diff --git a/CVE-2021/CVE-2021-201xx/CVE-2021-20123.json b/CVE-2021/CVE-2021-201xx/CVE-2021-20123.json index 857a23320a1..a2fd661f57c 100644 --- a/CVE-2021/CVE-2021-201xx/CVE-2021-20123.json +++ b/CVE-2021/CVE-2021-201xx/CVE-2021-20123.json @@ -2,8 +2,8 @@ "id": "CVE-2021-20123", "sourceIdentifier": "vulnreport@tenable.com", "published": "2021-10-13T16:15:07.350", - "lastModified": "2024-09-04T01:00:01.057", - "vulnStatus": "Modified", + "lastModified": "2024-09-05T13:31:07.727", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-09-03", "cisaActionDue": "2024-09-24", diff --git a/CVE-2021/CVE-2021-201xx/CVE-2021-20124.json b/CVE-2021/CVE-2021-201xx/CVE-2021-20124.json index 46813cc7b5e..076cf2a4126 100644 --- a/CVE-2021/CVE-2021-201xx/CVE-2021-20124.json +++ b/CVE-2021/CVE-2021-201xx/CVE-2021-20124.json @@ -2,8 +2,8 @@ "id": "CVE-2021-20124", "sourceIdentifier": "vulnreport@tenable.com", "published": "2021-10-13T16:15:07.397", - "lastModified": "2024-09-04T01:00:01.057", - "vulnStatus": "Modified", + "lastModified": "2024-09-05T13:30:48.733", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-09-03", "cisaActionDue": "2024-09-24", diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3556.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3556.json index 86d7fa4b5ae..de8d1edecad 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3556.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3556.json @@ -2,8 +2,8 @@ "id": "CVE-2022-3556", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T11:15:11.853", - "lastModified": "2024-09-05T11:15:11.853", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2022/CVE-2022-45xx/CVE-2022-4529.json b/CVE-2022/CVE-2022-45xx/CVE-2022-4529.json index bc39b2f64c9..50bbed97d51 100644 --- a/CVE-2022/CVE-2022-45xx/CVE-2022-4529.json +++ b/CVE-2022/CVE-2022-45xx/CVE-2022-4529.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4529", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T11:15:12.147", - "lastModified": "2024-09-05T11:15:12.147", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2023/CVE-2023-439xx/CVE-2023-43984.json b/CVE-2023/CVE-2023-439xx/CVE-2023-43984.json index 065b2e412dd..ff455924cb3 100644 --- a/CVE-2023/CVE-2023-439xx/CVE-2023-43984.json +++ b/CVE-2023/CVE-2023-439xx/CVE-2023-43984.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43984", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-07T23:15:07.680", - "lastModified": "2023-11-15T15:36:11.513", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-05T13:35:00.617", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -49,6 +49,16 @@ "value": "NVD-CWE-Other" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-456xx/CVE-2023-45696.json b/CVE-2023/CVE-2023-456xx/CVE-2023-45696.json index a0054e29e6b..282081273e0 100644 --- a/CVE-2023/CVE-2023-456xx/CVE-2023-45696.json +++ b/CVE-2023/CVE-2023-456xx/CVE-2023-45696.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45696", "sourceIdentifier": "psirt@hcl.com", "published": "2024-02-10T03:15:07.907", - "lastModified": "2024-02-11T22:29:15.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:23:21.547", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@hcl.com", "type": "Secondary", @@ -39,10 +59,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcltech:sametime:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.5", + "versionEndExcluding": "12.0.2", + "matchCriteriaId": "AFB79405-6D48-490D-BBF5-FFC42551C721" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082", - "source": "psirt@hcl.com" + "source": "psirt@hcl.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45718.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45718.json index 61c8db6b0e4..99afef75ffc 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45718.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45718.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45718", "sourceIdentifier": "psirt@hcl.com", "published": "2024-02-09T22:15:08.167", - "lastModified": "2024-02-11T22:29:15.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:14:01.253", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@hcl.com", "type": "Secondary", @@ -39,10 +59,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-384" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcltech:sametime:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.5", + "versionEndExcluding": "12.0.2", + "matchCriteriaId": "AFB79405-6D48-490D-BBF5-FFC42551C721" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082", - "source": "psirt@hcl.com" + "source": "psirt@hcl.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49103.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49103.json index acd1e891a28..242a8c5b3e1 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49103.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49103.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49103", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-21T22:15:08.277", - "lastModified": "2024-09-04T19:35:09.380", - "vulnStatus": "Modified", + "lastModified": "2024-09-05T13:30:10.023", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2023-11-30", "cisaActionDue": "2023-12-21", diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20439.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20439.json index daf3c712386..8653f796042 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20439.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20439.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20439", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T17:15:13.210", - "lastModified": "2024-09-04T17:15:13.210", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.\r\n\r\nThis vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Smart Licensing Utility podr\u00eda permitir que un atacante remoto no autenticado inicie sesi\u00f3n en un sistema afectado mediante una credencial administrativa est\u00e1tica. Esta vulnerabilidad se debe a una credencial de usuario est\u00e1tica no documentada para una cuenta administrativa. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el uso de las credenciales est\u00e1ticas para iniciar sesi\u00f3n en el sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante inicie sesi\u00f3n en el sistema afectado con privilegios administrativos sobre la API de la aplicaci\u00f3n Cisco Smart Licensing Utility." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20440.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20440.json index 5f52871b295..1e29facaa24 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20440.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20440.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20440", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T17:15:13.517", - "lastModified": "2024-09-04T17:15:13.517", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information.\r\n\r\nThis vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain log files that contain sensitive data, including credentials that can be used to access the API." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Smart Licensing Utility podr\u00eda permitir que un atacante remoto no autenticado acceda a informaci\u00f3n confidencial. Esta vulnerabilidad se debe a un exceso de verbosidad en un archivo de registro de depuraci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener archivos de registro que contienen datos confidenciales, incluidas las credenciales que se pueden usar para acceder a la API." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20469.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20469.json index 25ad1d6bcbc..db44fb631b2 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20469.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20469.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20469", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T17:15:13.740", - "lastModified": "2024-09-04T17:15:13.740", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid Administrator privileges on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en comandos CLI espec\u00edficos en Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante local autenticado realice ataques de inyecci\u00f3n de comandos en el sistema operativo subyacente y eleve los privilegios a superusuario. Para explotar esta vulnerabilidad, el atacante debe tener privilegios de administrador v\u00e1lidos en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un comando CLI dise\u00f1ado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante elevar los privilegios a superusuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20497.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20497.json index b3f9d1f9646..253559ad32d 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20497.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20497.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20497", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T17:15:13.970", - "lastModified": "2024-09-04T17:15:13.970", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system.\r\n\r\nThis vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Expressway Edge (Expressway-E) podr\u00eda permitir que un atacante remoto autenticado se haga pasar por otro usuario en un sistema afectado. Esta vulnerabilidad se debe a comprobaciones de autorizaci\u00f3n inadecuadas para los usuarios de acceso remoto y m\u00f3vil (MRA). Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando una serie de comandos manipulados espec\u00edficamente para ello. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante interceptar llamadas destinadas a un n\u00famero de tel\u00e9fono en particular o hacer llamadas telef\u00f3nicas y que ese n\u00famero de tel\u00e9fono aparezca en el identificador de llamadas. Para aprovechar esta vulnerabilidad con \u00e9xito, el atacante debe ser un usuario de MRA en un sistema afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20503.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20503.json index 6a486c37506..c26b2101ad3 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20503.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20503.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20503", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T17:15:14.200", - "lastModified": "2024-09-04T17:15:14.200", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system.\r\n\r\nThis vulnerability is due to improper storage of an unencrypted registry key. A low-privileged attacker could exploit this vulnerability by viewing or querying the registry key on the affected system. A successful exploit could allow the attacker to view sensitive information in cleartext." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Cisco Duo Epic para Hyperdrive podr\u00eda permitir que un atacante local autenticado vea informaci\u00f3n confidencial en texto plano en un sistema afectado. Esta vulnerabilidad se debe al almacenamiento inadecuado de una clave de registro sin cifrar. Un atacante con pocos privilegios podr\u00eda aprovechar esta vulnerabilidad al ver o consultar la clave de registro en el sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver informaci\u00f3n confidencial en texto plano." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20505.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20505.json index b7011b12dcd..709e104f7b7 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20505.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20505.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20505", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T22:15:03.887", - "lastModified": "2024-09-04T22:15:03.887", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de PDF de Clam AntiVirus (ClamAV) versiones 1.4.0, 1.3.2 y anteriores, todas las versiones 1.2.x, 1.0.6 y anteriores, todas las versiones 0.105.x, todas las versiones 0.104.x y 0.103.11 y anteriores podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a una lectura fuera de los l\u00edmites. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un archivo PDF manipulado para que ClamAV lo escanee en un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante terminar el proceso de escaneo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20506.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20506.json index 9ca1de638bd..ce5eddd41d7 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20506.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20506.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20506", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-04T22:15:04.083", - "lastModified": "2024-09-04T22:15:04.083", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.\r\n\r\nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en el m\u00f3dulo de servicio ClamD de Clam AntiVirus (ClamAV) versiones 1.4.0, 1.3.2 y anteriores, todas las versiones 1.2.x, 1.0.6 y anteriores, todas las versiones 0.105.x, todas las versiones 0.104.x y 0.103.11 y anteriores podr\u00eda permitir que un atacante local autenticado corrompa archivos cr\u00edticos del sistema. La vulnerabilidad se debe a que permite que el proceso ClamD escriba en su archivo de registro mientras tiene privilegios sin comprobar si el archivo de registro ha sido reemplazado por un enlace simb\u00f3lico. Un atacante podr\u00eda aprovechar esta vulnerabilidad si reemplaza el archivo de registro de ClamD por un enlace simb\u00f3lico a un archivo cr\u00edtico del sistema y luego encuentra una forma de reiniciar el proceso ClamD. Una vulnerabilidad podr\u00eda permitir que el atacante corrompa un archivo cr\u00edtico del sistema a\u00f1adiendo mensajes de registro de ClamD despu\u00e9s del reinicio." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21875.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21875.json index 08e00f161c7..522530ea71f 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21875.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21875.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21875", "sourceIdentifier": "csirt@divd.nl", "published": "2024-02-11T09:15:07.633", - "lastModified": "2024-04-12T07:15:08.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:50:08.927", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "csirt@divd.nl", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + }, { "source": "csirt@divd.nl", "type": "Secondary", @@ -51,14 +81,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:badge.team:hacker_hotel_badge_2024:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.1.0", + "versionEndIncluding": "0.1.3", + "matchCriteriaId": "446EA9B5-9578-4FAB-8873-D1C366D72ECA" + } + ] + } + ] + } + ], "references": [ { "url": "https://csirt.divd.nl/CVE-2024-21875", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/badgeteam/hackerhotel-2024-firmware-esp32c6/pull/64", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2166.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2166.json index 0e6eed13665..544970372e6 100644 --- a/CVE-2024/CVE-2024-21xx/CVE-2024-2166.json +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2166.json @@ -2,13 +2,17 @@ "id": "CVE-2024-2166", "sourceIdentifier": "psirt@forcepoint.com", "published": "2024-09-04T22:15:04.260", - "lastModified": "2024-09-04T22:15:04.260", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Forcepoint Email Security (m\u00f3dulos Real Time Monitor) permite XSS reflejado. Este problema afecta a Email Security: anterior a 8.5.5 HF003." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-237xx/CVE-2024-23724.json b/CVE-2024/CVE-2024-237xx/CVE-2024-23724.json index ea935cef267..8f45b1842d9 100644 --- a/CVE-2024/CVE-2024-237xx/CVE-2024-23724.json +++ b/CVE-2024/CVE-2024-237xx/CVE-2024-23724.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23724", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-11T01:15:08.080", - "lastModified": "2024-08-01T23:15:47.180", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:28:49.510", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -22,19 +22,82 @@ "value": "Ghost hasta 5.76.0 permite XSS almacenado y la consiguiente escalada de privilegios en la que un colaborador puede hacerse cargo de cualquier cuenta, a trav\u00e9s de una imagen de perfil SVG que contiene c\u00f3digo JavaScript para interactuar con la API en el puerto TCP 3001 del host local. NOTA: El descubridor informa que \" El proveedor no considera que esto sea un vector v\u00e1lido\"." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:*", + "versionEndIncluding": "5.76.0", + "matchCriteriaId": "CAC8A0A1-CCDE-4842-BDD3-FA795CA6A493" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/TryGhost/Ghost/pull/19646", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://rhinosecuritylabs.com/blog/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24034.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24034.json index 40e882581ae..37f29c73140 100644 --- a/CVE-2024/CVE-2024-240xx/CVE-2024-24034.json +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24034.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24034", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-08T09:15:46.537", - "lastModified": "2024-02-08T13:44:21.670", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:04:31.337", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,11 +15,67 @@ "value": "Setor Informatica S.I.L versi\u00f3n 3.0 es vulnerable a Open Redirect a trav\u00e9s del par\u00e1metro hprinter, permite a atacantes remotos ejecutar c\u00f3digo arbitrario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:setorinformatica:s.i.l:3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2BF3A35A-8563-4FF2-B501-F8C5C0557B31" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ELIZEUOPAIN/CVE-2024-24034/tree/main", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24091.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24091.json index bbd839e65e8..6f243dc8ce2 100644 --- a/CVE-2024/CVE-2024-240xx/CVE-2024-24091.json +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24091.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24091", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-08T06:15:51.690", - "lastModified": "2024-08-01T19:36:02.180", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T12:57:51.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:yealink:yealink_meeting_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "26.0.0.66", + "matchCriteriaId": "C8511A4E-E4C9-40CF-8AAD-103EF5859E0F" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.yealink.com/en/trust-center/security-advisories/2f2b990211c440cf", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-242xx/CVE-2024-24216.json b/CVE-2024/CVE-2024-242xx/CVE-2024-24216.json index 7b1a8d41915..28c91ae0fca 100644 --- a/CVE-2024/CVE-2024-242xx/CVE-2024-24216.json +++ b/CVE-2024/CVE-2024-242xx/CVE-2024-24216.