necessary cleanup, if needed, i.e. if the file descriptor is\nstill valid." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/46963e2e0629cb31c96b1d47ddd89dc3d8990b34", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4e6fd2b5fcf8e7119305a6042bd92e7f2b9ed215", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76f85c307ef9f10aa2cef1b1d5ee654c1f3345fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a5ce7ee5fcc07583159f54ab4af5164de00148f5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e4382d0a39f9a1e260d62fdc079ddae5293c037d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48822.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48822.json new file mode 100644 index 00000000000..14147227aea --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48822.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2022-48822", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.073", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: f_fs: Fix use-after-free for epfile\n\nConsider a case where ffs_func_eps_disable is called from\nffs_func_disable as part of composition switch and at the\nsame time ffs_epfile_release get called from userspace.\nffs_epfile_release will free up the read buffer and call\nffs_data_closed which in turn destroys ffs->epfiles and\nmark it as NULL. While this was happening the driver has\nalready initialized the local epfile in ffs_func_eps_disable\nwhich is now freed and waiting to acquire the spinlock. Once\nspinlock is acquired the driver proceeds with the stale value\nof epfile and tries to free the already freed read buffer\ncausing use-after-free.\n\nFollowing is the illustration of the race:\n\n CPU1 CPU2\n\n ffs_func_eps_disable\n epfiles (local copy)\n\t\t\t\t\tffs_epfile_release\n\t\t\t\t\tffs_data_closed\n\t\t\t\t\tif (last file closed)\n\t\t\t\t\tffs_data_reset\n\t\t\t\t\tffs_data_clear\n\t\t\t\t\tffs_epfiles_destroy\nspin_lock\ndereference epfiles\n\nFix this races by taking epfiles local copy & assigning it under\nspinlock and if epfiles(local) is null then update it in ffs->epfiles\nthen finally destroy it.\nExtending the scope further from the race, protecting the ep related\nstructures, and concurrent accesses." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0042178a69eb77a979e36a50dcce9794a3140ef8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/32048f4be071f9a6966744243f1786f45bb22dc2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3e078b18753669615301d946297bafd69294ad2c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/72a8aee863af099d4434314c4536d6c9a61dcf3c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c9fc422c9a43e3d58d246334a71f3390401781dc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cfe5f6fd335d882bcc829a1c8a7d462a455c626e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ebe2b1add1055b903e2acd86b290a85297edc0b3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48823.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48823.json new file mode 100644 index 00000000000..90fd7630dc1 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48823.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48823", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.147", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Fix refcount issue when LOGO is received during TMF\n\nHung task call trace was seen during LOGO processing.\n\n[ 974.309060] [0000:00:00.0]:[qedf_eh_device_reset:868]: 1:0:2:0: LUN RESET Issued...\n[ 974.309065] [0000:00:00.0]:[qedf_initiate_tmf:2422]: tm_flags 0x10 sc_cmd 00000000c16b930f op = 0x2a target_id = 0x2 lun=0\n[ 974.309178] [0000:00:00.0]:[qedf_initiate_tmf:2431]: portid=016900 tm_flags =LUN RESET\n[ 974.309222] [0000:00:00.0]:[qedf_initiate_tmf:2438]: orig io_req = 00000000ec78df8f xid = 0x180 ref_cnt = 1.\n[ 974.309625] host1: rport 016900: Received LOGO request while in state Ready\n[ 974.309627] host1: rport 016900: Delete port\n[ 974.309642] host1: rport 016900: work event 3\n[ 974.309644] host1: rport 016900: lld callback ev 3\n[ 974.313243] [0000:61:00.2]:[qedf_execute_tmf:2383]:1: fcport is uploading, not executing flush.\n[ 974.313295] [0000:61:00.2]:[qedf_execute_tmf:2400]:1: task mgmt command success...\n[ 984.031088] INFO: task jbd2/dm-15-8:7645 blocked for more than 120 seconds.\n[ 984.031136] Not tainted 4.18.0-305.el8.x86_64 #1\n\n[ 984.031166] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 984.031209] jbd2/dm-15-8 D 0 7645 2 0x80004080\n[ 984.031212] Call Trace:\n[ 984.031222] __schedule+0x2c4/0x700\n[ 984.031230] ? unfreeze_partials.isra.83+0x16e/0x1a0\n[ 984.031233] ? bit_wait_timeout+0x90/0x90\n[ 984.031235] schedule+0x38/0xa0\n[ 984.031238] io_schedule+0x12/0x40\n[ 984.031240] bit_wait_io+0xd/0x50\n[ 984.031243] __wait_on_bit+0x6c/0x80\n[ 984.031248] ? free_buffer_head+0x21/0x50\n[ 984.031251] out_of_line_wait_on_bit+0x91/0xb0\n[ 984.031257] ? init_wait_var_entry+0x50/0x50\n[ 984.031268] jbd2_journal_commit_transaction+0x112e/0x19f0 [jbd2]\n[ 984.031280] kjournald2+0xbd/0x270 [jbd2]\n[ 984.031284] ? finish_wait+0x80/0x80\n[ 984.031291] ? commit_timeout+0x10/0x10 [jbd2]\n[ 984.031294] kthread+0x116/0x130\n[ 984.031300] ? kthread_flush_work_fn+0x10/0x10\n[ 984.031305] ret_from_fork+0x1f/0x40\n\nThere was a ref count issue when LOGO is received during TMF. This leads to\none of the I/Os hanging with the driver. Fix the ref count." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5239ab63f17cee643bd4bf6addfedebaa7d4f41e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6be8eaad75ca73131e2a697f0270dc8ee73814a8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7cc32ff0cd6c44a3c26de5faecfe8b5546198fad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7fcbed38503bb34c6e6538b6a9482d1c6bead1e8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/87f187e5265bc8e3b38faef8b9db864cdd61dde7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48824.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48824.json new file mode 100644 index 00000000000..0413c8573c7 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48824.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48824", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.210", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: myrs: Fix crash in error case\n\nIn myrs_detect(), cs->disable_intr is NULL when privdata->hw_init() fails\nwith non-zero. In this case, myrs_cleanup(cs) will call a NULL ptr and\ncrash the kernel.\n\n[ 1.105606] myrs 0000:00:03.0: Unknown Initialization Error 5A\n[ 1.105872] myrs 0000:00:03.0: Failed to initialize Controller\n[ 1.106082] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.110774] Call Trace:\n[ 1.110950] myrs_cleanup+0xe4/0x150 [myrs]\n[ 1.111135] myrs_probe.cold+0x91/0x56a [myrs]\n[ 1.111302] ? DAC960_GEM_intr_handler+0x1f0/0x1f0 [myrs]\n[ 1.111500] local_pci_probe+0x48/0x90" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e42c4a3d732517edc3766dd45a14e60d29dd929", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1d6cd26605b4d662063a83c15c776b5299a1cb23", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4db09593af0b0b4d7d4805ebb3273df51d7cc30d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5c5ceea00c8c9df150708e66cb9f2891192c1162", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6207f35c213f6cb2fc3f13b5e77f08c710e1de19", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48825.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48825.json new file mode 100644 index 00000000000..64d02af179a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48825.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48825", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.270", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Add stag_work to all the vports\n\nCall trace seen when creating NPIV ports, only 32 out of 64 show online.\nstag work was not initialized for vport, hence initialize the stag work.\n\nWARNING: CPU: 8 PID: 645 at kernel/workqueue.c:1635 __queue_delayed_work+0x68/0x80\nCPU: 8 PID: 645 Comm: kworker/8:1 Kdump: loaded Tainted: G IOE --------- --\n 4.18.0-348.el8.x86_64 #1\nHardware name: Dell Inc. PowerEdge MX740c/0177V9, BIOS 2.12.2 07/09/2021\nWorkqueue: events fc_lport_timeout [libfc]\nRIP: 0010:__queue_delayed_work+0x68/0x80\nCode: 89 b2 88 00 00 00 44 89 82 90 00 00 00 48 01 c8 48 89 42 50 41 81\nf8 00 20 00 00 75 1d e9 60 24 07 00 44 89 c7 e9 98 f6 ff ff <0f> 0b eb\nc5 0f 0b eb a1 0f 0b eb a7 0f 0b eb ac 44 89 c6 e9 40 23\nRSP: 0018:ffffae514bc3be40 EFLAGS: 00010006\nRAX: ffff8d25d6143750 RBX: 0000000000000202 RCX: 0000000000000002\nRDX: ffff8d2e31383748 RSI: ffff8d25c000d600 RDI: ffff8d2e31383788\nRBP: ffff8d2e31380de0 R08: 0000000000002000 R09: ffff8d2e31383750\nR10: ffffffffc0c957e0 R11: ffff8d2624800000 R12: ffff8d2e31380a58\nR13: ffff8d2d915eb000 R14: ffff8d25c499b5c0 R15: ffff8d2e31380e18\nFS: 0000000000000000(0000) GS:ffff8d2d1fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055fd0484b8b8 CR3: 00000008ffc10006 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n queue_delayed_work_on+0x36/0x40\n qedf_elsct_send+0x57/0x60 [qedf]\n fc_lport_enter_flogi+0x90/0xc0 [libfc]\n fc_lport_timeout+0xb7/0x140 [libfc]\n process_one_work+0x1a7/0x360\n ? create_worker+0x1a0/0x1a0\n worker_thread+0x30/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x116/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x35/0x40\n ---[ end trace 008f00f722f2c2ff ]--\n\nInitialize stag work for all the vports." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0be556512cd0dfcf5ec1a140d9f42d88221a5d4e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1f53bbf27a876f7e61262bd74c18680ac11d4c31", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa7352aa155e19815b41f09f114fe9f110fde4d8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b70a99fd13282d7885f69bf1372e28b7506a1613", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48826.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48826.json new file mode 100644 index 00000000000..a3f30f9a01a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48826.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48826", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.347", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: Fix deadlock on DSI device attach error\n\nDSI device attach to DSI host will be done with host device's lock\nheld.\n\nUn-registering host in \"device attach\" error path (ex: probe retry)\nwill result in deadlock with below call trace and non operational\nDSI display.\n\nStartup Call trace:\n[ 35.043036] rt_mutex_slowlock.constprop.21+0x184/0x1b8\n[ 35.043048] mutex_lock_nested+0x7c/0xc8\n[ 35.043060] device_del+0x4c/0x3e8\n[ 35.043075] device_unregister+0x20/0x40\n[ 35.043082] mipi_dsi_remove_device_fn+0x18/0x28\n[ 35.043093] device_for_each_child+0x68/0xb0\n[ 35.043105] mipi_dsi_host_unregister+0x40/0x90\n[ 35.043115] vc4_dsi_host_attach+0xf0/0x120 [vc4]\n[ 35.043199] mipi_dsi_attach+0x30/0x48\n[ 35.043209] tc358762_probe+0x128/0x164 [tc358762]\n[ 35.043225] mipi_dsi_drv_probe+0x28/0x38\n[ 35.043234] really_probe+0xc0/0x318\n[ 35.043244] __driver_probe_device+0x80/0xe8\n[ 35.043254] driver_probe_device+0xb8/0x118\n[ 35.043263] __device_attach_driver+0x98/0xe8\n[ 35.043273] bus_for_each_drv+0x84/0xd8\n[ 35.043281] __device_attach+0xf0/0x150\n[ 35.043290] device_initial_probe+0x1c/0x28\n[ 35.043300] bus_probe_device+0xa4/0xb0\n[ 35.043308] deferred_probe_work_func+0xa0/0xe0\n[ 35.043318] process_one_work+0x254/0x700\n[ 35.043330] worker_thread+0x4c/0x448\n[ 35.043339] kthread+0x19c/0x1a8\n[ 35.043348] ret_from_fork+0x10/0x20\n\nShutdown Call trace:\n[ 365.565417] Call trace:\n[ 365.565423] __switch_to+0x148/0x200\n[ 365.565452] __schedule+0x340/0x9c8\n[ 365.565467] schedule+0x48/0x110\n[ 365.565479] schedule_timeout+0x3b0/0x448\n[ 365.565496] wait_for_completion+0xac/0x138\n[ 365.565509] __flush_work+0x218/0x4e0\n[ 365.565523] flush_work+0x1c/0x28\n[ 365.565536] wait_for_device_probe+0x68/0x158\n[ 365.565550] device_shutdown+0x24/0x348\n[ 365.565561] kernel_restart_prepare+0x40/0x50\n[ 365.565578] kernel_restart+0x20/0x70\n[ 365.565591] __do_sys_reboot+0x10c/0x220\n[ 365.565605] __arm64_sys_reboot+0x2c/0x38\n[ 365.565619] invoke_syscall+0x4c/0x110\n[ 365.565634] el0_svc_common.constprop.3+0xfc/0x120\n[ 365.565648] do_el0_svc+0x2c/0x90\n[ 365.565661] el0_svc+0x4c/0xf0\n[ 365.565671] el0t_64_sync_handler+0x90/0xb8\n[ 365.565682] el0t_64_sync+0x180/0x184" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0a3d12ab5097b1d045e693412e6b366b7e82031b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/770d1ba9a8201ce9bee0946eb03746449b6f3b80", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dddd832f35096fbc5004e3a7e58fb4d2cefb8deb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48827.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48827.json new file mode 100644 index 00000000000..a9233049e1e --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48827.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48827", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.420", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix the behavior of READ near OFFSET_MAX\n\nDan Aloni reports:\n> Due to commit 8cfb9015280d (\"NFS: Always provide aligned buffers to\n> the RPC read layers\") on the client, a read of 0xfff is aligned up\n> to server rsize of 0x1000.\n>\n> As a result, in a test where the server has a file of size\n> 0x7fffffffffffffff, and the client tries to read from the offset\n> 0x7ffffffffffff000, the read causes loff_t overflow in the server\n> and it returns an NFS code of EINVAL to the client. The client as\n> a result indefinitely retries the request.\n\nThe Linux NFS client does not handle NFS?ERR_INVAL, even though all\nNFS specifications permit servers to return that status code for a\nREAD.\n\nInstead of NFS?ERR_INVAL, have out-of-range READ requests succeed\nand return a short result. Set the EOF flag in the result to prevent\nthe client from retrying the READ request. This behavior appears to\nbe consistent with Solaris NFS servers.\n\nNote that NFSv3 and NFSv4 use u64 offset values on the wire. These\nmust be converted to loff_t internally before use -- an implicit\ntype cast is not adequate for this purpose. Otherwise VFS checks\nagainst sb->s_maxbytes do not work properly." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0cb4d23ae08c48f6bf3c29a8e5c4a74b8388b960", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1726a39b0879acfb490b22dca643f26f4f907da9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/44502aca8e02ab32d6b0eb52e006a5ec9402719b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6eff5c4277146a78b4fb8c9b668dd64542c41b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48828.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48828.json new file mode 100644 index 00000000000..40b2dcb9c31 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48828.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48828", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.477", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix ia_size underflow\n\niattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and\nNFSv4 both define file size as an unsigned 64-bit type. Thus there\nis a range of valid file size values an NFS client can send that is\nalready larger than Linux can handle.\n\nCurrently decode_fattr4() dumps a full u64 value into ia_size. If\nthat value happens to be larger than S64_MAX, then ia_size\nunderflows. I'm about to fix up the NFSv3 behavior as well, so let's\ncatch the underflow in the common code path: nfsd_setattr()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/38d02ba22e43b6fc7d291cf724bc6e3b7be6626b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8e0ecaf7a7e57b30284d6b3289cc436100fadc48", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/da22ca1ad548429d7822011c54cfe210718e0aa7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6faac3f58c7c4176b66f63def17a34232a17b0e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48829.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48829.json new file mode 100644 index 00000000000..793e1a76a39 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48829.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48829", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.550", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes\n\niattr::ia_size is a loff_t, so these NFSv3 procedures must be\ncareful to deal with incoming client size values that are larger\nthan s64_max without corrupting the value.\n\nSilently capping the value results in storing a different value\nthan the client passed in which is unexpected behavior, so remove\nthe min_t() check in decode_sattr3().\n\nNote that RFC 1813 permits only the WRITE procedure to return\nNFS3ERR_FBIG. We believe that NFSv3 reference implementations\nalso return NFS3ERR_FBIG when ia_size is too large." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/37f2d2cd8eadddbbd9c7bda327a9393399b2f89b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a231ae6bb50e7c0a9e9efd7b0d10687f1d71b3a3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a648fdeb7c0e17177a2280344d015dba3fbe3314", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa9051ddb4b378bd22e72a67bc77b9fc1482c5f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48830.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48830.json new file mode 100644 index 00000000000..9aee2a3d147 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48830.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48830", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.613", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: isotp: fix potential CAN frame reception race in isotp_rcv()\n\nWhen receiving a CAN frame the current code logic does not consider\nconcurrently receiving processes which do not show up in real world\nusage.\n\nZiyang Xuan writes:\n\nThe following syz problem is one of the scenarios. so->rx.len is\nchanged by isotp_rcv_ff() during isotp_rcv_cf(), so->rx.len equals\n0 before alloc_skb() and equals 4096 after alloc_skb(). That will\ntrigger skb_over_panic() in skb_put().\n\n=======================================================\nCPU: 1 PID: 19 Comm: ksoftirqd/1 Not tainted 5.16.0-rc8-syzkaller #0\nRIP: 0010:skb_panic+0x16c/0x16e net/core/skbuff.c:113\nCall Trace:\n \n skb_over_panic net/core/skbuff.c:118 [inline]\n skb_put.cold+0x24/0x24 net/core/skbuff.c:1990\n isotp_rcv_cf net/can/isotp.c:570 [inline]\n isotp_rcv+0xa38/0x1e30 net/can/isotp.c:668\n deliver net/can/af_can.c:574 [inline]\n can_rcv_filter+0x445/0x8d0 net/can/af_can.c:635\n can_receive+0x31d/0x580 net/can/af_can.c:665\n can_rcv+0x120/0x1c0 net/can/af_can.c:696\n __netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:5465\n __netif_receive_skb+0x24/0x1b0 net/core/dev.c:5579\n\nTherefore we make sure the state changes and data structures stay\nconsistent at CAN frame reception time by adding a spin_lock in\nisotp_rcv(). This fixes the issue reported by syzkaller but does not\naffect real world operation." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5b068f33bc8acfcfd5ea7992a2dafb30d89bad30", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7b53d2204ce79b27a878074a77d64f40ec21dbca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7c759040c1dd03954f650f147ae7175476d51314", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f90cc68f9f4b5d8585ad5d0a206a9d37ac299ef3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48831.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48831.json new file mode 100644 index 00000000000..9169319941a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48831.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48831", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.683", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: fix reference leak in asymmetric_verify()\n\nDon't leak a reference to the key if its algorithm is unknown." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0838d6d68182f0b28a5434bc6d50727c4757e35b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/89f586d3398f4cc0432ed870949dffb702940754", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/926fd9f23b27ca6587492c3f58f4c7f4cd01dad5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48832.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48832.json new file mode 100644 index 00000000000..b703997b572 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48832.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48832", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T12:15:06.750", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: don't deref the syscall args when checking the openat2 open_how::flags\n\nAs reported by Jeff, dereferencing the openat2 syscall argument in\naudit_match_perm() to obtain the open_how::flags can result in an\noops/page-fault. This patch fixes this by using the open_how struct\nthat we store in the audit_context with audit_openat2_how().\n\nIndependent of this patch, Richard Guy Briggs posted a similar patch\nto the audit mailing list roughly 40 minutes after this patch was\nposted." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/310c9ddfdf1f8d3c9834f02175eae79c8b254b6c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7a82f89de92aac5a244d3735b2bd162c1147620c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48833.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48833.json new file mode 100644 index 00000000000..967ee72056d --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48833.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48833", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:10.897", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: skip reserved bytes warning on unmount after log cleanup failure\n\nAfter the recent changes made by commit c2e39305299f01 (\"btrfs: clear\nextent buffer uptodate when we fail to write it\") and its followup fix,\ncommit 651740a5024117 (\"btrfs: check WRITE_ERR when trying to read an\nextent buffer\"), we can now end up not cleaning up space reservations of\nlog tree extent buffers after a transaction abort happens, as well as not\ncleaning up still dirty extent buffers.\n\nThis happens because if writeback for a log tree extent buffer failed,\nthen we have cleared the bit EXTENT_BUFFER_UPTODATE from the extent buffer\nand we have also set the bit EXTENT_BUFFER_WRITE_ERR on it. Later on,\nwhen trying to free the log tree with free_log_tree(), which iterates\nover the tree, we can end up getting an -EIO error when trying to read\na node or a leaf, since read_extent_buffer_pages() returns -EIO if an\nextent buffer does not have EXTENT_BUFFER_UPTODATE set and has the\nEXTENT_BUFFER_WRITE_ERR bit set. Getting that -EIO means that we return\nimmediately as we can not iterate over the entire tree.\n\nIn that case we never update the reserved space for an extent buffer in\nthe respective block group and space_info object.\n\nWhen this happens we get the following traces when unmounting the fs:\n\n[174957.284509] BTRFS: error (device dm-0) in cleanup_transaction:1913: errno=-5 IO failure\n[174957.286497] BTRFS: error (device dm-0) in free_log_tree:3420: errno=-5 IO failure\n[174957.399379] ------------[ cut here ]------------\n[174957.402497] WARNING: CPU: 2 PID: 3206883 at fs/btrfs/block-group.c:127 btrfs_put_block_group+0x77/0xb0 [btrfs]\n[174957.407523] Modules linked in: btrfs overlay dm_zero (...)\n[174957.424917] CPU: 2 PID: 3206883 Comm: umount Tainted: G W 5.16.0-rc5-btrfs-next-109 #1\n[174957.426689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[174957.428716] RIP: 0010:btrfs_put_block_group+0x77/0xb0 [btrfs]\n[174957.429717] Code: 21 48 8b bd (...)\n[174957.432867] RSP: 0018:ffffb70d41cffdd0 EFLAGS: 00010206\n[174957.433632] RAX: 0000000000000001 RBX: ffff8b09c3848000 RCX: ffff8b0758edd1c8\n[174957.434689] RDX: 0000000000000001 RSI: ffffffffc0b467e7 RDI: ffff8b0758edd000\n[174957.436068] RBP: ffff8b0758edd000 R08: 0000000000000000 R09: 0000000000000000\n[174957.437114] R10: 0000000000000246 R11: 0000000000000000 R12: ffff8b09c3848148\n[174957.438140] R13: ffff8b09c3848198 R14: ffff8b0758edd188 R15: dead000000000100\n[174957.439317] FS: 00007f328fb82800(0000) GS:ffff8b0a2d200000(0000) knlGS:0000000000000000\n[174957.440402] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[174957.441164] CR2: 00007fff13563e98 CR3: 0000000404f4e005 CR4: 0000000000370ee0\n[174957.442117] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[174957.443076] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[174957.443948] Call Trace:\n[174957.444264] \n[174957.444538] btrfs_free_block_groups+0x255/0x3c0 [btrfs]\n[174957.445238] close_ctree+0x301/0x357 [btrfs]\n[174957.445803] ? call_rcu+0x16c/0x290\n[174957.446250] generic_shutdown_super+0x74/0x120\n[174957.446832] kill_anon_super+0x14/0x30\n[174957.447305] btrfs_kill_super+0x12/0x20 [btrfs]\n[174957.447890] deactivate_locked_super+0x31/0xa0\n[174957.448440] cleanup_mnt+0x147/0x1c0\n[174957.448888] task_work_run+0x5c/0xa0\n[174957.449336] exit_to_user_mode_prepare+0x1e5/0x1f0\n[174957.449934] syscall_exit_to_user_mode+0x16/0x40\n[174957.450512] do_syscall_64+0x48/0xc0\n[174957.450980] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[174957.451605] RIP: 0033:0x7f328fdc4a97\n[174957.452059] Code: 03 0c 00 f7 (...)\n[174957.454320] RSP: 002b:00007fff13564ec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n[174957.455262] RAX: 0000000000000000 RBX: 00007f328feea264 RCX: 00007f328fdc4a97\n[174957.456131] RDX: 0000000000000000 RSI: 00000000000000\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/40cdc509877bacb438213b83c7541c5e24a1d9ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/44557a8f539a822c91238c1f95a95f98a5093d82", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4c5d94990fa2fd609360ecd0f7e183212a7d115c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48834.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48834.json new file mode 100644 index 00000000000..b3bf95390c7 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48834.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48834", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:10.983", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: usbtmc: Fix bug in pipe direction for control transfers\n\nThe syzbot fuzzer reported a minor bug in the usbtmc driver:\n\nusb 5-1: BOGUS control dir, pipe 80001e80 doesn't match bRequestType 0\nWARNING: CPU: 0 PID: 3813 at drivers/usb/core/urb.c:412\nusb_submit_urb+0x13a5/0x1970 drivers/usb/core/urb.c:410\nModules linked in:\nCPU: 0 PID: 3813 Comm: syz-executor122 Not tainted\n5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\n...\nCall Trace:\n \n usb_start_wait_urb+0x113/0x530 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x2a5/0x4b0 drivers/usb/core/message.c:153\n usbtmc_ioctl_request drivers/usb/class/usbtmc.c:1947 [inline]\n\nThe problem is that usbtmc_ioctl_request() uses usb_rcvctrlpipe() for\nall of its transfers, whether they are in or out. It's easy to fix." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/10a805334a11acd547602d6c4cf540a0f6ab5c6e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f6a2d63c68c12cf61259df7c3527a0e05dce952", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/700a0715854c1e79a73341724ce4f5bb01abc016", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c69aef9db878ab277068a8cc1b4bf0cf309dc2b7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e9b667a82cdcfe21d590344447d65daed52b353b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48835.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48835.json new file mode 100644 index 00000000000..f38928f85a8 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48835.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48835", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.053", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Page fault in reply q processing\n\nA page fault was encountered in mpt3sas on a LUN reset error path:\n\n[ 145.763216] mpt3sas_cm1: Task abort tm failed: handle(0x0002),timeout(30) tr_method(0x0) smid(3) msix_index(0)\n[ 145.778932] scsi 1:0:0:0: task abort: FAILED scmd(0x0000000024ba29a2)\n[ 145.817307] scsi 1:0:0:0: attempting device reset! scmd(0x0000000024ba29a2)\n[ 145.827253] scsi 1:0:0:0: [sg1] tag#2 CDB: Receive Diagnostic 1c 01 01 ff fc 00\n[ 145.837617] scsi target1:0:0: handle(0x0002), sas_address(0x500605b0000272b9), phy(0)\n[ 145.848598] scsi target1:0:0: enclosure logical id(0x500605b0000272b8), slot(0)\n[ 149.858378] mpt3sas_cm1: Poll ReplyDescriptor queues for completion of smid(0), task_type(0x05), handle(0x0002)\n[ 149.875202] BUG: unable to handle page fault for address: 00000007fffc445d\n[ 149.885617] #PF: supervisor read access in kernel mode\n[ 149.894346] #PF: error_code(0x0000) - not-present page\n[ 149.903123] PGD 0 P4D 0\n[ 149.909387] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 149.917417] CPU: 24 PID: 3512 Comm: scsi_eh_1 Kdump: loaded Tainted: G S O 5.10.89-altav-1 #1\n[ 149.934327] Hardware name: DDN 200NVX2 /200NVX2-MB , BIOS ATHG2.2.02.01 09/10/2021\n[ 149.951871] RIP: 0010:_base_process_reply_queue+0x4b/0x900 [mpt3sas]\n[ 149.961889] Code: 0f 84 22 02 00 00 8d 48 01 49 89 fd 48 8d 57 38 f0 0f b1 4f 38 0f 85 d8 01 00 00 49 8b 45 10 45 31 e4 41 8b 55 0c 48 8d 1c d0 <0f> b6 03 83 e0 0f 3c 0f 0f 85 a2 00 00 00 e9 e6 01 00 00 0f b7 ee\n[ 149.991952] RSP: 0018:ffffc9000f1ebcb8 EFLAGS: 00010246\n[ 150.000937] RAX: 0000000000000055 RBX: 00000007fffc445d RCX: 000000002548f071\n[ 150.011841] RDX: 00000000ffff8881 RSI: 0000000000000001 RDI: ffff888125ed50d8\n[ 150.022670] RBP: 0000000000000000 R08: 0000000000000000 R09: c0000000ffff7fff\n[ 150.033445] R10: ffffc9000f1ebb68 R11: ffffc9000f1ebb60 R12: 0000000000000000\n[ 150.044204] R13: ffff888125ed50d8 R14: 0000000000000080 R15: 34cdc00034cdea80\n[ 150.054963] FS: 0000000000000000(0000) GS:ffff88dfaf200000(0000) knlGS:0000000000000000\n[ 150.066715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 150.076078] CR2: 00000007fffc445d CR3: 000000012448a006 CR4: 0000000000770ee0\n[ 150.086887] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 150.097670] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 150.108323] PKRU: 55555554\n[ 150.114690] Call Trace:\n[ 150.120497] ? printk+0x48/0x4a\n[ 150.127049] mpt3sas_scsih_issue_tm.cold.114+0x2e/0x2b3 [mpt3sas]\n[ 150.136453] mpt3sas_scsih_issue_locked_tm+0x86/0xb0 [mpt3sas]\n[ 150.145759] scsih_dev_reset+0xea/0x300 [mpt3sas]\n[ 150.153891] scsi_eh_ready_devs+0x541/0x9e0 [scsi_mod]\n[ 150.162206] ? __scsi_host_match+0x20/0x20 [scsi_mod]\n[ 150.170406] ? scsi_try_target_reset+0x90/0x90 [scsi_mod]\n[ 150.178925] ? blk_mq_tagset_busy_iter+0x45/0x60\n[ 150.186638] ? scsi_try_target_reset+0x90/0x90 [scsi_mod]\n[ 150.195087] scsi_error_handler+0x3a5/0x4a0 [scsi_mod]\n[ 150.203206] ? __schedule+0x1e9/0x610\n[ 150.209783] ? scsi_eh_get_sense+0x210/0x210 [scsi_mod]\n[ 150.217924] kthread+0x12e/0x150\n[ 150.224041] ? kthread_worker_fn+0x130/0x130\n[ 150.231206] ret_from_fork+0x1f/0x30\n\nThis is caused by mpt3sas_base_sync_reply_irqs() using an invalid reply_q\npointer outside of the list_for_each_entry() loop. At the end of the full\nlist traversal the pointer is invalid.\n\nMove the _base_process_reply_queue() call inside of the loop." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0cd2dd4bcf4abc812148c4943f966a3c8dccb00f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3916e33b917581e2b2086e856c291cb86ea98a05", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/69ad4ef868c1fc7609daa235dfa46d28ba7a3ba3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/98e7a654a5bebaf1a28e987af5e44c002544a413", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48836.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48836.json new file mode 100644 index 00000000000..2b28ae8655b --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48836.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48836", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.133", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: aiptek - properly check endpoint type\n\nSyzbot reported warning in usb_submit_urb() which is caused by wrong\nendpoint type. There was a check for the number of endpoints, but not\nfor the type of endpoint.\n\nFix it by replacing old desc.bNumEndpoints check with\nusb_find_common_endpoints() helper for finding endpoints\n\nFail log:\n\nusb 5-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 2 PID: 48 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\nModules linked in:\nCPU: 2 PID: 48 Comm: kworker/2:2 Not tainted 5.17.0-rc6-syzkaller-00226-g07ebd38a0da2 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nWorkqueue: usb_hub_wq hub_event\n...\nCall Trace:\n \n aiptek_open+0xd5/0x130 drivers/input/tablet/aiptek.c:830\n input_open_device+0x1bb/0x320 drivers/input/input.c:629\n kbd_connect+0xfe/0x160 drivers/tty/vt/keyboard.c:1593" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/35069e654bcab567ff8b9f0e68e1caf82c15dcd7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5600f6986628dde8881734090588474f54a540a8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/57277a8b5d881e02051ba9d7f6cb3f915c229821", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6de20111cd0bb7da9b2294073ba00c7d2a6c1c4f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e732b0412f8c603d1e998f3bff41b5e7d5c3914c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e762f57ff255af28236cd02ca9fc5c7e5a089d31", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0d43d22d24182b94d7eb78a2bf6ae7e2b33204a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fc8033a55e2796d21e370260a784ac9fbb8305a6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48837.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48837.json new file mode 100644 index 00000000000..14061c59b43 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48837.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48837", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.203", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: rndis: prevent integer overflow in rndis_set_response()\n\nIf \"BufOffset\" is very large the \"BufOffset + 8\" operation can have an\ninteger overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48838.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48838.json new file mode 100644 index 00000000000..e9905249bb3 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48838.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48838", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.280", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: Fix use-after-free bug by not setting udc->dev.driver\n\nThe syzbot fuzzer found a use-after-free bug:\n\nBUG: KASAN: use-after-free in dev_uevent+0x712/0x780 drivers/base/core.c:2320\nRead of size 8 at addr ffff88802b934098 by task udevd/3689\n\nCPU: 2 PID: 3689 Comm: udevd Not tainted 5.17.0-rc4-syzkaller-00229-g4f12b742eb2b #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x303 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n dev_uevent+0x712/0x780 drivers/base/core.c:2320\n uevent_show+0x1b8/0x380 drivers/base/core.c:2391\n dev_attr_show+0x4b/0x90 drivers/base/core.c:2094\n\nAlthough the bug manifested in the driver core, the real cause was a\nrace with the gadget core. dev_uevent() does:\n\n\tif (dev->driver)\n\t\tadd_uevent_var(env, \"DRIVER=%s\", dev->driver->name);\n\nand between the test and the dereference of dev->driver, the gadget\ncore sets dev->driver to NULL.\n\nThe race wouldn't occur if the gadget core registered its devices on\na real bus, using the standard synchronization techniques of the\ndriver core. However, it's not necessary to make such a large change\nin order to fix this bug; all we need to do is make sure that\nudc->dev.driver is always NULL.\n\nIn fact, there is no reason for udc->dev.driver ever to be set to\nanything, let alone to the value it currently gets: the address of the\ngadget's driver. After all, a gadget driver only knows how to manage\na gadget, not how to manage a UDC.\n\nThis patch simply removes the statements in the gadget core that touch\nudc->dev.driver." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00bdd9bf1ac6d401ad926d3d8df41b9f1399f646", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/16b1941eac2bd499f065a6739a40ce0011a3d740", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2015c23610cd0efadaeca4d3a8d1dae9a45aa35a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2282a6eb6d4e118e294e43dcc421e0e0fe4040b5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/27d64436984fb8835a8b7e95993193cc478b162e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4325124dde6726267813c736fee61226f1d38f0b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/609a7119bffe3ddd7c93f2fa65be8917e02a0b7e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e2d3a7009e505e120805f449c832942660f3f7f3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48839.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48839.json new file mode 100644 index 00000000000..ba57c01dcf0 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48839.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48839", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.353", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix slab-out-of-bounds access in packet_recvmsg()\n\nsyzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH\nand mmap operations, tpacket_rcv() is queueing skbs with\ngarbage in skb->cb[], triggering a too big copy [1]\n\nPresumably, users of af_packet using mmap() already gets correct\nmetadata from the mapped buffer, we can simply make sure\nto clear 12 bytes that might be copied to user space later.\n\nBUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline]\nBUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\nWrite of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631\n\nCPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189\n memcpy+0x39/0x60 mm/kasan/shadow.c:66\n memcpy include/linux/fortify-string.h:225 [inline]\n packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n sock_recvmsg net/socket.c:962 [inline]\n ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632\n ___sys_recvmsg+0x127/0x200 net/socket.c:2674\n __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fdfd5954c29\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29\nRDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60\nR13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54\n \n\naddr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame:\n ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246\n\nthis frame has 1 object:\n [32, 160) 'addr'\n\nMemory state around the buggy address:\n ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00\n ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00\n>ffffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3\n ^\n ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1\n ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00\n==================================================================" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/268dcf1f7b3193bc446ec3d14e08a240e9561e4d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70b7b3c055fd4a464da8da55ff4c1f84269f9b02", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a055f5f2841f7522b44a2b1eccb1951b4b03d51a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a33dd1e6693f80d805155b3f69c18c2f642915da", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b1e27cda1e3c12b705875bb7e247a97168580e33", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9d5772d60f8e7ef34e290f72fc20e3a4883e7d0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c700525fcc06b05adfea78039de02628af79e07a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ef591b35176029fdefea38e8388ffa371e18f4b2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48840.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48840.json new file mode 100644 index 00000000000..a57626e1f9a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48840.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48840", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.440", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix hang during reboot/shutdown\n\nRecent commit 974578017fc1 (\"iavf: Add waiting so the port is\ninitialized in remove\") adds a wait-loop at the beginning of\niavf_remove() to ensure that port initialization is finished\nprior unregistering net device. This causes a regression\nin reboot/shutdown scenario because in this case callback\niavf_shutdown() is called and this callback detaches the device,\nmakes it down if it is running and sets its state to __IAVF_REMOVE.\nLater shutdown callback of associated PF driver (e.g. ice_shutdown)\nis called. That callback calls among other things sriov_disable()\nthat calls indirectly iavf_remove() (see stack trace below).\nAs the adapter state is already __IAVF_REMOVE then the mentioned\nloop is end-less and shutdown process hangs.\n\nThe patch fixes this by checking adapter's state at the beginning\nof iavf_remove() and skips the rest of the function if the adapter\nis already in remove state (shutdown is in progress).\n\nReproducer:\n1. Create VF on PF driven by ice or i40e driver\n2. Ensure that the VF is bound to iavf driver\n3. Reboot\n\n[52625.981294] sysrq: SysRq : Show Blocked State\n[52625.988377] task:reboot state:D stack: 0 pid:17359 ppid: 1 f2\n[52625.996732] Call Trace:\n[52625.999187] __schedule+0x2d1/0x830\n[52626.007400] schedule+0x35/0xa0\n[52626.010545] schedule_hrtimeout_range_clock+0x83/0x100\n[52626.020046] usleep_range+0x5b/0x80\n[52626.023540] iavf_remove+0x63/0x5b0 [iavf]\n[52626.027645] pci_device_remove+0x3b/0xc0\n[52626.031572] device_release_driver_internal+0x103/0x1f0\n[52626.036805] pci_stop_bus_device+0x72/0xa0\n[52626.040904] pci_stop_and_remove_bus_device+0xe/0x20\n[52626.045870] pci_iov_remove_virtfn+0xba/0x120\n[52626.050232] sriov_disable+0x2f/0xe0\n[52626.053813] ice_free_vfs+0x7c/0x340 [ice]\n[52626.057946] ice_remove+0x220/0x240 [ice]\n[52626.061967] ice_shutdown+0x16/0x50 [ice]\n[52626.065987] pci_device_shutdown+0x34/0x60\n[52626.070086] device_shutdown+0x165/0x1c5\n[52626.074011] kernel_restart+0xe/0x30\n[52626.077593] __do_sys_reboot+0x1d2/0x210\n[52626.093815] do_syscall_64+0x5b/0x1a0\n[52626.097483] entry_SYSCALL_64_after_hwframe+0x65/0xca" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4477b9a4193b35eb3a8afd2adf2d42add2f88d57", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80974bb730270199c6fcb189af04d5945b87e813", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b04683ff8f0823b869c219c78ba0d974bddea0b5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48841.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48841.json new file mode 100644 index 00000000000..9d28f7a7df3 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48841.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48841", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.513", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()\n\nIt is possible to do NULL pointer dereference in routine that updates\nTx ring stats. Currently only stats and bytes are updated when ring\npointer is valid, but later on ring is accessed to propagate gathered Tx\nstats onto VSI stats.\n\nChange the existing logic to move to next ring when ring is NULL." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48842.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48842.json new file mode 100644 index 00000000000..1fa11d0e964 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48842.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48842", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.577", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix race condition during interface enslave\n\nCommit 5dbbbd01cbba83 (\"ice: Avoid RTNL lock when re-creating\nauxiliary device\") changes a process of re-creation of aux device\nso ice_plug_aux_dev() is called from ice_service_task() context.\nThis unfortunately opens a race window that can result in dead-lock\nwhen interface has left LAG and immediately enters LAG again.\n\nReproducer:\n```\n#!/bin/sh\n\nip link add lag0 type bond mode 1 miimon 100\nip link set lag0\n\nfor n in {1..10}; do\n echo Cycle: $n\n ip link set ens7f0 master lag0\n sleep 1\n ip link set ens7f0 nomaster\ndone\n```\n\nThis results in:\n[20976.208697] Workqueue: ice ice_service_task [ice]\n[20976.213422] Call Trace:\n[20976.215871] __schedule+0x2d1/0x830\n[20976.219364] schedule+0x35/0xa0\n[20976.222510] schedule_preempt_disabled+0xa/0x10\n[20976.227043] __mutex_lock.isra.7+0x310/0x420\n[20976.235071] enum_all_gids_of_dev_cb+0x1c/0x100 [ib_core]\n[20976.251215] ib_enum_roce_netdev+0xa4/0xe0 [ib_core]\n[20976.256192] ib_cache_setup_one+0x33/0xa0 [ib_core]\n[20976.261079] ib_register_device+0x40d/0x580 [ib_core]\n[20976.266139] irdma_ib_register_device+0x129/0x250 [irdma]\n[20976.281409] irdma_probe+0x2c1/0x360 [irdma]\n[20976.285691] auxiliary_bus_probe+0x45/0x70\n[20976.289790] really_probe+0x1f2/0x480\n[20976.298509] driver_probe_device+0x49/0xc0\n[20976.302609] bus_for_each_drv+0x79/0xc0\n[20976.306448] __device_attach+0xdc/0x160\n[20976.310286] bus_probe_device+0x9d/0xb0\n[20976.314128] device_add+0x43c/0x890\n[20976.321287] __auxiliary_device_add+0x43/0x60\n[20976.325644] ice_plug_aux_dev+0xb2/0x100 [ice]\n[20976.330109] ice_service_task+0xd0c/0xed0 [ice]\n[20976.342591] process_one_work+0x1a7/0x360\n[20976.350536] worker_thread+0x30/0x390\n[20976.358128] kthread+0x10a/0x120\n[20976.365547] ret_from_fork+0x1f/0x40\n...\n[20976.438030] task:ip state:D stack: 0 pid:213658 ppid:213627 flags:0x00004084\n[20976.446469] Call Trace:\n[20976.448921] __schedule+0x2d1/0x830\n[20976.452414] schedule+0x35/0xa0\n[20976.455559] schedule_preempt_disabled+0xa/0x10\n[20976.460090] __mutex_lock.isra.7+0x310/0x420\n[20976.464364] device_del+0x36/0x3c0\n[20976.467772] ice_unplug_aux_dev+0x1a/0x40 [ice]\n[20976.472313] ice_lag_event_handler+0x2a2/0x520 [ice]\n[20976.477288] notifier_call_chain+0x47/0x70\n[20976.481386] __netdev_upper_dev_link+0x18b/0x280\n[20976.489845] bond_enslave+0xe05/0x1790 [bonding]\n[20976.494475] do_setlink+0x336/0xf50\n[20976.502517] __rtnl_newlink+0x529/0x8b0\n[20976.543441] rtnl_newlink+0x43/0x60\n[20976.546934] rtnetlink_rcv_msg+0x2b1/0x360\n[20976.559238] netlink_rcv_skb+0x4c/0x120\n[20976.563079] netlink_unicast+0x196/0x230\n[20976.567005] netlink_sendmsg+0x204/0x3d0\n[20976.570930] sock_sendmsg+0x4c/0x50\n[20976.574423] ____sys_sendmsg+0x1eb/0x250\n[20976.586807] ___sys_sendmsg+0x7c/0xc0\n[20976.606353] __sys_sendmsg+0x57/0xa0\n[20976.609930] do_syscall_64+0x5b/0x1a0\n[20976.613598] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n1. Command 'ip link ... set nomaster' causes that ice_plug_aux_dev()\n is called from ice_service_task() context, aux device is created\n and associated device->lock is taken.\n2. Command 'ip link ... set master...' calls ice's notifier under\n RTNL lock and that notifier calls ice_unplug_aux_dev(). That\n function tries to take aux device->lock but this is already taken\n by ice_plug_aux_dev() in step 1\n3. Later ice_plug_aux_dev() tries to take RTNL lock but this is already\n taken in step 2\n4. Dead-lock\n\nThe patch fixes this issue by following changes:\n- Bit ICE_FLAG_PLUG_AUX_DEV is kept to be set during ice_plug_aux_dev()\n call in ice_service_task()\n- The bit is checked in ice_clear_rdma_cap() and only if it is not set\n then ice_unplug_aux_dev() is called. If it is set (in other words\n plugging of aux device was requested and ice_plug_aux_dev() is\n potentially running) then the function only clears the\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5cb1ebdbc4342b1c2ce89516e19808d64417bdbc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a9bbacc53d1f5ed8febbfdf31401d20e005f49ef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e1014fc5572375658fa421531cedb6e084f477dc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48843.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48843.json new file mode 100644 index 00000000000..6933d45ec00 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48843.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48843", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.650", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vrr: Set VRR capable prop only if it is attached to connector\n\nVRR capable property is not attached by default to the connector\nIt is attached only if VRR is supported.\nSo if the driver tries to call drm core set prop function without\nit being attached that causes NULL dereference." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ba557d330946c23559aaea2d51ea649fdeca98a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3534c5c005ef99a1804ed50b8a72cdae254cabb5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/62929726ef0ec72cbbe9440c5d125d4278b99894", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/85271e92ae4f13aa679acaa6cf76b3c36bcb7bab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/941e8bcd2b2ba95490738e33dfeca27168452779", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48844.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48844.json new file mode 100644 index 00000000000..fd30c20db9d --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48844.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48844", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.733", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix leaking sent_cmd skb\n\nsent_cmd memory is not freed before freeing hci_dev causing it to leak\nit contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3679ccc09d8806686d579095ed504e045af7f7d6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9473d06bd1c8da49eafb685aa95a290290c672dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dd3b1dc3dd050f1f47cd13e300732852414270f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48845.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48845.json new file mode 100644 index 00000000000..f853035ca53 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48845.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48845", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.803", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nMIPS: smp: fill in sibling and core maps earlier\n\nAfter enabling CONFIG_SCHED_CORE (landed during 5.14 cycle),\n2-core 2-thread-per-core interAptiv (CPS-driven) started emitting\nthe following:\n\n[ 0.025698] CPU1 revision is: 0001a120 (MIPS interAptiv (multi))\n[ 0.048183] ------------[ cut here ]------------\n[ 0.048187] WARNING: CPU: 1 PID: 0 at kernel/sched/core.c:6025 sched_core_cpu_starting+0x198/0x240\n[ 0.048220] Modules linked in:\n[ 0.048233] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.17.0-rc3+ #35 b7b319f24073fd9a3c2aa7ad15fb7993eec0b26f\n[ 0.048247] Stack : 817f0000 00000004 327804c8 810eb050 00000000 00000004 00000000 c314fdd1\n[ 0.048278] 830cbd64 819c0000 81800000 817f0000 83070bf4 00000001 830cbd08 00000000\n[ 0.048307] 00000000 00000000 815fcbc4 00000000 00000000 00000000 00000000 00000000\n[ 0.048334] 00000000 00000000 00000000 00000000 817f0000 00000000 00000000 817f6f34\n[ 0.048361] 817f0000 818a3c00 817f0000 00000004 00000000 00000000 4dc33260 0018c933\n[ 0.048389] ...\n[ 0.048396] Call Trace:\n[ 0.048399] [<8105a7bc>] show_stack+0x3c/0x140\n[ 0.048424] [<8131c2a0>] dump_stack_lvl+0x60/0x80\n[ 0.048440] [<8108b5c0>] __warn+0xc0/0xf4\n[ 0.048454] [<8108b658>] warn_slowpath_fmt+0x64/0x10c\n[ 0.048467] [<810bd418>] sched_core_cpu_starting+0x198/0x240\n[ 0.048483] [<810c6514>] sched_cpu_starting+0x14/0x80\n[ 0.048497] [<8108c0f8>] cpuhp_invoke_callback_range+0x78/0x140\n[ 0.048510] [<8108d914>] notify_cpu_starting+0x94/0x140\n[ 0.048523] [<8106593c>] start_secondary+0xbc/0x280\n[ 0.048539]\n[ 0.048543] ---[ end trace 0000000000000000 ]---\n[ 0.048636] Synchronize counters for CPU 1: done.\n\n...for each but CPU 0/boot.\nBasic debug printks right before the mentioned line say:\n\n[ 0.048170] CPU: 1, smt_mask:\n\nSo smt_mask, which is sibling mask obviously, is empty when entering\nthe function.