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24216", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-08T06:15:51.750", - "lastModified": "2024-02-08T13:44:21.670", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:00:44.217", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,76 @@ "value": "Se descubri\u00f3 que Zentao v18.0 a v18.10 conten\u00eda una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del m\u00e9todo checkConnection de /app/zentao/module/repo/model.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:easycorp:zentao:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndIncluding": "18.10", + "matchCriteriaId": "2055C49E-D7BA-42D6-9F98-BDEF06A38F29" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/easysoft/zentaopms/issues/133", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/l3s10n/ZenTaoPMS_RCE", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24494.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24494.json index f2d48c4f507..c2edb357f2d 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24494.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24494.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24494", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-08T21:15:08.437", - "lastModified": "2024-02-09T01:37:59.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:13:01.517", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,11 +15,67 @@ "value": "La vulnerabilidad de Cross Site Scripting en Daily Habit Tracker v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros day, exercise, pray, read_book, vitamins, laundry, alcohol and meat en los componentes add-tracker.php y update-tracker.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:remyandrade:daily_habit_tracker:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "90CBBC5D-B0F2-4BC3-8306-984E7B239BE7" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/0xQRx/VunerabilityResearch/blob/master/2024/DailyHabitTracker-Stored_XSS.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-251xx/CVE-2024-25109.json b/CVE-2024/CVE-2024-251xx/CVE-2024-25109.json index 1be7b486c8d..1782e7a23e2 100644 --- a/CVE-2024/CVE-2024-251xx/CVE-2024-25109.json +++ b/CVE-2024/CVE-2024-251xx/CVE-2024-25109.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25109", "sourceIdentifier": "security-advisories@github.com", "published": "2024-02-09T23:15:10.057", - "lastModified": "2024-02-11T22:29:15.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:18:39.687", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -41,7 +61,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -49,28 +69,71 @@ "value": "CWE-79" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:miraheze:managewiki:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024-02-09", + "matchCriteriaId": "77660479-AB57-45B2-8F6E-921AE3A99EBD" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/miraheze/ManageWiki/commit/2ef0f50880d7695ca2874dc8dd515b2b9bbb02e5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/miraheze/ManageWiki/commit/6942e8b2c01dc33c2c41a471f91ef3f6ca726073", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/miraheze/ManageWiki/commit/886cc6b94587f1c7387caa26ca9fe612e01836a0", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-4jr2-jhfm-2r84", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://issue-tracker.miraheze.org/T11812", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25722.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25722.json index 215b17d10a2..14b9918b337 100644 --- a/CVE-2024/CVE-2024-257xx/CVE-2024-25722.json +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25722.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25722", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-11T05:15:08.523", - "lastModified": "2024-02-11T22:29:15.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:32:17.380", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "qanything_kernel/connector/database/mysql/mysql_client.py en qanything.ai QAnything antes de 1.2.0 permite la inyecci\u00f3n SQL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qanything:qanything:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.2.0", + "matchCriteriaId": "F099F4D0-F982-4A8F-99FE-BC59DE645477" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/netease-youdao/QAnything/commit/35753b892c2c4361b318d68dfa3e251c85ce889c", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/netease-youdao/QAnything/compare/v1.1.1...v1.2.0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25728.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25728.json index a471a289668..ec2e4626040 100644 --- a/CVE-2024/CVE-2024-257xx/CVE-2024-25728.json +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25728.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25728", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-11T22:15:08.360", - "lastModified": "2024-02-11T22:29:15.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:54:43.833", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,75 @@ "value": "ExpressVPN anterior a 12.73.0 en Windows, cuando se utiliza t\u00fanel dividido, env\u00eda solicitudes DNS de acuerdo con la configuraci\u00f3n de Windows (por ejemplo, las env\u00eda a servidores DNS operados por el ISP del usuario en lugar de a los servidores DNS de ExpressVPN), lo que puede permitir a atacantes remotos obtener informaci\u00f3n confidencial sobre sitios web visitados por usuarios de VPN." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:expressvpn:expressvpn:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "12.23.1", + "versionEndExcluding": "12.73.0", + "matchCriteriaId": "4595D351-20E9-40D8-AB7C-32340A0DD8B1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.bleepingcomputer.com/news/security/expressvpn-bug-has-been-leaking-some-dns-requests-for-years/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.expressvpn.com/blog/windows-app-dns-requests/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32668.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32668.json index 56a3612f0f5..8b68b75bf9a 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32668.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32668.json @@ -2,16 +2,43 @@ "id": "CVE-2024-32668", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.433", - "lastModified": "2024-09-05T05:15:13.433", - "vulnStatus": "Received", + "lastModified": "2024-09-05T13:35:01.927", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller.\n\nA malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process." + }, + { + "lang": "es", + "value": "Una validaci\u00f3n de los l\u00edmites insuficiente en el c\u00f3digo USB podr\u00eda provocar una escritura fuera de los l\u00edmites en el mont\u00f3n, con datos controlados por el autor de la llamada. Un software malicioso y privilegiado que se ejecute en una m\u00e1quina virtual invitada puede aprovechar la vulnerabilidad para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malicioso est\u00e1 limitado por las capacidades disponibles para el proceso bhyve." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.5, + "impactScore": 6.0 + } + ] + }, "weaknesses": [ { "source": "secteam@freebsd.org", diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34657.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34657.json index aead34e07b0..97ec81d5b2b 100644 --- a/CVE-2024/CVE-2024-346xx/CVE-2024-34657.json +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34657.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34657", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-09-04T06:15:16.150", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:48:54.077", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -39,10 +59,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.21.62", + "matchCriteriaId": "1E2501DD-98AF-407C-AC64-2C26EA3248F3" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34658.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34658.json index bed6f169daa..6d2c9c97379 100644 --- a/CVE-2024/CVE-2024-346xx/CVE-2024-34658.json +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34658.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34658", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-09-04T06:15:16.333", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:48:52.273", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -39,10 +59,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.21.62", + "matchCriteriaId": "1E2501DD-98AF-407C-AC64-2C26EA3248F3" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34659.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34659.json index 0f027fcd4bc..2c105202276 100644 --- a/CVE-2024/CVE-2024-346xx/CVE-2024-34659.json +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34659.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34659", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-09-04T06:15:16.567", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:48:55.767", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -39,10 +59,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:group_sharing:*:*:*:*:*:android:*:*", + "versionEndExcluding": "13.6.13.3", + "matchCriteriaId": "CDCAC909-4AE8-4648-8748-D9EB90A9B533" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34660.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34660.json index c58f76baab5..ee202da770a 100644 --- a/CVE-2024/CVE-2024-346xx/CVE-2024-34660.json +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34660.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34660", "sourceIdentifier": "mobile.security@samsung.com", "published": "2024-09-04T06:15:16.790", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:30:28.343", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -39,10 +59,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.4.21.62", + "matchCriteriaId": "1E2501DD-98AF-407C-AC64-2C26EA3248F3" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json index 2720159dabb..dd29f7a122c 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41928", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T04:15:06.947", - "lastModified": "2024-09-05T04:15:06.947", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process." + }, + { + "lang": "es", + "value": "El software malintencionado que se ejecuta en una m\u00e1quina virtual invitada puede aprovechar el desbordamiento del b\u00fafer para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malintencionado est\u00e1 limitado por las capacidades disponibles para el proceso bhyve." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42416.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42416.json index 28413af98e5..c51c7b1890d 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42416.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42416.json @@ -2,16 +2,43 @@ "id": "CVE-2024-42416", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.600", - "lastModified": "2024-09-05T05:15:13.600", - "vulnStatus": "Received", + "lastModified": "2024-09-05T13:35:02.227", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory.\n\nMalicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host." + }, + { + "lang": "es", + "value": "La funci\u00f3n ctl_report_supported_opcodes no valid\u00f3 de manera suficiente un campo proporcionado por el espacio de usuario, lo que permiti\u00f3 una escritura arbitraria en una cantidad limitada de memoria de ayuda del n\u00facleo. El software malintencionado que se ejecuta en una m\u00e1quina virtual invitada que expone virtio_scsi puede explotar las vulnerabilidades para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malintencionado est\u00e1 limitado por las capacidades disponibles para el proceso bhyve. Un iniciador iSCSI malintencionado podr\u00eda lograr la ejecuci\u00f3n remota de c\u00f3digo en el host de destino iSCSI." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "secteam@freebsd.org", diff --git a/CVE-2024/CVE-2024-426xx/CVE-2024-42642.json b/CVE-2024/CVE-2024-426xx/CVE-2024-42642.json index 226f7ec6b70..887c308116f 100644 --- a/CVE-2024/CVE-2024-426xx/CVE-2024-42642.json +++ b/CVE-2024/CVE-2024-426xx/CVE-2024-42642.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42642", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T20:15:07.007", - "lastModified": "2024-09-04T20:15:07.007", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller." + }, + { + "lang": "es", + "value": "Micron Crucial MX500 Series Solid State Drives M3CR046 son vulnerables al desbordamiento de b\u00fafer, que puede desencadenarse al enviar paquetes ATA especialmente manipulados desde el host al controlador de la unidad." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-431xx/CVE-2024-43102.json b/CVE-2024/CVE-2024-431xx/CVE-2024-43102.json index bbb0a749a96..625226041ea 100644 --- a/CVE-2024/CVE-2024-431xx/CVE-2024-43102.json +++ b/CVE-2024/CVE-2024-431xx/CVE-2024-43102.json @@ -2,16 +2,43 @@ "id": "CVE-2024-43102", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.677", - "lastModified": "2024-09-05T05:15:13.677", - "vulnStatus": "Received", + "lastModified": "2024-09-05T13:35:02.430", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too early.\n\nA malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape." + }, + { + "lang": "es", + "value": "Las eliminaciones simult\u00e1neas de ciertas asignaciones de memoria compartida an\u00f3nimas mediante la subsolicitud UMTX_SHM_DESTROY de UMTX_OP_SHM pueden provocar que se reduzca el recuento de referencias del objeto que representa la asignaci\u00f3n demasiadas veces, lo que hace que se libere demasiado pronto. Un c\u00f3digo malicioso que ejecute la subsolicitud UMTX_SHM_DESTROY en paralelo puede provocar un p\u00e1nico en el n\u00facleo o permitir m\u00e1s ataques de use-after-free, que podr\u00edan incluir la ejecuci\u00f3n de c\u00f3digo o el escape de la zona protegida de Capsicum." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "secteam@freebsd.org", diff --git a/CVE-2024/CVE-2024-431xx/CVE-2024-43110.json b/CVE-2024/CVE-2024-431xx/CVE-2024-43110.json index 7dea6f5a3b0..fe5c9218f22 100644 --- a/CVE-2024/CVE-2024-431xx/CVE-2024-43110.json +++ b/CVE-2024/CVE-2024-431xx/CVE-2024-43110.json @@ -2,16 +2,43 @@ "id": "CVE-2024-43110", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.757", - "lastModified": "2024-09-05T05:15:13.757", - "vulnStatus": "Received", + "lastModified": "2024-09-05T13:35:02.630", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace.\n\nMalicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host." + }, + { + "lang": "es", + "value": "La funci\u00f3n ctl_request_sense podr\u00eda exponer hasta tres bytes del mont\u00f3n del n\u00facleo al espacio de usuario. El software malintencionado que se ejecuta en una m\u00e1quina virtual invitada que expone virtio_scsi puede explotar las vulnerabilidades para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malintencionado est\u00e1 limitado por las capacidades disponibles para el proceso bhyve. Un iniciador iSCSI malintencionado podr\u00eda lograr la ejecuci\u00f3n remota de c\u00f3digo en el host de destino iSCSI." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "secteam@freebsd.org", diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43402.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43402.json index f6ea3e29324..98bd8059628 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43402.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43402.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43402", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T16:15:06.640", - "lastModified": "2024-09-04T16:15:06.640", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods (which are ignored and stripped by Windows). To determine whether to apply the `cmd.exe` escaping rules, the original fix for the vulnerability checked whether the command name ended with `.bat` or `.cmd`. At the time that seemed enough, as we refuse to invoke batch scripts with no file extension. Windows removes trailing whitespace and periods when parsing file paths. For example, `.bat. .` is interpreted by Windows as `.bat`, but the original fix didn't check for that. Affected users who are using Rust 1.77.2 or greater can remove the trailing whitespace (ASCII 0x20) and trailing periods (ASCII 0x2E) from the batch file name to bypass the incomplete fix and enable the mitigations. Users are affected if their code or one of their dependencies invoke a batch script on Windows with trailing whitespace or trailing periods in the name, and pass untrusted arguments to it. Rust 1.81.0 will update the standard library to apply the CVE-2024-24576 mitigations to all batch files invocations, regardless of the trailing chars in the file name." + }, + { + "lang": "es", + "value": "Rust es un lenguaje de programaci\u00f3n. La correcci\u00f3n para CVE-2024-24576, donde `std::process::Command` escapaba incorrectamente los argumentos al invocar archivos por lotes en Windows, estaba incompleta. Antes de la versi\u00f3n 1.81.0 de Rust, era posible omitir la correcci\u00f3n cuando el nombre del archivo por lotes ten\u00eda espacios en blanco o endpoints (que Windows ignora y elimina). Para determinar si se deb\u00edan aplicar las reglas de escape de `cmd.exe`, la correcci\u00f3n original para la vulnerabilidad verificaba si el nombre del comando terminaba con `.bat` o `.cmd`. En ese momento, eso parec\u00eda suficiente, ya que nos negamos a invocar scripts por lotes sin extensi\u00f3n de archivo. Windows elimina los espacios en blanco y los endpoints al analizar las rutas de archivo. Por ejemplo, `.bat. .` es interpretado por Windows como `.bat`, pero la correcci\u00f3n original no lo verificaba. Los usuarios afectados que utilicen Rust 1.77.2 o una versi\u00f3n posterior pueden eliminar los espacios en blanco finales (ASCII 0x20) y los endpoints (ASCII 0x2E) del nombre del archivo por lotes para omitir la correcci\u00f3n incompleta y habilitar las mitigaciones. Los usuarios se ven afectados si su c\u00f3digo o una de sus dependencias invocan un script por lotes en Windows con espacios en blanco finales o endpoints en el nombre y le pasan argumentos no confiables. Rust 1.81.0 actualizar\u00e1 la librer\u00eda est\u00e1ndar para aplicar las mitigaciones de CVE-2024-24576 a todas las invocaciones de archivos por lotes, independientemente de los caracteres finales en el nombre del archivo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43405.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43405.json index e66fc757f09..e320a17a162 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43405.