\nThis is critical, as sched_core_cpu_starting() calculates\ncore-scheduling parameters only once per CPU start, and it's crucial\nto have all the parameters filled in at that moment (at least it\nuses cpu_smt_mask() which in fact is `&cpu_sibling_map[cpu]` on\nMIPS).\n\nA bit of debugging led me to that set_cpu_sibling_map() performing\nthe actual map calculation, was being invocated after\nnotify_cpu_start(), and exactly the latter function starts CPU HP\ncallback round (sched_core_cpu_starting() is basically a CPU HP\ncallback).\nWhile the flow is same on ARM64 (maps after the notifier, although\nbefore calling set_cpu_online()), x86 started calculating sibling\nmaps earlier than starting the CPU HP callbacks in Linux 4.14 (see\n[0] for the reference). Neither me nor my brief tests couldn't find\nany potential caveats in calculating the maps right after performing\ndelay calibration, but the WARN splat is now gone.\nThe very same debug prints now yield exactly what I expected from\nthem:\n\n[ 0.048433] CPU: 1, smt_mask: 0-1\n\n[0] https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=76ce7cfe35ef" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/32813321f18d5432cec1b1a6ecc964f9ea26d565", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/56eaacb8137ba2071ce48d4e3d91979270e139a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7315f8538db009605ffba00370678142ef00ac98", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/94647aec80d03d6914aa664b7b8e103cd9d63239", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/be538b764a46be1d0700fd3b6e82fb76bd17f13a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c2420bc3333111184cdcb112282d13afe1338dd7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e8ad9ecc406974deb5e7c070f51cc1d09d21dc4b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f2703def339c793674010cc9f01bfe4980231808", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48846.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48846.json new file mode 100644 index 00000000000..1ffd362d154 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48846.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48846", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.883", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: release rq qos structures for queue without disk\n\nblkcg_init_queue() may add rq qos structures to request queue, previously\nblk_cleanup_queue() calls rq_qos_exit() to release them, but commit\n8e141f9eb803 (\"block: drain file system I/O on del_gendisk\")\nmoves rq_qos_exit() into del_gendisk(), so memory leak is caused\nbecause queues may not have disk, such as un-present scsi luns, nvme\nadmin queue, ...\n\nFixes the issue by adding rq_qos_exit() to blk_cleanup_queue() back.\n\nBTW, v5.18 won't need this patch any more since we move\nblkcg_init_queue()/blkcg_exit_queue() into disk allocation/release\nhandler, and patches have been in for-5.18/block." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/60c2c8e2ef3a3ec79de8cbc80a06ca0c21df8c29", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d4ad8736ac982111bb0be8306bf19c8207f6600e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/daaca3522a8e67c46e39ef09c1d542e866f85f3b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48847.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48847.json new file mode 100644 index 00000000000..7fe3ce7d8a6 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48847.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48847", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:11.950", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: Fix filter limit check\n\nIn watch_queue_set_filter(), there are a couple of places where we check\nthat the filter type value does not exceed what the type_filter bitmap\ncan hold. One place calculates the number of bits by:\n\n if (tf[i].type >= sizeof(wfilter->type_filter) * 8)\n\nwhich is fine, but the second does:\n\n if (tf[i].type >= sizeof(wfilter->type_filter) * BITS_PER_LONG)\n\nwhich is not. This can lead to a couple of out-of-bounds writes due to\na too-large type:\n\n (1) __set_bit() on wfilter->type_filter\n (2) Writing more elements in wfilter->filters[] than we allocated.\n\nFix this by just using the proper WATCH_TYPE__NR instead, which is the\nnumber of types we actually know about.\n\nThe bug may cause an oops looking something like:\n\n BUG: KASAN: slab-out-of-bounds in watch_queue_set_filter+0x659/0x740\n Write of size 4 at addr ffff88800d2c66bc by task watch_queue_oob/611\n ...\n Call Trace:\n \n dump_stack_lvl+0x45/0x59\n print_address_description.constprop.0+0x1f/0x150\n ...\n kasan_report.cold+0x7f/0x11b\n ...\n watch_queue_set_filter+0x659/0x740\n ...\n __x64_sys_ioctl+0x127/0x190\n do_syscall_64+0x43/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Allocated by task 611:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x81/0xa0\n watch_queue_set_filter+0x23a/0x740\n __x64_sys_ioctl+0x127/0x190\n do_syscall_64+0x43/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n The buggy address belongs to the object at ffff88800d2c66a0\n which belongs to the cache kmalloc-32 of size 32\n The buggy address is located 28 bytes inside of\n 32-byte region [ffff88800d2c66a0, ffff88800d2c66c0)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1b09f28f70a5046acd64138075ae3f095238b045", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/648895da69ced90ca770fd941c3d9479a9d72c16", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b36588ebbcef74583824c08352e75838d6fb4ff2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c993ee0f9f81caf5767a50d1faeba39a0dc82af2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48848.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48848.json new file mode 100644 index 00000000000..7193bf699c0 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48848.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48848", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.023", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Do not unregister events twice\n\nNicolas reported that using:\n\n # trace-cmd record -e all -M 10 -p osnoise --poll\n\nResulted in the following kernel warning:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1217 at kernel/tracepoint.c:404 tracepoint_probe_unregister+0x280/0x370\n [...]\n CPU: 0 PID: 1217 Comm: trace-cmd Not tainted 5.17.0-rc6-next-20220307-nico+ #19\n RIP: 0010:tracepoint_probe_unregister+0x280/0x370\n [...]\n CR2: 00007ff919b29497 CR3: 0000000109da4005 CR4: 0000000000170ef0\n Call Trace:\n \n osnoise_workload_stop+0x36/0x90\n tracing_set_tracer+0x108/0x260\n tracing_set_trace_write+0x94/0xd0\n ? __check_object_size.part.0+0x10a/0x150\n ? selinux_file_permission+0x104/0x150\n vfs_write+0xb5/0x290\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7ff919a18127\n [...]\n ---[ end trace 0000000000000000 ]---\n\nThe warning complains about an attempt to unregister an\nunregistered tracepoint.\n\nThis happens on trace-cmd because it first stops tracing, and\nthen switches the tracer to nop. Which is equivalent to:\n\n # cd /sys/kernel/tracing/\n # echo osnoise > current_tracer\n # echo 0 > tracing_on\n # echo nop > current_tracer\n\nThe osnoise tracer stops the workload when no trace instance\nis actually collecting data. This can be caused both by\ndisabling tracing or disabling the tracer itself.\n\nTo avoid unregistering events twice, use the existing\ntrace_osnoise_callback_enabled variable to check if the events\n(and the workload) are actually active before trying to\ndeactivate them." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4e10787d18379d9b296290c2288097feddef16d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0cfe17bcc1dd2f0872966b554a148e888833ee9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json new file mode 100644 index 00000000000..2a4dee45198 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48849", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.103", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bypass tiling flag check in virtual display case (v2)\n\nvkms leverages common amdgpu framebuffer creation, and\nalso as it does not support FB modifier, there is no need\nto check tiling flags when initing framebuffer when virtual\ndisplay is enabled.\n\nThis can fix below calltrace:\n\namdgpu 0000:00:08.0: GFX9+ requires FB check based on format modifier\nWARNING: CPU: 0 PID: 1023 at drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu]\n\nv2: check adev->enable_virtual_display instead as vkms can be\n\tenabled in bare metal as well." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/cb29021be49858059138f75d6311a7c35a9379b2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e2b993302f40c4eb714ecf896dd9e1c5be7d4cd7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fcd1d79aa943fff4fbaa0cce1d576995a7960699", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json new file mode 100644 index 00000000000..a29f0403caf --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48850", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.170", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet-sysfs: add check for netdevice being present to speed_show\n\nWhen bringing down the netdevice or system shutdown, a panic can be\ntriggered while accessing the sysfs path because the device is already\nremoved.\n\n [ 755.549084] mlx5_core 0000:12:00.1: Shutdown was called\n [ 756.404455] mlx5_core 0000:12:00.0: Shutdown was called\n ...\n [ 757.937260] BUG: unable to handle kernel NULL pointer dereference at (null)\n [ 758.031397] IP: [] dma_pool_alloc+0x1ab/0x280\n\n crash> bt\n ...\n PID: 12649 TASK: ffff8924108f2100 CPU: 1 COMMAND: \"amsd\"\n ...\n #9 [ffff89240e1a38b0] page_fault at ffffffff8f38c778\n [exception RIP: dma_pool_alloc+0x1ab]\n RIP: ffffffff8ee11acb RSP: ffff89240e1a3968 RFLAGS: 00010046\n RAX: 0000000000000246 RBX: ffff89243d874100 RCX: 0000000000001000\n RDX: 0000000000000000 RSI: 0000000000000246 RDI: ffff89243d874090\n RBP: ffff89240e1a39c0 R8: 000000000001f080 R9: ffff8905ffc03c00\n R10: ffffffffc04680d4 R11: ffffffff8edde9fd R12: 00000000000080d0\n R13: ffff89243d874090 R14: ffff89243d874080 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #10 [ffff89240e1a39c8] mlx5_alloc_cmd_msg at ffffffffc04680f3 [mlx5_core]\n #11 [ffff89240e1a3a18] cmd_exec at ffffffffc046ad62 [mlx5_core]\n #12 [ffff89240e1a3ab8] mlx5_cmd_exec at ffffffffc046b4fb [mlx5_core]\n #13 [ffff89240e1a3ae8] mlx5_core_access_reg at ffffffffc0475434 [mlx5_core]\n #14 [ffff89240e1a3b40] mlx5e_get_fec_caps at ffffffffc04a7348 [mlx5_core]\n #15 [ffff89240e1a3bb0] get_fec_supported_advertised at ffffffffc04992bf [mlx5_core]\n #16 [ffff89240e1a3c08] mlx5e_get_link_ksettings at ffffffffc049ab36 [mlx5_core]\n #17 [ffff89240e1a3ce8] __ethtool_get_link_ksettings at ffffffff8f25db46\n #18 [ffff89240e1a3d48] speed_show at ffffffff8f277208\n #19 [ffff89240e1a3dd8] dev_attr_show at ffffffff8f0b70e3\n #20 [ffff89240e1a3df8] sysfs_kf_seq_show at ffffffff8eedbedf\n #21 [ffff89240e1a3e18] kernfs_seq_show at ffffffff8eeda596\n #22 [ffff89240e1a3e28] seq_read at ffffffff8ee76d10\n #23 [ffff89240e1a3e98] kernfs_fop_read at ffffffff8eedaef5\n #24 [ffff89240e1a3ed8] vfs_read at ffffffff8ee4e3ff\n #25 [ffff89240e1a3f08] sys_read at ffffffff8ee4f27f\n #26 [ffff89240e1a3f50] system_call_fastpath at ffffffff8f395f92\n\n crash> net_device.state ffff89443b0c0000\n state = 0x5 (__LINK_STATE_START| __LINK_STATE_NOCARRIER)\n\nTo prevent this scenario, we also make sure that the netdevice is present." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/081369ad088a76429984483b8a5f7e967a125aad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3a79f380b3e10edf6caa9aac90163a5d7a282204", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4224cfd7fb6523f7a9d1c8bb91bb5df1e38eb624", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/75fc8363227a999e8f3d17e2eb28dce5600dcd3f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8879b5313e9fa5e0c6d6812a0d25d83aed0110e2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8d5e69d8fbf3a35ab4fbe56b8f092802b43f3ef6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a7b9ab04c5932dee7ec95e0abc58b0df350c0dd2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d15c9f6e3335002fea1c33bc8f71a705fa96976c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json new file mode 100644 index 00000000000..6808c987176 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48851", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.247", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: gdm724x: fix use after free in gdm_lte_rx()\n\nThe netif_rx_ni() function frees the skb so we can't dereference it to\nsave the skb->len." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1fb9dd3787495b4deb0efe66c58306b65691a48f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/403e3afe241b62401de1f8629c9c6b9b3d69dbff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/48ecdf3e29a6e514e8196691589c7dfc6c4ac169", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6d9700b445098dbbce0caff4b8cfca214cf1e757", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6dc7b87c62423bfa68139fe95e85028aab584c9a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/83a9c886c2b5a0d28c0b37e1736b47f38d61332a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d39dc79513e99147b4c158a8a9e46743e23944f5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fc7f750dc9d102c1ed7bbe4591f991e770c99033", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48852.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48852.json new file mode 100644 index 00000000000..0fdabccf21b --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48852.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48852", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.320", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: hdmi: Unregister codec device on unbind\n\nOn bind we will register the HDMI codec device but we don't unregister\nit on unbind, leading to a device leakage. Unregister our device at\nunbind." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1ed68d776246f167aee9cd79f63f089c40a5e2a3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e40945ab7c7f966d0c37b7bd7b0596497dfe228d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ee22082c3e2f230028afa0e22aa8773b1de3c919", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json new file mode 100644 index 00000000000..21d9cbcf348 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48853", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.380", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: fix info leak with DMA_FROM_DEVICE\n\nThe problem I'm addressing was discovered by the LTP test covering\ncve-2018-1000204.\n\nA short description of what happens follows:\n1) The test case issues a command code 00 (TEST UNIT READY) via the SG_IO\n interface with: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV\n and a corresponding dxferp. The peculiar thing about this is that TUR\n is not reading from the device.\n2) In sg_start_req() the invocation of blk_rq_map_user() effectively\n bounces the user-space buffer. As if the device was to transfer into\n it. Since commit a45b599ad808 (\"scsi: sg: allocate with __GFP_ZERO in\n sg_build_indirect()\") we make sure this first bounce buffer is\n allocated with GFP_ZERO.\n3) For the rest of the story we keep ignoring that we have a TUR, so the\n device won't touch the buffer we prepare as if the we had a\n DMA_FROM_DEVICE type of situation. My setup uses a virtio-scsi device\n and the buffer allocated by SG is mapped by the function\n virtqueue_add_split() which uses DMA_FROM_DEVICE for the \"in\" sgs (here\n scatter-gather and not scsi generics). This mapping involves bouncing\n via the swiotlb (we need swiotlb to do virtio in protected guest like\n s390 Secure Execution, or AMD SEV).\n4) When the SCSI TUR is done, we first copy back the content of the second\n (that is swiotlb) bounce buffer (which most likely contains some\n previous IO data), to the first bounce buffer, which contains all\n zeros. Then we copy back the content of the first bounce buffer to\n the user-space buffer.\n5) The test case detects that the buffer, which it zero-initialized,\n ain't all zeros and fails.\n\nOne can argue that this is an swiotlb problem, because without swiotlb\nwe leak all zeros, and the swiotlb should be transparent in a sense that\nit does not affect the outcome (if all other participants are well\nbehaved).\n\nCopying the content of the original buffer into the swiotlb buffer is\nthe only way I can think of to make swiotlb transparent in such\nscenarios. So let's do just that if in doubt, but allow the driver\nto tell us that the whole mapped buffer is going to be overwritten,\nin which case we can preserve the old behavior and avoid the performance\nimpact of the extra bounce." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/270475d6d2410ec66e971bf181afe1958dad565e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6bfc5377a210dbda2a237f16d94d1bd4f1335026", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7403f4118ab94be837ab9d770507537a8057bc63", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8d9ac1b6665c73f23e963775f85d99679fd8e192", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/971e5dadffd02beba1063e7dd9c3a82de17cf534", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c132f2ba716b5ee6b35f82226a6e5417d013d753", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d4d975e7921079f877f828099bb8260af335508f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48854.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48854.json new file mode 100644 index 00000000000..9b49b22856a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48854.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2022-48854", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.457", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: arc_emac: Fix use after free in arc_mdio_probe()\n\nIf bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free\nthe \"bus\". But bus->name is still used in the next line, which will lead\nto a use after free.\n\nWe can fix it by putting the name in a local variable and make the\nbus->name point to the rodata section \"name\",then use the name in the\nerror message without referring to bus to avoid the uaf." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/84c831803785c2c3bec5c28c0e8a0b72f6b41d4d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc0e610a6eb0d46e4123fafdbe5e6141d9fff3be", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48855.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48855.json new file mode 100644 index 00000000000..73911bb6667 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48855.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48855", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.550", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix kernel-infoleak for SCTP sockets\n\nsyzbot reported a kernel infoleak [1] of 4 bytes.\n\nAfter analysis, it turned out r->idiag_expires is not initialized\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\n\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\n\n[1]\n\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:154 [inline]\n _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n copy_to_iter include/linux/uio.h:162 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\n netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n __sys_recvfrom+0x795/0xa10 net/socket.c:2097\n __do_sys_recvfrom net/socket.c:2115 [inline]\n __se_sys_recvfrom net/socket.c:2111 [inline]\n __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3247 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1158 [inline]\n netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\n __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\n netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\n netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\n netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1061\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x645/0xe00 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 2508 are uninitialized\nMemory access of size 2508 starts at ffff888114f9b000\nData copied to user address 00007f7fe09ff2e0\n\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48856.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48856.json new file mode 100644 index 00000000000..858451c93de --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48856.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2022-48856", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.647", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngianfar: ethtool: Fix refcount leak in gfar_get_ts_info\n\nThe of_find_compatible_node() function returns a node pointer with\nrefcount incremented, We should use of_node_put() on it when done\nAdd the missing of_node_put() to release the refcount." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e1b9a2078e07fb1e6e91bf8badfd89ecab1e848", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/21044e679ed535345042d2023f7df0ca8e897e2a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2ac5b58e645c66932438bb021cb5b52097ce70b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6263f2eb93a85ad7df504daf0c341a7fb6bbe8a6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f49f646f9ec296fc0afe7ae92c2bb47f23e3846c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f7b3b520349193f8a82cca74daf366199e06add9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48857.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48857.json new file mode 100644 index 00000000000..9ba3dc535b1 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48857.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48857", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.733", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: port100: fix use-after-free in port100_send_complete\n\nSyzbot reported UAF in port100_send_complete(). The root case is in\nmissing usb_kill_urb() calls on error handling path of ->probe function.\n\nport100_send_complete() accesses devm allocated memory which will be\nfreed on probe failure. We should kill this urbs before returning an\nerror from probe function to prevent reported use-after-free\n\nFail log:\n\nBUG: KASAN: use-after-free in port100_send_complete+0x16e/0x1a0 drivers/nfc/port100.c:935\nRead of size 1 at addr ffff88801bb59540 by task ksoftirqd/2/26\n...\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x303 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n port100_send_complete+0x16e/0x1a0 drivers/nfc/port100.c:935\n __usb_hcd_giveback_urb+0x2b0/0x5c0 drivers/usb/core/hcd.c:1670\n\n...\n\nAllocated by task 1255:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:436 [inline]\n ____kasan_kmalloc mm/kasan/common.c:515 [inline]\n ____kasan_kmalloc mm/kasan/common.c:474 [inline]\n __kasan_kmalloc+0xa6/0xd0 mm/kasan/common.c:524\n alloc_dr drivers/base/devres.c:116 [inline]\n devm_kmalloc+0x96/0x1d0 drivers/base/devres.c:823\n devm_kzalloc include/linux/device.h:209 [inline]\n port100_probe+0x8a/0x1320 drivers/nfc/port100.c:1502\n\nFreed by task 1255:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track+0x21/0x30 mm/kasan/common.c:45\n kasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370\n ____kasan_slab_free mm/kasan/common.c:366 [inline]\n ____kasan_slab_free+0xff/0x140 mm/kasan/common.c:328\n kasan_slab_free include/linux/kasan.h:236 [inline]\n __cache_free mm/slab.c:3437 [inline]\n kfree+0xf8/0x2b0 mm/slab.c:3794\n release_nodes+0x112/0x1a0 drivers/base/devres.c:501\n devres_release_all+0x114/0x190 drivers/base/devres.c:530\n really_probe+0x626/0xcc0 drivers/base/dd.c:670" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e721b8f2ee5e11376dd55363f9ccb539d754b8a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/205c4ec78e71cbf561794e6043da80e7bae6790f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2b1c85f56512d49e43bc53741fce2f508cd90029", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/32e866ae5a7af590597ef4bcff8451bf96d5f980", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7194737e1be8fdc89d2a9382bd2f371f7ee2eda8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b1db33d4e54bc35d8db96ce143ea0ef92e23d58e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cd2a5c0da0d1ddf11d1f84e9c9b1949f50f6e161", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f80cfe2f26581f188429c12bd937eb905ad3ac7b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48858.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48858.json new file mode 100644 index 00000000000..3b0ae8ac18b --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48858.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2022-48858", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.803", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix a race on command flush flow\n\nFix a refcount use after free warning due to a race on command entry.\nSuch race occurs when one of the commands releases its last refcount and\nfrees its index and entry while another process running command flush\nflow takes refcount to this command entry. The process which handles\ncommands flush may see this command as needed to be flushed if the other\nprocess released its refcount but didn't release the index yet. Fix it\nby adding the needed spin lock.\n\nIt fixes the following warning trace:\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 11 PID: 540311 at lib/refcount.c:25 refcount_warn_saturate+0x80/0xe0\n...\nRIP: 0010:refcount_warn_saturate+0x80/0xe0\n...