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43405.json @@ -2,13 +2,17 @@ "id": "CVE-2024-43405", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T16:15:06.853", - "lastModified": "2024-09-04T16:15:06.853", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround." + }, + { + "lang": "es", + "value": "Nuclei es un esc\u00e1ner de vulnerabilidades que funciona con plantillas basadas en YAML. A partir de la versi\u00f3n 3.0.0 y antes de la versi\u00f3n 3.3.2, una vulnerabilidad en el sistema de verificaci\u00f3n de firmas de plantillas de Nuclei podr\u00eda permitir a un atacante eludir la verificaci\u00f3n de firmas y posiblemente ejecutar c\u00f3digo malicioso a trav\u00e9s de una plantilla de c\u00f3digo personalizada. La vulnerabilidad est\u00e1 presente en el proceso de verificaci\u00f3n de firmas de plantillas, espec\u00edficamente en el paquete `signer`. La vulnerabilidad se origina en una discrepancia entre c\u00f3mo el proceso de verificaci\u00f3n de firmas y el analizador YAML manejan los caracteres de nueva l\u00ednea, combinado con la forma en que se procesan m\u00faltiples firmas. Esto permite a un atacante inyectar contenido malicioso en una plantilla mientras mantiene una firma v\u00e1lida para la parte benigna de la plantilla. Los usuarios de CLI se ven afectados si ejecutan plantillas de c\u00f3digo personalizadas de fuentes no verificadas. Esto incluye plantillas creadas por terceros u obtenidas de repositorios no verificados. Los usuarios de SDK se ven afectados si son desarrolladores que integran Nuclei en sus plataformas, en particular si permiten la ejecuci\u00f3n de plantillas de c\u00f3digo personalizadas por parte de los usuarios finales. La vulnerabilidad se soluciona en Nuclei v3.3.2. Se recomienda encarecidamente a los usuarios que actualicen a esta versi\u00f3n para mitigar el riesgo de seguridad. Como medida provisoria, los usuarios deben abstenerse de utilizar plantillas personalizadas si no pueden actualizar de inmediato. Solo se deben ejecutar plantillas verificadas y confiables. Aquellos que no puedan actualizar Nuclei deben deshabilitar la ejecuci\u00f3n de plantillas de c\u00f3digo personalizadas como workaround." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44808.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44808.json index 904c84548b6..5ea3c8edd72 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44808.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44808.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44808", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T16:15:07.050", - "lastModified": "2024-09-04T18:35:05.043", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter." + }, + { + "lang": "es", + "value": "Un problema en Vypor Attack API System v.1.0 permite que un atacante remoto ejecute c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro GET del usuario." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44817.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44817.json index 5fb3598e10a..3e9336db85d 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44817.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44817.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44817", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T16:15:07.143", - "lastModified": "2024-09-04T17:35:06.313", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the id parameter in the adv2.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de inyecci\u00f3n SQL en ZZCMS v.2023 y anteriores permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro id en el componente adv2.php." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44818.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44818.json index f3d71a5700b..8e326f2fa20 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44818.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44818.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44818", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T16:15:07.237", - "lastModified": "2024-09-04T16:35:09.593", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the HTTP_Referer header of the caina.php component." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross site scripting en ZZCMS v.2023 y anteriores permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del encabezado HTTP_Referer del componente caina.php." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44821.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44821.json index 529d03b1079..1608e04e50e 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44821.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44821.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44821", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T16:15:07.320", - "lastModified": "2024-09-04T17:35:07.360", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages." + }, + { + "lang": "es", + "value": "ZZCMS 2023 contiene una vulnerabilidad en la l\u00f3gica de reutilizaci\u00f3n de captcha ubicada en /inc/function.php. La funci\u00f3n checkyzm no actualiza correctamente el valor del captcha despu\u00e9s de un intento de validaci\u00f3n fallido. Como resultado, un atacante puede aprovechar esta falla enviando repetidamente la misma respuesta de captcha incorrecta, lo que le permite capturar el valor de captcha correcto a trav\u00e9s de mensajes de error." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44859.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44859.json index da1a2a0cf31..5650304a426 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44859.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44859.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44859", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T16:15:07.400", - "lastModified": "2024-09-04T16:35:10.447", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`." + }, + { + "lang": "es", + "value": "Tenda FH1201 v1.2.0.14 tiene una vulnerabilidad de desbordamiento de b\u00fafer de pila en `formWrlExtraGet`." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44948.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44948.json index 03db65d72c3..14dca43ea1f 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44948.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44948.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44948", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:29.950", - "lastModified": "2024-09-04T19:15:29.950", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mtrr: Check if fixed MTRRs exist before saving them\n\nMTRRs have an obsolete fixed variant for fine grained caching control\nof the 640K-1MB region that uses separate MSRs. This fixed variant has\na separate capability bit in the MTRR capability MSR.\n\nSo far all x86 CPUs which support MTRR have this separate bit set, so it\nwent unnoticed that mtrr_save_state() does not check the capability bit\nbefore accessing the fixed MTRR MSRs.\n\nThough on a CPU that does not support the fixed MTRR capability this\nresults in a #GP. The #GP itself is harmless because the RDMSR fault is\nhandled gracefully, but results in a WARN_ON().\n\nAdd the missing capability check to prevent this." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/mtrr: comprobar si existen MTRR fijos antes de guardarlos Los MTRR tienen una variante fija obsoleta para el control de almacenamiento en cach\u00e9 de grano fino de la regi\u00f3n de 640K-1MB que utiliza MSR separados. Esta variante fija tiene un bit de capacidad independiente en el MSR de capacidad MTRR. Hasta ahora, todas las CPU x86 que admiten MTRR tienen este bit independiente configurado, por lo que pas\u00f3 desapercibido que mtrr_save_state() no comprueba el bit de capacidad antes de acceder a los MSR MTRR fijos. Aunque en una CPU que no admite la capacidad MTRR fija, esto da como resultado un #GP. El #GP en s\u00ed es inofensivo porque el error RDMSR se maneja con elegancia, pero da como resultado un WARN_ON(). Agregue la comprobaci\u00f3n de capacidad faltante para evitar esto." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44949.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44949.json index c1010504303..9927d7775d0 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44949.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44949.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44949", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.040", - "lastModified": "2024-09-04T19:15:30.040", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: fix a possible DMA corruption\n\nARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be\npossible that two unrelated 16-byte allocations share a cache line. If\none of these allocations is written using DMA and the other is written\nusing cached write, the value that was written with DMA may be\ncorrupted.\n\nThis commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 -\nthat's the largest possible cache line size.\n\nAs different parisc microarchitectures have different cache line size, we\ndefine arch_slab_minalign(), cache_line_size() and\ndma_get_cache_alignment() so that the kernel may tune slab cache\nparameters dynamically, based on the detected cache line size." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: parisc: se corrige una posible corrupci\u00f3n de DMA ARCH_DMA_MINALIGN se defini\u00f3 como 16 - esto es demasiado peque\u00f1o - puede ser posible que dos asignaciones de 16 bytes no relacionadas compartan una l\u00ednea de cach\u00e9. Si una de estas asignaciones se escribe usando DMA y la otra se escribe usando escritura en cach\u00e9, el valor que se escribi\u00f3 con DMA puede estar da\u00f1ado. Esta confirmaci\u00f3n cambia ARCH_DMA_MINALIGN a 128 en PA20 y 32 en PA1.1 - ese es el tama\u00f1o de l\u00ednea de cach\u00e9 m\u00e1s grande posible. Como las diferentes microarquitecturas de parisc tienen diferentes tama\u00f1os de l\u00ednea de cach\u00e9, definimos arch_slab_minalign(), cache_line_size() y dma_get_cache_alignment() para que el kernel pueda ajustar los par\u00e1metros de cach\u00e9 de losa din\u00e1micamente, seg\u00fan el tama\u00f1o de l\u00ednea de cach\u00e9 detectado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44950.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44950.json index 7a84db3dc69..fcefffa651b 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44950.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44950.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44950", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.100", - "lastModified": "2024-09-04T19:15:30.100", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: fix invalid FIFO access with special register set\n\nWhen enabling access to the special register set, Receiver time-out and\nRHR interrupts can happen. In this case, the IRQ handler will try to read\nfrom the FIFO thru the RHR register at address 0x00, but address 0x00 is\nmapped to DLL register, resulting in erroneous FIFO reading.\n\nCall graph example:\n sc16is7xx_startup(): entry\n sc16is7xx_ms_proc(): entry\n sc16is7xx_set_termios(): entry\n sc16is7xx_set_baud(): DLH/DLL = $009C --> access special register set\n sc16is7xx_port_irq() entry --> IIR is 0x0C\n sc16is7xx_handle_rx() entry\n sc16is7xx_fifo_read(): --> unable to access FIFO (RHR) because it is\n mapped to DLL (LCR=LCR_CONF_MODE_A)\n sc16is7xx_set_baud(): exit --> Restore access to general register set\n\nFix the problem by claiming the efr_lock mutex when accessing the Special\nregister set." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: sc16is7xx: se corrige el acceso FIFO no v\u00e1lido con un conjunto de registros especiales. Al habilitar el acceso al conjunto de registros especiales, pueden producirse interrupciones de RHR y tiempo de espera del receptor. En este caso, el controlador IRQ intentar\u00e1 leer desde el FIFO a trav\u00e9s del registro RHR en la direcci\u00f3n 0x00, pero la direcci\u00f3n 0x00 est\u00e1 asignada al registro DLL, lo que da como resultado una lectura FIFO err\u00f3nea. Ejemplo de gr\u00e1fico de llamadas: sc16is7xx_startup(): entrada sc16is7xx_ms_proc(): entrada sc16is7xx_set_termios(): entrada sc16is7xx_set_baud(): DLH/DLL = $009C --> acceder al conjunto de registros especiales sc16is7xx_port_irq() entrada --> IIR es 0x0C sc16is7xx_handle_rx() entrada sc16is7xx_fifo_read(): --> no se puede acceder a FIFO (RHR) porque est\u00e1 asignado a DLL (LCR=LCR_CONF_MODE_A) sc16is7xx_set_baud(): salida --> Restaurar el acceso al conjunto de registros generales Solucione el problema reclamando el mutex efr_lock al acceder al conjunto de registros especiales." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44951.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44951.json index f673045c65b..058752f355b 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44951.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44951.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44951", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.153", - "lastModified": "2024-09-04T19:15:30.153", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: fix TX fifo corruption\n\nSometimes, when a packet is received on channel A at almost the same time\nas a packet is about to be transmitted on channel B, we observe with a\nlogic analyzer that the received packet on channel A is transmitted on\nchannel B. In other words, the Tx buffer data on channel B is corrupted\nwith data from channel A.\n\nThe problem appeared since commit 4409df5866b7 (\"serial: sc16is7xx: change\nEFR lock to operate on each channels\"), which changed the EFR locking to\noperate on each channel instead of chip-wise.\n\nThis commit has introduced a regression, because the EFR lock is used not\nonly to protect the EFR registers access, but also, in a very obscure and\nundocumented way, to protect access to the data buffer, which is shared by\nthe Tx and Rx handlers, but also by each channel of the IC.\n\nFix this regression first by switching to kfifo_out_linear_ptr() in\nsc16is7xx_handle_tx() to eliminate the need for a shared Rx/Tx buffer.\n\nSecondly, replace the chip-wise Rx buffer with a separate Rx buffer for\neach channel." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: sc16is7xx: fix TX fifo democracy A veces, cuando se recibe un paquete en el canal A casi al mismo tiempo que se va a transmitir un paquete en el canal B, observamos con un analizador l\u00f3gico que el paquete recibido en el canal A se transmite en el canal B. En otras palabras, los datos del b\u00fafer de Tx en el canal B est\u00e1n da\u00f1ados con datos del canal A. El problema apareci\u00f3 desde el commit 4409df5866b7 (\"serial: sc16is7xx: change EFR lock to operate on each channels\"), que cambi\u00f3 el bloqueo de EFR para que funcione en cada canal en lugar de en todo el chip. Este commit ha introducido una regresi\u00f3n, porque el bloqueo de EFR se utiliza no solo para proteger el acceso a los registros de EFR, sino tambi\u00e9n, de una forma muy oscura y no documentada, para proteger el acceso al b\u00fafer de datos, que es compartido por los manejadores de Tx y Rx, pero tambi\u00e9n por cada canal del IC. Primero, solucione esta regresi\u00f3n cambiando a kfifo_out_linear_ptr() en sc16is7xx_handle_tx() para eliminar la necesidad de un b\u00fafer Rx/Tx compartido. En segundo lugar, reemplace el b\u00fafer Rx por chip con un b\u00fafer Rx separado para cada canal." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json index bfd585b289e..e44d6e7c3e7 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44952", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.213", - "lastModified": "2024-09-04T19:15:30.213", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: Fix uevent_show() vs driver detach race\n\nuevent_show() wants to de-reference dev->driver->name. There is no clean\nway for a device attribute to de-reference dev->driver unless that\nattribute is defined via (struct device_driver).dev_groups. Instead, the\nanti-pattern of taking the device_lock() in the attribute handler risks\ndeadlocks with code paths that remove device attributes while holding\nthe lock.\n\nThis deadlock is typically invisible to lockdep given the device_lock()\nis marked lockdep_set_novalidate_class(), but some subsystems allocate a\nlocal lockdep key for @dev->mutex to reveal reports of the form:\n\n ======================================================\n WARNING: possible circular locking dependency detected\n 6.10.0-rc7+ #275 Tainted: G OE N\n ------------------------------------------------------\n modprobe/2374 is trying to acquire lock:\n ffff8c2270070de0 (kn->active#6){++++}-{0:0}, at: __kernfs_remove+0xde/0x220\n\n but task is already holding lock:\n ffff8c22016e88f8 (&cxl_root_key){+.+.}-{3:3}, at: device_release_driver_internal+0x39/0x210\n\n which lock already depends on the new lock.\n\n the existing dependency chain (in reverse order) is:\n\n -> #1 (&cxl_root_key){+.+.}-{3:3}:\n __mutex_lock+0x99/0xc30\n uevent_show+0xac/0x130\n dev_attr_show+0x18/0x40\n sysfs_kf_seq_show+0xac/0xf0\n seq_read_iter+0x110/0x450\n vfs_read+0x25b/0x340\n ksys_read+0x67/0xf0\n do_syscall_64+0x75/0x190\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n -> #0 (kn->active#6){++++}-{0:0}:\n __lock_acquire+0x121a/0x1fa0\n lock_acquire+0xd6/0x2e0\n kernfs_drain+0x1e9/0x200\n __kernfs_remove+0xde/0x220\n kernfs_remove_by_name_ns+0x5e/0xa0\n device_del+0x168/0x410\n device_unregister+0x13/0x60\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1c7/0x210\n driver_detach+0x47/0x90\n bus_remove_driver+0x6c/0xf0\n cxl_acpi_exit+0xc/0x11 [cxl_acpi]\n __do_sys_delete_module.isra.0+0x181/0x260\n do_syscall_64+0x75/0x190\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe observation though is that driver objects are typically much longer\nlived than device objects. It is reasonable to perform lockless\nde-reference of a @driver pointer even if it is racing detach from a\ndevice. Given the infrequency of driver unregistration, use\nsynchronize_rcu() in module_remove_driver() to close any potential\nraces. It is potentially overkill to suffer synchronize_rcu() just to\nhandle the rare module removal racing uevent_show() event.\n\nThanks to Tetsuo Handa for the debug analysis of the syzbot report [1]." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: n\u00facleo del controlador: se corrige uevent_show() frente a la ejecuci\u00f3n de desconexi\u00f3n del controlador uevent_show() quiere desreferenciar dev->driver->name. No hay una forma clara de que un atributo de dispositivo desreferenciar dev->driver a menos que ese atributo se defina mediante (struct device_driver).dev_groups. En cambio, el antipatr\u00f3n de tomar device_lock() en el controlador de atributos corre el riesgo de bloqueos con rutas de c\u00f3digo que eliminan los atributos del dispositivo mientras mantienen el bloqueo. Este interbloqueo es t\u00edpicamente invisible para lockdep dado que device_lock() est\u00e1 marcado como lockdep_set_novalidate_class(), pero algunos subsistemas asignan una clave lockdep local para que @dev->mutex revele informes del formato: ======================================================== ADVERTENCIA: posible dependencia de bloqueo circular detectada 6.10.0-rc7+ #275 Tainted: G OE N ------------------------------------------------------ modprobe/2374 est\u00e1 intentando adquirir el bloqueo: ffff8c2270070de0 (kn->active#6){++++}-{0:0}, en: __kernfs_remove+0xde/0x220 pero la tarea ya tiene el bloqueo: ffff8c22016e88f8 (&cxl_root_key){+.+.}-{3:3}, en: device_release_driver_internal+0x39/0x210 cuyo bloqueo ya depende del nuevo bloqueo. la cadena de dependencia existente (en orden inverso) es: -> #1 (&cxl_root_key){+.+.}-{3:3}: __mutex_lock+0x99/0xc30 uevent_show+0xac/0x130 dev_attr_show+0x18/0x40 sysfs_kf_seq_show+0xac/0xf0 seq_read_iter+0x110/0x450 vfs_read+0x25b/0x340 ksys_read+0x67/0xf0 do_syscall_64+0x75/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #0 (kn->active#6){++++}-{0:0}: __lock_acquire+0x121a/0x1fa0 lock_acquire+0xd6/0x2e0 kernfs_drain+0x1e9/0x200 __kernfs_remove+0xde/0x220 kernfs_remove_by_name_ns+0x5e/0xa0 device_del+0x168/0x410 device_unregister+0x13/0x60 devres_release_all+0xb8/0x110 device_unbind_cleanup+0xe/0x70 device_release_driver_internal+0x1c7/0x210 driver_detach+0x47/0x90 bus_remove_driver+0x6c/0xf0 cxl_acpi_exit+0xc/0x11 [cxl_acpi] __do_sys_delete_module.isra.0+0x181/0x260 do_syscall_64+0x75/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e Sin embargo, la observaci\u00f3n es que los objetos de controlador suelen tener una vida \u00fatil mucho m\u00e1s larga que los objetos de dispositivo. Es razonable realizar una desreferencia sin bloqueo de un puntero @driver incluso si est\u00e1 compitiendo por desconectarse de un dispositivo. Dada la poca frecuencia de anulaci\u00f3n del registro de un controlador, usesynchronous_rcu() en module_remove_driver() para cerrar cualquier ejecuci\u00f3n potencial. Es potencialmente excesivo sufrirsynchronous_rcu() solo para manejar el raro evento uevent_show() de ejecuci\u00f3n de eliminaci\u00f3n de m\u00f3dulo. Gracias a Tetsuo Handa por el an\u00e1lisis de depuraci\u00f3n del informe de syzbot [1]." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json index df7b1bacbef..cdb3f1232ac 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44953", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.297", - "lastModified": "2024-09-04T19:15:30.297", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix deadlock during RTC update\n\nThere is a deadlock when runtime suspend waits for the flush of RTC work,\nand the RTC work calls ufshcd_rpm_get_sync() to wait for runtime resume.\n\nHere is deadlock backtrace:\n\nkworker/0:1 D 4892.876354 10 10971 4859 0x4208060 0x8 10 0 120 670730152367\nptr f0ffff80c2e40000 0 1 0x00000001 0x000000ff 0x000000ff 0x000000ff\n __switch_to+0x1a8/0x2d4\n __schedule+0x684/0xa98\n schedule+0x48/0xc8\n schedule_timeout+0x48/0x170\n do_wait_for_common+0x108/0x1b0\n wait_for_completion+0x44/0x60\n __flush_work+0x39c/0x424\n __cancel_work_sync+0xd8/0x208\n cancel_delayed_work_sync+0x14/0x28\n __ufshcd_wl_suspend+0x19c/0x480\n ufshcd_wl_runtime_suspend+0x3c/0x1d4\n scsi_runtime_suspend+0x78/0xc8\n __rpm_callback+0x94/0x3e0\n rpm_suspend+0x2d4/0x65c\n __pm_runtime_suspend+0x80/0x114\n scsi_runtime_idle+0x38/0x6c\n rpm_idle+0x264/0x338\n __pm_runtime_idle+0x80/0x110\n ufshcd_rtc_work+0x128/0x1e4\n process_one_work+0x26c/0x650\n worker_thread+0x260/0x3d8\n kthread+0x110/0x134\n ret_from_fork+0x10/0x20\n\nSkip updating RTC if RPM state is not RPM_ACTIVE." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ufs: core: Se corrige un bloqueo durante la actualizaci\u00f3n de RTC. Hay un bloqueo cuando la suspensi\u00f3n en tiempo de ejecuci\u00f3n espera la limpieza del trabajo de RTC y el trabajo de RTC llama a ufshcd_rpm_get_sync() para esperar la reanudaci\u00f3n del tiempo de ejecuci\u00f3n. Aqu\u00ed est\u00e1 el backtrace del bloqueo: kworker/0:1 D 4892.876354 10 10971 4859 0x4208060 0x8 10 0 120 670730152367 ptr f0ffff80c2e40000 0 1 0x00000001 0x000000ff 0x000000ff 0x000000ff __switch_to+0x1a8/0x2d4 __schedule+0x684/0xa98 schedule+0x48/0xc8 schedule_timeout+0x48/0x170 do_wait_for_common+0x108/0x1b0 wait_for_completion+0x44/0x60 __flush_work+0x39c/0x424 __cancel_work_sync+0xd8/0x208 cancel_delayed_work_sync+0x14/0x28 __ufshcd_wl_suspend+0x19c/0x480 ufshcd_wl_runtime_suspend+0x3c/0x1d4 scsi_runtime_suspend+0x78/0xc8 __rpm_callback+0x94/0x3e0 rpm_suspend+0x2d4/0x65c __pm_runtime_suspend+0x80/0x114 scsi_runtime_idle+0x38/0x6c rpm_idle+0x264/0x338 __pm_runtime_idle+0x80/0x110 ufshcd_rtc_work+0x128/0x1e4 process_one_work+0x26c/0x650 worker_thread+0x260/0x3d8 kthread+0x110/0x134 ret_from_fork+0x10/0x20 Skip updating RTC if RPM state is not RPM_ACTIVE. " } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44954.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44954.json index 1ce46d7e7eb..2dc0278c6c5 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44954.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44954.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44954", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.353", - "lastModified": "2024-09-04T19:15:30.353", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: line6: Fix racy access to midibuf\n\nThere can be concurrent accesses to line6 midibuf from both the URB\ncompletion callback and the rawmidi API access. This could be a cause\nof KMSAN warning triggered by syzkaller below (so put as reported-by\nhere).\n\nThis patch protects the midibuf call of the former code path with a\nspinlock for avoiding the possible races." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: line6: Fix racy access to midibuf Puede haber accesos concurrentes a midibuf de line6 tanto desde la devoluci\u00f3n de llamada de finalizaci\u00f3n de URB como desde el acceso a la API rawmidi. Esto podr\u00eda ser la causa de la advertencia KMSAN activada por syzkaller a continuaci\u00f3n (as\u00ed que se indica aqu\u00ed). Este parche protege la llamada midibuf de la ruta de c\u00f3digo anterior con un spinlock para evitar las posibles ejecuciones." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44955.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44955.json index 5cd21edd32a..d417545728d 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44955.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44955.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44955", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.423", - "lastModified": "2024-09-04T19:15:30.423", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute\n\n[Why]\nWhen unplug one of monitors connected after mst hub, encounter null pointer dereference.\n\nIt's due to dc_sink get released immediately in early_unregister() or detect_ctx(). When\ncommit new state which directly referring to info stored in dc_sink will cause null pointer\ndereference.\n\n[how]\nRemove redundant checking condition. Relevant condition should already be covered by checking\nif dsc_aux is null or not. Also reset dsc_aux to NULL when the connector is disconnected." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: No hacer referencia a dc_sink en is_dsc_need_re_compute [Por qu\u00e9] Cuando se desconecta uno de los monitores conectados despu\u00e9s del concentrador mst, se produce una desreferencia de puntero nulo. Esto se debe a que dc_sink se libera inmediatamente en early_unregister() o detect_ctx(). Cuando se confirma un nuevo estado que hace referencia directa a la informaci\u00f3n almacenada en dc_sink, se producir\u00e1 una desreferencia de puntero nulo. [C\u00f3mo] Eliminar la condici\u00f3n de comprobaci\u00f3n redundante. La condici\u00f3n relevante ya deber\u00eda estar cubierta comprobando si dsc_aux es nulo o no. Tambi\u00e9n se restablece dsc_aux a NULL cuando se desconecta el conector." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json index 8290ef73a02..2d88154fc0f 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44956", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.480", - "lastModified": "2024-09-04T19:15:30.480", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/preempt_fence: enlarge the fence critical section\n\nIt is really easy to introduce subtle deadlocks in\npreempt_fence_work_func() since we operate on single global ordered-wq\nfor signalling our preempt fences behind the scenes, so even though we\nsignal a particular fence, everything in the callback should be in the\nfence critical section, since blocking in the callback will prevent\nother published fences from signalling. If we enlarge the fence critical\nsection to cover the entire callback, then lockdep should be able to\nunderstand this better, and complain if we grab a sensitive lock like\nvm->lock, which is also held when waiting on preempt fences." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe/preempt_fence: agrandar la secci\u00f3n cr\u00edtica de la cerca Es realmente f\u00e1cil introducir bloqueos sutiles en preempt_fence_work_func() ya que operamos en un solo wq ordenado global para se\u00f1alar nuestras cercas de preempci\u00f3n detr\u00e1s de escena, por lo que incluso aunque se\u00f1alemos una cerca en particular, todo en la devoluci\u00f3n de llamada debe estar en la secci\u00f3n cr\u00edtica de la cerca, ya que el bloqueo en la devoluci\u00f3n de llamada evitar\u00e1 que otras cercas publicadas se\u00f1alicen. Si agrandamos la secci\u00f3n cr\u00edtica de la cerca para cubrir toda la devoluci\u00f3n de llamada, entonces lockdep deber\u00eda poder entender esto mejor y quejarse si tomamos un bloqueo sensible como vm->lock, que tambi\u00e9n se mantiene cuando se espera en cercas de preempci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json index b65d66b5f62..3228469869f 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44957", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.523", - "lastModified": "2024-09-04T19:15:30.523", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: privcmd: Switch from mutex to spinlock for irqfds\n\nirqfd_wakeup() gets EPOLLHUP, when it is called by\neventfd_release() by way of wake_up_poll(&ctx->wqh, EPOLLHUP), which\ngets called under spin_lock_irqsave(). We can't use a mutex here as it\nwill lead to a deadlock.\n\nFix it by switching over to a spin lock." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xen: privcmd: Cambiar de mutex a spinlock para irqfds irqfd_wakeup() obtiene EPOLLHUP, cuando es llamado por eventfd_release() por medio de wake_up_poll(&ctx->wqh, EPOLLHUP), que se llama bajo spin_lock_irqsave(). No podemos usar un mutex aqu\u00ed ya que conducir\u00eda a un interbloqueo. Arr\u00e9glelo cambiando a un spinlock." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44958.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44958.json index 24d736a61f6..253655630b8 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44958.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44958.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44958", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.580", - "lastModified": "2024-09-04T19:15:30.580", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/smt: Fix unbalance sched_smt_present dec/inc\n\nI got the following warn report while doing stress test:\n\njump label: negative count!\nWARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0\nCall Trace:\n \n __static_key_slow_dec_cpuslocked+0x16/0x70\n sched_cpu_deactivate+0x26e/0x2a0\n cpuhp_invoke_callback+0x3ad/0x10d0\n cpuhp_thread_fun+0x3f5/0x680\n smpboot_thread_fn+0x56d/0x8d0\n kthread+0x309/0x400\n ret_from_fork+0x41/0x70\n ret_from_fork_asm+0x1b/0x30\n \n\nBecause when cpuset_cpu_inactive() fails in sched_cpu_deactivate(),\nthe cpu offline failed, but sched_smt_present is decremented before\ncalling sched_cpu_deactivate(), it leads to unbalanced dec/inc, so\nfix it by incrementing sched_smt_present in the error path." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sched/smt: Corregir desequilibrio en sched_smt_present dec/inc Recib\u00ed el siguiente informe de advertencia mientras realizaba una prueba de estr\u00e9s: etiqueta de salto: \u00a1recuento negativo! ADVERTENCIA: CPU: 3 PID: 38 en kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0 Seguimiento de llamadas: __static_key_slow_dec_cpuslocked+0x16/0x70 sched_cpu_deactivate+0x26e/0x2a0 cpuhp_invoke_callback+0x3ad/0x10d0 cpuhp_thread_fun+0x3f5/0x680 smpboot_thread_fn+0x56d/0x8d0 kthread+0x309/0x400 ret_from_fork+0x41/0x70 ret_from_fork_asm+0x1b/0x30 Porque cuando cpuset_cpu_inactive() falla en sched_cpu_deactivate(), la CPU fuera de l\u00ednea fall\u00f3, pero sched_smt_present se decrementa antes de llamar a sched_cpu_deactivate(), esto genera un dec/inc desequilibrado, por lo que debe solucionarlo incrementando sched_smt_present en la ruta de error." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44959.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44959.json index 2f7dd2642e1..084a8459e19 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44959.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44959.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44959", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.637", - "lastModified": "2024-09-04T19:15:30.637", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracefs: Use generic inode RCU for synchronizing freeing\n\nWith structure layout randomization enabled for 'struct inode' we need to\navoid overlapping any of the RCU-used / initialized-only-once members,\ne.g. i_lru or i_sb_list to not corrupt related list traversals when making\nuse of the rcu_head.\n\nFor an unlucky structure layout of 'struct inode' we may end up with the\nfollowing splat when running the ftrace selftests:\n\n[<...>] list_del corruption, ffff888103ee2cb0->next (tracefs_inode_cache+0x0/0x4e0 [slab object]) is NULL (prev is tracefs_inode_cache+0x78/0x4e0 [slab object])\n[<...>] ------------[ cut here ]------------\n[<...>] kernel BUG at lib/list_debug.c:54!\n[<...>] invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n[<...>] CPU: 3 PID: 2550 Comm: mount Tainted: G N 6.8.12-grsec+ #122 ed2f536ca62f28b087b90e3cc906a8d25b3ddc65\n[<...>] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\n[<...>] RIP: 0010:[] __list_del_entry_valid_or_report+0x138/0x3e0\n[<...>] Code: 48 b8 99 fb 65 f2 ff ff ff ff e9 03 5c d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff e9 33 5a d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff <0f> 0b 4c 89 e9 48 89 ea 48 89 ee 48 c7 c7 60 8f dd 89 31 c0 e8 2f\n[<...>] RSP: 0018:fffffe80416afaf0 EFLAGS: 00010283\n[<...>] RAX: 0000000000000098 RBX: ffff888103ee2cb0 RCX: 0000000000000000\n[<...>] RDX: ffffffff84655fe8 RSI: ffffffff89dd8b60 RDI: 0000000000000001\n[<...>] RBP: ffff888103ee2cb0 R08: 0000000000000001 R09: fffffbd0082d5f25\n[<...>] R10: fffffe80416af92f R11: 0000000000000001 R12: fdf99c16731d9b6d\n[<...>] R13: 0000000000000000 R14: ffff88819ad4b8b8 R15: 0000000000000000\n[<...>] RBX: tracefs_inode_cache+0x0/0x4e0 [slab object]\n[<...>] RDX: __list_del_entry_valid_or_report+0x108/0x3e0\n[<...>] RSI: __func__.47+0x4340/0x4400\n[<...>] RBP: tracefs_inode_cache+0x0/0x4e0 [slab object]\n[<...>] RSP: process kstack fffffe80416afaf0+0x7af0/0x8000 [mount 2550 2550]\n[<...>] R09: kasan shadow of process kstack fffffe80416af928+0x7928/0x8000 [mount 2550 2550]\n[<...>] R10: process kstack fffffe80416af92f+0x792f/0x8000 [mount 2550 2550]\n[<...>] R14: tracefs_inode_cache+0x78/0x4e0 [slab object]\n[<...>] FS: 00006dcb380c1840(0000) GS:ffff8881e0600000(0000) knlGS:0000000000000000\n[<...>] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[<...>] CR2: 000076ab72b30e84 CR3: 000000000b088004 CR4: 0000000000360ef0 shadow CR4: 0000000000360ef0\n[<...>] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[<...>] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[<...>] ASID: 0003\n[<...>] Stack:\n[<...>] ffffffff818a2315 00000000f5c856ee ffffffff896f1840 ffff888103ee2cb0\n[<...>] ffff88812b6b9750 0000000079d714b6 fffffbfff1e9280b ffffffff8f49405f\n[<...>] 0000000000000001 0000000000000000 ffff888104457280 ffffffff8248b392\n[<...>] Call Trace:\n[<...>] \n[<...>] [] ? lock_release+0x175/0x380 fffffe80416afaf0\n[<...>] [] list_lru_del+0x152/0x740 fffffe80416afb48\n[<...>] [] list_lru_del_obj+0x113/0x280 fffffe80416afb88\n[<...>] [] ? _atomic_dec_and_lock+0x119/0x200 fffffe80416afb90\n[<...>] [] iput_final+0x1c4/0x9a0 fffffe80416afbb8\n[<...>] [] dentry_unlink_inode+0x44b/0xaa0 fffffe80416afbf8\n[<...>] [] __dentry_kill+0x23c/0xf00 fffffe80416afc40\n[<...>] [] ? __this_cpu_preempt_check+0x1f/0xa0 fffffe80416afc48\n[<...>] [] ? shrink_dentry_list+0x1c5/0x760 fffffe80416afc70\n[<...>] [] ? shrink_dentry_list+0x51/0x760 fffffe80416afc78\n[<...>] [] shrink_dentry_list+0x288/0x760 fffffe80416afc80\n[<...>] [] shrink_dcache_sb+0x155/0x420 fffffe80416afcc8\n[<...>] [] ? debug_smp_processor_id+0x23/0xa0 fffffe80416afce0\n[<...>] [] ? do_one_tre\n---truncated---" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tracefs: usar RCU de inodo gen\u00e9rico para sincronizar la liberaci\u00f3n con la aleatorizaci\u00f3n del dise\u00f1o de la estructura habilitada para 'struct inode', debemos evitar superponer cualquiera de los miembros de RCU utilizados o inicializados solo una vez, por ejemplo, i_lru o i_sb_list para no da\u00f1ar los recorridos de listas relacionadas al hacer uso de rcu_head. En caso de una disposici\u00f3n desafortunada de la estructura 'struct inode', podemos terminar con el siguiente resultado al ejecutar las pruebas autom\u00e1ticas de ftrace: [<...>] corrupci\u00f3n de list_del, ffff888103ee2cb0->next (tracefs_inode_cache+0x0/0x4e0 [objeto slab]) es NULL (prev es tracefs_inode_cache+0x78/0x4e0 [objeto slab]) [<...>] ------------[ cortar aqu\u00ed ]------------ [<...>] \u00a1ERROR del kernel en lib/list_debug.c:54! [<...>] c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP KASAN [<...>] CPU: 3 PID: 2550 Comm: mount Contaminado: GN 6.8.12-grsec+ #122 ed2f536ca62f28b087b90e3cc906a8d25b3ddc65 [<...>] Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 [<...>] RIP: 0010:[] __list_del_entry_valid_or_report+0x138/0x3e0 [<...>] C\u00f3digo: 48 b8 99 fb 65 f2 ff ff ff es e9 03 5c d9 fc cc 48 b8 99 fb 65 f2 es ff es ff es ff e9 33 5a d9 fc cc 48 b8 99 fb 65 f2 es ff es ff es ff <0f> 0b 4c 89 e9 48 89 ea 48 89 ee 48 c7 c7 60 8f dd 89 31 c0 e8 2f [<...>] RSP: 0018:fffffe80416afaf0 EFLAGS: 00010283 [<...>] RAX: 000000000000098 RBX: ffff888103ee2cb0 RCX: 0000000000000000 [<...>] RDX: RSI: ffffffff89dd8b60 RDI: 0000000000000001 [<...>] RBP: ffff888103ee2cb0 R08: 0000000000000001 R09: fffffbd0082d5f25 [<...>] R10: fffffe80416af92f R11: 0000000000000001 R12: fdf99c16731d9b6d [<...>] R13: 000000000000000 R14: ffff88819ad4b8b8 R15: 0000000000000000 [<...>] RBX: tracefs_inode_cache+0x0/0x4e0 [objeto de losa] [<...>] RDX: __list_del_entry_valid_or_report+0x108/0x3e0 [<...>] RSI: __func__.47+0x4340/0x4400 [<...>] RBP: tracefs_inode_cache+0x0/0x4e0 [objeto de losa] [<...