\nCall Trace:\n \n mlx5_cmd_trigger_completions+0x293/0x340 [mlx5_core]\n mlx5_cmd_flush+0x3a/0xf0 [mlx5_core]\n enter_error_state+0x44/0x80 [mlx5_core]\n mlx5_fw_fatal_reporter_err_work+0x37/0xe0 [mlx5_core]\n process_one_work+0x1be/0x390\n worker_thread+0x4d/0x3d0\n ? rescuer_thread+0x350/0x350\n kthread+0x141/0x160\n ? set_kthread_struct+0x40/0x40\n ret_from_fork+0x1f/0x30\n " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0401bfb27a91d7bdd74b1635c1aae57cbb128da6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/063bd355595428750803d8736a9bb7c8db67d42d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1a4017926eeea56c7540cc41b42106746ee8a0ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7c519f769f555ff7d9d4ccba3497bbb589df360a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f3331bc17449f15832c31823f27573f4c0e13e5f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48859.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48859.json new file mode 100644 index 00000000000..40514ec6eb5 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48859.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48859", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.873", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr\n\nThis node pointer is returned by of_find_compatible_node() with\nrefcount incremented. Calling of_node_put() to aovid the refcount leak." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4cc66bf17220ff9631f9fa99b02a872e0ad5a08b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7c2fd1d126329340639adfb8dd2938fe4b65df7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c9ffa3e2bc451816ce0295e40063514fabf2bd36", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48860.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48860.json new file mode 100644 index 00000000000..055d818a289 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48860.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2022-48860", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:12.940", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: Fix error handling in xemaclite_of_probe\n\nThis node pointer is returned by of_parse_phandle() with refcount\nincremented in this function. Calling of_node_put() to avoid the\nrefcount leak. As the remove function do." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1852854ee349881efb78ccdbbb237838975902e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5e7c402892e189a7bc152b125e72261154aa585d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/669172ce976608b25a2f76f3c65d47f042d125c9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8609e29611befc4bfbe7a91bb50fc65ae72ff549", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8ee065a7a9b6a3976c16340503677efc4d8351f6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/979b418b96e35f07136f77962ccfaa54cf3e30e1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b19ab4b38b06aae12442b2de95ccf58b5dc53584", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7220f8e9d6c6b9594ddfb3125dad938cd478b1f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48861.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48861.json new file mode 100644 index 00000000000..6f76ba8f24c --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48861.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48861", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:13.030", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: fix use-after-free on vp_vdpa_remove\n\nWhen vp_vdpa driver is unbind, vp_vdpa is freed in vdpa_unregister_device\nand then vp_vdpa->mdev.pci_dev is dereferenced in vp_modern_remove,\ntriggering use-after-free.\n\nCall Trace of unbinding driver free vp_vdpa :\ndo_syscall_64\n vfs_write\n kernfs_fop_write_iter\n device_release_driver_internal\n pci_device_remove\n vp_vdpa_remove\n vdpa_unregister_device\n kobject_release\n device_release\n kfree\n\nCall Trace of dereference vp_vdpa->mdev.pci_dev:\nvp_modern_remove\n pci_release_selected_regions\n pci_release_region\n pci_resource_len\n pci_resource_end\n (dev)->resource[(bar)].end" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4b1743bc715a3691a63ac21b349079b07bf1b19e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc54ba9932aeaaa1a21fe214af1f446593a78274", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb057b44dbe35ae14527830236a92f51de8f9184", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48862.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48862.json new file mode 100644 index 00000000000..b84d8b5cd55 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48862.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48862", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:13.100", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost: fix hung thread due to erroneous iotlb entries\n\nIn vhost_iotlb_add_range_ctx(), range size can overflow to 0 when\nstart is 0 and last is ULONG_MAX. One instance where it can happen\nis when userspace sends an IOTLB message with iova=size=uaddr=0\n(vhost_process_iotlb_msg). So, an entry with size = 0, start = 0,\nlast = ULONG_MAX ends up in the iotlb. Next time a packet is sent,\niotlb_access_ok() loops indefinitely due to that erroneous entry.\n\n\tCall Trace:\n\t \n\t iotlb_access_ok+0x21b/0x3e0 drivers/vhost/vhost.c:1340\n\t vq_meta_prefetch+0xbc/0x280 drivers/vhost/vhost.c:1366\n\t vhost_transport_do_send_pkt+0xe0/0xfd0 drivers/vhost/vsock.c:104\n\t vhost_worker+0x23d/0x3d0 drivers/vhost/vhost.c:372\n\t kthread+0x2e9/0x3a0 kernel/kthread.c:377\n\t ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n\t \n\nReported by syzbot at:\n\thttps://syzkaller.appspot.com/bug?extid=0abd373e2e50d704db87\n\nTo fix this, do two things:\n\n1. Return -EINVAL in vhost_chr_write_iter() when userspace asks to map\n a range with size 0.\n2. Fix vhost_iotlb_add_range_ctx() to handle the range [0, ULONG_MAX]\n by splitting it into two entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/d9a747e6b6561280bf1791bb24c5e9e082193dad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e2ae38cf3d91837a493cb2093c87700ff3cbe667", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8d88e86e90ea1002226d7ac2430152bfea003d1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48863.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48863.json new file mode 100644 index 00000000000..daf33174f79 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48863.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48863", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:13.163", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: Fix memory leak in dsp_pipeline_build()\n\ndsp_pipeline_build() allocates dup pointer by kstrdup(cfg),\nbut then it updates dup variable by strsep(&dup, \"|\").\nAs a result when it calls kfree(dup), the dup variable contains NULL.\n\nFound by Linux Driver Verification project (linuxtesting.org) with SVACE." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/640445d6fc059d4514ffea79eb4196299e0e2d0f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7777b1f795af1bb43867375d8a776080111aae1b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a3d5fcc6cf2ecbba5a269631092570aa285a24cb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6a502c2299941c8326d029cfc8a3bc8a4607ad5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48864.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48864.json new file mode 100644 index 00000000000..50291abbc1a --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48864.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48864", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:13.233", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command\n\nWhen control vq receives a VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command\nrequest from the driver, presently there is no validation against the\nnumber of queue pairs to configure, or even if multiqueue had been\nnegotiated or not is unverified. This may lead to kernel panic due to\nuninitialized resource for the queues were there any bogus request\nsent down by untrusted driver. Tie up the loose ends there." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9f6effca75626c7a7c7620dabcb1a254ca530230", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e7e118416465f2ba8b55007e5b789823e101421e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed0f849fc3a63ed2ddf5e72cdb1de3bdbbb0f8eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48865.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48865.json new file mode 100644 index 00000000000..04c774493f1 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48865.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2022-48865", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:13.300", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix kernel panic when enabling bearer\n\nWhen enabling a bearer on a node, a kernel panic is observed:\n\n[ 4.498085] RIP: 0010:tipc_mon_prep+0x4e/0x130 [tipc]\n...\n[ 4.520030] Call Trace:\n[ 4.520689] \n[ 4.521236] tipc_link_build_proto_msg+0x375/0x750 [tipc]\n[ 4.522654] tipc_link_build_state_msg+0x48/0xc0 [tipc]\n[ 4.524034] __tipc_node_link_up+0xd7/0x290 [tipc]\n[ 4.525292] tipc_rcv+0x5da/0x730 [tipc]\n[ 4.526346] ? __netif_receive_skb_core+0xb7/0xfc0\n[ 4.527601] tipc_l2_rcv_msg+0x5e/0x90 [tipc]\n[ 4.528737] __netif_receive_skb_list_core+0x20b/0x260\n[ 4.530068] netif_receive_skb_list_internal+0x1bf/0x2e0\n[ 4.531450] ? dev_gro_receive+0x4c2/0x680\n[ 4.532512] napi_complete_done+0x6f/0x180\n[ 4.533570] virtnet_poll+0x29c/0x42e [virtio_net]\n...\n\nThe node in question is receiving activate messages in another\nthread after changing bearer status to allow message sending/\nreceiving in current thread:\n\n thread 1 | thread 2\n -------- | --------\n |\ntipc_enable_bearer() |\n test_and_set_bit_lock() |\n tipc_bearer_xmit_skb() |\n | tipc_l2_rcv_msg()\n | tipc_rcv()\n | __tipc_node_link_up()\n | tipc_link_build_state_msg()\n | tipc_link_build_proto_msg()\n | tipc_mon_prep()\n | {\n | ...\n | // null-pointer dereference\n | u16 gen = mon->dom_gen;\n | ...\n | }\n // Not being executed yet |\n tipc_mon_create() |\n { |\n ... |\n // allocate |\n mon = kzalloc(); |\n ... |\n } |\n\nMonitoring pointer in thread 2 is dereferenced before monitoring data\nis allocated in thread 1. This causes kernel panic.\n\nThis commit fixes it by allocating the monitoring data before enabling\nthe bearer to receive messages." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2de76d37d4a6dca9b96ea51da24d4290e6cfa1a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/be4977b847f5d5cedb64d50eaaf2218c3a55a3a3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f4f59fdbc748805b08c13dae14c01f0518c77c94", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f96dc3adb9a97b8f3dfdb88796483491a3006b71", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48866.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48866.json new file mode 100644 index 00000000000..b5fae674db8 --- /dev/null +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48866.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2022-48866", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-16T13:15:13.377", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts\n\nSyzbot reported an slab-out-of-bounds Read in thrustmaster_probe() bug.\nThe root case is in missing validation check of actual number of endpoints.\n\nCode should not blindly access usb_host_interface::endpoint array, since\nit may contain less endpoints than code expects.\n\nFix it by adding missing validaion check and print an error if\nnumber of endpoints do not match expected number" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3ffbe85cda7f523dad896bae08cecd8db8b555ab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/56185434e1e50acecee56d8f5850135009b87947", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fc3ef2e3297b3c0e2006b5d7b3d66965e3392036", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-522xx/CVE-2023-52290.json b/CVE-2023/CVE-2023-522xx/CVE-2023-52290.json index 1250bf3f59b..0d39d6a1eda 100644 --- a/CVE-2023/CVE-2023-522xx/CVE-2023-52290.json +++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52290.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52290", "sourceIdentifier": "security@apache.org", "published": "2024-07-16T08:15:02.050", - "lastModified": "2024-07-16T08:15:02.050", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json index a5d0bff4040..0a2cac09840 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52886", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T10:15:02.493", - "lastModified": "2024-07-16T10:15:02.493", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json index 2b5219dcffb..02ba440b13c 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1937", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:02.257", - "lastModified": "2024-07-16T09:15:02.257", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-26xx/CVE-2024-2691.json b/CVE-2024/CVE-2024-26xx/CVE-2024-2691.json index 76e031700fb..53cdf0157f3 100644 --- a/CVE-2024/CVE-2024-26xx/CVE-2024-2691.json +++ b/CVE-2024/CVE-2024-26xx/CVE-2024-2691.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2691", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:02.497", - "lastModified": "2024-07-16T09:15:02.497", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27238.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27238.json index 24ee35d6861..7d6edae1b6e 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27238.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27238.json @@ -2,13 +2,17 @@ "id": "CVE-2024-27238", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:03.633", - "lastModified": "2024-07-15T18:15:03.633", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access." + }, + { + "lang": "es", + "value": "La condici\u00f3n de ejecuci\u00f3n en el instalador de algunas aplicaciones de Zoom y SDK para Windows anteriores a la versi\u00f3n 6.0.0 puede permitir que un usuario autenticado realice una escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27240.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27240.json index 10b79c22424..325172eb655 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27240.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27240.json @@ -2,13 +2,17 @@ "id": "CVE-2024-27240", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:03.873", - "lastModified": "2024-07-15T18:15:03.873", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access." + }, + { + "lang": "es", + "value": "Una validaci\u00f3n de entrada incorrecta en el instalador de algunas aplicaciones de Zoom para Windows puede permitir que un usuario autenticado realice una escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27241.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27241.json index acb1c0330ca..61625648702 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27241.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27241.json @@ -2,13 +2,17 @@ "id": "CVE-2024-27241", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:04.087", - "lastModified": "2024-07-15T18:15:04.087", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access." + }, + { + "lang": "es", + "value": "La validaci\u00f3n de entrada incorrecta en algunas aplicaciones y SDK de Zoom puede permitir que un usuario autenticado realice una denegaci\u00f3n de servicio a trav\u00e9s del acceso a la red." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31946.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31946.json index 3ae42490354..4f770038164 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31946.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31946.json @@ -2,13 +2,17 @@ "id": "CVE-2024-31946", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T19:15:02.503", - "lastModified": "2024-07-15T19:15:02.503", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.41, 3.10.0 through 3.11.29, 4.0 through 4.3.24, and 4.4.0 through 4.7.4. A user who has access to the SNS with write access on the email alerts page has the ability to create alert email containing malicious JavaScript, executed by the template preview. The following versions fix this: 3.7.42, 3.11.30, 4.3.25, and 4.7.5." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Stormshield Network Security (SNS) 3.7.0 a 3.7.41, 3.10.0 a 3.11.29, 4.0 a 4.3.24 y 4.4.0 a 4.7.4. Un usuario que tiene acceso al SNS con acceso de escritura en la p\u00e1gina de alertas por correo electr\u00f3nico tiene la capacidad de crear correos electr\u00f3nicos de alerta que contienen JavaScript malicioso, ejecutado mediante la vista previa de la plantilla. Las siguientes versiones solucionan este problema: 3.7.42, 3.11.30, 4.3.25 y 4.7.5." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3587.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3587.json index f37a4e3a865..2c45383afab 100644 --- a/CVE-2024/CVE-2024-35xx/CVE-2024-3587.json +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3587.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3587", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:02.693", - "lastModified": "2024-07-16T09:15:02.693", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36432.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36432.json index 6e65a228ee2..79741ee28af 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36432.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36432.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36432", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T19:15:02.593", - "lastModified": "2024-07-15T19:15:02.593", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, and X11PDG-SN motherboards with BIOS firmware before 4.4." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad de escritura en memoria arbitraria en las placas base Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT y X11PDG-SN con firmware BIOS anterior a 4.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36433.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36433.json index 41a73e47d20..7a1cbb79eb6 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36433.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36433.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36433", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T19:15:02.837", - "lastModified": "2024-07-15T19:15:02.837", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary memory write vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad de escritura en memoria arbitraria en las placas base Supermicro X11DPH-T, X11DPH-Tq y X11DPH-i con firmware BIOS anterior a 4.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36434.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36434.json index 7591b64b324..0f3e90d676b 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36434.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36434.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36434", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T19:15:03.053", - "lastModified": "2024-07-15T19:15:03.053", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An SMM callout vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 una vulnerabilidad de llamada SMM en las placas base Supermicro X11DPH-T, X11DPH-Tq y X11DPH-i con firmware BIOS anterior a 4.4." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36438.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36438.json index f753a7f5935..642ada1906c 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36438.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36438.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36438", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T19:15:03.320", - "lastModified": "2024-07-15T19:15:03.320", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "eLinkSmart Hidden Smart Cabinet Lock 2024-05-22 has Incorrect Access Control and fails to perform an authorization check which can lead to card duplication and other attacks." + }, + { + "lang": "es", + "value": "eLinkSmart Hidden Smart Cabinet Lock 2024-05-22 tiene un control de acceso incorrecto y no realiza una verificaci\u00f3n de autorizaci\u00f3n, lo que puede provocar la duplicaci\u00f3n de tarjetas y otros ataques." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36455.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36455.json index 4284443c57c..88ce29ddc42 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36455.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36455.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36455", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:02.700", - "lastModified": "2024-07-15T14:15:02.700", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request." + }, + { + "lang": "es", + "value": "Una validaci\u00f3n de entrada incorrecta permite que un atacante no autenticado logre la ejecuci\u00f3n remota de comandos en el sistema PAM afectado enviando una solicitud HTTP especialmente manipulada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36456.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36456.json index 6dd495bf855..8e232f76fd1 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36456.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36456.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36456", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:02.827", - "lastModified": "2024-07-15T14:15:02.827", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file." + }, + { + "lang": "es", + "value": "Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecuci\u00f3n remota de comandos en el sistema PAM afectado cargando un archivo de actualizaci\u00f3n de PAM especialmente manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36457.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36457.json index aa2bf7bda0e..316ca34ea2f 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36457.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36457.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36457", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:02.917", - "lastModified": "2024-07-15T14:15:02.917", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint." + }, + { + "lang": "es", + "value": "La vulnerabilidad permite a un atacante eludir los requisitos de autenticaci\u00f3n para un endpoint PAM espec\u00edfico." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36458.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36458.json index 7b32740bde1..e5a0fb80d6f 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36458.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36458.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36458", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:03.033", - "lastModified": "2024-07-15T14:15:03.033", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions." + }, + { + "lang": "es", + "value": "La vulnerabilidad permite a un usuario malicioso de PAM con pocos privilegios realizar acciones relacionadas con la actualizaci\u00f3n del servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-370xx/CVE-2024-37016.json b/CVE-2024/CVE-2024-370xx/CVE-2024-37016.json index 0f0fd6d566c..d551b7c6e8c 100644 --- a/CVE-2024/CVE-2024-370xx/CVE-2024-37016.json +++ b/CVE-2024/CVE-2024-370xx/CVE-2024-37016.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37016", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T18:15:04.337", - "lastModified": "2024-07-15T18:15:04.337", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay approach." + }, + { + "lang": "es", + "value": "La alarma de puerta inal\u00e1mbrica Mengshen M70 2024-05-24 permite la omisi\u00f3n de autenticaci\u00f3n mediante un enfoque de captura-reproducci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-373xx/CVE-2024-37386.json b/CVE-2024/CVE-2024-373xx/CVE-2024-37386.json index 3414767ebaa..cbbfa607b3a 100644 --- a/CVE-2024/CVE-2024-373xx/CVE-2024-37386.json +++ b/CVE-2024/CVE-2024-373xx/CVE-2024-37386.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37386", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T19:15:03.430", - "lastModified": "2024-07-15T19:15:03.430", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations allow restarting in single-user mode despite the activation of secure boot. The following versions fix this: 4.3.27, 4.7.6, and 4.8.1." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Stormshield Network Security (SNS) 4.0.0 a 4.3.25, 4.4.0 a 4.7.5 y 4.8.0. Ciertas manipulaciones permiten reiniciar en modo monousuario a pesar de la activaci\u00f3n del arranque seguro. Las siguientes versiones solucionan este problema: 4.3.27, 4.7.6 y 4.8.1." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json index 7b27cbbce94..87910e86a12 100644 --- a/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3779", "sourceIdentifier": "security@eset.com", "published": "2024-07-16T09:15:02.877", - "lastModified": "2024-07-16T09:15:02.877", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38360.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38360.json index 56cc5006a66..1a8afb06b5e 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38360.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38360.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38360", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:03.430", - "lastModified": "2024-07-15T20:15:03.430", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Discourse is an open source platform for community discussion. In affected versions by creating replacement words with an almost unlimited number of characters, a moderator can reduce the availability of a Discourse instance. This issue has been addressed in stable version 3.2.3 and in current betas. Users are advised to upgrade. Users unable to upgrade may manually remove the long watched words either via SQL or Rails console." + }, + { + "lang": "es", + "value": "Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. En las versiones afectadas, al crear palabras de reemplazo con una cantidad casi ilimitada de caracteres, un moderador puede reducir la disponibilidad de una instancia de Discourse. Este problema se solucion\u00f3 en la versi\u00f3n estable 3.2.3 y en las versiones beta actuales. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar pueden eliminar manualmente las palabras vistas durante mucho tiempo a trav\u00e9s de SQL o la consola Rails." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38491.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38491.json index a50235176e8..8fc49ab1795 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38491.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38491.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38491", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:03.130", - "lastModified": "2024-07-15T14:15:03.130", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The vulnerability allows an unauthenticated attacker to read arbitrary information from the database." + }, + { + "lang": "es", + "value": "La vulnerabilidad permite a un atacante no autenticado leer informaci\u00f3n arbitraria de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38492.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38492.json index cff01ec9803..93600d55043 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38492.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38492.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38492", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:03.240", - "lastModified": "2024-07-15T14:15:03.240", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file." + }, + { + "lang": "es", + "value": "Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecuci\u00f3n remota de comandos en el sistema PAM afectado cargando un archivo de actualizaci\u00f3n de PAM especialmente manipulado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38493.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38493.json index 45b2759d671..a5ca493eb0a 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38493.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38493.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38493", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:03.323", - "lastModified": "2024-07-15T14:15:03.323", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad cross-site scripting (XSS) reflejada en la interfaz web de PAM UI. Un atacante remoto capaz de convencer a un usuario de PAM para que haga clic en un enlace especialmente manipulado a la interfaz web de PAM UI podr\u00eda potencialmente ejecutar c\u00f3digo arbitrario del lado del cliente en el contexto de PAM UI." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38494.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38494.json index 1b116dde04c..774be9d820e 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38494.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38494.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38494", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T14:15:03.420", - "lastModified": "2024-07-15T14:15:03.420", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request." + }, + { + "lang": "es", + "value": "Esta vulnerabilidad permite a un usuario de PAM autenticado con altos privilegios lograr la ejecuci\u00f3n remota de comandos en el sistema PAM afectado enviando una solicitud HTTP especialmente manipulada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38495.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38495.json index e35822507fc..ebdac83009a 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38495.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38495.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38495", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T15:15:10.580", - "lastModified": "2024-07-15T15:15:10.580", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database." + }, + { + "lang": "es", + "value": "Una estrategia de autenticaci\u00f3n espec\u00edfica permite a un atacante malintencionado conocer los identificadores de todos los usuarios de PAM definidos en su base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38496.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38496.json index 623230252f5..69062509814 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38496.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38496.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38496", "sourceIdentifier": "secure@symantec.com", "published": "2024-07-15T15:15:10.680", - "lastModified": "2024-07-15T15:15:10.680", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships." + }, + { + "lang": "es", + "value": "La vulnerabilidad permite que un usuario malicioso de PAM con pocos privilegios acceda a informaci\u00f3n sobre otros usuarios de PAM y sus membres\u00edas grupales." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39728.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39728.json index f0ace031d04..78f9d9593f9 100644 --- a/CVE-2024/CVE-2024-397xx/CVE-2024-39728.json +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39728.json @@ -2,17 +2,41 @@ "id": "CVE-2024-39728", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-07-15T02:15:05.440", - "lastModified": "2024-07-15T13:00:34.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-07-16T13:57:37.203", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 295967." + }, + { + "lang": "es", + "value": "IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 es vulnerable a cross-site scripting almacenado. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 295967." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -47,14 +71,63 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:datacap:9.1.5:*:*:*:*:*:*:*", + "matchCriteriaId": "26D9A78C-CB26-4761-81CF-E273789338F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:datacap:9.1.6:*:*:*:*:*:*:*", + "matchCriteriaId": "1DF7F533-9997-4067-80A4-55DFD10C166F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:datacap:9.1.7:*:*:*:*:*:*:*", + "matchCriteriaId": "A4854F9C-EB1F-4277-B07F-9599DA1995DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:datacap:9.1.8:*:*:*:*:*:*:*", + "matchCriteriaId": "5BBD9AE6-DEAB-4D84-9E62-D0B718ED2F2E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:datacap:9.1.9:*:*:*:*:*:*:*", + "matchCriteriaId": "AA9CD5BF-61E6-4A91-A0BF-1031F673701A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:datacap_navigator:*:*:*:*:*:*:*:*", + "matchCriteriaId": "D67D9A8F-F888-41EC-8312-3D497F7A3CE8" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/295967", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7160185", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39819.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39819.json index 2005700ce63..a8a91483fd3 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39819.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39819.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39819", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:04.407", - "lastModified": "2024-07-15T18:15:04.407", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access." + }, + { + "lang": "es", + "value": "La gesti\u00f3n inadecuada de privilegios en el instalador de algunas aplicaciones de Zoom Workplace y SDK para Windows puede permitir que un usuario autenticado realice una escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39820.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39820.json index eaf7ab3bd13..50e08c9f8db 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39820.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39820.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39820", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:04.620", - "lastModified": "2024-07-15T18:15:04.620", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access." + }, + { + "lang": "es", + "value": "El elemento de ruta de b\u00fasqueda no controlado en el instalador de la aplicaci\u00f3n de escritorio Zoom Workplace para macOS anterior a la versi\u00f3n 6.0.10 puede permitir que un usuario autenticado realice una denegaci\u00f3n de servicio a trav\u00e9s del acceso local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39821.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39821.json index bce701133a8..7c2e285d4d7 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39821.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39821.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39821", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:04.827", - "lastModified": "2024-07-15T18:15:04.827", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access." + }, + { + "lang": "es", + "value": "La condici\u00f3n de ejecuci\u00f3n en el instalador de la aplicaci\u00f3n Zoom Workplace para Windows y la aplicaci\u00f3n Zoom Rooms para Windows puede permitir que un usuario autenticado realice una denegaci\u00f3n de servicio a trav\u00e9s del acceso local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39826.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39826.json index adeefa10726..1cad53549fa 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39826.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39826.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39826", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:05.033", - "lastModified": "2024-07-15T18:15:05.033", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access." + }, + { + "lang": "es", + "value": "El path traversal en Team Chat para algunas aplicaciones Zoom Workplace y SDK para Windows puede permitir que un usuario autenticado realice la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso a la red." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39827.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39827.json index a739c194709..a1278a00c41 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39827.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39827.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39827", "sourceIdentifier": "security@zoom.us", "published": "2024-07-15T18:15:05.237", - "lastModified": "2024-07-15T18:15:05.237", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper input validation in the installer for Zoom Workplace Desktop App for Windows before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access." + }, + { + "lang": "es", + "value": "Una validaci\u00f3n de entrada incorrecta en el instalador de la aplicaci\u00f3n de escritorio Zoom Workplace para Windows anterior a la versi\u00f3n 6.0.10 puede permitir que un usuario autenticado realice una denegaci\u00f3n de servicio a trav\u00e9s del acceso local." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39887.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39887.json index 9daeb1bcbe8..6189731372e 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39887.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39887.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39887", "sourceIdentifier": "security@apache.org", "published": "2024-07-16T10:15:03.380", - "lastModified": "2024-07-16T10:15:03.380", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-399xx/CVE-2024-39912.json b/CVE-2024/CVE-2024-399xx/CVE-2024-39912.json index b3bcfc59dfb..3fcf1b12a42 100644 --- a/CVE-2024/CVE-2024-399xx/CVE-2024-39912.json +++ b/CVE-2024/CVE-2024-399xx/CVE-2024-39912.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39912", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:03.693", - "lastModified": "2024-07-15T20:15:03.693", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the `allowedCredentials` property in the assertion options response. This allows enumeration of valid or invalid usernames. By knowing which usernames are valid, attackers can focus their efforts on a smaller set of potential targets, increasing the efficiency and likelihood of successful attacks. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "web-auth/webauthn-lib es un conjunto de librer\u00edas PHP de c\u00f3digo abierto y un paquete Symfony para permitir a los desarrolladores integrar ese mecanismo de autenticaci\u00f3n en sus aplicaciones web. El m\u00e9todo ProfileBasedRequestOptionsBuilder devuelve AllowCredentials sin ninguna credencial si no se encontr\u00f3 ning\u00fan nombre de usuario. Cuando se utiliza WebAuthn como primer o \u00fanico m\u00e9todo de autenticaci\u00f3n, un atacante puede enumerar los nombres de usuario bas\u00e1ndose en la ausencia de la propiedad \"allowedCredentials\" en la respuesta de las opciones de aserci\u00f3n. Esto permite la enumeraci\u00f3n de nombres de usuario v\u00e1lidos o no v\u00e1lidos. Al saber qu\u00e9 nombres de usuario son v\u00e1lidos, los atacantes pueden centrar sus esfuerzos en un conjunto m\u00e1s peque\u00f1o de objetivos potenciales, aumentando la eficiencia y la probabilidad de ataques exitosos. Este problema se solucion\u00f3 en la versi\u00f3n 4.9.0 y se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-399xx/CVE-2024-39915.json b/CVE-2024/CVE-2024-399xx/CVE-2024-39915.json index e5cf5c915f2..4e227f6fcea 100644 --- a/CVE-2024/CVE-2024-399xx/CVE-2024-39915.json +++ b/CVE-2024/CVE-2024-399xx/CVE-2024-39915.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39915", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:03.933", - "lastModified": "2024-07-15T20:15:03.933", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application does not properly process the url parameter when generating a PDF report. An authorized attacker with access to the reporting functionality could inject arbitrary commands that would be executed when the script /script/html2pdf.sh is called. The vulnerability can be exploited by an authorized user with network access. This issue has been addressed in version 3.16. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" + }, + { + "lang": "es", + "value": "Thruk es una interfaz web de monitoreo multibackend para Naemon, Nagios, Icinga y Shinken que utiliza la API Livestatus. Este RCE autenticado en Thruk permite a los usuarios autorizados con acceso a la red inyectar comandos arbitrarios a trav\u00e9s del par\u00e1metro URL durante la generaci\u00f3n de informes PDF. La aplicaci\u00f3n web Thruk no procesa correctamente el par\u00e1metro de URL al generar un informe en PDF. Un atacante autorizado con acceso a la funcionalidad de informes podr\u00eda inyectar comandos arbitrarios que se ejecutar\u00edan cuando se llame al script /script/html2pdf.sh. La vulnerabilidad puede ser explotada por un usuario autorizado con acceso a la red. Este problema se solucion\u00f3 en la versi\u00f3n 3.16. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-399xx/CVE-2024-39918.json b/CVE-2024/CVE-2024-399xx/CVE-2024-39918.json index e559163ca72..fd6fccbafe1 100644 --- a/CVE-2024/CVE-2024-399xx/CVE-2024-39918.json +++ b/CVE-2024/CVE-2024-399xx/CVE-2024-39918.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39918", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:04.160", - "lastModified": "2024-07-15T20:15:04.160", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. Input of the `ImageId` in the code is not sanitized and may lead to path traversal. This allows an attacker to store an image in an arbitrary location that the server has permission to access. This issue has been addressed in version 2.1.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n" + }, + { + "lang": "es", + "value": "@jmondi/url-to-png es una utilidad de c\u00f3digo abierto de URL a PNG que presenta renderizado paralelo usando Playwright para capturas de pantalla y con almacenamiento en cach\u00e9 a trav\u00e9s de Local, S3 o CouchDB. La entrada de \"ImageId\" en el c\u00f3digo no est\u00e1 sanitizado y puede provocar un path traversal. Esto permite a un atacante almacenar una imagen en una ubicaci\u00f3n arbitraria a la que el servidor tiene permiso para acceder. Este problema se solucion\u00f3 en la versi\u00f3n 2.1.2 y se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-399xx/CVE-2024-39919.json b/CVE-2024/CVE-2024-399xx/CVE-2024-39919.json index 4636bc219e0..588beec8f46 100644 --- a/CVE-2024/CVE-2024-399xx/CVE-2024-39919.json +++ b/CVE-2024/CVE-2024-399xx/CVE-2024-39919.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39919", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:04.380", - "lastModified": "2024-07-15T20:15:04.380", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an `ALLOW_LIST` where the host can specify which services the user is permitted to capture screenshots of. By default, capturing screenshots of web services running on localhost, 127.0.0.1, or the [::] is allowed. If someone hosts this project on a server, users could then capture screenshots of other web services running locally. This issue has been addressed in version 2.1.1 with the addition of a blocklist. Users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "@jmondi/url-to-png es una utilidad de c\u00f3digo abierto de URL a PNG que presenta renderizado paralelo usando Playwright para capturas de pantalla y con almacenamiento en cach\u00e9 a trav\u00e9s de Local, S3 o CouchDB. El paquete incluye una `ALLOW_LIST` donde el host puede especificar de qu\u00e9 servicios el usuario puede realizar capturas de pantalla. De forma predeterminada, se permite realizar capturas de pantalla de servicios web que se ejecutan en localhost, 127.0.0.1 o [::]. Si alguien aloja este proyecto en un servidor, los usuarios podr\u00edan capturar capturas de pantalla de otros servicios web que se ejecutan localmente. Este problema se solucion\u00f3 en la versi\u00f3n 2.1.1 con la adici\u00f3n de una lista de bloqueo. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-404xx/CVE-2024-40414.json b/CVE-2024/CVE-2024-404xx/CVE-2024-40414.json index 6b262937ad4..e88df00c164 100644 --- a/CVE-2024/CVE-2024-404xx/CVE-2024-40414.json +++ b/CVE-2024/CVE-2024-404xx/CVE-2024-40414.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40414", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T17:15:02.783", - "lastModified": "2024-07-15T17:15:02.783", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en /goform/SetNetControlList en la funci\u00f3n sub_656BC en el firmware Tenda AX1806 1.0.0.1 provoca un desbordamiento del b\u00fafer basado en pila." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-404xx/CVE-2024-40415.json b/CVE-2024/CVE-2024-404xx/CVE-2024-40415.json index 33a6d4a2b47..e2a7efed404 100644 --- a/CVE-2024/CVE-2024-404xx/CVE-2024-40415.json +++ b/CVE-2024/CVE-2024-404xx/CVE-2024-40415.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40415", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T18:15:05.490", - "lastModified": "2024-07-15T18:15:05.490", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en /goform/SetStaticRouteCfg en la funci\u00f3n sub_519F4 en el firmware Tenda AX1806 1.0.0.1 provoca un desbordamiento del b\u00fafer basado en pila." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-404xx/CVE-2024-40416.json b/CVE-2024/CVE-2024-404xx/CVE-2024-40416.json index f7e4e61ef83..df070e7e844 100644 --- a/CVE-2024/CVE-2024-404xx/CVE-2024-40416.json +++ b/CVE-2024/CVE-2024-404xx/CVE-2024-40416.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40416", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T18:15:05.543", - "lastModified": "2024-07-15T18:15:05.543", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en /goform/SetVirtualServerCfg en la funci\u00f3n sub_6320C en el firmware Tenda AX1806 1.0.0.1 provoca un desbordamiento del b\u00fafer basado en pila." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40524.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40524.json index e7caae7c767..bc738b78135 100644 --- a/CVE-2024/CVE-2024-405xx/CVE-2024-40524.json +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40524.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40524", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T23:15:02.423", - "lastModified": "2024-07-15T23:15:02.423", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute arbitrary code via the webtool\\application.py component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Directory Traversal en xmind2testcase v.1.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente webtool\\application.py." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40553.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40553.json index 6764940ed4f..5fdd3af8bfc 100644 --- a/CVE-2024/CVE-2024-405xx/CVE-2024-40553.json +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40553.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40553", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T16:15:03.147", - "lastModified": "2024-07-15T16:15:03.147", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tmall_demo v2024.07.03 conten\u00eda una carga de archivo arbitraria a trav\u00e9s del componente uploadUserHeadImage." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40554.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40554.json index f31a6bcac32..a58b8a6815b 100644 --- a/CVE-2024/CVE-2024-405xx/CVE-2024-40554.json +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40554.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40554", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T16:15:03.223", - "lastModified": "2024-07-15T16:15:03.223", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An access control issue in Tmall_demo v2024.07.03 allows attackers to obtain sensitive information." + }, + { + "lang": "es", + "value": "Un problema de control de acceso en Tmall_demo v2024.07.03 permite a los atacantes obtener informaci\u00f3n confidencial." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40555.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40555.json index 924e52efb7f..8cda975253e 100644 --- a/CVE-2024/CVE-2024-405xx/CVE-2024-40555.json +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40555.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40555", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T16:15:03.283", - "lastModified": "2024-07-15T16:15:03.283", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tmall_demo v2024.07.03 conten\u00eda una vulnerabilidad de carga de archivos arbitraria." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40560.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40560.json index 2c0bf88cdeb..5e244ae34af 100644 --- a/CVE-2024/CVE-2024-405xx/CVE-2024-40560.json +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40560.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40560", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-15T16:15:03.347", - "lastModified": "2024-07-15T16:15:03.347", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tmall_demo before v2024.07.03 was discovered to contain a SQL injection vulnerability." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tmall_demo anterior a v2024.07.03 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40624.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40624.json index 245b6a33b6e..f0430645b0d 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40624.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40624.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40624", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:04.810", - "lastModified": "2024-07-15T20:15:04.810", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In `torrentpier/library/includes/functions.php`, `get_tracks()` uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to an arbitrary file, and execute commands on the system. For instance, the cookie bb_t will be deserialized when browsing to viewforum.php. This issue has been addressed in commit `ed37e6e52` which is expected to be included in release version 2.4.4. Users are advised to upgrade as soon as the new release is available. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "TorrentPier es un motor de seguimiento p\u00fablico/privado de BitTorrent de c\u00f3digo abierto, escrito en php. En `torrentpier/library/includes/functions.php`, `get_tracks()` utiliza el formato de serializaci\u00f3n PHP nativo no seguro para deserializar las cookies controladas por el usuario. Se pueden usar phpggc y la cadena Guzzle/FW1 para escribir c\u00f3digo PHP en un archivo arbitrario y ejecutar comandos en el sistema. Por ejemplo, la cookie bb_t se deserializar\u00e1 al navegar por viewforum.php. Este problema se solucion\u00f3 en el commit `ed37e6e52`, que se espera que se incluya en la versi\u00f3n 2.4.4. Se recomienda a los usuarios que actualicen tan pronto como est\u00e9 disponible la nueva versi\u00f3n. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40627.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40627.json index 63ba5fd8f98..955789f6161 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40627.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40627.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40627", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:05.033", - "lastModified": "2024-07-15T20:15:05.033", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fastapi OPA is an opensource fastapi middleware which includes auth flow. HTTP `OPTIONS` requests are always allowed by `OpaMiddleware`, even when they lack authentication, and are passed through directly to the application. `OpaMiddleware` allows all HTTP `OPTIONS` requests without evaluating it against any policy. If an application provides different responses to HTTP `OPTIONS` requests based on an entity existing (such as to indicate whether an entity is writable on a system level), an unauthenticated attacker could discover which entities exist within an application. This issue has been addressed in release version 2.0.1. All users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "Fastapi OPA es un middleware fastapi de c\u00f3digo abierto que incluye flujo de autenticaci\u00f3n. Las solicitudes HTTP `OPCIONES` siempre son permitidas por `OpaMiddleware`, incluso cuando carecen de autenticaci\u00f3n, y se pasan directamente a la aplicaci\u00f3n. `OpaMiddleware` permite todas las solicitudes HTTP de `OPCIONES` sin evaluarlas con respecto a ninguna pol\u00edtica. Si una aplicaci\u00f3n proporciona diferentes respuestas a las solicitudes HTTP \"OPCIONES\" basadas en una entidad existente (por ejemplo, para indicar si se puede escribir en una entidad a nivel del sistema), un atacante no autenticado podr\u00eda descubrir qu\u00e9 entidades existen dentro de una aplicaci\u00f3n. Este problema se solucion\u00f3 en la versi\u00f3n 2.0.1. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40630.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40630.json index 1021ec94c7d..164dc7a1365 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40630.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40630.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40630", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T20:15:05.243", - "lastModified": "2024-07-15T20:15:05.243", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation via a format-agnostic API with a feature set, scalability, and robustness needed for feature film production. In affected versions there is a bug in the heif input functionality of OpenImageIO. Specifically, in `HeifInput::seek_subimage()`. In the worst case, this can lead to an information disclosure vulnerability, particularly for programs that directly use the `ImageInput` APIs. This bug has been addressed in commit `0a2dcb4c` which is included in the 2.5.13.1 release. Users are advised to upgrade. There are no known workarounds for this issue." + }, + { + "lang": "es", + "value": "OpenImageIO es un conjunto de herramientas para leer, escribir y manipular archivos de im\u00e1genes de cualquier formato de archivo de imagen relevante para VFX/animaci\u00f3n a trav\u00e9s de una API independiente del formato con un conjunto de funciones, escalabilidad y solidez necesarias para la producci\u00f3n de largometrajes. En las versiones afectadas hay un error en la funcionalidad de entrada heif de OpenImageIO. Espec\u00edficamente, en `HeifInput::seek_subimage()`. En el peor de los casos, esto puede provocar una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n, especialmente para programas que utilizan directamente las API \"ImageInput\". Este error se solucion\u00f3 en el commit `0a2dcb4c` que se incluye en la versi\u00f3n 2.5.13.1. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40631.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40631.json index 6cbbefa3416..1f80a1d336d 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40631.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40631.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40631", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T19:15:03.700", - "lastModified": "2024-07-15T19:15:03.700", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Plate media is an open source, rich-text editor for React. Editors that use `MediaEmbedElement` and pass custom `urlParsers` to the `useMediaState` hook may be vulnerable to XSS if a custom parser allows `javascript:`, `data:` or `vbscript:` URLs to be embedded. Editors that do not use `urlParsers` and consume the `url` property directly may also be vulnerable if the URL is not sanitised. The default parsers `parseTwitterUrl` and `parseVideoUrl` are not affected. `@udecode/plate-media` 36.0.10 resolves this issue by only allowing HTTP and HTTPS URLs during parsing. This affects only the `embed` property returned from `useMediaState`. In addition, the `url` property returned from `useMediaState` has been renamed to `unsafeUrl` to indicate that it has not been sanitised. The `url` property on `element` is also unsafe, but has not been renamed. If you're using either of these properties directly, you will still need to validate the URL yourself. Users are advised to upgrade. Users unable to upgrade should ensure that any custom `urlParsers` do not allow `javascript:`, `data:` or `vbscript:` URLs to be returned in the `url` property of their return values. If `url` is consumed directly, validate the URL protocol before passing it to the `iframe` element.\n\n" + }, + { + "lang": "es", + "value": "Plate media es un editor de texto enriquecido de c\u00f3digo abierto para React. Los editores que usan `MediaEmbedElement` y pasan `urlParsers` personalizados al enlace `useMediaState` pueden ser vulnerables a XSS si un analizador personalizado permite incrustar URL `javascript:`, `data:` o `vbscript:`. Los editores que no utilizan `urlParsers` y consumen la propiedad `url` directamente tambi\u00e9n pueden ser vulnerables si la URL no est\u00e1 sanitizada. Los analizadores predeterminados `parseTwitterUrl` y `parseVideoUrl` no se ven afectados. `@udecode/plate-media` 36.0.10 resuelve este problema al permitir solo URL HTTP y HTTPS durante el an\u00e1lisis. Esto afecta s\u00f3lo a la propiedad `embed` devuelta por `useMediaState`. Adem\u00e1s, se cambi\u00f3 el nombre de la propiedad `url` devuelta por `useMediaState` a `unsafeUrl` para indicar que no se ha sanitizado. La propiedad `url` en `element` tampoco es segura, pero no se le ha cambiado el nombre. Si utiliza cualquiera de estas propiedades directamente, a\u00fan deber\u00e1 validar la URL usted mismo. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben asegurarse de que los `urlParsers` personalizados no permitan que las URL `javascript:`, `data:` o `vbscript:` se devuelvan en la propiedad `url` de sus valores de retorno. Si `url` se consume directamente, valide el protocolo de URL antes de pasarlo al elemento `iframe`." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40632.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40632.json index 523eeb0eddd..b2a226ac999 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40632.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40632.json @@ -2,13 +2,17 @@ "id": "CVE-2024-40632", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-15T22:15:03.017", - "lastModified": "2024-07-15T22:15:03.017", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linkerd is an open source, ultralight, security-first service mesh for Kubernetes. In affected versions when the application being run by linkerd is susceptible to SSRF, an attacker could potentially trigger a denial-of-service (DoS) attack by making requests to localhost:4191/shutdown. Linkerd could introduce an optional environment variable to control a token that must be passed as a header. Linkerd should reject shutdown requests that do not include this header. This issue has been addressed in release version edge-24.6.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + }, + { + "lang": "es", + "value": "Linkerd es una malla de servicios de c\u00f3digo abierto, ultraligera y que prioriza la seguridad para Kubernetes. En las versiones afectadas, cuando la aplicaci\u00f3n que ejecuta Linkerd es susceptible a SSRF, un atacante podr\u00eda desencadenar un ataque de denegaci\u00f3n de servicio (DoS) al realizar solicitudes a localhost:4191/shutdown. Linkerd podr\u00eda introducir una variable de entorno opcional para controlar un token que debe pasarse como encabezado. Linkerd deber\u00eda rechazar las solicitudes de cierre que no incluyan este encabezado. Este problema se solucion\u00f3 en la versi\u00f3n edge-24.6.2 y se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-410xx/CVE-2024-41008.json b/CVE-2024/CVE-2024-410xx/CVE-2024-41008.json index d05824f8cb4..77cf0c4e1c4 100644 --- a/CVE-2024/CVE-2024-410xx/CVE-2024-41008.json +++ b/CVE-2024/CVE-2024-410xx/CVE-2024-41008.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41008", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T08:15:02.240", - "lastModified": "2024-07-16T08:15:02.240", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4143.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4143.json index a02d5f651ab..9b99fadcb96 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4143.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4143.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4143", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2024-07-15T22:15:03.223", - "lastModified": "2024-07-15T22:15:03.223", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability." + }, + { + "lang": "es", + "value": "Se ha identificado una posible vulnerabilidad de seguridad en ciertos productos de PC HP que utilizan AMI BIOS, lo que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario. AMI ha lanzado actualizaciones de firmware para mitigar esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-42xx/CVE-2024-4224.json b/CVE-2024/CVE-2024-42xx/CVE-2024-4224.json index 9f833c1e029..8ab6d8c4e21 100644 --- a/CVE-2024/CVE-2024-42xx/CVE-2024-4224.json +++ b/CVE-2024/CVE-2024-42xx/CVE-2024-4224.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4224", "sourceIdentifier": "cve@takeonme.org", "published": "2024-07-15T21:15:03.883", - "lastModified": "2024-07-15T21:15:03.883", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated stored cross-site scripting (XSS) exists in the TP-Link TL-SG1016DE affecting version TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, which could allow an adversary to run JavaScript in an administrator's browser. This issue was fixed in\u00a0TL-SG1016DE(UN) V7_1.0.1 Build 20240628." + }, + { + "lang": "es", + "value": "Existe un cross-site scripting (XSS) almacenado autenticado en TP-Link TL-SG1016DE que afecta la versi\u00f3n TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, que podr\u00eda permitir a un adversario ejecutar JavaScript en el navegador de un administrador. Este problema se solucion\u00f3 en TL-SG1016DE(UN) V7_1.0.1 Build 20240628." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-47xx/CVE-2024-4780.json b/CVE-2024/CVE-2024-47xx/CVE-2024-4780.json index 84f664ec310..831f0ae9afa 100644 --- a/CVE-2024/CVE-2024-47xx/CVE-2024-4780.json +++ b/CVE-2024/CVE-2024-47xx/CVE-2024-4780.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4780", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T07:15:01.943", - "lastModified": "2024-07-16T07:15:01.943", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Image Hover Effects \u2013 Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018eihe_link\u2019 parameter in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Image Hover Effects \u2013 Elementor Addon para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'eihe_link' en todas las versiones hasta la 1.4.3 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5852.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5852.json index 814da828e4e..55fa431bebc 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5852.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5852.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5852", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:03.093", - "lastModified": "2024-07-16T09:15:03.093", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6435.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6435.json new file mode 100644 index 00000000000..440953be88f --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6435.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-6435", + "sourceIdentifier": "PSIRT@rockwellautomation.com", + "published": "2024-07-16T13:15:13.630", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. For example, a malicious user with basic privileges could perform critical functions such as creating a user with elevated privileges and reading sensitive information in the \u201cviews\u201d section." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], + "references": [ + { + "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1681.html", + "source": "PSIRT@rockwellautomation.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6457.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6457.json index fa1b119ad06..ae9a528b320 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6457.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6457.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6457", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T11:15:10.097", - "lastModified": "2024-07-16T11:15:10.097", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6557.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6557.json index 4dfdd6f65fd..2ce9f2c9f03 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6557.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6557.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6557", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T05:15:15.073", - "lastModified": "2024-07-16T05:15:15.073", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SchedulePress \u2013 Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.1.3. This is due the plugin utilizing the wpdeveloper library and leaving the demo files in place with display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website." + }, + { + "lang": "es", + "value": "El complemento SchedulePress \u2013 Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher para WordPress es vulnerable a la divulgaci\u00f3n de ruta completa en todas las versiones hasta la 5.1.3 incluida. Esto se debe a que el complemento utiliza la librer\u00eda wpdeveloper y deja los archivos de demostraci\u00f3n en su lugar con display_errors activado. Esto hace posible que atacantes no autenticados recuperen la ruta completa de la aplicaci\u00f3n web, que puede usarse para ayudar en otros ataques. La informaci\u00f3n mostrada no es \u00fatil por s\u00ed sola y requiere que est\u00e9 presente otra vulnerabilidad para da\u00f1ar un sitio web afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6559.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6559.json index 3dc90701e1e..2b91f243537 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6559.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6559.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6559", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T07:15:02.373", - "lastModified": "2024-07-16T07:15:02.373", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6565.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6565.json index b40ad6b714e..c7015c1973f 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6565.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6565.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6565", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:03.280", - "lastModified": "2024-07-16T09:15:03.280", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6570.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6570.json index 9474d96fad9..2b02b0cee10 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6570.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6570.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6570", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:03.460", - "lastModified": "2024-07-16T09:15:03.460", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6579.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6579.json index 27c3929a682..3ded2a8bb6e 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6579.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6579.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6579", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T10:15:03.797", - "lastModified": "2024-07-16T10:15:03.797", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6621.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6621.json index cd94a6d4960..b72dfb854e3 100644 --- a/CVE-2024/CVE-2024-66xx/CVE-2024-6621.json +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6621.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6621", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T11:15:10.357", - "lastModified": "2024-07-16T11:15:10.357", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6689.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6689.json index 55d29252ad3..c1bdc7eb087 100644 --- a/CVE-2024/CVE-2024-66xx/CVE-2024-6689.json +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6689.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6689", "sourceIdentifier": "a341c0d1-ebf7-493f-a84e-38cf86618674", "published": "2024-07-15T14:15:03.640", - "lastModified": "2024-07-15T14:15:03.640", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Local Privilege Escalation in MSI-Installer in baramundi Management Agent v23.1.172.0 on Windows allows a local unprivileged user to escalate privileges to SYSTEM." + }, + { + "lang": "es", + "value": "La escalada de privilegios locales en MSI-Installer en baramundi Management Agent v23.1.172.0 en Windows permite a un usuario local sin privilegios escalar privilegios a SYSTEM." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6716.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6716.json index 9646559f76e..8ebc97cdf60 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6716.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6716.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6716", "sourceIdentifier": "secalert@redhat.com", "published": "2024-07-15T15:15:10.900", - "lastModified": "2024-07-15T18:15:06.107", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing libtiff to allocate memory indefinitely. This issue can result in a denial of service of the system consuming libtiff due to memory starvation." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en libtiff. Esta falla permite a un atacante crear un archivo tiff manipulado, lo que obliga a libtiff a asignar memoria indefinidamente. Este problema puede provocar una denegaci\u00f3n de servicio del sistema que consume libtiff debido a la falta de memoria." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6780.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6780.json index 7c0e99bee51..dd4d9bf09f7 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6780.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6780.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6780", "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "published": "2024-07-16T02:15:12.640", - "lastModified": "2024-07-16T02:15:12.640", - "vulnStatus": "Received", + "lastModified": "2024-07-16T13:43:58.773", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper permission control in the mobile application (com.android.server.telecom) may lead to user information security risks." + }, + { + "lang": "es", + "value": "Un control de permisos inadecuado en la aplicaci\u00f3n m\u00f3vil (com.android.server.telecom) puede generar riesgos para la seguridad de la informaci\u00f3n del usuario." } ], "metrics": {}, diff --git a/README.md b/README.md index 77099448007..1c425b1fd6e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-16T12:00:17.806834+00:00 +2024-07-16T14:00:19.856501+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-16T11:15:10.357000+00:00 +2024-07-16T13:57:37.203000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -257093 +257191 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `98` -- [CVE-2023-52886](CVE-2023/CVE-2023-528xx/CVE-2023-52886.json) (`2024-07-16T10:15:02.493`) -- [CVE-2024-39887](CVE-2024/CVE-2024-398xx/CVE-2024-39887.json) (`2024-07-16T10:15:03.380`) -- [CVE-2024-6457](CVE-2024/CVE-2024-64xx/CVE-2024-6457.json) (`2024-07-16T11:15:10.097`) -- [CVE-2024-6579](CVE-2024/CVE-2024-65xx/CVE-2024-6579.json) (`2024-07-16T10:15:03.797`) -- [CVE-2024-6621](CVE-2024/CVE-2024-66xx/CVE-2024-6621.json) (`2024-07-16T11:15:10.357`) +- [CVE-2022-48843](CVE-2022/CVE-2022-488xx/CVE-2022-48843.json) (`2024-07-16T13:15:11.650`) +- [CVE-2022-48844](CVE-2022/CVE-2022-488xx/CVE-2022-48844.json) (`2024-07-16T13:15:11.733`) +- [CVE-2022-48845](CVE-2022/CVE-2022-488xx/CVE-2022-48845.json) (`2024-07-16T13:15:11.803`) +- [CVE-2022-48846](CVE-2022/CVE-2022-488xx/CVE-2022-48846.json) (`2024-07-16T13:15:11.883`) +- [CVE-2022-48847](CVE-2022/CVE-2022-488xx/CVE-2022-48847.json) (`2024-07-16T13:15:11.950`) +- [CVE-2022-48848](CVE-2022/CVE-2022-488xx/CVE-2022-48848.json) (`2024-07-16T13:15:12.023`) +- [CVE-2022-48849](CVE-2022/CVE-2022-488xx/CVE-2022-48849.json) (`2024-07-16T13:15:12.103`) +- [CVE-2022-48850](CVE-2022/CVE-2022-488xx/CVE-2022-48850.json) (`2024-07-16T13:15:12.170`) +- [CVE-2022-48851](CVE-2022/CVE-2022-488xx/CVE-2022-48851.json) (`2024-07-16T13:15:12.247`) +- [CVE-2022-48852](CVE-2022/CVE-2022-488xx/CVE-2022-48852.json) (`2024-07-16T13:15:12.320`) +- [CVE-2022-48853](CVE-2022/CVE-2022-488xx/CVE-2022-48853.json) (`2024-07-16T13:15:12.380`) +- [CVE-2022-48854](CVE-2022/CVE-2022-488xx/CVE-2022-48854.json) (`2024-07-16T13:15:12.457`) +- [CVE-2022-48855](CVE-2022/CVE-2022-488xx/CVE-2022-48855.json) (`2024-07-16T13:15:12.550`) +- [CVE-2022-48856](CVE-2022/CVE-2022-488xx/CVE-2022-48856.json) (`2024-07-16T13:15:12.647`) +- [CVE-2022-48857](CVE-2022/CVE-2022-488xx/CVE-2022-48857.json) (`2024-07-16T13:15:12.733`) +- [CVE-2022-48858](CVE-2022/CVE-2022-488xx/CVE-2022-48858.json) (`2024-07-16T13:15:12.803`) +- [CVE-2022-48859](CVE-2022/CVE-2022-488xx/CVE-2022-48859.json) (`2024-07-16T13:15:12.873`) +- [CVE-2022-48860](CVE-2022/CVE-2022-488xx/CVE-2022-48860.json) (`2024-07-16T13:15:12.940`) +- [CVE-2022-48861](CVE-2022/CVE-2022-488xx/CVE-2022-48861.json) (`2024-07-16T13:15:13.030`) +- [CVE-2022-48862](CVE-2022/CVE-2022-488xx/CVE-2022-48862.json) (`2024-07-16T13:15:13.100`) +- [CVE-2022-48863](CVE-2022/CVE-2022-488xx/CVE-2022-48863.json) (`2024-07-16T13:15:13.163`) +- [CVE-2022-48864](CVE-2022/CVE-2022-488xx/CVE-2022-48864.json) (`2024-07-16T13:15:13.233`) +- [CVE-2022-48865](CVE-2022/CVE-2022-488xx/CVE-2022-48865.json) (`2024-07-16T13:15:13.300`) +- [CVE-2022-48866](CVE-2022/CVE-2022-488xx/CVE-2022-48866.json) (`2024-07-16T13:15:13.377`) +- [CVE-2024-6435](CVE-2024/CVE-2024-64xx/CVE-2024-6435.json) (`2024-07-16T13:15:13.630`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `66` +- [CVE-2024-40524](CVE-2024/CVE-2024-405xx/CVE-2024-40524.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40553](CVE-2024/CVE-2024-405xx/CVE-2024-40553.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40554](CVE-2024/CVE-2024-405xx/CVE-2024-40554.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40555](CVE-2024/CVE-2024-405xx/CVE-2024-40555.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40560](CVE-2024/CVE-2024-405xx/CVE-2024-40560.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40624](CVE-2024/CVE-2024-406xx/CVE-2024-40624.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40627](CVE-2024/CVE-2024-406xx/CVE-2024-40627.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40630](CVE-2024/CVE-2024-406xx/CVE-2024-40630.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40631](CVE-2024/CVE-2024-406xx/CVE-2024-40631.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-40632](CVE-2024/CVE-2024-406xx/CVE-2024-40632.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-41008](CVE-2024/CVE-2024-410xx/CVE-2024-41008.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-4143](CVE-2024/CVE-2024-41xx/CVE-2024-4143.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-4224](CVE-2024/CVE-2024-42xx/CVE-2024-4224.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-4780](CVE-2024/CVE-2024-47xx/CVE-2024-4780.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-5852](CVE-2024/CVE-2024-58xx/CVE-2024-5852.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6457](CVE-2024/CVE-2024-64xx/CVE-2024-6457.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6557](CVE-2024/CVE-2024-65xx/CVE-2024-6557.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6559](CVE-2024/CVE-2024-65xx/CVE-2024-6559.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6565](CVE-2024/CVE-2024-65xx/CVE-2024-6565.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6570](CVE-2024/CVE-2024-65xx/CVE-2024-6570.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6579](CVE-2024/CVE-2024-65xx/CVE-2024-6579.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6621](CVE-2024/CVE-2024-66xx/CVE-2024-6621.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6689](CVE-2024/CVE-2024-66xx/CVE-2024-6689.