>] RSP: proceso kstack fffffe80416afaf0+0x7af0/0x8000 [montaje 2550 2550] [<...>] R09: sombra de kasan del proceso kstack fffffe80416af928+0x7928/0x8000 [montaje 2550 2550] [<...>] R10: proceso kstack fffffe80416af92f+0x792f/0x8000 [montaje 2550 2550] [<...>] R14: tracefs_inode_cache+0x78/0x4e0 [objeto de losa] [<...>] FS: 00006dcb380c1840(0000) GS:ffff8881e0600000(0000) knlGS:0000000000000000 [<...>] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [<...>] CR2: 000076ab72b30e84 CR3: 000000000b088004 CR4: 0000000000360ef0 sombra CR4: 0000000000360ef0 [<...>] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 000000000000000 [<...>] DR3: 000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [<...>] ASID: 0003 [<...>] Pila: [<...>] ffffffff818a2315 00000000f5c856ee ffffffff896f1840 ffff888103ee2cb0 [<...>] ffff88812b6b9750 0000000079d714b6 fffffbfff1e9280b ffffffff8f49405f [<...>] 000000000000001 0000000000000000 ffff888104457280 ffffffff8248b392 [<...>] Rastreo de llamadas: [<...>] [<...>] [] ? liberaci\u00f3n_de_bloqueo+0x175/0x380 fffffe80416afaf0 [<...>] [] lista_lru_del+0x152/0x740 fffffe80416afb48 [<...>] [] lista_lru_del_obj+0x113/0x280 fffffe80416afb88 [<...>] [] ? __dentry_kill+0x23c/0xf00 fffffe80416afc40 [<...>] [] ? __esta_comprobaci\u00f3n_previa_de_cpu+0x1f/0xa0 fffffe80416afc48 [<...>] [] ? lista_de_reducci\u00f3n_dentry+0x1c5/0x760 fffffe80416afc70 [<...>] [] ? lista_dentry_shrink+0x51/0x760 fffffe80416afc78 [<...>] [] lista_dentry_shrink+0x288/0x760 fffffe80416afc80 [<...>] [] lista_dentry_shrink+0x155/0x420 fffffe80416afcc8 [<...>] [] ? id_procesador_smp_depuraci\u00f3n+0x23/0xa0 fffffe80416afce0 [<...>] [] ? do_one_tre ---truncado---" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44960.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44960.json index 4a016a51f2d..fbf867e24d0 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44960.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44960.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44960", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.700", - "lastModified": "2024-09-04T19:15:30.700", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: Check for unset descriptor\n\nMake sure the descriptor has been set before looking at maxpacket.\nThis fixes a null pointer panic in this case.\n\nThis may happen if the gadget doesn't properly set up the endpoint\nfor the current speed, or the gadget descriptors are malformed and\nthe descriptor for the speed/endpoint are not found.\n\nNo current gadget driver is known to have this problem, but this\nmay cause a hard-to-find bug during development of new gadgets." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: core: Comprobar si hay un descriptor no configurado Aseg\u00farese de que el descriptor se haya configurado antes de consultar maxpacket. Esto soluciona un error de puntero nulo en este caso. Esto puede suceder si el gadget no configura correctamente el endpoint para la velocidad actual, o si los descriptores del gadget est\u00e1n mal formados y no se encuentra el descriptor para la velocidad/endpoint. No se conoce ning\u00fan controlador de gadget actual que tenga este problema, pero puede causar un error dif\u00edcil de encontrar durante el desarrollo de nuevos gadgets." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44961.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44961.json index 68a4272d7d4..ad57f15b565 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44961.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44961.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44961", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.770", - "lastModified": "2024-09-04T19:15:30.770", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Forward soft recovery errors to userspace\n\nAs we discussed before[1], soft recovery should be\nforwarded to userspace, or we can get into a really\nbad state where apps will keep submitting hanging\ncommand buffers cascading us to a hard reset.\n\n1: https://lore.kernel.org/all/bf23d5ed-9a6b-43e7-84ee-8cbfd0d60f18@froggi.es/\n(cherry picked from commit 434967aadbbbe3ad9103cc29e9a327de20fdba01)" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: reenviar errores de recuperaci\u00f3n suave al espacio de usuario Como discutimos antes [1], la recuperaci\u00f3n suave debe reenviarse al espacio de usuario, o podemos llegar a un estado realmente malo donde las aplicaciones seguir\u00e1n enviando b\u00faferes de comandos colgados que nos llevar\u00e1n a un reinicio completo. 1: https://lore.kernel.org/all/bf23d5ed-9a6b-43e7-84ee-8cbfd0d60f18@froggi.es/ (seleccionado de el commit 434967aadbbbe3ad9103cc29e9a327de20fdba01)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44962.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44962.json index 59fd3aed26d..dd0bfcf8f83 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44962.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44962.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44962", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.827", - "lastModified": "2024-09-04T19:15:30.827", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading\n\nWhen unload the btnxpuart driver, its associated timer will be deleted.\nIf the timer happens to be modified at this moment, it leads to the\nkernel call this timer even after the driver unloaded, resulting in\nkernel panic.\nUse timer_shutdown_sync() instead of del_timer_sync() to prevent rearming.\n\npanic log:\n Internal error: Oops: 0000000086000007 [#1] PREEMPT SMP\n Modules linked in: algif_hash algif_skcipher af_alg moal(O) mlan(O) crct10dif_ce polyval_ce polyval_generic snd_soc_imx_card snd_soc_fsl_asoc_card snd_soc_imx_audmux mxc_jpeg_encdec v4l2_jpeg snd_soc_wm8962 snd_soc_fsl_micfil snd_soc_fsl_sai flexcan snd_soc_fsl_utils ap130x rpmsg_ctrl imx_pcm_dma can_dev rpmsg_char pwm_fan fuse [last unloaded: btnxpuart]\n CPU: 5 PID: 723 Comm: memtester Tainted: G O 6.6.23-lts-next-06207-g4aef2658ac28 #1\n Hardware name: NXP i.MX95 19X19 board (DT)\n pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0xffff80007a2cf464\n lr : call_timer_fn.isra.0+0x24/0x80\n...\n Call trace:\n 0xffff80007a2cf464\n __run_timers+0x234/0x280\n run_timer_softirq+0x20/0x40\n __do_softirq+0x100/0x26c\n ____do_softirq+0x10/0x1c\n call_on_irq_stack+0x24/0x4c\n do_softirq_own_stack+0x1c/0x2c\n irq_exit_rcu+0xc0/0xdc\n el0_interrupt+0x54/0xd8\n __el0_irq_handler_common+0x18/0x24\n el0t_64_irq_handler+0x10/0x1c\n el0t_64_irq+0x190/0x194\n Code: ???????? ???????? ???????? ???????? (????????)\n ---[ end trace 0000000000000000 ]---\n Kernel panic - not syncing: Oops: Fatal exception in interrupt\n SMP: stopping secondary CPUs\n Kernel Offset: disabled\n CPU features: 0x0,c0000000,40028143,1000721b\n Memory Limit: none\n ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btnxpuart: Apagar el temporizador y evitar el rearme cuando se descarga el controlador. Al descargar el controlador btnxpuart, se eliminar\u00e1 su temporizador asociado. Si el temporizador se modifica en este momento, hace que el kernel llame a este temporizador incluso despu\u00e9s de que se haya descargado el controlador, lo que provoca un p\u00e1nico del kernel. Utilice timer_shutdown_sync() en lugar de del_timer_sync() para evitar el rearme. registro de p\u00e1nico: Error interno: Ups: 0000000086000007 [#1] M\u00f3dulos PREEMPT SMP vinculados en: algif_hash algif_skcipher af_alg moal(O) mlan(O) crct10dif_ce polyval_ce polyval_generic snd_soc_imx_card snd_soc_fsl_asoc_card snd_soc_imx_audmux mxc_jpeg_encdec v4l2_jpeg snd_soc_wm8962 snd_soc_fsl_micfil snd_soc_fsl_sai flexcan snd_soc_fsl_utils ap130x rpmsg_ctrl imx_pcm_dma can_dev rpmsg_char pwm_fan fuse [\u00faltima descarga: [btnxpuart] CPU: 5 PID: 723 Comm: memtester Contaminado: GO 6.6.23-lts-next-06207-g4aef2658ac28 #1 Nombre del hardware: Placa NXP i.MX95 19X19 (DT) pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : 0xffff80007a2cf464 lr : call_timer_fn.isra.0+0x24/0x80 ... Rastreo de llamadas: 0xffff80007a2cf464 __run_timers+0x234/0x280 run_timer_softirq+0x20/0x40 __do_softirq+0x100/0x26c ____do_softirq+0x10/0x1c llamada_a_pila_irq+0x24/0x4c do_softirq_propia_pila+0x1c/0x2c irq_exit_rcu+0xc0/0xdc el0_interrupt+0x54/0xd8 __el0_irq_handler_common+0x18/0x24 el0t_64_irq_handler+0x10/0x1c el0t_64_irq+0x190/0x194 C\u00f3digo: ???????? ???????? ???????? ???????? (???????) ---[ fin del seguimiento 0000000000000000 ]--- P\u00e1nico del n\u00facleo: no se sincroniza: Vaya: Excepci\u00f3n fatal en la interrupci\u00f3n SMP: deteniendo las CPU secundarias Desplazamiento del n\u00facleo: deshabilitado Funciones de la CPU: 0x0,c0000000,40028143,1000721b L\u00edmite de memoria: ninguno ---[ fin del seguimiento 0 ..." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44963.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44963.json index 06a2c02f8bb..2b8b4ec4d1b 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44963.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44963.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44963", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.883", - "lastModified": "2024-09-04T19:15:30.883", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not BUG_ON() when freeing tree block after error\n\nWhen freeing a tree block, at btrfs_free_tree_block(), if we fail to\ncreate a delayed reference we don't deal with the error and just do a\nBUG_ON(). The error most likely to happen is -ENOMEM, and we have a\ncomment mentioning that only -ENOMEM can happen, but that is not true,\nbecause in case qgroups are enabled any error returned from\nbtrfs_qgroup_trace_extent_post() (can be -EUCLEAN or anything returned\nfrom btrfs_search_slot() for example) can be propagated back to\nbtrfs_free_tree_block().\n\nSo stop doing a BUG_ON() and return the error to the callers and make\nthem abort the transaction to prevent leaking space. Syzbot was\ntriggering this, likely due to memory allocation failure injection." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: no hacer BUG_ON() al liberar un bloque de \u00e1rbol despu\u00e9s de un error Al liberar un bloque de \u00e1rbol, en btrfs_free_tree_block(), si no podemos crear una referencia retrasada, no nos ocupamos del error y simplemente hacemos un BUG_ON(). El error m\u00e1s probable que ocurra es -ENOMEM, y tenemos un comentario que menciona que solo puede ocurrir -ENOMEM, pero eso no es cierto, porque en caso de que los qgroups est\u00e9n habilitados, cualquier error devuelto por btrfs_qgroup_trace_extent_post() (puede ser -EUCLEAN o cualquier cosa devuelta por btrfs_search_slot(), por ejemplo) se puede propagar de vuelta a btrfs_free_tree_block(). As\u00ed que deja de hacer un BUG_ON() y devuelve el error a los llamadores y haz que aborten la transacci\u00f3n para evitar fugas de espacio. Syzbot estaba activando esto, probablemente debido a la inyecci\u00f3n de fallo de asignaci\u00f3n de memoria." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json index 75e9dbe8724..ba070c70c75 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44964", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.940", - "lastModified": "2024-09-04T19:15:30.940", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix memory leaks and crashes while performing a soft reset\n\nThe second tagged commit introduced a UAF, as it removed restoring\nq_vector->vport pointers after reinitializating the structures.\nThis is due to that all queue allocation functions are performed here\nwith the new temporary vport structure and those functions rewrite\nthe backpointers to the vport. Then, this new struct is freed and\nthe pointers start leading to nowhere.\n\nBut generally speaking, the current logic is very fragile. It claims\nto be more reliable when the system is low on memory, but in fact, it\nconsumes two times more memory as at the moment of running this\nfunction, there are two vports allocated with their queues and vectors.\nMoreover, it claims to prevent the driver from running into \"bad state\",\nbut in fact, any error during the rebuild leaves the old vport in the\npartially allocated state.\nFinally, if the interface is down when the function is called, it always\nallocates a new queue set, but when the user decides to enable the\ninterface later on, vport_open() allocates them once again, IOW there's\na clear memory leak here.\n\nJust don't allocate a new queue set when performing a reset, that solves\ncrashes and memory leaks. Readd the old queue number and reopen the\ninterface on rollback - that solves limbo states when the device is left\ndisabled and/or without HW queues enabled." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: idpf: corrige fugas de memoria y fallos al realizar un reinicio suave El segundo commit etiquetado introdujo un UAF, ya que elimin\u00f3 la restauraci\u00f3n de punteros q_vector->vport despu\u00e9s de reinicializar las estructuras. Esto se debe a que todas las funciones de asignaci\u00f3n de colas se realizan aqu\u00ed con la nueva estructura vport temporal y esas funciones reescriben los punteros hacia atr\u00e1s al vport. Luego, esta nueva estructura se libera y los punteros comienzan a no llevar a ninguna parte. Pero en t\u00e9rminos generales, la l\u00f3gica actual es muy fr\u00e1gil. Afirma ser m\u00e1s confiable cuando el sistema tiene poca memoria, pero de hecho, consume dos veces m\u00e1s memoria ya que en el momento de ejecutar esta funci\u00f3n, hay dos vports asignados con sus colas y vectores. Adem\u00e1s, afirma evitar que el controlador entre en \"mal estado\", pero de hecho, cualquier error durante la reconstrucci\u00f3n deja el antiguo vport en el estado parcialmente asignado. Finalmente, si la interfaz est\u00e1 inactiva cuando se llama a la funci\u00f3n, siempre asigna un nuevo conjunto de colas, pero cuando el usuario decide habilitar la interfaz m\u00e1s adelante, vport_open() las asigna una vez m\u00e1s, es decir, hay una clara p\u00e9rdida de memoria aqu\u00ed. Simplemente no asigne un nuevo conjunto de colas cuando realice un reinicio, eso resuelve fallas y p\u00e9rdidas de memoria. Vuelva a agregar el n\u00famero de cola anterior y vuelva a abrir la interfaz en la reversi\u00f3n: eso resuelve los estados de limbo cuando el dispositivo se deja deshabilitado y/o sin colas de HW habilitadas." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44965.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44965.json index b386c640dd1..93ddccaafe3 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44965.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44965.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44965", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.990", - "lastModified": "2024-09-04T19:15:30.990", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Fix pti_clone_pgtable() alignment assumption\n\nGuenter reported dodgy crashes on an i386-nosmp build using GCC-11\nthat had the form of endless traps until entry stack exhaust and then\n#DF from the stack guard.\n\nIt turned out that pti_clone_pgtable() had alignment assumptions on\nthe start address, notably it hard assumes start is PMD aligned. This\nis true on x86_64, but very much not true on i386.\n\nThese assumptions can cause the end condition to malfunction, leading\nto a 'short' clone. Guess what happens when the user mapping has a\nshort copy of the entry text?\n\nUse the correct increment form for addr to avoid alignment\nassumptions." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/mm: Corregir la suposici\u00f3n de alineaci\u00f3n de pti_clone_pgtable() Guenter inform\u00f3 de fallos sospechosos en una compilaci\u00f3n de i386-nosmp que utilizaba GCC-11 que ten\u00edan la forma de trampas infinitas hasta el agotamiento de la pila de entrada y luego #DF desde la protecci\u00f3n de la pila. Result\u00f3 que pti_clone_pgtable() ten\u00eda suposiciones de alineaci\u00f3n en la direcci\u00f3n de inicio, en particular, supone con fuerza que el inicio est\u00e1 alineado con PMD. Esto es cierto en x86_64, pero no es cierto en absoluto en i386. Estas suposiciones pueden provocar que la condici\u00f3n final funcione mal, lo que lleva a un clon \"corto\". \u00bfAdivina qu\u00e9 ocurre cuando la asignaci\u00f3n de usuario tiene una copia corta del texto de entrada? Utiliza la forma de incremento correcta para addr para evitar suposiciones de alineaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44966.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44966.json index 4bb0e6c0171..43b89a67e7d 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44966.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44966.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44966", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.060", - "lastModified": "2024-09-04T19:15:31.060", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_flat: Fix corruption when not offsetting data start\n\nCommit 04d82a6d0881 (\"binfmt_flat: allow not offsetting data start\")\nintroduced a RISC-V specific variant of the FLAT format which does\nnot allocate any space for the (obsolete) array of shared library\npointers. However, it did not disable the code which initializes the\narray, resulting in the corruption of sizeof(long) bytes before the DATA\nsegment, generally the end of the TEXT segment.\n\nIntroduce MAX_SHARED_LIBS_UPDATE which depends on the state of\nCONFIG_BINFMT_FLAT_NO_DATA_START_OFFSET to guard the initialization of\nthe shared library pointer region so that it will only be initialized\nif space is reserved for it." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: binfmt_flat: Se corrige la corrupci\u00f3n cuando no se compensa el inicio de los datos. El commit 04d82a6d0881 (\"binfmt_flat: permitir no compensar el inicio de los datos\") introdujo una variante espec\u00edfica de RISC-V del formato FLAT que no asigna ning\u00fan espacio para la matriz (obsoleta) de punteros de librer\u00eda compartida. Sin embargo, no deshabilit\u00f3 el c\u00f3digo que inicializa la matriz, lo que result\u00f3 en la corrupci\u00f3n de sizeof(long) bytes antes del segmento DATA, generalmente el final del segmento TEXT. Introduzca MAX_SHARED_LIBS_UPDATE que depende del estado de CONFIG_BINFMT_FLAT_NO_DATA_START_OFFSET para proteger la inicializaci\u00f3n de la regi\u00f3n del puntero de la librer\u00eda compartida de modo que solo se inicialice si se reserva espacio para ella." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44967.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44967.json index 8ae0fdeaa0c..c87e7e15a77 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44967.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44967.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44967", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.117", - "lastModified": "2024-09-04T19:15:31.117", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mgag200: Bind I2C lifetime to DRM device\n\nManaged cleanup with devm_add_action_or_reset() will release the I2C\nadapter when the underlying Linux device goes away. But the connector\nstill refers to it, so this cleanup leaves behind a stale pointer\nin struct drm_connector.ddc.\n\nBind the lifetime of the I2C adapter to the connector's lifetime by\nusing DRM's managed release. When the DRM device goes away (after\nthe Linux device) DRM will first clean up the connector and then\nclean up the I2C adapter." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/mgag200: vincular la vida \u00fatil de I2C al dispositivo DRM La limpieza administrada con devm_add_action_or_reset() liberar\u00e1 el adaptador I2C cuando el dispositivo Linux subyacente desaparezca. Pero el conector a\u00fan hace referencia a \u00e9l, por lo que esta limpieza deja un puntero obsoleto en struct drm_connector.ddc. Vincule la vida \u00fatil del adaptador I2C a la vida \u00fatil del conector mediante la liberaci\u00f3n administrada de DRM. Cuando el dispositivo DRM desaparezca (despu\u00e9s del dispositivo Linux), DRM primero limpiar\u00e1 el conector y luego limpiar\u00e1 el adaptador I2C." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44968.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44968.json index e69e339be4b..f063d8af203 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44968.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44968.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44968", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.173", - "lastModified": "2024-09-04T19:15:31.173", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntick/broadcast: Move per CPU pointer access into the atomic section\n\nThe recent fix for making the take over of the broadcast timer more\nreliable retrieves a per CPU pointer in preemptible context.\n\nThis went unnoticed as compilers hoist the access into the non-preemptible\nregion where the pointer is actually used. But of course it's valid that\nthe compiler keeps it at the place where the code puts it which rightfully\ntriggers:\n\n BUG: using smp_processor_id() in preemptible [00000000] code:\n caller is hotplug_cpu__broadcast_tick_pull+0x1c/0xc0\n\nMove it to the actual usage site which is in a non-preemptible region." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tick/broadcast: mover el acceso al puntero por CPU a la secci\u00f3n at\u00f3mica La soluci\u00f3n reciente para hacer que la toma de control del temporizador de difusi\u00f3n sea m\u00e1s fiable recupera un puntero por CPU en un contexto preemptible. Esto pas\u00f3 desapercibido ya que los compiladores elevan el acceso a la regi\u00f3n no preemptible donde realmente se usa el puntero. Pero, por supuesto, es v\u00e1lido que el compilador lo mantenga en el lugar donde lo pone el c\u00f3digo, lo que activa correctamente: ERROR: usar smp_processor_id() en c\u00f3digo preemptible [00000000]: el llamador es hotplug_cpu__broadcast_tick_pull+0x1c/0xc0 Mu\u00e9valo al sitio de uso real que est\u00e1 en una regi\u00f3n no preemptible." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44969.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44969.json index ea7dc8ab7c0..d85be6add87 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44969.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44969.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44969", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.240", - "lastModified": "2024-09-04T19:15:31.240", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Prevent release of buffer in I/O\n\nWhen a task waiting for completion of a Store Data operation is\ninterrupted, an attempt is made to halt this operation. If this attempt\nfails due to a hardware or firmware problem, there is a chance that the\nSCLP facility might store data into buffers referenced by the original\noperation at a later time.\n\nHandle this situation by not releasing the referenced data buffers if\nthe halt attempt fails. For current use cases, this might result in a\nleak of few pages of memory in case of a rare hardware/firmware\nmalfunction." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/sclp: Impedir la liberaci\u00f3n de b\u00fafer en E/S Cuando se interrumpe una tarea que espera la finalizaci\u00f3n de una operaci\u00f3n de almacenamiento de datos, se intenta detener esta operaci\u00f3n. Si este intento falla debido a un problema de hardware o firmware, existe la posibilidad de que la funci\u00f3n SCLP almacene datos en b\u00faferes a los que hace referencia la operaci\u00f3n original en un momento posterior. Maneje esta situaci\u00f3n al no liberar los b\u00faferes de datos a los que hace referencia si el intento de detenci\u00f3n falla. Para los casos de uso actuales, esto podr\u00eda resultar en una p\u00e9rdida de algunas p\u00e1ginas de memoria en caso de un mal funcionamiento poco com\u00fan del hardware o firmware." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44970.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44970.json index 3a793662b7d..4bf868ccc69 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44970.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44970.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44970", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.307", - "lastModified": "2024-09-04T19:15:31.307", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: SHAMPO, Fix invalid WQ linked list unlink\n\nWhen all the strides in a WQE have been consumed, the WQE is unlinked\nfrom the WQ linked list (mlx5_wq_ll_pop()). For SHAMPO, it is possible\nto receive CQEs with 0 consumed strides for the same WQE even after the\nWQE is fully consumed and unlinked. This triggers an additional unlink\nfor the same wqe which corrupts the linked list.\n\nFix this scenario by accepting 0 sized consumed strides without\nunlinking the WQE again." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5e: SHAMPO, soluciona la desvinculaci\u00f3n de la lista enlazada de WQ no v\u00e1lida Cuando se han consumido todos los pasos en un WQE, el WQE se desvincula de la lista enlazada de WQ (mlx5_wq_ll_pop()). Para SHAMPO, es posible recibir CQE con 0 pasos consumidos para el mismo WQE incluso despu\u00e9s de que el WQE se haya consumido por completo y se haya desvinculado. Esto desencadena una desvinculaci\u00f3n adicional para el mismo wqe que corrompe la lista enlazada. Solucione este escenario aceptando pasos consumidos de tama\u00f1o 0 sin desvincular el WQE nuevamente." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44971.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44971.json index 09076cb4cd5..8e619087a74 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44971.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44971.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44971", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.367", - "lastModified": "2024-09-04T19:15:31.367", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register()\n\nbcm_sf2_mdio_register() calls of_phy_find_device() and then\nphy_device_remove() in a loop to remove existing PHY devices.\nof_phy_find_device() eventually calls bus_find_device(), which calls\nget_device() on the returned struct device * to increment the refcount.\nThe current implementation does not decrement the refcount, which causes\nmemory leak.\n\nThis commit adds the missing phy_device_free() call to decrement the\nrefcount via put_device() to balance the refcount." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: bcm_sf2: Se corrige una posible p\u00e9rdida de memoria en bcm_sf2_mdio_register() bcm_sf2_mdio_register() llama a of_phy_find_device() y luego a phy_device_remove() en un bucle para eliminar los dispositivos PHY existentes. of_phy_find_device() finalmente llama a bus_find_device(), que llama a get_device() en el struct device * devuelto para incrementar el refcount. La implementaci\u00f3n actual no disminuye el refcount, lo que causa una p\u00e9rdida de memoria. Esta confirmaci\u00f3n agrega la llamada phy_device_free() faltante para disminuir el refcount a trav\u00e9s de put_device() para equilibrar el refcount." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44972.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44972.json index 472ef1b0c88..7cd1be2ed5b 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44972.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44972.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44972", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.430", - "lastModified": "2024-09-04T19:15:31.430", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not clear page dirty inside extent_write_locked_range()\n\n[BUG]\nFor subpage + zoned case, the following workload can lead to rsv data\nleak at unmount time:\n\n # mkfs.btrfs -f -s 4k $dev\n # mount $dev $mnt\n # fsstress -w -n 8 -d $mnt -s 1709539240\n 0/0: fiemap - no filename\n 0/1: copyrange read - no filename\n 0/2: write - no filename\n 0/3: rename - no source filename\n 0/4: creat f0 x:0 0 0\n 0/4: creat add id=0,parent=-1\n 0/5: writev f0[259 1 0 0 0 0] [778052,113,965] 0\n 0/6: ioctl(FIEMAP) f0[259 1 0 0 224 887097] [1294220,2291618343991484791,0x10000] -1\n 0/7: dwrite - xfsctl(XFS_IOC_DIOINFO) f0[259 1 0 0 224 887097] return 25, fallback to stat()\n 0/7: dwrite f0[259 1 0 0 224 887097] [696320,102400] 0\n # umount $mnt\n\nThe dmesg includes the following rsv leak detection warning (all call\ntrace skipped):\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 4528 at fs/btrfs/inode.c:8653 btrfs_destroy_inode+0x1e0/0x200 [btrfs]\n ---[ end trace 0000000000000000 ]---\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 4528 at fs/btrfs/inode.c:8654 btrfs_destroy_inode+0x1a8/0x200 [btrfs]\n ---[ end trace 0000000000000000 ]---\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 4528 at fs/btrfs/inode.c:8660 btrfs_destroy_inode+0x1a0/0x200 [btrfs]\n ---[ end trace 0000000000000000 ]---\n BTRFS info (device sda): last unmount of filesystem 1b4abba9-de34-4f07-9e7f-157cf12a18d6\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 4528 at fs/btrfs/block-group.c:4434 btrfs_free_block_groups+0x338/0x500 [btrfs]\n ---[ end trace 0000000000000000 ]---\n BTRFS info (device sda): space_info DATA has 268218368 free, is not full\n BTRFS info (device sda): space_info total=268435456, used=204800, pinned=0, reserved=0, may_use=12288, readonly=0 zone_unusable=0\n BTRFS info (device sda): global_block_rsv: size 0 reserved 0\n BTRFS info (device sda): trans_block_rsv: size 0 reserved 0\n BTRFS info (device sda): chunk_block_rsv: size 0 reserved 0\n BTRFS info (device sda): delayed_block_rsv: size 0 reserved 0\n BTRFS info (device sda): delayed_refs_rsv: size 0 reserved 0\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 4528 at fs/btrfs/block-group.c:4434 btrfs_free_block_groups+0x338/0x500 [btrfs]\n ---[ end trace 0000000000000000 ]---\n BTRFS info (device sda): space_info METADATA has 267796480 free, is not full\n BTRFS info (device sda): space_info total=268435456, used=131072, pinned=0, reserved=0, may_use=262144, readonly=0 zone_unusable=245760\n BTRFS info (device sda): global_block_rsv: size 0 reserved 0\n BTRFS info (device sda): trans_block_rsv: size 0 reserved 0\n BTRFS info (device sda): chunk_block_rsv: size 0 reserved 0\n BTRFS info (device sda): delayed_block_rsv: size 0 reserved 0\n BTRFS info (device sda): delayed_refs_rsv: size 0 reserved 0\n\nAbove $dev is a tcmu-runner emulated zoned HDD, which has a max zone\nappend size of 64K, and the system has 64K page size.\n\n[CAUSE]\nI have added several trace_printk() to show the events (header skipped):\n\n > btrfs_dirty_pages: r/i=5/259 dirty start=774144 len=114688\n > btrfs_dirty_pages: r/i=5/259 dirty part of page=720896 off_in_page=53248 len_in_page=12288\n > btrfs_dirty_pages: r/i=5/259 dirty part of page=786432 off_in_page=0 len_in_page=65536\n > btrfs_dirty_pages: r/i=5/259 dirty part of page=851968 off_in_page=0 len_in_page=36864\n\nThe above lines show our buffered write has dirtied 3 pages of inode\n259 of root 5:\n\n 704K 768K 832K 896K\n I |////I/////////////////I///////////| I\n 756K 868K\n\n |///| is the dirtied range using subpage bitmaps. and 'I' is the page\n boundary.\n\n Meanwhile all three pages (704K, 768K, 832K) have their PageDirty\n flag set.\n\n > btrfs_direct_write: r/i=5/259 start dio filepos=696320 len=102400\n\nThen direct IO writ\n---truncated---" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: no borrar la p\u00e1gina sucia dentro de extended_write_locked_range() [ERROR] Para el caso de subp\u00e1gina + zonificaci\u00f3n, la siguiente carga de trabajo puede provocar una fuga de datos de rsv en el momento del desmontaje: # mkfs.btrfs -f -s 4k $dev # mount $dev $mnt # fsstress -w -n 8 -d $mnt -s 1709539240 0/0: fiemap - sin nombre de archivo 0/1: copyrange read - sin nombre de archivo 0/2: write - sin nombre de archivo 0/3: rename - sin nombre de archivo de origen 0/4: creat f0 x:0 0 0 0/4: creat add id=0,parent=-1 0/5: writev f0[259 1 0 0 0 0] [778052,113,965] 0 0/6: ioctl(FIEMAP) f0[259 1 0 0 224 887097] [1294220,2291618343991484791,0x10000] -1 0/7: dwrite - xfsctl(XFS_IOC_DIOINFO) f0[259 1 0 0 224 887097] return 25, fallback to stat() 0/7: dwrite f0[259 1 0 0 224 887097] [696320,102400] 0 # umount $mnt El dmesg incluye la siguiente advertencia de detecci\u00f3n de fugas de rsv (se omite todo el seguimiento de llamadas): ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 2 PID: 4528 en fs/btrfs/inode.c:8653 btrfs_destroy_inode+0x1e0/0x200 [btrfs] ---[ fin del seguimiento 000000000000000 ]--- ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 2 PID: 4528 en fs/btrfs/inode.c:8654 btrfs_destroy_inode+0x1a8/0x200 [btrfs] ---[ fin del seguimiento 000000000000000 ]--- ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 2 PID: 4528 en fs/btrfs/inode.c:8660 btrfs_destroy_inode+0x1a0/0x200 [btrfs] ---[ fin del seguimiento 000000000000000 ]--- Informaci\u00f3n de BTRFS (dispositivo sda): \u00faltimo desmontaje del sistema de archivos 1b4abba9-de34-4f07-9e7f-157cf12a18d6 ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 3 PID: 4528 en fs/btrfs/block-group.c:4434 btrfs_free_block_groups+0x338/0x500 [btrfs] ---[ fin del seguimiento 000000000000000 ]--- Informaci\u00f3n de BTRFS (dispositivo sda): space_info DATA tiene 268218368 libres, no est\u00e1 lleno Informaci\u00f3n de BTRFS (dispositivo sda): space_info total=268435456, used=204800, pinned=0, reserved=0, may_use=12288, readonly=0 zone_unusable=0 BTRFS informaci\u00f3n (dispositivo sda): global_block_rsv: tama\u00f1o 0 reservado 0 informaci\u00f3n BTRFS (dispositivo sda): trans_block_rsv: tama\u00f1o 0 reservado 0 informaci\u00f3n BTRFS (dispositivo sda): chunk_block_rsv: tama\u00f1o 0 reservado 0 informaci\u00f3n BTRFS (dispositivo sda): delayed_block_rsv: tama\u00f1o 0 reservado 0 informaci\u00f3n BTRFS (dispositivo sda): delayed_refs_rsv: tama\u00f1o 0 reservado 0 ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 3 PID: 4528 en fs/btrfs/block-group.c:4434 btrfs_free_block_groups+0x338/0x500 [btrfs] ---[ fin de seguimiento 000000000000000 ]--- informaci\u00f3n BTRFS (dispositivo sda): space_info METADATA tiene 267796480 libres, es Informaci\u00f3n BTRFS no completa (dispositivo sda): space_info total=268435456, used=131072, pinned=0, reserved=0, may_use=262144, readonly=0 zone_unusable=245760 Informaci\u00f3n BTRFS (dispositivo sda): global_block_rsv: tama\u00f1o 0 reservado 0 Informaci\u00f3n BTRFS (dispositivo sda): trans_block_rsv: tama\u00f1o 0 reservado 0 Informaci\u00f3n BTRFS (dispositivo sda): chunk_block_rsv: tama\u00f1o 0 reservado 0 Informaci\u00f3n BTRFS (dispositivo sda): delayed_block_rsv: tama\u00f1o 0 reservado 0 Informaci\u00f3n BTRFS (dispositivo sda): delayed_refs_rsv: tama\u00f1o 0 reservado 0 Arriba $dev es un HDD zonificado emulado tcmu-runner, que tiene un tama\u00f1o m\u00e1ximo de anexi\u00f3n de zona de 64K, y el sistema tiene un tama\u00f1o de p\u00e1gina de 64K. [CAUSA] He a\u00f1adido varios trace_printk() para mostrar los eventos (encabezado omitido): > btrfs_dirty_pages: r/i=5/259 dirty start=774144 len=114688 > btrfs_dirty_pages: r/i=5/259 dirty part of page=720896 off_in_page=53248 len_in_page=12288 > btrfs_dirty_pages: r/i=5/259 dirty part of page=786432 off_in_page=0 len_in_page=65536 > btrfs_dirty_pages: r/i=5/259 dirty part of page=851968 off_in_page=0 len_in_page=36864 Las l\u00edneas anteriores muestran que nuestra escritura en b\u00fafer ha ensuciado 3 p\u00e1ginas de inodo 259 de la ra\u00edz 5: 704K 768K 832K 896K --- truncado ----" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44973.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44973.json index 7148441170e..965bb49b7dd 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44973.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44973.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44973", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:31.487", - "lastModified": "2024-09-04T19:15:31.487", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: do not call do_slab_free for kfence object\n\nIn 782f8906f805 the freeing of kfence objects was moved from deep\ninside do_slab_free to the wrapper functions outside. This is a nice\nchange, but unfortunately it missed one spot in __kmem_cache_free_bulk.\n\nThis results in a crash like this:\n\nBUG skbuff_head_cache (Tainted: G S B E ): Padding overwritten. 0xffff88907fea0f00-0xffff88907fea0fff @offset=3840\n\nslab_err (mm/slub.c:1129)\nfree_to_partial_list (mm/slub.c:? mm/slub.c:4036)\nslab_pad_check (mm/slub.c:864 mm/slub.c:1290)\ncheck_slab (mm/slub.c:?)\nfree_to_partial_list (mm/slub.c:3171 mm/slub.c:4036)\nkmem_cache_alloc_bulk (mm/slub.c:? mm/slub.c:4495 mm/slub.c:4586 mm/slub.c:4635)\nnapi_build_skb (net/core/skbuff.c:348 net/core/skbuff.c:527 net/core/skbuff.c:549)\n\nAll the other callers to do_slab_free appear to be ok.\n\nAdd a kfence_free check in __kmem_cache_free_bulk to avoid the crash." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm, slub: no llamar a do_slab_free para el objeto kfence En 782f8906f805, la liberaci\u00f3n de objetos kfence se traslad\u00f3 desde lo profundo de do_slab_free a las funciones envolventes externas. Este es un cambio agradable, pero desafortunadamente omiti\u00f3 un punto en __kmem_cache_free_bulk. Esto da como resultado un fallo como este: ERROR skbuff_head_cache (Tainted: GSBE ): Relleno sobrescrito. 