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6716](CVE-2024/CVE-2024-67xx/CVE-2024-6716.json) (`2024-07-16T13:43:58.773`) +- [CVE-2024-6780](CVE-2024/CVE-2024-67xx/CVE-2024-6780.json) (`2024-07-16T13:43:58.773`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 6bed22e8b55..c036430758d 100644 --- a/_state.csv +++ b/_state.csv @@ -187439,6 +187439,9 @@ CVE-2021-47618,0,0,2a314532463f641de5a1abcd70cc0a94c3a5563bdb37f6cd3ebfada5f8416 CVE-2021-47619,0,0,3423ea9cbab93af03ecb9855e0285f5e2851c0e4b6812bafeb4e82921247592c,2024-06-20T12:43:25.663000 CVE-2021-47620,0,0,fb48237cc161b8d736f32b3c4687ae5c6d236eb8a2b8089bbf75bcca0c16df9e,2024-06-20T12:43:25.663000 CVE-2021-47621,0,0,3c693618579cf3a434262a9f649887b62de6d844718e09e90ffc6b4b344c578a,2024-06-21T11:22:01.687000 +CVE-2021-47622,1,1,10df45afec9fc8b0a07ba80affb46b3184ebdf16b25bdef47f3e267c3342e11c,2024-07-16T13:43:58.773000 +CVE-2021-47623,1,1,0cd8f0007178b5098c2c9b47f9664ef46be477104b36b168135b581288548081,2024-07-16T13:43:58.773000 +CVE-2021-47624,1,1,a84597c5c76647e66df4433690586cc2ce55b5ad4c35613ee1df567d8d50571b,2024-07-16T13:43:58.773000 CVE-2022-0001,0,0,c7771fc2d861960e86f1fd6d32008510ecf97da9ca69c795218a9bb34cd032b1,2024-04-09T15:15:26.797000 CVE-2022-0002,0,0,383f70837be6118e87e9457e616e4d09f60a1ff845d543b16ebbc8f1078dc94f,2022-08-19T12:28:50.667000 CVE-2022-0004,0,0,e3e425e8f15bba73e3ddeac7007a097fd53c30dc0f781f80718d8d9da4feab39,2022-06-10T20:52:37.810000 @@ -212208,15 +212211,109 @@ CVE-2022-4877,0,0,7be088f764e81f3d159b624bbe89e382d534c3a5b5b12bd3cddcbca9b76598 CVE-2022-48770,0,0,c1d7d83fd1642cff8a855525ca26bcc6079d73fb16b8d7f896bc8d7f51eac629,2024-06-20T12:43:25.663000 CVE-2022-48771,0,0,a8deacbe046a73aa8a794ce68776d42685618f7346517abbe96cfaf42a525dde,2024-06-20T12:43:25.663000 CVE-2022-48772,0,0,825ad0b7596b25819d7b86965164bb12e2585ef24c7e39d20b3372592bbe9a0d,2024-06-25T18:50:42.040000 +CVE-2022-48773,1,1,ec6b8a58dab6fa4f5628edbd50b05c7b5db5a775fd2c88a65aa957f26646b140,2024-07-16T13:43:58.773000 +CVE-2022-48774,1,1,ee27e1b8f2c1fabfd62e180cd6b01f393c8309426e8b150c8d39f51dc6b2cf08,2024-07-16T13:43:58.773000 +CVE-2022-48775,1,1,d1e60da838d7fbe6e4fbab3151ef6f92a6a6fa6fba6a537b8c2e59acf2baea01,2024-07-16T13:43:58.773000 +CVE-2022-48776,1,1,09826cc6871c20f4e11d0028e8e5c22666a8c2929d4d49ff078a26f188876214,2024-07-16T13:43:58.773000 +CVE-2022-48777,1,1,269ff611471d6aec6049200f6a5383d2049f48e187e5be23b2430df6a63f0395,2024-07-16T13:43:58.773000 +CVE-2022-48778,1,1,cbdcfbd2b143e4fb75c5c649616440d20861de556cd324c69195ae55e349991f,2024-07-16T13:43:58.773000 +CVE-2022-48779,1,1,80b3abe1ebea60a253a335765e86674a3fce5b88c91255a273544f5f6b1b7b21,2024-07-16T13:43:58.773000 CVE-2022-4878,0,0,fb05127321f1dbc90cfbd12f64590320f5f815bf94532155a8a99445e7198622,2024-05-17T02:17:00.683000 +CVE-2022-48780,1,1,035267ab372aa7ea67a59947571743d73d2284f1d8d989ef5381da90bb47c37a,2024-07-16T13:43:58.773000 +CVE-2022-48781,1,1,44e8df88269fa76c63f7acae248f12732b479a287b9d9469690c8daa665fdd22,2024-07-16T13:43:58.773000 +CVE-2022-48782,1,1,f7a26dcfd1a085011cb2ced21ea153cfed99717a8d4e9057604aacadfd142e64,2024-07-16T13:43:58.773000 +CVE-2022-48783,1,1,b1b0f69a1dca06a6016ac5d95b5ec6b0aa78eb8af9a28296028a632d2e66cb3f,2024-07-16T13:43:58.773000 +CVE-2022-48784,1,1,aabfb04ca00d406c4f8191d92b42906074cd1b52e47d7bcf6d2ed904d344b42c,2024-07-16T13:43:58.773000 +CVE-2022-48785,1,1,4fcd880d605719615bcafa05628bde9f12e44e12f45a98c6065536e3a123c0f3,2024-07-16T13:43:58.773000 +CVE-2022-48786,1,1,0b254af8b0bea9c81e8d08d5268ae73dfec9cdc876e58c1d23eaa06e45dbf82a,2024-07-16T13:43:58.773000 +CVE-2022-48787,1,1,e23cd30687e6fadfc7d2bdad318b7516179003f76851ea706a4fa24412c04d2e,2024-07-16T13:43:58.773000 +CVE-2022-48788,1,1,71aa3bf36b78b36b038027c50d721d67985f534e70f6c402e59b5644743b468e,2024-07-16T13:43:58.773000 +CVE-2022-48789,1,1,511018706ea430f2cd32d7d761927125b60cc3be3985d0cb38605c9478dd554a,2024-07-16T13:43:58.773000 CVE-2022-4879,0,0,600ae7de1114ee360c02bf317be837afff520a1a9e5d64a934be99bea53f48f1,2024-05-17T02:17:00.797000 +CVE-2022-48790,1,1,425ed1f2ecd7da1b20bd2ea346413e9d56e140b3b745d2352a537369a45907d6,2024-07-16T13:43:58.773000 +CVE-2022-48791,1,1,93ed11df82220c260b3a3d6f2ef469c2688737246940bca3790086edcf4db579,2024-07-16T13:43:58.773000 +CVE-2022-48792,1,1,7619639d6707166913e6aad5b289afa19dbd5a4c1806fb2d30e442bdc7b97600,2024-07-16T13:43:58.773000 +CVE-2022-48793,1,1,274a72beb26fb2c15e4d3049a3bf7ee839adfc28130a1929589f2abd7bf1382f,2024-07-16T13:43:58.773000 +CVE-2022-48794,1,1,a4d4171ef4c18ff18bac3f060a1f155e9c3fb724c25174f4924485aa0c61a4e9,2024-07-16T13:43:58.773000 +CVE-2022-48795,1,1,a21891948802ee87d3954e50b61c47879839ca05fa6acc6b3a99e0b7e5ad1701,2024-07-16T13:43:58.773000 +CVE-2022-48796,1,1,b487108eba8aed5658451546691d9e5f68006af1e3dc6aa3f1f20559e92d1521,2024-07-16T13:43:58.773000 +CVE-2022-48797,1,1,a87ea3f83fd7aa00cdb5c986541632453a7a85b561cfef759730199ee876b7b0,2024-07-16T13:43:58.773000 +CVE-2022-48798,1,1,ec2383b5c83c9d1db63c5f947584504999c3fdcb2d09ad692f13fcbd006fd247,2024-07-16T13:43:58.773000 +CVE-2022-48799,1,1,b63bd764e7647808fc61ccfa3e603feed7ac108b8fd676e767a9ce341f247ca1,2024-07-16T13:43:58.773000 CVE-2022-4880,0,0,4ba00f45fa60e84e17646df0b31022c326d2de77554d7c7bed348aaf66eba2e8,2024-05-17T02:17:00.927000 +CVE-2022-48800,1,1,59ba74dabc6738d64394ece39050fdf1a14142a90bdba9d9b37ce197663175dd,2024-07-16T13:43:58.773000 +CVE-2022-48801,1,1,0214a87595031250f7595326c11394c7ca79f3c3611b360762f78c0ccce40243,2024-07-16T13:43:58.773000 +CVE-2022-48802,1,1,0d40e9f2d86a46b6039791aea2aa4a5ae0c4e54f7591b500fbabd398edf4f76a,2024-07-16T13:43:58.773000 +CVE-2022-48803,1,1,ec8e07d3d9ee2cef872a96bdf63cb4cc937e9c97c7757d327b9f48dc2348ae69,2024-07-16T13:43:58.773000 +CVE-2022-48804,1,1,ab17c0fbfbe928329373c60b863815554215cce2d3118345838bcf24319ff7a8,2024-07-16T13:43:58.773000 +CVE-2022-48805,1,1,eecf262d3c42c9856d0305b624ceaf845ef2303b27a748e5711a524525119afa,2024-07-16T13:43:58.773000 +CVE-2022-48806,1,1,4147bb55e91b63330c55e3bb1f0cfe43e406bc543a46e972bbdf06e599fefcaf,2024-07-16T13:43:58.773000 +CVE-2022-48807,1,1,9821ae3bb0638f7573358c48f7877d794b2836c320c19254d28009e71672f624,2024-07-16T13:43:58.773000 +CVE-2022-48808,1,1,308a406bb655bdd2ee569bb3ccfb7dc217828cf9a1839ea89a424bc70aa107bf,2024-07-16T13:43:58.773000 +CVE-2022-48809,1,1,e9781f75ac535d687c14c27b8eba4a47ed934ffa985f00f10c7c10b6f38535f3,2024-07-16T13:43:58.773000 CVE-2022-4881,0,0,6349a0e7da309a6caade998ae00d4f92066bbfe8e2c32f89584cd909f7854d95,2024-05-17T02:17:01.037000 +CVE-2022-48810,1,1,a2ab8a1d905853c40ced570ee6abedf8488ba84a8d4629761c6771709b30300d,2024-07-16T13:43:58.773000 +CVE-2022-48811,1,1,f4d3e8e1c9b771ec24a3c45da63007fd0989fe1e435391e60d3d348293e05d91,2024-07-16T13:43:58.773000 +CVE-2022-48812,1,1,8cbfc75d65cf7519b8954889ff4d5b5223a4fdd60a66016285af0e7c3355cbf2,2024-07-16T13:43:58.773000 +CVE-2022-48813,1,1,f305b2b7f1f6c350c4b3f0413c5be0cdd35daed6a6d67ed87e9bee9d7151d75c,2024-07-16T13:43:58.773000 +CVE-2022-48814,1,1,d05cfd2256785ca48af1ad516c42e8fc200571fdbeaf06537ba04afb56580d00,2024-07-16T13:43:58.773000 +CVE-2022-48815,1,1,70c595422869cddfec041e1d726006fb1427c2865d1240ade13b44ce03799b4e,2024-07-16T13:43:58.773000 +CVE-2022-48816,1,1,914fc07861c3287202dddea8287e4645c7850737f63808839929e47496a35470,2024-07-16T13:43:58.773000 +CVE-2022-48817,1,1,18caa067259f87219fbe8bec8d75803e6f1c32de67d98162d9c794da23948af0,2024-07-16T13:43:58.773000 +CVE-2022-48818,1,1,095caf04b8d25d4adc9a0e9f7aa963f7e2a5bafe5f817aa41ce1ab219e96852c,2024-07-16T13:43:58.773000 +CVE-2022-48819,1,1,34d5e817fdb2dd5e2f0c73413b15e58327eb13e257934c30ab296de18ab29b17,2024-07-16T13:43:58.773000 CVE-2022-4882,0,0,6431d8699c3a0e0de78e9a56f61f6085416d72ba627cb8ae8a8a7725b50d9e3d,2024-05-17T02:17:01.177000 +CVE-2022-48820,1,1,4a8a44b2581cd46404fdb0ad10e9d79d43291b2bf00e03647175da8ddebc201f,2024-07-16T13:43:58.773000 +CVE-2022-48821,1,1,4042f19db35c9a352b0ccb1f0176e342b4853cbf636b8948f99517e5aca92f4c,2024-07-16T13:43:58.773000 +CVE-2022-48822,1,1,49f1c3f6ebc7f935c612c30ad912c3df2eb484a0a9ca8fe5e14afb04f25ed766,2024-07-16T13:43:58.773000 +CVE-2022-48823,1,1,dbed7066fd26b33d8704aa47354bf26ad2f78ec732fc71037f66dd1d9b76c88a,2024-07-16T13:43:58.773000 +CVE-2022-48824,1,1,fc95483121907fc3315193ca7bffcb5ac05d9b356d864a08d1128815dadb447d,2024-07-16T13:43:58.773000 +CVE-2022-48825,1,1,3fbcc7056f10270de7800507f5460e1d2fdd5a7110142ff0e25ee572a327a2c3,2024-07-16T13:43:58.773000 +CVE-2022-48826,1,1,8a668c783dbeedf27abd3b040fd1e5cc81db32072c06cdb42dff383a3a106add,2024-07-16T13:43:58.773000 +CVE-2022-48827,1,1,58f97f16ab9ed1690d5092d99fd4c7ab3da6b1027dab1f1531f68a5029d05cf4,2024-07-16T13:43:58.773000 +CVE-2022-48828,1,1,1386435b2be19cb7b52614a4ff709f293bb50b3882b463a8d6d21ea334f5cf55,2024-07-16T13:43:58.773000 +CVE-2022-48829,1,1,1bc02ea2597db34f4a0ece6e4d49808cb2b34491cd83959f63da58959214c865,2024-07-16T13:43:58.773000 CVE-2022-4883,0,0,820d1105d9b82bffe0adb81647080f62c32ba63cb35bf1ef24035ed00cf6f7be,2023-10-17T15:55:36.773000 +CVE-2022-48830,1,1,e22e2e0887b0b86eb4cf324cb4a9f7a83e6b7926d3beca11ffca268260854500,2024-07-16T13:43:58.773000 +CVE-2022-48831,1,1,351602b86da3ea07115bf6f723f7380003eff65b8aede2b909ab31a6e1b9ff33,2024-07-16T13:43:58.773000 +CVE-2022-48832,1,1,0a5e163c028cd3d25fc5acb6c8965020bb8461631f62ab5431623b874d61e765,2024-07-16T13:43:58.773000 +CVE-2022-48833,1,1,d3249b6f1f8afc394f753bdd0cb4f946023d7de7e66839f5269338ef343a4377,2024-07-16T13:43:58.773000 +CVE-2022-48834,1,1,eb0b0b412a992033cc1ccff0c2fe442c6d58b137207c30c834c3ef3f7db02dae,2024-07-16T13:43:58.773000 +CVE-2022-48835,1,1,2479254d1fbe0dc2b5306c0fd9d9d0164d10c20462ce8b7a8e261d762dd9b069,2024-07-16T13:43:58.773000 +CVE-2022-48836,1,1,fc888f24293335e1fd6f0258311ddaf2aaf3aa4461faee55b6cb3f00722e9478,2024-07-16T13:43:58.773000 +CVE-2022-48837,1,1,6ad41f7ddcdbdd50d9562ac6970e52eace11fd74ac7875b58123c1c97dd1bfbf,2024-07-16T13:43:58.773000 +CVE-2022-48838,1,1,c19e65141a73bdc7a8b370c78571efc7bace2bbd7543f363c314c35ca3066665,2024-07-16T13:43:58.773000 +CVE-2022-48839,1,1,579c18efb17ff28e9593c609558824715c6e79cb91a272ff9ee9c9cae2585526,2024-07-16T13:43:58.773000 CVE-2022-4884,0,0,a6a4f8f512359cbd3bc97c9bff5c912b615eed86b463f5a3a04bd30a2dc0860f,2023-01-12T21:23:17.837000 +CVE-2022-48840,1,1,d2015fa807ca103878f0607242419a45f49b1592c7e1e11b678b5253b8ca9f3c,2024-07-16T13:43:58.773000 +CVE-2022-48841,1,1,014a42a246d6a4b44be2992ef238aeb25c8d73e3955e7c333bd329cb9ce44a32,2024-07-16T13:43:58.773000 +CVE-2022-48842,1,1,03f5e8199ad470c0594f4be3af38ba16545e1fbfc2dbc1a52031999e2cdd2921,2024-07-16T13:43:58.773000 +CVE-2022-48843,1,1,554f3e4c385b1cfd957170a4fe2b29965e2f72a7f1768eb4409271af4a0923ea,2024-07-16T13:43:58.773000 +CVE-2022-48844,1,1,181fbb41a1b36c6329f3679ae5ffb20f2ee0b927175731785cee3a05cebf8b4d,2024-07-16T13:43:58.773000 +CVE-2022-48845,1,1,fbed276cdbed4be53fe0c2e84e9d7fcbf842ed2ed5ea0c644765e1e83911fa74,2024-07-16T13:43:58.773000 +CVE-2022-48846,1,1,258bd469c81df739b0318baa8b5a9afd7a279fda087f5e18d20cc5397b710347,2024-07-16T13:43:58.773000 +CVE-2022-48847,1,1,e1106706102ce34933f31c3a9cad8604a32deb24108d0efd1d2b5c87b8493857,2024-07-16T13:43:58.773000 +CVE-2022-48848,1,1,841f4f17fe6f0bd45e8094feaad5ffe5d4a49e211a049597af59860f9628ac1e,2024-07-16T13:43:58.773000 +CVE-2022-48849,1,1,85b0fba2772c3263d25e285c7ede8790a5b6281c7382c8c64802064ec5b570a9,2024-07-16T13:43:58.773000 CVE-2022-4885,0,0,6dfd3bcc205acf11a6a336fd859c715f78ad0d5c5de19658ba0e65de5d18469e,2024-05-17T02:17:01.360000 +CVE-2022-48850,1,1,2d12d21a278b66df98a5fe28b4f3d9a8850e62b113f440e38e63a8d6d9f5a451,2024-07-16T13:43:58.773000 +CVE-2022-48851,1,1,afd4847faabc2e964b405643d5a449b55f760aef7104d1496288a15687487fc5,2024-07-16T13:43:58.773000 +CVE-2022-48852,1,1,99eeb47b1b1373008883b59f7f48e560bafad44d0601fae9578eddfef85d364a,2024-07-16T13:43:58.773000 +CVE-2022-48853,1,1,ae37ad43d8b3e0352ad15763b641c7dda8d82eb6c46e13773bee418478a44834,2024-07-16T13:43:58.773000 +CVE-2022-48854,1,1,d193771adf121cdaef1c3be856242ee90e67f8a06431103d61cbd5bff00b892d,2024-07-16T13:43:58.773000 +CVE-2022-48855,1,1,e7427f8e7f565d06e227788d62a60fa6435ee6cdfea2c6631b022b2a3e9cbb49,2024-07-16T13:43:58.773000 +CVE-2022-48856,1,1,bc28c60c800d80850a0634873cb06b3fae622462e1834741acc8ff5ff5094c87,2024-07-16T13:43:58.773000 +CVE-2022-48857,1,1,fcfd4d5325304ec5d30ccd9a0463aa3af1d86aba8fd3a76dd8ffcf0aeb83dcf8,2024-07-16T13:43:58.773000 +CVE-2022-48858,1,1,675f3acf735ccb30f09ddf8d8a7e2cf8fde82966e8614b3471785d9d141b9794,2024-07-16T13:43:58.773000 +CVE-2022-48859,1,1,bf472ae3dc7d85525570febce3dda7d01ae2bf3c53e8799575c116657d298251,2024-07-16T13:43:58.773000 CVE-2022-4886,0,0,e42990ffb743b6c6f14b952ff7ce95d12501834b779ed69d6232e165ff6a1e65,2024-03-07T17:15:09.470000 +CVE-2022-48860,1,1,dd030bd854c176c2200d462a6f3141a98e9a1469955930df2fff3fa9e2263fd5,2024-07-16T13:43:58.773000 +CVE-2022-48861,1,1,905d793ee3312864c20dea7f573fadf7235d805517e9ed169f09af3cd3a62261,2024-07-16T13:43:58.773000 +CVE-2022-48862,1,1,b2980e35d054054ac632f303d5eea355f3f45350b2d7b8219ea635761bc9e348,2024-07-16T13:43:58.773000 +CVE-2022-48863,1,1,d47ca4cd989aff8f1164e8e88a83f189faf389cda705356586660135175c131d,2024-07-16T13:43:58.773000 +CVE-2022-48864,1,1,33ff56cfd868ba10925ee25f0636bd18047486576a322e7b427a47fc0fa3a6d8,2024-07-16T13:43:58.773000 +CVE-2022-48865,1,1,6e9e2d65f8ecd683dd2c24054e6f8657a2609aacee83d88591dce455f2cbb500,2024-07-16T13:43:58.773000 +CVE-2022-48866,1,1,d173c959b519821a665de82f8d1cefa8cc94ed6baee13b3e8515bdf6f9cb56ea,2024-07-16T13:43:58.773000 CVE-2022-4888,0,0,b679e23092f1369239dc0dfe1d4aeef981e952b9db5ffb43ed815e206bd3f53d,2023-11-07T03:59:13.600000 CVE-2022-4889,0,0,e28145e6bac3566714c615b828c485e97008b42961c16fdc8c566e13678a4601,2024-05-17T02:17:01.537000 CVE-2022-4890,0,0,6681cfa53e1bf5f370bc8c8bc62693e3d5b22cda3aa6b9f40531dae97a716dfa,2024-05-17T02:17:01.647000 @@ -238344,7 +238441,7 @@ CVE-2023-52286,0,0,d57c75df7d4ddd4390fb4bc0cb787c8d5ccb33cbef5a941d5aa3217832550 CVE-2023-52288,0,0,297c3e93d2578fa4354d42073bbfcc9c84a93418874a891bfd157ba56fb9cdc0,2024-01-24T18:40:15.637000 CVE-2023-52289,0,0,b0b62bf64cde12eff577800bdca9d7c0c719bc9a23d6c24a235e18254584af67,2024-01-24T18:48:24.283000 CVE-2023-5229,0,0,96ae4a14c7f75bcf2b6cbe69f7946f8795ec64211a57e06d1e0d2d6ff05a7656,2023-11-08T18:35:10.590000 -CVE-2023-52290,0,0,399464231e49f20d23c72354bf5bf48a11eea79c84ca0e19d03bd235db0575a9,2024-07-16T08:15:02.050000 +CVE-2023-52290,0,1,b027d3a77e3918cc6823c1648721e9d0ca22799d7375d42fe7f068b3c1f18fba,2024-07-16T13:43:58.773000 CVE-2023-52296,0,0,85a5b959f2db874145dc7271afa4c982911881063ce8b8741fd891792d7a0806,2024-06-10T17:16:16.537000 CVE-2023-5230,0,0,a536f5ec0e596e59d6ed211c038722ef9594f65abf67a435dc22663a31135f5f,2023-11-07T04:23:38.493000 CVE-2023-52302,0,0,22ea8ee42f1d0c97611b1d0c11616324d4f2cec9c11a2c69cd863452202dca24,2024-01-05T12:14:39.403000 @@ -238944,7 +239041,7 @@ CVE-2023-52882,0,0,e51efc18668383cabb6a1a97b2fa54b9809b5bd71d28b08d72a7fdf9caf29 CVE-2023-52883,0,0,97759c00758e41d95ed1ae62b92bf41e3188ce0db01c0040d74fe100684b74d7,2024-07-03T01:44:10.627000 CVE-2023-52884,0,0,bbf325b5c1ed57a9d1f4ab6303e0df9c8a8b60b96f00c7266f34fe596a2f1382,2024-06-21T11:22:01.687000 CVE-2023-52885,0,0,e5c658cfc56d45f1e026b5e9d3b2354382c669c4a8a58f5c853288778028aada,2024-07-15T13:00:34.853000 -CVE-2023-52886,1,1,95f860132fb440ef5db5a693cde04172b145869bb82e837d027d0e58b83d8654,2024-07-16T10:15:02.493000 +CVE-2023-52886,0,1,08188372333cf217337337a6081ea226ff1618167f3570a223e7e18bb4cf8d06,2024-07-16T13:43:58.773000 CVE-2023-5289,0,0,85a0656428a156af531ef9ce48391ff960ba4c2a8af32298a7386854e98b6d86,2023-10-02T18:13:04.227000 CVE-2023-52890,0,0,98d004bfa32a49234fd94c1d29c092368def9b12c09abef3185e148025b433c1,2024-06-13T18:36:09.010000 CVE-2023-52891,0,0,5e151a4d8c6f84e3d9dd04a36315448ea54aacacf0306d24e88a33c5bc6a9764,2024-07-09T18:19:14.047000 @@ -242425,7 +242522,7 @@ CVE-2024-1933,0,0,7fbc0f24622f50a410caa37f8d4d0022d31f3ba694aaa208855480ee88f0fa CVE-2024-1934,0,0,df6bc0820efaa227ff0593f2f377a2941dbe3870867c525b59689743a10c0b3a,2024-04-10T13:23:38.787000 CVE-2024-1935,0,0,ca5903a177c0640c0e970926382a56ffbeaa4621c2c3291cf867a2ac2d3da56b,2024-03-13T18:15:58.530000 CVE-2024-1936,0,0,b663fea20770354eab8754ae6925549962e39174687f5155b204d5fec65f6ae3,2024-03-23T12:15:08.453000 -CVE-2024-1937,0,0,e4267aecc6d36cf0089bfd3a7de2bf38a789e042581a5e82e29812af34d12152,2024-07-16T09:15:02.257000 +CVE-2024-1937,0,1,457f3044d0f210bbfeed56f80f747c3fea75ee45bfc9bf56dbce60c09fa8264c,2024-07-16T13:43:58.773000 CVE-2024-1938,0,0,c00952c8fb5bee70009fa8cb4edae0ee23e0cf49f38d1396820ee571c21d4610,2024-03-07T23:15:07.177000 CVE-2024-1939,0,0,bb8e8d14c3c98da37e63f3c0963deaed3de9feadfccc15528efb01aca2c53754,2024-03-07T23:15:07.250000 CVE-2024-1940,0,0,4f9f4862eb1e6b7652f757b60ccb034b4f77619e6171d9f3805603ac6e0c779f,2024-06-06T13:59:09.023000 @@ -246985,7 +247082,7 @@ CVE-2024-26906,0,0,42532862975f8bdf6c218bb08e8c76f0bdeb5f292a8c20c2de1b8755512c9 CVE-2024-26907,0,0,00d718a412070a4297719ea0fb3f7b55969fac373e166e4b352e4dbc743daf28,2024-06-25T22:15:25.960000 CVE-2024-26908,0,0,5ecc683879bcc08f4a65e6b0675afebd2da7cfed4f9fada740f88a540c7f8b1e,2024-04-30T08:15:17.140000 CVE-2024-26909,0,0,e3d7941f07403bc0745f4894278d17e22a07c87692715dac5395fbc71a84fef3,2024-04-29T19:45:21.680000 -CVE-2024-2691,0,0,c8155cf95104d3314cc19d2c5bb788d687f54a9effa3d22a2941545abbd34823,2024-07-16T09:15:02.497000 +CVE-2024-2691,0,1,e2e3efc926ff18c0b9919b48a3a138ef935ce3483eabea410b672434791bc93f,2024-07-16T13:43:58.773000 CVE-2024-26910,0,0,954b55e4bd1d42e5ff1449b1b11f06a07bc8c27711bedf28e87052fdaee0aafd,2024-06-25T22:15:26.080000 CVE-2024-26911,0,0,8ea2c917a6f00806416f32a6fbb36b2b35e7e18ca96874650f1bec8c514fcc80,2024-04-29T19:17:11.627000 CVE-2024-26912,0,0,7c8d0e30edc101bfc2f9acae1bf1398abcf215c4aec3726d727c7375cc839a46,2024-04-29T19:20:57.410000 @@ -247316,10 +247413,10 @@ CVE-2024-27234,0,0,7f9c430bb757ad526adb7918516acd55f167ec46b27604bd9833832e0b615 CVE-2024-27235,0,0,ca7df1b3186edf63083ffa451556ee8cef5481ef83fd54ad47ed09114ed183d0,2024-03-15T20:15:09.253000 CVE-2024-27236,0,0,87315156a485dcd5ca2e4a3368db0027f412517fa717d3f5ab5df1cc6bb866c2,2024-03-12T12:40:13.500000 CVE-2024-27237,0,0,229917a4428117370a5145466e677b0c72a40fdcb37122ac8c08e36ef5d19033,2024-03-12T12:40:13.500000 -CVE-2024-27238,0,0,462fc8e1860e98147c320e26d17ba5fee5ca1a60367d56c5f1c4f7059819041b,2024-07-15T18:15:03.633000 +CVE-2024-27238,0,1,d9ed436433ab3962c23812e126d692cedc24517358f04b11084f029c27336d14,2024-07-16T13:43:58.773000 CVE-2024-2724,0,0,660610afdb28f5976ed634f2a472d2022e02ebb5bc503c73eac1e0b96d741829,2024-03-22T15:34:43.663000 -CVE-2024-27240,0,0,58daf2f38d2758083d41f48f956c68649d1d8c824a7b219db5babb7ed75e0346,2024-07-15T18:15:03.873000 -CVE-2024-27241,0,0,9e0fff38b263ebe0899e33f34b14266c4594aab0a80e4165f430f66221530bad,2024-07-15T18:15:04.087000 +CVE-2024-27240,0,1,adf09fe41401f75b4b0112a526eae25bc965b5f1cf0b06541ab06fca8276c25c,2024-07-16T13:43:58.773000 +CVE-2024-27241,0,1,b32a14aa53bd3f8de0cdf8cb02ae9e0fe498ca5cfade931bf9a9ab6094314dad,2024-07-16T13:43:58.773000 CVE-2024-27242,0,0,aa3d00d8440b9711083704a859c18c29ae2a7d4e0687131a6877ff32cc440bb5,2024-04-10T13:24:00.070000 CVE-2024-27243,0,0,7506fdb7727ab984462fc64398555eb3450f805c7f6a3944e9822e85e93cca4e,2024-05-16T13:03:05.353000 CVE-2024-27244,0,0,481637fe3fc7930848fab67c20215a504ece49e65656eb0a28bda5cc7f4c687a,2024-05-16T13:03:05.353000 @@ -250394,7 +250491,7 @@ CVE-2024-31941,0,0,afb95f4bebc84bd64697d4f74d4565720846f17ff4a035556242f3c05ce58 CVE-2024-31942,0,0,3d122d20f9462572618ef3940be00c9131d19d68aedd2b72ba341efc50cfe360,2024-04-15T13:15:31.997000 CVE-2024-31943,0,0,a3c3177de375490a3bcbe7c4dc869c6dc98de8408de3c26e8167121dc5553a55,2024-04-10T19:49:51.183000 CVE-2024-31944,0,0,9b7df1c1d68c7ba82d2a7e14fc250e4409e7410da01d69528d57b3dba1022b40,2024-04-10T19:49:51.183000 -CVE-2024-31946,0,0,7a838df436f8b1519c8cddad23e2362b3257c2383bd9af684a9638bf2e00480c,2024-07-15T19:15:02.503000 +CVE-2024-31946,0,1,d96d722cb390b805e089cc7f5547ae66b90cd8ed2ef9c749ee5feb0215341870,2024-07-16T13:43:58.773000 CVE-2024-31947,0,0,53a07a96d235761473c51b6658ac88c324f970e3729e396995a521d5b07b0a35,2024-07-15T13:00:34.853000 CVE-2024-31948,0,0,2545f6a13668ac7d71382ed97228591f14df9b7003f52f431839a3cf2cbd6d68,2024-07-03T01:55:34.387000 CVE-2024-31949,0,0,6e39badd21c22fae949ff94d85aeafc847ebfb0900888b28cfa176432c58fd9e,2024-04-28T07:15:08.917000 @@ -252866,7 +252963,7 @@ CVE-2024-35866,0,0,d0cc46812d56583865578aa7a7be2bec064126c2ec11cb3bbce2698115126 CVE-2024-35867,0,0,68386f3591f3f188a7476fa5855f8ac1dc116de9bd02ee457a082f6580699d33,2024-06-10T18:15:35.320000 CVE-2024-35868,0,0,631a0c47c7e0f65d439b8d71d6b3955aaa25bc09ab742cc924c15db6f46c8b06,2024-05-20T13:00:04.957000 CVE-2024-35869,0,0,630ed395e8d0f836b200232a6be2974e06759cee7a4d75dd11d6f714bebe5b1a,2024-07-03T02:02:21.027000 -CVE-2024-3587,0,0,88b9b543afe49e9f934075704f8082a980511b2f85cc799b5dd54b8dae7b2bb8,2024-07-16T09:15:02.693000 +CVE-2024-3587,0,1,52e6b16e67d41dfa292a2394bee643725a188f9ff38605df5478abcbd66514ca,2024-07-16T13:43:58.773000 CVE-2024-35870,0,0,5a4167864efc3408c5c38cf8552b084d6c8e10c92910519cd2e6cedd908441ad,2024-05-20T13:00:04.957000 CVE-2024-35871,0,0,56b9e1c7cf8cc227a53238857c6c657b9eb9a1a650e2c064780cac494ab192c4,2024-06-25T22:15:31.897000 CVE-2024-35872,0,0,a0f59ba2a5d815fbc998062ea3a953e4acbf876ea21309bca7a7ecb80bc6c92e,2024-05-20T13:00:04.957000 @@ -253321,11 +253418,11 @@ CVE-2024-36426,0,0,081cbabfe1f165d2e60c6bf5434c4cea5a1c1465246b1d9713d429b0a41c1 CVE-2024-36427,0,0,10c5dade9c11af5e52239a7a8c18438909a8ea6a201617061be6b7626f49e18c,2024-07-03T02:03:12.033000 CVE-2024-36428,0,0,73719b2d94fccf2eff624fbf36dc51c2fc48c0dc66be598a72cd1ff64aaf434d,2024-05-28T12:39:28.377000 CVE-2024-3643,0,0,af0c2404bd4ab34bcd75932174ab1b00c5ac556e20d57f0445020a0c94c96fe2,2024-05-16T13:03:05.353000 -CVE-2024-36432,0,0,bc7dcc54c0accd9d08a7eb50f3ad4572241465881609f579fc341e21961b7c58,2024-07-15T19:15:02.593000 -CVE-2024-36433,0,0,27ef33775c72c0fd42ed9b3c63df51a99b759c2ebef0c22d29deb86a1eac9de9,2024-07-15T19:15:02.837000 -CVE-2024-36434,0,0,0dfd2c56938439fb6a894bd775b9cbf740e7ded5bc9d49218fae9b783d279f33,2024-07-15T19:15:03.053000 +CVE-2024-36432,0,1,7f8fcce4f3e4325df04484696deddc7621d50f72e68d3d371a821b2030960f1b,2024-07-16T13:43:58.773000 +CVE-2024-36433,0,1,d957457d15c36a00497db13e124bd86771c5c1cb40ed0c5c7a84083bdae0e928,2024-07-16T13:43:58.773000 +CVE-2024-36434,0,1,bcbc7e12a5dee801465a701e7552df0a4c1b119d58888baf5cab2e46025d5e67,2024-07-16T13:43:58.773000 CVE-2024-36435,0,0,d5db9c80751c95bdb9d7c8677b360e81635e7c29402d5e581205685bb84d0c00,2024-07-12T12:49:11.340000 -CVE-2024-36438,0,0,774be27f24fca724c25c385bb341460342aa8691fc1a30d28ca76b1c9d53b8e7,2024-07-15T19:15:03.320000 +CVE-2024-36438,0,1,d225510fd6dfdc84cee32469d19214250c0068c3a01089e37a173b8ba39f6236,2024-07-16T13:43:58.773000 CVE-2024-3644,0,0,e904dffa636a621d1f1644a68a8bb26342dbf717ae684f12b60a37d102e4d87d,2024-05-16T13:03:05.353000 CVE-2024-3645,0,0,ea45063aa3cff8d7bb517959f0685ad339f1e48c249e10e3851af9fbba289420,2024-04-22T19:24:12.920000 CVE-2024-36450,0,0,32d48285c32086a3f09c628c1971379077a46741ecaad7df002b03827ae59ffc,2024-07-11T13:05:54.930000 @@ -253333,10 +253430,10 @@ CVE-2024-36451,0,0,0282b5798612593892f8b22f51a38ce8164272f8754ea7af1c514e9b953ab CVE-2024-36452,0,0,de0ddf9ec46c34a45ea45b28170f7953241f05d2c2c229b8d849dbb88c728f2a,2024-07-11T13:05:54.930000 CVE-2024-36453,0,0,4f2b528f0e3096ddd2a4aee4fe033e97d4113146188596ed5c407d648083f582,2024-07-11T15:05:48.797000 CVE-2024-36454,0,0,5b374ccad198b16fd2e0c55594aa9dcc7e607d40489a04021b269edc22253aa5,2024-06-13T18:36:09.013000 -CVE-2024-36455,0,0,9373d91a2ae4e09304d9e8986528ad362ee49b477265c69df1f4fddc092dceb9,2024-07-15T14:15:02.700000 -CVE-2024-36456,0,0,6992bc142c1f894a4c7fc5bbcb23cb332bb9b3fdb66a34a740c3ff0137cb9dff,2024-07-15T14:15:02.827000 -CVE-2024-36457,0,0,3e481e9c92a005d031aae12af4bf0428b583059236144240ae05cb87fc684bac,2024-07-15T14:15:02.917000 -CVE-2024-36458,0,0,c65f3d2cd251f0030bf3a43d90cf0ee50744c084a87b2dd3f006bfb500b83725,2024-07-15T14:15:03.033000 +CVE-2024-36455,0,1,c08cae2f41cb90d57d81267b76482dc2184b29bb2aa41de962018aa836b4354b,2024-07-16T13:43:58.773000 +CVE-2024-36456,0,1,6ab2d77145772a26f6ea161fe7021789e892fe395b7530be692d807542dbc55b,2024-07-16T13:43:58.773000 +CVE-2024-36457,0,1,72760e3039fa35b5fe26ddad9fdef8608f653e7f7685e05328a58a9de033d19e,2024-07-16T13:43:58.773000 +CVE-2024-36458,0,1,8cc25938d2d5cd1d323ce70bc7a8d0cc38a394cde01025dc622780ae5428e886,2024-07-16T13:43:58.773000 CVE-2024-36459,0,0,474bfa332c926d073eec1319c6b0bf17fa1f15902b9a2385d1d4aa60eeefb843,2024-07-03T02:03:12.833000 CVE-2024-3646,0,0,09fb4454fc243991c509642fa1713408149b474f66cbbd7885e81a3ea360afe7,2024-04-19T16:19:49.043000 CVE-2024-3647,0,0,e692fc1fd5d3cf9f103fd75a1aca6bf5cd926bde53ed2fb4c9f367b74741ee51,2024-05-02T18:00:37.360000 @@ -253627,7 +253724,7 @@ CVE-2024-37006,0,0,ce197589ee3e9b9abc62e5ee278117c11ae961db1cdfe5fd87c2da96a0f55 CVE-2024-37007,0,0,0fc601714096f5d925a9dbadf52718e2d07645aad03229b4044d058f28f4c32f,2024-07-03T02:04:01.303000 CVE-2024-3701,0,0,b97bf02f501ce8bb46bbbea962bd508392417999afee815d0c2fcfb239983cc7,2024-04-15T13:15:31.997000 CVE-2024-37014,0,0,4d8eebb55f92fd637819ddb88e1adc8dcc510ce2876a7f33ecffd1498dc89404,2024-07-03T02:04:01.523000 -CVE-2024-37016,0,0,a5541b3a7f0a84fa31ec51dc66cb973b2ac5e7f89d07e0348ce7d14438de273a,2024-07-15T18:15:04.337000 +CVE-2024-37016,0,1,bd44c64466d02adebb06371d5bb69da4aa66465a79f7f6a21fb0b2857add6231,2024-07-16T13:43:58.773000 CVE-2024-37017,0,0,bcf42a4afa4161d494ebe5be7e7f4777ee139dad62148a87a3f3aec02cb4dc1b,2024-07-03T02:04:02.337000 CVE-2024-37018,0,0,702b0048025811920f5478aca500fdf16e8badcce077fd8d6d40cb1d8cc37861,2024-05-31T13:01:46.727000 CVE-2024-37019,0,0,c34529539f4c6ff793225ec64e29909e2614ce1bc964c3c63810b9219791c5ca,2024-07-03T02:04:03.153000 @@ -253850,7 +253947,7 @@ CVE-2024-3738,0,0,cebdf6c67207ccd8240919e9596b8485c51e6607a12a8dcdfff13f6ddbdbfe CVE-2024-37383,0,0,3a9597c771ab199850aaeee94068cbc0182ff2bfcefd23d631ce0d7808f3745f,2024-07-03T02:04:16.250000 CVE-2024-37384,0,0,4ede7c4b4e1e1de259445d49ca3b43a6d0a75b7dcaf1ea245b8f6306c1e67bb9,2024-07-03T02:04:17.060000 CVE-2024-37385,0,0,1af5dbf4fe496116fcfe8797458a2e9292fd2ddec99a563e5137c9d207fb12bc,2024-06-07T14:56:05.647000 -CVE-2024-37386,0,0,3fc6f12821cdac1c4892854bf660c25bf1a1ca57761e368d4200b885ae7dc344,2024-07-15T19:15:03.430000 +CVE-2024-37386,0,1,301adefb096ac7cf95f448dba87eee85434ba788e92b76eee4be5fde0790b68a,2024-07-16T13:43:58.773000 CVE-2024-37387,0,0,fe2e0e702592a3b950e5c7ffa6cd887e6a1ea8123fb6a269a45db83eafdcfbbc,2024-07-03T02:04:17.790000 CVE-2024-37388,0,0,3169d306b45a011b46c4d3fe95463302fc94255a3e5bff07d58cd00bed7bba75,2024-06-07T19:24:09.243000 CVE-2024-37389,0,0,27f7927000cd6a2429ab617761c45ffb27c2f3c3199f49f01b1eda02927e348e,2024-07-11T14:48:32.300000 @@ -253998,7 +254095,7 @@ CVE-2024-37769,0,0,0dd3289504de1965084308bd25d0eda77c1cd774bf0e49f4dc5febf221f8f CVE-2024-3777,0,0,0856ef763b1edbec0747809f2f5f1e269fdce9f6160541c599d8c16e527540d3,2024-04-15T13:15:31.997000 CVE-2024-37770,0,0,4e93402ad3ed64140e35d7a96007b07c29c5c8b6e92be0f25f51076d1a6ceeef,2024-07-11T15:05:53.090000 CVE-2024-3778,0,0,2b5fc9c77ae2f993ef971da35cf3870af6c405ab91c786afef1cf6cf11c368d8,2024-04-15T13:15:31.997000 -CVE-2024-3779,0,0,91cee144c8c80dcf7bc1667f9cc8611fac537eb0e56447cc423f1b595ce894d9,2024-07-16T09:15:02.877000 +CVE-2024-3779,0,1,8cef83981e208e2dc72f9e42bd189cb9780932e469a28017ba20c09f6600b0a3,2024-07-16T13:43:58.773000 CVE-2024-37790,0,0,f03d38fcd39f9fc913c999134089e43d5d97a0d5c9124acb1959f0950b818b81,2024-06-21T16:15:12.440000 CVE-2024-37791,0,0,5b4a77640e01b5f5901f77da4cf3e217016c11878e7475119bb550241e2deb0e,2024-06-20T12:44:01.637000 CVE-2024-37794,0,0,0173114c4850547998c4a3719d0197d2f797f34c9e250dbc5cfe23ea2cc8953b,2024-07-03T02:04:43.130000 @@ -254245,7 +254342,7 @@ CVE-2024-38356,0,0,bec2e415543d848869e9d63f2fb0cc432a4170577530c5e2a83bdb87ad08f CVE-2024-38357,0,0,adb1f307dbe4b8facda37fd7466e9e38a01a5bfc6b85c7127fa6225078756e84,2024-06-20T12:43:25.663000 CVE-2024-38358,0,0,4721334c80a93643b526d0b31fb5e13fbcb84d9d7ff2b0840b3236994c45067b,2024-06-20T12:43:25.663000 CVE-2024-38359,0,0,f28617e1813345db2901c0d79798ed429608ec68b5de1ca43d804b7817ccf8c1,2024-06-21T11:22:01.687000 -CVE-2024-38360,0,0,de048e794ece1419993069fe0b25c68540e2338a76530438ba31e5050db5edf9,2024-07-15T20:15:03.430000 +CVE-2024-38360,0,1,62fab844597ca879d16a5f3bb413c82dd98eca8f8a8f42f5a5f8581c90bd1354,2024-07-16T13:43:58.773000 CVE-2024-38361,0,0,f382ebba7fc984c6e86107cb94ceaca8dedca184f9f6123ffedcd7094bb741b0,2024-06-21T11:22:01.687000 CVE-2024-38363,0,0,4ba5b34714c88cf806284a26eaf8261d70f03ee7392713aa1b260c885e54e80f,2024-07-09T18:19:14.047000 CVE-2024-38364,0,0,2279d9d422aa31a74e603806d16ace0153ff248c4a5fbe8796ad93e25cd4d53d,2024-06-26T12:44:29.693000 @@ -254311,12 +254408,12 @@ CVE-2024-38477,0,0,4e865b7fff5c5346863d587e484df8d5b457292ae17a1b95a338aa934a187 CVE-2024-3848,0,0,3a1e7dbb50cc54ecdbcc89881c429869965f00f9d2e1eb9f088acc297fe8920f,2024-05-16T13:03:05.353000 CVE-2024-38480,0,0,04c4f9e75ecb94da8a57533882d0899c4c9616c45f6d4f0fa40fb0af2c036f64,2024-07-01T12:37:24.220000 CVE-2024-3849,0,0,5306fee696144db88733a07d80a07ecf85ac2a8ec15f60e756615ae8c2f2566c,2024-05-02T18:00:37.360000 -CVE-2024-38491,0,0,8f11ed98929a59923e9e1f81bac0710be41e8e0063ca4d7a756e11b2b00642db,2024-07-15T14:15:03.130000 -CVE-2024-38492,0,0,f54a9e532c85e4f520874c735d4381a33d45e8bc071686e0521581a0dfdecdbc,2024-07-15T14:15:03.240000 -CVE-2024-38493,0,0,ddffc0261e059543e121d5035e8781e304649e43a4ca17804bce1ec834d9878c,2024-07-15T14:15:03.323000 -CVE-2024-38494,0,0,fea969c211ff3ef677275b0d8bb4ca0ca3cb9072867cf8c1c584a66d27a202f0,2024-07-15T14:15:03.420000 -CVE-2024-38495,0,0,018458bf152af94ce9030245739f88131edbbfa9c5feb4d4730849839b0d5588,2024-07-15T15:15:10.580000 -CVE-2024-38496,0,0,f638c75ae0b6b4b0aef2887a4090c275cfef3b28f2a8a3f77d784ae49b0bab42,2024-07-15T15:15:10.680000 +CVE-2024-38491,0,1,45eb77a065b351e283c19fca52dbc0c415810a9854c6f93524e9a875f4b79ec5,2024-07-16T13:43:58.773000 +CVE-2024-38492,0,1,2fff266f3514c7b21683e88c34d78fd98dc9ab17c356d1ffe5e976b9d4dacf92,2024-07-16T13:43:58.773000 +CVE-2024-38493,0,1,7dab0c3b3c94bc494d9811e28eb01ed63c0107f6df03b64859d1b0c9c94817ec,2024-07-16T13:43:58.773000 +CVE-2024-38494,0,1,0b20737b411e64f5f564d7cb806b8e7adb78c4f833960557c6fcae7932fde8fe,2024-07-16T13:43:58.773000 +CVE-2024-38495,0,1,fea4dcb4fc2311116e216f5501bdcce029e8616b236558b22d9cb3670ca9e419,2024-07-16T13:43:58.773000 +CVE-2024-38496,0,1,6e423c176a887ed5895ae7351498e6b63c7505283576ed5f43b90da3d939aeaf,2024-07-16T13:43:58.773000 CVE-2024-3850,0,0,2382357c8e4d6adda4f3540070cc5ea125c45aed93070563af82a0d626955695,2024-06-12T18:12:56.413000 CVE-2024-38504,0,0,4c5e9d4e31ce363d990483052f136d892b9e9d476c16b9ba9ffe4f7ab7d68bdb,2024-06-20T12:44:01.637000 CVE-2024-38505,0,0,b17f43381c815e52625008a26f98d511f617e1d606d0689fa471d4457a2ae811,2024-06-20T12:44:01.637000 @@ -254841,7 +254938,7 @@ CVE-2024-39708,0,0,000cfabacce752db3861ff9f8f3b1c505cd90f739471d05927bcaf43cab3b CVE-2024-3971,0,0,453dcdeb8c637bd7bb985a1e1691d8c7769ab2a20a57d4f9c555aa6e1a8e675d,2024-06-17T12:42:04.623000 CVE-2024-3972,0,0,b88cd8559296a0afcfadf9b1abe7d20bd03ddac8a181190ab7883387b6e890c7,2024-06-17T12:42:04.623000 CVE-2024-39723,0,0,003097d794792a3e1194202f71608927b35e402887d5f5ddf07d35b5dd183916,2024-07-11T14:54:10.243000 -CVE-2024-39728,0,0,5753dced91e38e2c288d86786d32b6020bbd362e78906f22195f88314c8a93c6,2024-07-15T13:00:34.853000 +CVE-2024-39728,0,1,fba26233ce0c4692619efffa132c45bfb836485ad2132e6f2e6d7ce0ec6f97d0,2024-07-16T13:57:37.203000 CVE-2024-39729,0,0,e06436aa420463d1ce8ec1cbd91008bf873a619ba3957ef67f76f0d5eb74cbae,2024-07-15T13:00:34.853000 CVE-2024-39731,0,0,627c8e06a07c143eb86f524c6798b51bab160ca70dc1f20fe6b845eee0524e0a,2024-07-15T13:00:34.853000 CVE-2024-39732,0,0,7892e613cb40f3ee23c30308b27946892320a4d4412e577f372e2bc5cdd6f31a,2024-07-15T13:00:34.853000 @@ -254861,11 +254958,11 @@ CVE-2024-3977,0,0,87f55f2983faa9489e3ab65e96b4cea8a0d04681e4c4541cf69108c85d144a CVE-2024-3978,0,0,e25d25f011ecf86a9a7629ea5449d530d107458e873c97f796fe325b70200d63,2024-06-17T12:42:04.623000 CVE-2024-3979,0,0,e9e7991f3b86f818ec400b9ec60245e440b2d51744d0b7d3598ed5add4c2b631,2024-06-06T20:15:14.127000 CVE-2024-39807,0,0,ba2c368fe4cdf413290b5bff8a949eddf35bb4de98ed47f43e524e6cb747e010,2024-07-05T17:07:47.090000 -CVE-2024-39819,0,0,3ed27297e5dbf2b5db195ab7e433cf48cdd2011e8378ab27c539a83818e800c8,2024-07-15T18:15:04.407000 -CVE-2024-39820,0,0,0a370c1960af31a93093357600b0ed4111feec64382be841777decf985639317,2024-07-15T18:15:04.620000 -CVE-2024-39821,0,0,ffecc1cca9d0647f6a473cf37bb2fa90bd231ab7475e8f7e70a655aa741bd08f,2024-07-15T18:15:04.827000 -CVE-2024-39826,0,0,f422588b30ad994068eda47537984282c3659d647a20e3872a22edb1bb332311,2024-07-15T18:15:05.033000 -CVE-2024-39827,0,0,157c0f61a4c15fdb2ab6aa4ba54f2d4d0e2783cc207c0189f8175c7ce923d0ac,2024-07-15T18:15:05.237000 +CVE-2024-39819,0,1,c8db5421a3ae027faff5d4d06e3d8592e32e290e4092ae4f0fac52eb30d3f58b,2024-07-16T13:43:58.773000 +CVE-2024-39820,0,1,e80ca54bf5fea4b83e9254c90576692ea592c71bc167353b8799d70169ce0139,2024-07-16T13:43:58.773000 +CVE-2024-39821,0,1,3d8221c440f8b1dbd5c98d43cf97f16f597a43c5d93725a475fc98495ffe9f3b,2024-07-16T13:43:58.773000 +CVE-2024-39826,0,1,afc70f78da14ad22cac1b695b7ec211098e49242f19223081d17abce3c71095c,2024-07-16T13:43:58.773000 +CVE-2024-39827,0,1,caf86200bd002a6aa70c894d1a6cc5e050d2263ea7091a801896c357b955cd82,2024-07-16T13:43:58.773000 CVE-2024-39828,0,0,37815ac0cb1d59603d10017e1de409a6a7cef6f58ba5d0ea15f1cc9c3c9f34b5,2024-07-11T15:06:13.953000 CVE-2024-39830,0,0,fa16449dc31377b10db0f6c8fa3cd2e73175dcab5134adbfb18592dc79a4a80c,2024-07-05T17:08:50.197000 CVE-2024-3984,0,0,9fd51fca8e9cb62e411ab69c310516342152a8240e3126272f1618181a2d89aa,2024-06-20T12:44:01.637000 @@ -254898,7 +254995,7 @@ CVE-2024-39882,0,0,e74451f1f7696dcf4f6c0a8b25bc99b29b39e5965867fdeded2910a86a4bc CVE-2024-39883,0,0,4125ead3dab96c17b3201223bdf7a64af624f714119f6cbaa67f57f3faea3add,2024-07-11T13:05:54.930000 CVE-2024-39884,0,0,820d6f61ede8e42a2beabc4b322a42eecc24064bf6142891f1909848431996b5,2024-07-12T14:15:16.640000 CVE-2024-39886,0,0,c211eb7fd7b7d4a2dcf17c01e99303dbbe9f112b3010b65271b5f2c7acb830e8,2024-07-11T15:06:15.210000 -CVE-2024-39887,1,1,fa7d2a734a057d0930b288c8c3ecef13f855e852c225bf49ff576829c5d9a630,2024-07-16T10:15:03.380000 +CVE-2024-39887,0,1,35886ef9f963f028300671c9443d4d85f6fdc47a1a09866373e76a40eb41c592,2024-07-16T13:43:58.773000 CVE-2024-39888,0,0,12ac4fc0e9c84bce2da7114954ff2c2a0c7f51f26f043191b5bde403ad5b0bce,2024-07-09T18:19:14.047000 CVE-2024-3989,0,0,05ae590a507d36950ff969d05988ddbd0846a5630f6cd12721f077e7e440e592,2024-05-14T16:11:39.510000 CVE-2024-39891,0,0,f05a058a4cf741da51f47b19ea162b25ce262cdb61fb36618eb53dc7411c00e3,2024-07-03T22:15:02.923000 @@ -254915,13 +255012,13 @@ CVE-2024-39904,0,0,12dfcb7489fbbc04166f8899b5558b4641d719eb33eca1dcad68903cd7888 CVE-2024-39905,0,0,80f913a61cef6f1c2b28da4a228824e63a50833144469e0ed56e623dda317247,2024-07-11T18:09:58.777000 CVE-2024-39909,0,0,84d207bd7916a7aa0c749989b5f6df126cc82f60739ec52f44f8de2604f130ed,2024-07-12T16:34:58.687000 CVE-2024-3991,0,0,8fc5cec164b75a61473f46907d411f1d06a3bf1fdc70a00ae47e8c931a83fb1a,2024-05-02T18:00:37.360000 -CVE-2024-39912,0,0,1522ab6ac5199db60579de83fc395400aa63e94d07b51da7661e4de4c71bc11c,2024-07-15T20:15:03.693000 +CVE-2024-39912,0,1,4436d60855b958a3375758a6aab42c07e9fab81e2780af44769632fe57f2c7e5,2024-07-16T13:43:58.773000 CVE-2024-39914,0,0,fc85dcd483038cc9947eead0920b62559c30fc46579f4bdee42403db053af4c1,2024-07-12T16:34:58.687000 -CVE-2024-39915,0,0,ba7374fe390bfec2e93b5e705ea74c7f222e7d0f7fefd1637ebcfe09f76c125a,2024-07-15T20:15:03.933000 +CVE-2024-39915,0,1,5ec2bdefe8c5cab79f2425e6d7423ca1431bc3eed9fc27e781bc8d91b05089c7,2024-07-16T13:43:58.773000 CVE-2024-39916,0,0,df08bb6ea7153a6f790e0e23382946b388fbc02804d2bb78dc62b53f8c36a79e,2024-07-12T16:34:58.687000 CVE-2024-39917,0,0,a022cfadc012af0e44d5ab631089d56f3fc46948e6694b954a65044aa2799c29,2024-07-12T16:34:58.687000 -CVE-2024-39918,0,0,5b65272b9d006b7204a057d7609ef1bf9880cefbe781920f75bc3ffd21c7afdf,2024-07-15T20:15:04.160000 -CVE-2024-39919,0,0,58dd45d4d34729e7783305d849a212b692e5ab90e2b6b73492b21052db437834,2024-07-15T20:15:04.380000 +CVE-2024-39918,0,1,a01d13ae0b603735ac5bf07d7a2e68692283e08ddeecd7e6f7dcec848231b550,2024-07-16T13:43:58.773000 +CVE-2024-39919,0,1,ef22e6bc228ea2cf3764fb5e5dab9f5aabfb0f60858f62004efb01879ab42cf0,2024-07-16T13:43:58.773000 CVE-2024-3992,0,0,475460e0c2a64b96a6a878b0463608fa30ba82616c0c0e2ef22dfa38c5bcb39b,2024-06-17T12:42:04.623000 CVE-2024-39920,0,0,8281f1288058876e172a78a04b7e10123b671826d2c29ba249d059d614d38347,2024-07-03T12:53:24.977000 CVE-2024-39927,0,0,98e497d093ac214e1059a0be9e6a17e44ab8fd11c901f329cf8cd36c5ebfff18,2024-07-11T13:05:54.930000 @@ -254988,9 +255085,9 @@ CVE-2024-4039,0,0,b18b8aac4336f296c5655f645710463e48a4544089b8c4c20638e847b5c746 CVE-2024-4040,0,0,4c2ad1f11d479d0071ddbaeb3523edde6a0cd9c4e74c065c69d4bb5c9b1ac029,2024-04-26T15:25:47.270000 CVE-2024-4041,0,0,bd71d95aba274d30d448ad146bc23c848b8a3b9576dc252f709372f143cb7780,2024-05-14T16:11:39.510000 CVE-2024-40412,0,0,ee1648a619ace402a2695f357644480cca061a0b71a8c8619f0a343e150121f2,2024-07-15T17:15:02.723000 -CVE-2024-40414,0,0,42ab5d9f1543bbb2a7588474b7f0390046f7ff960997e9ce164549f423d304ae,2024-07-15T17:15:02.783000 -CVE-2024-40415,0,0,dd6b4b157d36739047024ef312bcdbc2974a75c7371ac4228d566a23bdd925f6,2024-07-15T18:15:05.490000 -CVE-2024-40416,0,0,2541f9169745ccf44b3c6aaf80029bc6951ce4931a6336d52713caa5691ef3bf,2024-07-15T18:15:05.543000 +CVE-2024-40414,0,1,e4e309db0619b60b7cc06737ef03c620a836d2ee23d12f8981468528a59cab05,2024-07-16T13:43:58.773000 +CVE-2024-40415,0,1,becfdf00c5f920cf8eed7a2cff10382a68411ddb73f2952f5485f5097b840ac6,2024-07-16T13:43:58.773000 +CVE-2024-40416,0,1,86aaef45b4dd45872bf5a38395b95958dd718e8a7700ea1c997426e37f7c7291,2024-07-16T13:43:58.773000 CVE-2024-40417,0,0,298c0304c38ce2a49f170de68fce3e8c26e10c42ce4acaa74e6360f44eab21ad,2024-07-11T13:05:54.930000 CVE-2024-4042,0,0,f41d19a896222ab39f54d4d516c2364bd25fe65dca5e9c4b7ccc9d626f82d5ed,2024-06-07T14:56:05.647000 CVE-2024-4043,0,0,50e67cd87d2761034ee2e0514a61b1574f18a654fe271a8568be1eaa53e96b2e,2024-05-24T01:15:30.977000 @@ -255002,7 +255099,7 @@ CVE-2024-40519,0,0,f75b28f6ec36ffadf7444f3dd92a555d57efba4937af101447a01640f666e CVE-2024-40520,0,0,f907f61bb331593bd78f9473ee7907a14a21225df5511db56610841725344dc0,2024-07-12T18:44:51.213000 CVE-2024-40521,0,0,a3c975fb46c59a1b96c40147c55cf0fb726e9137e0e90b2160403986b0bb811a,2024-07-12T18:44:41.670000 CVE-2024-40522,0,0,490d91e5664109b7f5523be547706b9bd78b8b6b99da17d2bcb59a4c94bc481c,2024-07-12T18:44:30.100000 -CVE-2024-40524,0,0,a956ce1e219b31bdeac6017c96c6ef8167aef070aaeafafd394394a0c260da23,2024-07-15T23:15:02.423000 +CVE-2024-40524,0,1,6da30a76679ecbcabc1bfe3631b732c1a3051aa64cca509428eb9df73258b440,2024-07-16T13:43:58.773000 CVE-2024-40539,0,0,f580e9f088c341ff72f2d57cc5a1faf55a340104d73ad67bc3e8dabda1df4b7a,2024-07-12T18:43:42.057000 CVE-2024-40540,0,0,45e202e7a943ce38e7de39b4191550af4a5553c63a31a95aa9e665fda44f418b,2024-07-12T18:43:31.003000 CVE-2024-40541,0,0,49dc3a52a94e2a4e690e6e9e2d426eadd1b0be7de1279750352e10eea47495d5,2024-07-12T18:43:21.387000 @@ -255017,11 +255114,11 @@ CVE-2024-40549,0,0,a0d01bcdf34afa23eab8ec4dd5d94b148230dc582c59a04f8f6da50444d2d CVE-2024-40550,0,0,7a6954c6d53bfb86477e868f3f394991be55b1202e4ee13b62edae8e166cd83b,2024-07-12T18:40:22.040000 CVE-2024-40551,0,0,9e323c706374e77ed8fc1ea45acdfd1b484476c375557653052fb7c996a0649b,2024-07-12T18:40:13.010000 CVE-2024-40552,0,0,02ebf6fbf2ff31ad3f4bfa8a44c3c4b56d8ff7dfc506f01b4ada9a52c8671521,2024-07-12T18:39:59.150000 -CVE-2024-40553,0,0,736e85c145e1c137af7fcb5ec3a7383a0d64e02e558a3942773186cb8f8c71ec,2024-07-15T16:15:03.147000 -CVE-2024-40554,0,0,b82b913aff85d1115e78c21ed19913cda5f1ecdd2c218fadcdfa2f716f128c18,2024-07-15T16:15:03.223000 -CVE-2024-40555,0,0,bca9188bfd5b610602fe283496cfd8eb9c467078430023fc400effb5eeac8b1b,2024-07-15T16:15:03.283000 +CVE-2024-40553,0,1,f67401182ea2921240a44fee96d7bf60959bbd3ae495f8da74fc2fa4a024ec2e,2024-07-16T13:43:58.773000 +CVE-2024-40554,0,1,7f408d6c976ca63a09e947608aac53dcf47e4427189b7fbb0dba2ee7bd325b2c,2024-07-16T13:43:58.773000 +CVE-2024-40555,0,1,44ce04ab9d418b7756770fd44203b58128b20e8dfc6428e77d2706cc77d9f460,2024-07-16T13:43:58.773000 CVE-2024-4056,0,0,b8d993c32e0d1df4fc3c3b0df01e5b9a4366d92d1a2ad184a020d404aa44587a,2024-04-26T12:58:17.720000 -CVE-2024-40560,0,0,fa9cfb7935924b2a220812353cf8c14602c5ee557d8f6e80e21d065266761652,2024-07-15T16:15:03.347000 +CVE-2024-40560,0,1,885c8c46bcc9d242b11ff00568640d31e8526b7b94eab8b6f84ddb49fcdedf5c,2024-07-16T13:43:58.773000 CVE-2024-4057,0,0,26b46aa52b04f4ef8890033772544e5e99ad730f84e9e0e97b479cd36cf89ace,2024-07-03T02:07:02.197000 CVE-2024-4058,0,0,e20d454336ea887bbb54d47433e5560889db558189699560ce98773941e9b99e,2024-06-07T15:40:49.707000 CVE-2024-4059,0,0,c49986e07be30ca2c850f4613369c1702dff21e7018832f61c83284c95e0cc00,2024-05-03T03:16:29.430000 @@ -255041,12 +255138,12 @@ CVE-2024-4061,0,0,3d64526f6b4051e690acf87533a742bc5fa8b9683de463655fd6184fe7fa5b CVE-2024-40614,0,0,5a8c90c94f1b0dc56355424420ebae65c618d536c580acb4e248f7802de2136c,2024-07-10T13:15:10.833000 CVE-2024-40618,0,0,339cc634a42e8a7db54f4bb39e56482affa65b57dfd2765250a61f2e694456da,2024-07-12T16:12:00.597000 CVE-2024-4062,0,0,695b7b6d53140e91ee1c447f6f5acafad0b73fbbd2558cb89ae9d4c0c7616ec0,2024-06-04T19:20:29.007000 -CVE-2024-40624,0,0,60f5e5ec1dd1160b1c04909bb056e8d96b0720c11779e628d35e27cc7c963540,2024-07-15T20:15:04.810000 -CVE-2024-40627,0,0,33ce527ef44dad432c6ed14dfea1ec416c392b3ef1b7cc35ac020438d9fcd451,2024-07-15T20:15:05.033000 +CVE-2024-40624,0,1,4a20911ba5017c22f7067e7eea43b4f5d49d24af0046266156676a49862c806b,2024-07-16T13:43:58.773000 +CVE-2024-40627,0,1,9135682f430d5bd3e848a020970fdae52f5ba66833f8d323b6fb81718428c2a6,2024-07-16T13:43:58.773000 CVE-2024-4063,0,0,a86a41867bbd8268c01f6e42ab82f3f97444cd9242de57f43e4b9e5669394e5f,2024-06-04T19:20:29.120000 -CVE-2024-40630,0,0,2d00162d014a05a3f3c949cffafbfde43cdb8c956634545465647a9ef8f0a7b3,2024-07-15T20:15:05.243000 -CVE-2024-40631,0,0,02afd974607c209ba61a932b05cbea74ea58f5af3cb05e9df016ee708037da70,2024-07-15T19:15:03.700000 -CVE-2024-40632,0,0,cdd824c5fdd49bde4c90311f63884194a21a818614d66f73dbb43e771620fd76,2024-07-15T22:15:03.017000 +CVE-2024-40630,0,1,7de2616afe35fe6a2f4466f98346fd28ee106a7dd06220a48b0a183cb2c5ca6f,2024-07-16T13:43:58.773000 +CVE-2024-40631,0,1,e76fc6e49d84a60697f94ea752f6e05b7f5417e39730b8ace11ee475f8eb8441,2024-07-16T13:43:58.773000 +CVE-2024-40632,0,1,e6e0d67d4d0269bad5508951d35718e2d8be48cd6b922ab10030a5117e405f96,2024-07-16T13:43:58.773000 CVE-2024-4064,0,0,3a1a40467a64f04bfa80ae5c066454b06b4092014a9e47cc1a50eb6eb22d315c,2024-05-17T02:40:14.223000 CVE-2024-4065,0,0,e9243298c32ccba8ab1ac6d427150517ee98217790d2dec0b1b5ec685d8cbc83,2024-06-04T19:20:29.227000 CVE-2024-4066,0,0,5674d1317b0a03adb324e31f70d35a87031f26ca2ea2869349483359d081bdf7,2024-06-04T19:20:29.323000 @@ -255203,7 +255300,7 @@ CVE-2024-41004,0,0,0147872dc41ee82345f1b96b142030c80a622f5d5ebc79db0dff57faab054 CVE-2024-41005,0,0,95f568882fd1e16260f486a6121f76b4a7b47a9225c03cbcf7d46d652c71fb30,2024-07-12T16:34:58.687000 CVE-2024-41006,0,0,58bd6c502a79651b26621eacf2c0dc46dab924e02809c912fba2631a5541c0df,2024-07-12T16:34:58.687000 CVE-2024-41007,0,0,0f7451f1f6e903e68c19bb8e4507bcc8b91d7d8b575b739ec33e4181b2fd01a7,2024-07-15T13:00:34.853000 -CVE-2024-41008,0,0,661ecdbcb3ca98cbdd2da931d1a244c9e6ccdaf7950933bf8c08cc771f962839,2024-07-16T08:15:02.240000 +CVE-2024-41008,0,1,44accff6edd09848f65c4ea30c272c9f4e4cafd7e8013f5ed231ff575ad7b53e,2024-07-16T13:43:58.773000 CVE-2024-4102,0,0,1b0aaa7efbf772a3034d5138f2cde018af6a8f41a0229b0c5f36e4d66092a2a3,2024-07-09T18:19:14.047000 CVE-2024-4103,0,0,ff27f3988e30e41f465bfc5b7800f7ae2f96b1e2cd71c1414de16617b75fe4fe,2024-05-14T16:11:39.510000 CVE-2024-4104,0,0,069e7afb1610585640d00d566d3fc4756dff3571ed269cd2ef1d63c8e8ce45e5,2024-05-14T16:11:39.510000 @@ -255236,7 +255333,7 @@ CVE-2024-4139,0,0,d53d7324701315788576d545d1c201804fb102fe113eecb6f188d596615634 CVE-2024-4140,0,0,1a159a4a143aac5301b6b2c31977a1ba9c685fc606596154a85964b944248c74,2024-06-10T18:15:36.313000 CVE-2024-4141,0,0,6345d107b3806446cb477db17841c2bd741df862ff110a2cbbd3d3a9945eb29d,2024-04-24T19:58:40.710000 CVE-2024-4142,0,0,15f953d52654601c03ad89c9ea21867b549a2aa12635e109fbf9627466e8a212,2024-05-02T13:27:25.103000 -CVE-2024-4143,0,0,ae233257128a4a97d9beab0d033297f3653cede57a2d017551ac74d7abdc770f,2024-07-15T22:15:03.223000 +CVE-2024-4143,0,1,e6d56e099b9443f818cba12ec6584b2ae78b4e2e6fa1554ff08fbd2e8dc736a0,2024-07-16T13:43:58.773000 CVE-2024-4144,0,0,f950a1b03316faa802a71776ce4e62cc15162cc9cec7d4c30c76255605b1c1fc,2024-05-14T19:17:55.627000 CVE-2024-4145,0,0,704254773246494130c81e0600984df247a970411736d475449e315ca595ee9b,2024-07-03T02:07:08.133000 CVE-2024-4146,0,0,7a45e9aef6cf9c090b751fcb577cc1c9faf666f2c92f3640bfe899e75605148e,2024-06-10T02:52:08.267000 @@ -255305,7 +255402,7 @@ CVE-2024-4219,0,0,e67747b1814e30f9a57aa2d5fada7a64c70b8e2f4229bf1bd72194f6b14072 CVE-2024-4220,0,0,046e30c2acea51afb217826bab01d9bc8062f3ae27d0f03889e044f9dcbfad10,2024-06-11T17:05:35.203000 CVE-2024-4222,0,0,4d6355f51e627298e66c1522bbe3d0815b2694594ed1a3761ea4bb349286c8e6,2024-05-16T13:03:05.353000 CVE-2024-4223,0,0,a9cdfeab1a1d35d41a694125f4f4f3203fe0cd94da938f50193ff10f6450cc4d,2024-05-16T13:03:05.353000 -CVE-2024-4224,0,0,947adeccff5156ed446d1fa4cff48f0dff97bb22dfffe4b714c4b06a1efe286f,2024-07-15T21:15:03.883000 +CVE-2024-4224,0,1,1072ade5e61d4673e4fde8d68c377ed60a4f449367391001c4ccc215a9b54b17,2024-07-16T13:43:58.773000 CVE-2024-4225,0,0,91f68c0336340065fb4af26f099ffa4f82ba2dd159bb3bc13f7cb1abcd1de276,2024-04-30T13:11:16.690000 CVE-2024-4226,0,0,5a1ca6b12b6f72b0f4206f29fce66dc2868959ed888bfbcbc74131b5725a94eb,2024-04-30T13:11:16.690000 CVE-2024-4228,0,0,22331e972270e81a8a4d9238da77e1f1eab8644e20c13e517da1e3ed609f3be8,2024-06-27T12:47:19.847000 @@ -255794,7 +255891,7 @@ CVE-2024-4776,0,0,8d62a3fb449cd595ed01f29a43c4395459263028a3240838c3f471dfed40e0 CVE-2024-4777,0,0,96d0d896ebb105a32ed437e794c8fc4ba926ad921436ba17bdb49a1a49737be4,2024-06-10T17:16:34.070000 CVE-2024-4778,0,0,e3020a287fa6ceae8ff9c78434f10af4d17cf4058dd5bf80208c921b6bc68bef,2024-07-03T02:08:09.053000 CVE-2024-4779,0,0,7a9d6158e8d260b03b3581dd37b23bd10d59ba6243714ad236ba79968e8d9b16,2024-05-24T01:15:30.977000 -CVE-2024-4780,0,0,b1764570f6b0ccd952a7fac5bbe6e858a4ee3d34b81d58b890943a2a9ef0f0f9,2024-07-16T07:15:01.943000 +CVE-2024-4780,0,1,4aec24b958d50bff73d14c7bd2f67b2a9793d4893d5ddbdba18f0fb02ea18cc9,2024-07-16T13:43:58.773000 CVE-2024-4783,0,0,413c0436e6758a988a0c847533b21e34b17a9d936626eba8cda1a5d1f87e0181,2024-05-24T01:15:30.977000 CVE-2024-4787,0,0,6e9b8652de9328ef9248746b2fe52f715cb97566c59048ae6277a1aaed304f45,2024-06-20T12:44:01.637000 CVE-2024-4788,0,0,c5cda7420b511fe90756cd5eaf9fe3f931a75f851e6dfa110c10f9969d86e1f7,2024-06-06T14:17:35.017000 @@ -256627,7 +256724,7 @@ CVE-2024-5845,0,0,23de9b938edaad5f473a2b639120a3c8d86f1b1045f6e52453cfa63e2bd47f CVE-2024-5846,0,0,0b2d8f18d514785edc16bc8a9875d408ec093858a0edbb60b84e2acabc32d1b0,2024-07-03T02:09:30.583000 CVE-2024-5847,0,0,af863962a64ba64b748fc267021bdca1358cb53ef73ef1a0e2073c98890c9fa1,2024-07-03T02:09:31.730000 CVE-2024-5851,0,0,d34c335450811da4c8dbeb823a49b4fedf64cc8a5affcfcc32e2d9d5897f0dc8,2024-06-13T18:36:09.013000 -CVE-2024-5852,0,0,86ceec61c837be95a959741a38099dee81d338c029d4fc32b9bec0e93f1eb706,2024-07-16T09:15:03.093000 +CVE-2024-5852,0,1,335205f47cb8526e5a0ed2dd64e9eed06e180e4feb8e4e46fb015a3b0383f11f,2024-07-16T13:43:58.773000 CVE-2024-5853,0,0,fce39775d007fbc741a3f2bc4fb52875073a382bd362c86e3cd6e44d0a9e6207,2024-06-20T12:44:01.637000 CVE-2024-5855,0,0,470fd388735694b7759ccf5036e6a18639fe074b164bc2d2da9695a799e80c03,2024-07-09T18:19:14.047000 CVE-2024-5856,0,0,6c7682487972a7913d7724c221dec1f8cbbbfbf7a2635cc868862316d948dc72,2024-07-09T18:19:14.047000 @@ -256981,6 +257078,7 @@ CVE-2024-6427,0,0,4e3c2a8d1e984293b7a508d6724a6a3f7998f367f7900ab80f87cf0d36ad12 CVE-2024-6428,0,0,8095b4dcd35f897b4650661c439e7e332797ada1bd3807e53dae0badb2379a85,2024-07-05T17:08:11.060000 CVE-2024-6433,0,0,4cb445c95e15de0c345d2cc06e9508b276183ca5d50834d0b48eec3d0df1757b,2024-07-12T08:15:11.963000 CVE-2024-6434,0,0,0183eab14185d66c3308593554f63a98c54f148b051e07902898143029a6dc1e,2024-07-05T17:22:04.687000 +CVE-2024-6435,1,1,82e24d9254dca21ebf219cf78bd1e724970b4e531fdb8f80ce239003dfc7d9f5,2024-07-16T13:43:58.773000 CVE-2024-6438,0,0,dda5c3ef0b29175f6296e0b89d7c12c3e07fe51c2f0cc30ea59ffede8f26636c,2024-07-02T17:54:02.370000 CVE-2024-6439,0,0,17c8c0dedf84f798cc0f5ae1eb12bcfee8d03a9530b75eee07a6ecb983f8a09a,2024-07-02T17:58:39.773000 CVE-2024-6440,0,0,2c5be04f311531a7679fd469afc24458b735968d4c5b698cdcf03804f39d3eef,2024-07-02T17:58:15.410000 @@ -256988,7 +257086,7 @@ CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c21 CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000 CVE-2024-6452,0,0,c694c1bdf54902e69172121aae2a54d0747cfc16750499c01d3cf3c9c6ef3263,2024-07-03T12:53:24.977000 CVE-2024-6453,0,0,f8f94ef1371b1813320fb500c8f5a2a5c78562059f37a370c24f1cfd03cdaa59,2024-07-03T12:53:24.977000 -CVE-2024-6457,1,1,7987e557c2c95095adc4ad17acf4ed1e2acc7eba81f89223deeca3346bc09dcb,2024-07-16T11:15:10.097000 +CVE-2024-6457,0,1,3f8fd462f3f8c08854de8c2b7a3218f7387f47da9a3a1dd75e4a135f6aa135cb,2024-07-16T13:43:58.773000 CVE-2024-6461,0,0,86a214d0c7bd3f57cea37cd567b01f1a0e55f8d4342f6c7c46fd15b8942c8d90,2024-07-03T21:15:04.580000 CVE-2024-6463,0,0,f8d7d80ca565804c0caafdbc8214fe1eca7dc83d43861affc813af07365c0cc0,2024-07-03T21:15:04.640000 CVE-2024-6464,0,0,8fab89d1b3aef32a257cf0d7fb909cce6ac18d5ef8dc898bb9f0cc6c52356cbf,2024-07-03T21:15:04.697000 @@ -257020,14 +257118,14 @@ CVE-2024-6550,0,0,6c4bb046e65a00df1f67c81af4edc0fc3847fdca60c1beea606bf943b58513 CVE-2024-6554,0,0,c39b715167392909a130cc6479af2acca1cb23375ca0bdab5b0fb951f0bce662,2024-07-12T17:01:48.353000 CVE-2024-6555,0,0,bf68ef8f1bd3876021fc33b504457daba53832080530806ef27f797ea5536a0b,2024-07-12T12:49:07.030000 CVE-2024-6556,0,0,246920c1b32eb0a0369982110178f9a30464427865e75d42710950bf8d6bff6c,2024-07-11T13:05:54.930000 -CVE-2024-6557,0,0,e9ee209561e99679c20203ca6d94da1a0bb55042ea3baa698cb80a889557bbdd,2024-07-16T05:15:15.073000 -CVE-2024-6559,0,0,16d00b9dee0dd009d20e82307398dc314aff9f5ca223c39785f9792cbd3709f1,2024-07-16T07:15:02.373000 +CVE-2024-6557,0,1,5f8a5c5bf162c69368d24395d90aef2e1a9fd156ec4a6d0f0e02ca54e1438d8b,2024-07-16T13:43:58.773000 +CVE-2024-6559,0,1,2866b76c45bfa3fcb2a29d8b63ef335520f76c77ee94faa7443c1c34b010c185,2024-07-16T13:43:58.773000 CVE-2024-6563,0,0,1b4d88909a8afd884220e1df693026407578c717bcca7ba5cdd4e0bbbf29fb3c,2024-07-09T14:19:19.300000 CVE-2024-6564,0,0,b381c943e4dc87d72df0560a8008d835d4542fba3e8b6a3b21a1beca0e3a3fa5,2024-07-09T14:19:14.760000 -CVE-2024-6565,0,0,e7bb9ab08c108dc5070f2ca7ce46012474968cec63ff45f286f24d7239498860,2024-07-16T09:15:03.280000 -CVE-2024-6570,0,0,ccdbc86ad4745a63c6205119102457147a7c895153aa9ebe1080a60ef714da42,2024-07-16T09:15:03.460000 +CVE-2024-6565,0,1,ee9c3eacf0bc745c4e1df576eb425c3f28c4e22d80193cbda607fc66e3277c71,2024-07-16T13:43:58.773000 +CVE-2024-6570,0,1,3640c16a8534dd6f0f8e17cb0862b947b5904590a9016d171bf010eb3113c6a1,2024-07-16T13:43:58.773000 CVE-2024-6574,0,0,63009fc3946aa6aa37035c823fc25710c373929512d42b52b922f4cc721537b8,2024-07-15T13:00:34.853000 -CVE-2024-6579,1,1,a0d916f5ee4dd254726798359f0bc3afc6dffb6f97426f2dcd8f47cc4f912602,2024-07-16T10:15:03.797000 +CVE-2024-6579,0,1,b286f5c4b3721fdb4257ac4cb9bb10daf8e7123999c9d4983b5d418f439447bf,2024-07-16T13:43:58.773000 CVE-2024-6580,0,0,d43dfa58651574c4447e8f323f3cb1f6a00d6bdef0613d5834aefccecf968c5d,2024-07-09T18:19:14.047000 CVE-2024-6588,0,0,67672e854c20766f2e15151fa1e111ec8310b7083a57f535c99159d2ce6e5af7,2024-07-12T12:49:07.030000 CVE-2024-6598,0,0,fb802128b1cfc176540749693b684b4374936099ab1c7948c1ec819266291908,2024-07-09T18:19:14.047000 @@ -257047,7 +257145,7 @@ CVE-2024-6612,0,0,ec773de601f2439d4a30794cb33ecbe4d766cb102d1b031aeb7c612ae57eb7 CVE-2024-6613,0,0,972e81253130c3ea1fca72705a438fd241a2b5ffe08560847fb64da88d1289db,2024-07-09T18:18:38.713000 CVE-2024-6614,0,0,1be1fa04167dbe1739c8748fecedef47a7bd73d4360fbc6878e091dbbe1de7b2,2024-07-09T18:18:38.713000 CVE-2024-6615,0,0,7bf7f5fde3708291832ebfaaca065d46b502caca4507586f81d1026c39461379,2024-07-09T18:18:38.713000 -CVE-2024-6621,1,1,0120997ff260c74340cb1d016c95dd3114a00638d7a855e82645f855d0462929,2024-07-16T11:15:10.357000 +CVE-2024-6621,0,1,f5708b7519a1133fabc97c0209f19d7082b3f86d30fa6c319ccc36d4753af40a,2024-07-16T13:43:58.773000 CVE-2024-6624,0,0,d641d0598d5f0d62f69b2f0bb30153f1263b9aa17a64dd7567b42517a1bc6027,2024-07-12T16:51:31.487000 CVE-2024-6625,0,0,b913737eefce9f28c47dc537f0edd398b1eeb297cd2eb30c69b59c3401317130,2024-07-12T12:49:07.030000 CVE-2024-6630,0,0,7742b604143993a9d769b9ab9c3e5aab85337a51e6772bb186961af80d29fee2,2024-07-10T18:15:05.407000 @@ -257069,8 +257167,8 @@ CVE-2024-6677,0,0,d8004a1441e952f05633a34727a4f9223ac5077c2123fd1507a1955287de18 CVE-2024-6679,0,0,193698b3a519c2de1af0fd23f7e404e2d54c730e4704d97d0092b63ef1c81272,2024-07-11T18:09:58.777000 CVE-2024-6680,0,0,131299d0989a76f846afb0c8ae15f4692f1a0fdd9931fad30c165660cd1232fc,2024-07-11T18:09:58.777000 CVE-2024-6681,0,0,fd87484dafd740c0f788720b14149eb40f6b6d8ce371416d0e039ce9acf82071,2024-07-11T18:09:58.777000 -CVE-2024-6689,0,0,ec7131b60c617e40df7d8cd950219c4e232d1b7354523cf28a3e92438a8ddde2,2024-07-15T14:15:03.640000 -CVE-2024-6716,0,0,e3306c105d7fd24ec7a1939e295c57fdf07bdb80aad35408cde8763b9316c0be,2024-07-15T18:15:06.107000 +CVE-2024-6689,0,1,d40d4a6e022419e83ed34bb3a74eb0d24556e6d76f7b0a592f90775a9d52873c,2024-07-16T13:43:58.773000 +CVE-2024-6716,0,1,8dee6f079aec3b33d1180a1a307414118595fcfbc34e12629362d736c71c3eb4,2024-07-16T13:43:58.773000 CVE-2024-6721,0,0,20bc3ac9fd25b0ef666ff8f606cfc8f742981337efa5a16bd2cfa701fac87a51,2024-07-15T16:15:03.467000 CVE-2024-6728,0,0,9abe0a9570ded71226f4ac9c9c5189516c258bbe0afa1c3fa1605041ef7aae25,2024-07-15T13:00:34.853000 CVE-2024-6729,0,0,1a9a5aa4be1b6eedd35b675a6eb0b49764f594d7ab81dc654f200200596f44a5,2024-07-15T13:00:34.853000 @@ -257091,4 +257189,4 @@ CVE-2024-6743,0,0,b5bdcf763424df0a669d5c15bdbbb7bec10bf081127f25ce533177712f64e5 CVE-2024-6744,0,0,020949a2024aa3b85b7509fdaf1fbd77d6aac4fbeecfbc8876f4d901482584cb,2024-07-15T13:00:34.853000 CVE-2024-6745,0,0,707134dd0252b920cb08895baec52c5557bd805c744814b8ecb19c1d5a8e997c,2024-07-15T13:00:34.853000 CVE-2024-6746,0,0,5be3956d6b4bf01a386e4ceaf78307e768b453c5db30b63143d293a79513dc46,2024-07-15T13:00:34.853000 -CVE-2024-6780,0,0,9627600403339b12f4027ae13eb8fa0cdae837b554cb7f47b8dfe2ebd054c159,2024-07-16T02:15:12.640000 +CVE-2024-6780,0,1,54fc3efeb973ca2f40f04f54d5a723685bcfaff31befba604fec0242bd088a83,2024-07-16T13:43:58.773000