0xffff88907fea0f00-0xffff88907fea0fff @offset=3840 error_losa (mm/slub.c:1129) lista_libre_a_parcial (mm/slub.c:? mm/slub.c:4036) comprobaci\u00f3n_almohadilla_losa (mm/slub.c:864 mm/slub.c:1290) comprobaci\u00f3n_losa (mm/slub.c:?) lista_libre_a_parcial (mm/slub.c:3171 mm/slub.c:4036) kmem_cache_alloc_bulk (mm/slub.c:? mm/slub.c:4495 mm/slub.c:4586 mm/slub.c:4635) napi_build_skb (net/core/skbuff.c:348 net/core/skbuff.c:527 net/core/skbuff.c:549) Todos los dem\u00e1s llamadores de do_slab_free parecen estar bien. Agregue una comprobaci\u00f3n de kfence_free en __kmem_cache_free_bulk para evitar el bloqueo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44974.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44974.json index e60f89fb041..4592054158d 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44974.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44974.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44974", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.100", - "lastModified": "2024-09-04T20:15:07.100", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: avoid possible UaF when selecting endp\n\nselect_local_address() and select_signal_address() both select an\nendpoint entry from the list inside an RCU protected section, but return\na reference to it, to be read later on. If the entry is dereferenced\nafter the RCU unlock, reading info could cause a Use-after-Free.\n\nA simple solution is to copy the required info while inside the RCU\nprotected section to avoid any risk of UaF later. The address ID might\nneed to be modified later to handle the ID0 case later, so a copy seems\nOK to deal with." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: pm: evitar posible UaF al seleccionar endp select_local_address() y select_signal_address() seleccionan una entrada de endpoint de la lista dentro de una secci\u00f3n protegida de RCU, pero devuelven una referencia a ella, para leerla m\u00e1s tarde. Si se desreferencia la entrada despu\u00e9s del desbloqueo de RCU, leer informaci\u00f3n podr\u00eda causar un Use-after-Free. Una soluci\u00f3n simple es copiar la informaci\u00f3n requerida mientras se est\u00e1 dentro de la secci\u00f3n protegida de RCU para evitar cualquier riesgo de UaF m\u00e1s adelante. Es posible que el ID de la direcci\u00f3n deba modificarse m\u00e1s tarde para manejar el caso ID0 m\u00e1s tarde, por lo que una copia parece ser una buena opci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44975.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44975.json index 857f4ef9fe8..3854c2c4e8d 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44975.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44975.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44975", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.160", - "lastModified": "2024-09-04T20:15:07.160", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup/cpuset: fix panic caused by partcmd_update\n\nWe find a bug as below:\nBUG: unable to handle page fault for address: 00000003\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 358 Comm: bash Tainted: G W I 6.6.0-10893-g60d6\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/4\nRIP: 0010:partition_sched_domains_locked+0x483/0x600\nCode: 01 48 85 d2 74 0d 48 83 05 29 3f f8 03 01 f3 48 0f bc c2 89 c0 48 9\nRSP: 0018:ffffc90000fdbc58 EFLAGS: 00000202\nRAX: 0000000100000003 RBX: ffff888100b3dfa0 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000002fe80\nRBP: ffff888100b3dfb0 R08: 0000000000000001 R09: 0000000000000000\nR10: ffffc90000fdbcb0 R11: 0000000000000004 R12: 0000000000000002\nR13: ffff888100a92b48 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f44a5425740(0000) GS:ffff888237d80000(0000) knlGS:0000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000100030973 CR3: 000000010722c000 CR4: 00000000000006e0\nCall Trace:\n \n ? show_regs+0x8c/0xa0\n ? __die_body+0x23/0xa0\n ? __die+0x3a/0x50\n ? page_fault_oops+0x1d2/0x5c0\n ? partition_sched_domains_locked+0x483/0x600\n ? search_module_extables+0x2a/0xb0\n ? search_exception_tables+0x67/0x90\n ? kernelmode_fixup_or_oops+0x144/0x1b0\n ? __bad_area_nosemaphore+0x211/0x360\n ? up_read+0x3b/0x50\n ? bad_area_nosemaphore+0x1a/0x30\n ? exc_page_fault+0x890/0xd90\n ? __lock_acquire.constprop.0+0x24f/0x8d0\n ? __lock_acquire.constprop.0+0x24f/0x8d0\n ? asm_exc_page_fault+0x26/0x30\n ? partition_sched_domains_locked+0x483/0x600\n ? partition_sched_domains_locked+0xf0/0x600\n rebuild_sched_domains_locked+0x806/0xdc0\n update_partition_sd_lb+0x118/0x130\n cpuset_write_resmask+0xffc/0x1420\n cgroup_file_write+0xb2/0x290\n kernfs_fop_write_iter+0x194/0x290\n new_sync_write+0xeb/0x160\n vfs_write+0x16f/0x1d0\n ksys_write+0x81/0x180\n __x64_sys_write+0x21/0x30\n x64_sys_call+0x2f25/0x4630\n do_syscall_64+0x44/0xb0\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\nRIP: 0033:0x7f44a553c887\n\nIt can be reproduced with cammands:\ncd /sys/fs/cgroup/\nmkdir test\ncd test/\necho +cpuset > ../cgroup.subtree_control\necho root > cpuset.cpus.partition\ncat /sys/fs/cgroup/cpuset.cpus.effective\n0-3\necho 0-3 > cpuset.cpus // taking away all cpus from root\n\nThis issue is caused by the incorrect rebuilding of scheduling domains.\nIn this scenario, test/cpuset.cpus.partition should be an invalid root\nand should not trigger the rebuilding of scheduling domains. When calling\nupdate_parent_effective_cpumask with partcmd_update, if newmask is not\nnull, it should recheck newmask whether there are cpus is available\nfor parect/cs that has tasks." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cgroup/cpuset: arregla el p\u00e1nico causado por partcmd_update Encontramos un error como el siguiente: ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: 00000003 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 358 Comm: bash Tainted: GWI 6.6.0-10893-g60d6 Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/4 RIP: 0010:partition_sched_domains_locked+0x483/0x600 C\u00f3digo: 01 48 85 d2 74 0d 48 83 05 29 3f f8 03 01 f3 48 0f bc c2 89 c0 48 9 RSP: 0018:ffffc90000fdbc58 EFLAGS: 00000202 RAX: 0000000100000003 RBX: ffff888100b3dfa0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000002fe80 RBP: ffff888100b3dfb0 R08: 0000000000000001 R09: 0000000000000000 R10: ffffc90000fdbcb0 R11: 0000000000000004 R12: 0000000000000002 R13: ffff888100a92b48 R14: 0000000000000000 R15: 0000000000000000 FS: 00007f44a5425740(0000) GS:ffff888237d80000(0000) knlGS:0000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000100030973 CR3: 000000010722c000 CR4: 00000000000006e0 Seguimiento de llamadas: ? show_regs+0x8c/0xa0 ? __die_body+0x23/0xa0 ? __die+0x3a/0x50 ? page_fault_oops+0x1d2/0x5c0 ? particion_sched_domains_locked+0x483/0x600 ? search_module_extables+0x2a/0xb0 ? search_exception_tables+0x67/0x90 ? kernelmode_fixup_or_oops+0x144/0x1b0 ? __bad_area_nosemaphore+0x211/0x360 ? up_read+0x3b/0x50 ? sem\u00e1foro de nariz de \u00e1rea defectuosa+0x1a/0x30 ? exc_page_fault+0x890/0xd90 ? __lock_acquire.constprop.0+0x24f/0x8d0 ? __lock_acquire.constprop.0+0x24f/0x8d0 ? asm_exc_page_fault+0x26/0x30 ? dominios programados de partici\u00f3n bloqueados+0x483/0x600 ? partici\u00f3n_sched_dominios_bloqueados+0xf0/0x600 reconstruir_sched_dominios_bloqueados+0x806/0xdc0 actualizar_partici\u00f3n_sd_lb+0x118/0x130 resmask_escritura_cpuset+0xffc/0x1420 escritura_archivo_cgroup+0xb2/0x290 iterador_escritura_fop_kernfs+0x194/0x290 nueva_escritura_sincronizada+0xeb/0x160 escritura_vfs+0x16f/0x1d0 escritura_ksys+0x81/0x180 escritura_sys___x64+0x21/0x30 llamada_sys_x64+0x2f25/0x4630 llamada_sys_64+0x44/0xb0 entry_SYSCALL_64_after_hwframe+0x78/0xe2 RIP: 0033:0x7f44a553c887 Se puede reproducir con los siguientes comandos: cd /sys/fs/cgroup/ mkdir test cd test/ echo +cpuset > ../cgroup.subtree_control echo root > cpuset.cpus.partition cat /sys/fs/cgroup/cpuset.cpus.effective 0-3 echo 0-3 > cpuset.cpus // quitar todas las CPU de la ra\u00edz Este problema se debe a la reconstrucci\u00f3n incorrecta de los dominios de programaci\u00f3n. En este escenario, test/cpuset.cpus.partition deber\u00eda ser una ra\u00edz no v\u00e1lida y no deber\u00eda activar la reconstrucci\u00f3n de los dominios de programaci\u00f3n. Al llamar a update_parent_effective_cpumask con partcmd_update, si newmask no es nulo, debe volver a verificar si newmask tiene CPU disponibles para parect/cs que tiene tareas." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44976.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44976.json index 11e2c118bbf..203ea82443c 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44976.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44976.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44976", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.223", - "lastModified": "2024-09-04T20:15:07.223", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_macio: Fix DMA table overflow\n\nKolbj\u00f8rn and Jon\u00e1\u0161 reported that their 32-bit PowerMacs were crashing\nin pata-macio since commit 09fe2bfa6b83 (\"ata: pata_macio: Fix\nmax_segment_size with PAGE_SIZE == 64K\").\n\nFor example:\n\n kernel BUG at drivers/ata/pata_macio.c:544!\n Oops: Exception in kernel mode, sig: 5 [#1]\n BE PAGE_SIZE=4K MMU=Hash SMP NR_CPUS=2 DEBUG_PAGEALLOC PowerMac\n ...\n NIP pata_macio_qc_prep+0xf4/0x190\n LR pata_macio_qc_prep+0xfc/0x190\n Call Trace:\n 0xc1421660 (unreliable)\n ata_qc_issue+0x14c/0x2d4\n __ata_scsi_queuecmd+0x200/0x53c\n ata_scsi_queuecmd+0x50/0xe0\n scsi_queue_rq+0x788/0xb1c\n __blk_mq_issue_directly+0x58/0xf4\n blk_mq_plug_issue_direct+0x8c/0x1b4\n blk_mq_flush_plug_list.part.0+0x584/0x5e0\n __blk_flush_plug+0xf8/0x194\n __submit_bio+0x1b8/0x2e0\n submit_bio_noacct_nocheck+0x230/0x304\n btrfs_work_helper+0x200/0x338\n process_one_work+0x1a8/0x338\n worker_thread+0x364/0x4c0\n kthread+0x100/0x104\n start_kernel_thread+0x10/0x14\n\nThat commit increased max_segment_size to 64KB, with the justification\nthat the SCSI core was already using that size when PAGE_SIZE == 64KB,\nand that there was existing logic to split over-sized requests.\n\nHowever with a sufficiently large request, the splitting logic causes\neach sg to be split into two commands in the DMA table, leading to\noverflow of the DMA table, triggering the BUG_ON().\n\nWith default settings the bug doesn't trigger, because the request size\nis limited by max_sectors_kb == 1280, however max_sectors_kb can be\nincreased, and apparently some distros do that by default using udev\nrules.\n\nFix the bug for 4KB kernels by reverting to the old max_segment_size.\n\nFor 64KB kernels the sg_tablesize needs to be halved, to allow for the\npossibility that each sg will be split into two." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ata: pata_macio: Fix DMA table overflow Kolbj\u00f8rn y Jon\u00e1\u0161 informaron que sus PowerMacs de 32 bits fallaban en pata-macio desde el commit 09fe2bfa6b83 (\"ata: pata_macio: Fix max_segment_size with PAGE_SIZE == 64K\"). Por ejemplo: \u00a1ERROR del kernel en drivers/ata/pata_macio.c:544! Ups: Excepci\u00f3n en modo kernel, firma: 5 [#1] BE PAGE_SIZE=4K MMU=Hash SMP NR_CPUS=2 DEBUG_PAGEALLOC PowerMac ... NIP pata_macio_qc_prep+0xf4/0x190 LR pata_macio_qc_prep+0xfc/0x190 Rastreo de llamadas: 0xc1421660 (no confiable) ata_qc_issue+0x14c/0x2d4 __ata_scsi_queuecmd+0x200/0x53c ata_scsi_queuecmd+0x50/0xe0 scsi_queue_rq+0x788/0xb1c __blk_mq_issue_directly+0x58/0xf4 blk_mq_plug_issue_direct+0x8c/0x1b4 blk_mq_flush_plug_list.part.0+0x584/0x5e0 __blk_flush_plug+0xf8/0x194 __submit_bio+0x1b8/0x2e0 submission_bio_noacct_nocheck+0x230/0x304 btrfs_work_helper+0x200/0x338 process_one_work+0x1a8/0x338 worker_thread+0x364/0x4c0 kthread+0x100/0x104 start_kernel_thread+0x10/0x14 Esa confirmaci\u00f3n aument\u00f3 max_segment_size a 64 KB, con la justificaci\u00f3n de que el n\u00facleo SCSI ya estaba usando ese tama\u00f1o cuando PAGE_SIZE == 64 KB, y que exist\u00eda una l\u00f3gica para dividir las solicitudes de gran tama\u00f1o. Sin embargo, con una solicitud lo suficientemente grande, la l\u00f3gica de divisi\u00f3n hace que cada sg se divida en dos comandos en la tabla DMA, lo que provoca un desbordamiento de la tabla DMA y activa el BUG_ON(). Con la configuraci\u00f3n predeterminada, el error no se activa, porque el tama\u00f1o de la solicitud est\u00e1 limitado por max_sectors_kb == 1280, sin embargo, max_sectors_kb se puede aumentar y, aparentemente, algunas distribuciones lo hacen de forma predeterminada utilizando reglas de udev. Corrija el error para los n\u00facleos de 4 KB volviendo al antiguo max_segment_size. Para los n\u00facleos de 64 KB, el sg_tablesize debe reducirse a la mitad, para permitir la posibilidad de que cada sg se divida en dos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44977.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44977.json index 8736d8ca797..a353f502555 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44977.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44977.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44977", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.290", - "lastModified": "2024-09-04T20:15:07.290", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Validate TA binary size\n\nAdd TA binary size validation to avoid OOB write.\n\n(cherry picked from commit c0a04e3570d72aaf090962156ad085e37c62e442)" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: Validar el tama\u00f1o binario de TA Agregar validaci\u00f3n del tama\u00f1o binario de TA para evitar escritura OOB. (seleccionado de el commit c0a04e3570d72aaf090962156ad085e37c62e442)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44978.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44978.json index bd46e9c1ecb..d4f6fe10470 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44978.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44978.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44978", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.343", - "lastModified": "2024-09-04T20:15:07.343", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Free job before xe_exec_queue_put\n\nFree job depends on job->vm being valid, the last xe_exec_queue_put can\ndestroy the VM. Prevent UAF by freeing job before xe_exec_queue_put.\n\n(cherry picked from commit 32a42c93b74c8ca6d0915ea3eba21bceff53042f)" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Liberar trabajo antes de xe_exec_queue_put La liberaci\u00f3n de trabajo depende de que job->vm sea v\u00e1lido, el \u00faltimo xe_exec_queue_put puede destruir la m\u00e1quina virtual. Evite UAF liberando trabajo antes de xe_exec_queue_put. (seleccionado de el commit 32a42c93b74c8ca6d0915ea3eba21bceff53042f)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44979.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44979.json index af35d6e71e8..740263062da 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44979.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44979.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44979", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.400", - "lastModified": "2024-09-04T20:15:07.400", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix missing workqueue destroy in xe_gt_pagefault\n\nOn driver reload we never free up the memory for the pagefault and\naccess counter workqueues. Add those destroy calls here.\n\n(cherry picked from commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b)" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Se corrige la falta de destrucci\u00f3n de la cola de trabajo en xe_gt_pagefault. Al recargar el controlador, nunca liberamos la memoria para las colas de trabajo del contador de acceso y de Pagefault. Agregue esas llamadas de destrucci\u00f3n aqu\u00ed. (seleccionadas de el commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44980.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44980.json index c27d674bd39..1b020f5afa2 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44980.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44980.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44980", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.460", - "lastModified": "2024-09-04T20:15:07.460", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix opregion leak\n\nBeing part o the display, ideally the setup and cleanup would be done by\ndisplay itself. However this is a bigger refactor that needs to be done\non both i915 and xe. For now, just fix the leak:\n\nunreferenced object 0xffff8881a0300008 (size 192):\n comm \"modprobe\", pid 4354, jiffies 4295647021\n hex dump (first 32 bytes):\n 00 00 87 27 81 88 ff ff 18 80 9b 00 00 c9 ff ff ...'............\n 18 81 9b 00 00 c9 ff ff 00 00 00 00 00 00 00 00 ................\n backtrace (crc 99260e31):\n [] kmemleak_alloc+0x4b/0x80\n [] kmalloc_trace_noprof+0x312/0x3d0\n [] intel_opregion_setup+0x89/0x700 [xe]\n [] xe_display_init_noirq+0x2f/0x90 [xe]\n [] xe_device_probe+0x7a3/0xbf0 [xe]\n [] xe_pci_probe+0x333/0x5b0 [xe]\n [] local_pci_probe+0x48/0xb0\n [] pci_device_probe+0xc8/0x280\n [] really_probe+0xf8/0x390\n [] __driver_probe_device+0x8a/0x170\n [] driver_probe_device+0x23/0xb0\n [] __driver_attach+0xc7/0x190\n [] bus_for_each_dev+0x7d/0xd0\n [] driver_attach+0x1e/0x30\n [] bus_add_driver+0x117/0x250\n\n(cherry picked from commit 6f4e43a2f771b737d991142ec4f6d4b7ff31fbb4)" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Fix opregion leak Como parte de la pantalla, lo ideal ser\u00eda que la configuraci\u00f3n y la limpieza las hiciera la propia pantalla. Sin embargo, se trata de una refactorizaci\u00f3n m\u00e1s grande que debe realizarse tanto en i915 como en xe. Por ahora, solo arregle la fuga: objeto sin referencia 0xffff8881a0300008 (tama\u00f1o 192): comm \"modprobe\", pid 4354, jiffies 4295647021 volcado hexadecimal (primeros 32 bytes): 00 00 87 27 81 88 ff ff 18 80 9b 00 00 c9 ff ff ...'............ 18 81 9b 00 00 c9 ff ff 00 00 00 00 00 00 00 00 ................ backtrace (crc 99260e31): [] kmemleak_alloc+0x4b/0x80 [] kmalloc_trace_noprof+0x312/0x3d0 [] intel_opregion_setup+0x89/0x700 [xe] [] xe_display_init_noirq+0x2f/0x90 [xe] [] xe_device_probe+0x7a3/0xbf0 [xe] [] xe_pci_probe+0x333/0x5b0 [xe] [] local_pci_probe+0x48/0xb0 [] pci_device_probe+0xc8/0x280 [] really_probe+0xf8/0x390 [] __driver_probe_device+0x8a/0x170 [] driver_probe_device+0x23/0xb0 [] __driver_attach+0xc7/0x190 [] bus_for_each_dev+0x7d/0xd0 [] driver_attach+0x1e/0x30 [] bus_add_driver+0x117/0x250 (seleccionado de el commit) 6f4e43a2f771b737d991142ec4f6d4b7ff31fbb4)" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44981.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44981.json index 11cde77e700..5b5201aee78 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44981.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44981.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44981", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.533", - "lastModified": "2024-09-04T20:15:07.533", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask()\n\nUBSAN reports the following 'subtraction overflow' error when booting\nin a virtual machine on Android:\n\n | Internal error: UBSAN: integer subtraction overflow: 00000000f2005515 [#1] PREEMPT SMP\n | Modules linked in:\n | CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.10.0-00006-g3cbe9e5abd46-dirty #4\n | Hardware name: linux,dummy-virt (DT)\n | pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : cancel_delayed_work+0x34/0x44\n | lr : cancel_delayed_work+0x2c/0x44\n | sp : ffff80008002ba60\n | x29: ffff80008002ba60 x28: 0000000000000000 x27: 0000000000000000\n | x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n | x23: 0000000000000000 x22: 0000000000000000 x21: ffff1f65014cd3c0\n | x20: ffffc0e84c9d0da0 x19: ffffc0e84cab3558 x18: ffff800080009058\n | x17: 00000000247ee1f8 x16: 00000000247ee1f8 x15: 00000000bdcb279d\n | x14: 0000000000000001 x13: 0000000000000075 x12: 00000a0000000000\n | x11: ffff1f6501499018 x10: 00984901651fffff x9 : ffff5e7cc35af000\n | x8 : 0000000000000001 x7 : 3d4d455453595342 x6 : 000000004e514553\n | x5 : ffff1f6501499265 x4 : ffff1f650ff60b10 x3 : 0000000000000620\n | x2 : ffff80008002ba78 x1 : 0000000000000000 x0 : 0000000000000000\n | Call trace:\n | cancel_delayed_work+0x34/0x44\n | deferred_probe_extend_timeout+0x20/0x70\n | driver_register+0xa8/0x110\n | __platform_driver_register+0x28/0x3c\n | syscon_init+0x24/0x38\n | do_one_initcall+0xe4/0x338\n | do_initcall_level+0xac/0x178\n | do_initcalls+0x5c/0xa0\n | do_basic_setup+0x20/0x30\n | kernel_init_freeable+0x8c/0xf8\n | kernel_init+0x28/0x1b4\n | ret_from_fork+0x10/0x20\n | Code: f9000fbf 97fffa2f 39400268 37100048 (d42aa2a0)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: UBSAN: integer subtraction overflow: Fatal exception\n\nThis is due to shift_and_mask() using a signed immediate to construct\nthe mask and being called with a shift of 31 (WORK_OFFQ_POOL_SHIFT) so\nthat it ends up decrementing from INT_MIN.\n\nUse an unsigned constant '1U' to generate the mask in shift_and_mask()." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: workqueue: Se corrige el error de 'desbordamiento de sustracci\u00f3n' de UBSAN en shift_and_mask() UBSAN informa el siguiente error de 'desbordamiento de sustracci\u00f3n' al arrancar en una m\u00e1quina virtual en Android: | Error interno: UBSAN: desbordamiento de sustracci\u00f3n de enteros: 00000000f2005515 [#1] PREEMPT SMP | M\u00f3dulos vinculados en: | CPU: 0 PID: 1 Comm: swapper/0 No contaminado 6.10.0-00006-g3cbe9e5abd46-dirty #4 | Nombre del hardware: linux,dummy-virt (DT) | pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) | pc : cancel_delayed_work+0x34/0x44 | lr : cancelar_trabajo_retrasado+0x2c/0x44 | sp : ffff80008002ba60 | x29: ffff80008002ba60 x28: 0000000000000000 x27: 0000000000000000 | x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000 | x23: 0000000000000000 x22: 0000000000000000 x21: ffff1f65014cd3c0 | x20: ffffc0e84c9d0da0 x19: ffffc0e84cab3558 x18: ffff800080009058 | x17: 00000000247ee1f8 x16: 00000000247ee1f8 x15: 00000000bdcb279d | x14: 0000000000000001 x13: 0000000000000075 x12: 00000a0000000000 | x11: ffff1f6501499018 x10: 00984901651fffff x9 : ffff5e7cc35af000 | x8 : 0000000000000001 x7 : 3d4d455453595342 x6 : 000000004e514553 | x5 : ffff1f6501499265 x4 : ffff1f650ff60b10 x3 : 0000000000000620 | x2 : ffff80008002ba78 x1 : 0000000000000000 x0 : 0000000000000000 | Rastreo de llamadas: | cancel_delayed_work+0x34/0x44 | deferred_probe_extend_timeout+0x20/0x70 | driver_register+0xa8/0x110 | __platform_driver_register+0x28/0x3c | syscon_init+0x24/0x38 | hacer_una_initcall+0xe4/0x338 | hacer_initcall_level+0xac/0x178 | hacer_initcalls+0x5c/0xa0 | hacer_configuraci\u00f3n_b\u00e1sica+0x20/0x30 | kernel_init_freeable+0x8c/0xf8 | kernel_init+0x28/0x1b4 | ret_from_fork+0x10/0x20 | C\u00f3digo: f9000fbf 97fffa2f 39400268 37100048 (d42aa2a0) | ---[ fin de seguimiento 000000000000000 ]--- | P\u00e1nico del n\u00facleo: no se sincroniza: UBSAN: desbordamiento de sustracci\u00f3n de enteros: excepci\u00f3n fatal Esto se debe a que shift_and_mask() usa una funci\u00f3n inmediata con signo para construir la m\u00e1scara y se la llama con un desplazamiento de 31 (WORK_OFFQ_POOL_SHIFT), por lo que termina disminuyendo desde INT_MIN. Use una constante sin signo '1U' para generar la m\u00e1scara en shift_and_mask()." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44982.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44982.json index 442fe84458f..3eeb29fd7d3 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44982.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44982.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44982", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.593", - "lastModified": "2024-09-04T20:15:07.593", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: cleanup FB if dpu_format_populate_layout fails\n\nIf the dpu_format_populate_layout() fails, then FB is prepared, but not\ncleaned up. This ends up leaking the pin_count on the GEM object and\ncauses a splat during DRM file closure:\n\nmsm_obj->pin_count\nWARNING: CPU: 2 PID: 569 at drivers/gpu/drm/msm/msm_gem.c:121 update_lru_locked+0xc4/0xcc\n[...]\nCall trace:\n update_lru_locked+0xc4/0xcc\n put_pages+0xac/0x100\n msm_gem_free_object+0x138/0x180\n drm_gem_object_free+0x1c/0x30\n drm_gem_object_handle_put_unlocked+0x108/0x10c\n drm_gem_object_release_handle+0x58/0x70\n idr_for_each+0x68/0xec\n drm_gem_release+0x28/0x40\n drm_file_free+0x174/0x234\n drm_release+0xb0/0x160\n __fput+0xc0/0x2c8\n __fput_sync+0x50/0x5c\n __arm64_sys_close+0x38/0x7c\n invoke_syscall+0x48/0x118\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x4c/0x120\n el0t_64_sync_handler+0x100/0x12c\n el0t_64_sync+0x190/0x194\nirq event stamp: 129818\nhardirqs last enabled at (129817): [] console_unlock+0x118/0x124\nhardirqs last disabled at (129818): [] el1_dbg+0x24/0x8c\nsoftirqs last enabled at (129808): [] handle_softirqs+0x4c8/0x4e8\nsoftirqs last disabled at (129785): [] __do_softirq+0x14/0x20\n\nPatchwork: https://patchwork.freedesktop.org/patch/600714/" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm/dpu: limpiar FB si dpu_format_populate_layout falla Si dpu_format_populate_layout() falla, entonces FB se prepara, pero no se limpia. Esto termina filtrando el pin_count en el objeto GEM y provoca un splat durante el cierre del archivo DRM: msm_obj->pin_count ADVERTENCIA: CPU: 2 PID: 569 en drivers/gpu/drm/msm/msm_gem.c:121 update_lru_locked+0xc4/0xcc [...] Rastreo de llamadas: update_lru_locked+0xc4/0xcc put_pages+0xac/0x100 msm_gem_free_object+0x138/0x180 drm_gem_object_free+0x1c/0x30 drm_gem_object_handle_put_unlocked+0x108/0x10c drm_gem_object_release_handle+0x58/0x70 idr_for_each+0x68/0xec drm_gem_release+0x28/0x40 drm_file_free+0x174/0x234 drm_release+0xb0/0x160 __fput+0xc0/0x2c8 __fput_sync+0x50/0x5c __arm64_sys_close+0x38/0x7c anybody_syscall+0x48/0x118 el0_svc_common.constprop.0+0x40/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x4c/0x120 el0t_64_sync_handler+0x100/0x12c el0t_64_sync+0x190/0x194 marca de evento irq: 129818 hardirqs habilitados por \u00faltima vez en (129817): [] console_unlock+0x118/0x124 hardirqs deshabilitados por \u00faltima vez en (129818): [] el1_dbg+0x24/0x8c softirqs habilitados por \u00faltima vez en (129808): [] handle_softirqs+0x4c8/0x4e8 softirqs deshabilitados por \u00faltima vez en (129785): [] __do_softirq+0x14/0x20 Patchwork: https://patchwork.freedesktop.org/patch/600714/" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44983.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44983.json index 8964cdb8ef0..71ae2b24816 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44983.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44983.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44983", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.657", - "lastModified": "2024-09-04T20:15:07.657", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: validate vlan header\n\nEnsure there is sufficient room to access the protocol field of the\nVLAN header, validate it once before the flowtable lookup.\n\n=====================================================\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32\n nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5440 [inline]" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: flowtable: validar encabezado de VLAN Aseg\u00farese de que haya suficiente espacio para acceder al campo de protocolo del encabezado de VLAN, val\u00eddelo una vez antes de la b\u00fasqueda de la tabla de flujo. ======================================================= ERROR: KMSAN: valor no inicializado en nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_hook_entry_hookfn include/linux/netfilter.h:154 [en l\u00ednea] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_ingress include/linux/netfilter_netdev.h:34 [en l\u00ednea] nf_ingress net/core/dev.c:5440 [en l\u00ednea]" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44984.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44984.json index 08abc094fcb..885e2f32e06 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44984.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44984.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44984", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.717", - "lastModified": "2024-09-04T20:15:07.717", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix double DMA unmapping for XDP_REDIRECT\n\nRemove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT\ncode path. This should have been removed when we let the page pool\nhandle the DMA mapping. This bug causes the warning:\n\nWARNING: CPU: 7 PID: 59 at drivers/iommu/dma-iommu.c:1198 iommu_dma_unmap_page+0xd5/0x100\nCPU: 7 PID: 59 Comm: ksoftirqd/7 Tainted: G W 6.8.0-1010-gcp #11-Ubuntu\nHardware name: Dell Inc. PowerEdge R7525/0PYVT1, BIOS 2.15.2 04/02/2024\nRIP: 0010:iommu_dma_unmap_page+0xd5/0x100\nCode: 89 ee 48 89 df e8 cb f2 69 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 e9 ab 17 71 00 <0f> 0b 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9\nRSP: 0018:ffffab1fc0597a48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff99ff838280c8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffab1fc0597a78 R08: 0000000000000002 R09: ffffab1fc0597c1c\nR10: ffffab1fc0597cd3 R11: ffff99ffe375acd8 R12: 00000000e65b9000\nR13: 0000000000000050 R14: 0000000000001000 R15: 0000000000000002\nFS: 0000000000000000(0000) GS:ffff9a06efb80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000565c34c37210 CR3: 00000005c7e3e000 CR4: 0000000000350ef0\n? show_regs+0x6d/0x80\n? __warn+0x89/0x150\n? iommu_dma_unmap_page+0xd5/0x100\n? report_bug+0x16a/0x190\n? handle_bug+0x51/0xa0\n? exc_invalid_op+0x18/0x80\n? iommu_dma_unmap_page+0xd5/0x100\n? iommu_dma_unmap_page+0x35/0x100\ndma_unmap_page_attrs+0x55/0x220\n? bpf_prog_4d7e87c0d30db711_xdp_dispatcher+0x64/0x9f\nbnxt_rx_xdp+0x237/0x520 [bnxt_en]\nbnxt_rx_pkt+0x640/0xdd0 [bnxt_en]\n__bnxt_poll_work+0x1a1/0x3d0 [bnxt_en]\nbnxt_poll+0xaa/0x1e0 [bnxt_en]\n__napi_poll+0x33/0x1e0\nnet_rx_action+0x18a/0x2f0" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bnxt_en: Se ha corregido la doble anulaci\u00f3n de la asignaci\u00f3n de DMA para XDP_REDIRECT. Se ha eliminado la llamada dma_unmap_page_attrs() en la ruta de c\u00f3digo XDP_REDIRECT del controlador. Esto deber\u00eda haberse eliminado cuando dejamos que el grupo de p\u00e1ginas se encargara de la asignaci\u00f3n de DMA. Este error provoca la advertencia: ADVERTENCIA: CPU: 7 PID: 59 en drivers/iommu/dma-iommu.c:1198 iommu_dma_unmap_page+0xd5/0x100 CPU: 7 PID: 59 Comm: ksoftirqd/7 Contaminado: GW 6.8.0-1010-gcp #11-Ubuntu Nombre del hardware: Dell Inc. PowerEdge R7525/0PYVT1, BIOS 2.15.2 04/02/2024 RIP: 0010:iommu_dma_unmap_page+0xd5/0x100 C\u00f3digo: 89 ee 48 89 df e8 cb f2 69 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 e9 ab 17 71 00 <0f> 0b 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9 RSP: 0018:ffffab1fc0597a48 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff99ff838280c8 RCX: 000000000000000 RDX: 0000000000000000 RSI: 00000000000000000 RDI: 0000000000000000 RBP: ffffab1fc0597a78 R08: 0000000000000002 R09: ffffab1fc0597c1c R10: ffffab1fc0597cd3 R11: ffff99ffe375acd8 R12: 00000000e65b9000 R13: 0000000000000050 R14: 0000000000001000 R15: 0000000000000002 FS: 000000000000000(0000) GS:ffff9a06efb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000565c34c37210 CR3: 00000005c7e3e000 CR4: 0000000000350ef0 ? mostrar_regs+0x6d/0x80 ? __warn+0x89/0x150 ? iommu_dma_unmap_page+0xd5/0x100 ? informar_error+0x16a/0x190 ? manejar_error+0x51/0xa0 ? dma_unmap_page_attrs+0x55/0x220 ? bpf_prog_4d7e87c0d30db711_xdp_dispatcher+0x64/0x9f bnxt_rx_xdp+0x237/0x520 [bnxt_es] bnxt_rx_pkt+0x640/0xdd0 [bnxt_es] __bnxt_poll_work+0x1a1/0x3d0 [bnxt_es] bnxt_poll+0xaa/0x1e0 [bnxt_es] __napi_poll+0x33/0x1e0 net_rx_action+0x18a/0x2f0" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44985.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44985.json index 2093929e3fa..cf3abf3ad0c 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44985.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44985.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44985", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.777", - "lastModified": "2024-09-04T20:15:07.777", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UAF in ip6_xmit()\n\nIf skb_expand_head() returns NULL, skb has been freed\nand the associated dst/idev could also have been freed.\n\nWe must use rcu_read_lock() to prevent a possible UAF." + }, + { + "lang": "es", + "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ipv6: evitar posible UAF en ip6_xmit() Si skb_expand_head() devuelve NULL, skb se ha liberado y el dst/idev asociado tambi\u00e9n podr\u00eda haberse liberado. Debemos utilizar rcu_read_lock() para evitar un posible UAF." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44986.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44986.json index 30f6a14f2e4..53e2aab04a8 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44986.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44986.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44986", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.833", - "lastModified": "2024-09-04T20:15:07.833", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible UAF in ip6_finish_output2()\n\nIf skb_expand_head() returns NULL, skb has been freed\nand associated dst/idev could also have been freed.\n\nWe need to hold rcu_read_lock() to make sure the dst and\nassociated idev are alive." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: se ha corregido un posible UAF en ip6_finish_output2() Si skb_expand_head() devuelve NULL, se ha liberado skb y tambi\u00e9n se podr\u00eda haber liberado el dst/idev asociado. Necesitamos mantener rcu_read_lock() para asegurarnos de que el dst y el idev asociado est\u00e9n activos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44987.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44987.json index 49bac8d7151..c5c49bd8603 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44987.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44987.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44987", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.890", - "lastModified": "2024-09-04T20:15:07.890", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent UAF in ip6_send_skb()\n\nsyzbot reported an UAF in ip6_send_skb() [1]\n\nAfter ip6_local_out() has returned, we no longer can safely\ndereference rt, unless we hold rcu_read_lock().\n\nA similar issue has been fixed in commit\na688caa34beb (\"ipv6: take rcu lock in rawv6_send_hdrinc()\")\n\nAnother potential issue in ip6_finish_output2() is handled in a\nseparate patch.\n\n[1]\n BUG: KASAN: slab-use-after-free in ip6_send_skb+0x18d/0x230 net/ipv6/ip6_output.c:1964\nRead of size 8 at addr ffff88806dde4858 by task syz.1.380/6530\n\nCPU: 1 UID: 0 PID: 6530 Comm: syz.1.380 Not tainted 6.11.0-rc3-syzkaller-00306-gdf6cbc62cc9b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ip6_send_skb+0x18d/0x230 net/ipv6/ip6_output.c:1964\n rawv6_push_pending_frames+0x75c/0x9e0 net/ipv6/raw.c:588\n rawv6_sendmsg+0x19c7/0x23c0 net/ipv6/raw.c:926\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n sock_write_iter+0x2dd/0x400 net/socket.c:1160\n do_iter_readv_writev+0x60a/0x890\n vfs_writev+0x37c/0xbb0 fs/read_write.c:971\n do_writev+0x1b1/0x350 fs/read_write.c:1018\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f936bf79e79\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f936cd7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: 00007f936c115f80 RCX: 00007f936bf79e79\nRDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000004\nRBP: 00007f936bfe7916 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f936c115f80 R15: 00007fff2860a7a8\n \n\nAllocated by task 6530:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:312 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3988 [inline]\n slab_alloc_node mm/slub.c:4037 [inline]\n kmem_cache_alloc_noprof+0x135/0x2a0 mm/slub.c:4044\n dst_alloc+0x12b/0x190 net/core/dst.c:89\n ip6_blackhole_route+0x59/0x340 net/ipv6/route.c:2670\n make_blackhole net/xfrm/xfrm_policy.c:3120 [inline]\n xfrm_lookup_route+0xd1/0x1c0 net/xfrm/xfrm_policy.c:3313\n ip6_dst_lookup_flow+0x13e/0x180 net/ipv6/ip6_output.c:1257\n rawv6_sendmsg+0x1283/0x23c0 net/ipv6/raw.c:898\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 45:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n poison_slab_object+0xe0/0x150 mm/kasan/common.c:240\n __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2252 [inline]\n slab_free mm/slub.c:4473 [inline]\n kmem_cache_free+0x145/0x350 mm/slub.c:4548\n dst_destroy+0x2ac/0x460 net/core/dst.c:124\n rcu_do_batch kernel/rcu/tree.c:2569 [inline]\n rcu_core+0xafd/0x1830 kernel/rcu/tree.\n---truncated---" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: evitar UAF en ip6_send_skb() syzbot inform\u00f3 de un UAF en ip6_send_skb() [1] Despu\u00e9s de que ip6_local_out() haya regresado, ya no podemos desreferenciar rt de forma segura, a menos que mantengamos rcu_read_lock(). Se ha solucionado un problema similar en el commit a688caa34beb (\"ipv6: tomar bloqueo rcu en rawv6_send_hdrinc()\") Otro problema potencial en ip6_finish_output2() se maneja en un parche independiente. [1] ERROR: KASAN: slab-use-after-free en ip6_send_skb+0x18d/0x230 net/ipv6/ip6_output.c:1964 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88806dde4858 por la tarea syz.1.380/6530 CPU: 1 UID: 0 PID: 6530 Comm: syz.1.380 No contaminado 6.11.0-rc3-syzkaller-00306-gdf6cbc62cc9b #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:93 [en l\u00ednea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 descripci\u00f3n_direcci\u00f3n_impresi\u00f3n mm/kasan/report.c:377 [en l\u00ednea] informe_impresi\u00f3n+0x169/0x550 mm/kasan/report.c:488 informe_kasan+0x143/0x180 mm/kasan/report.c:601 ip6_send_skb+0x18d/0x230 net/ipv6/ip6_output.c:1964 tramas_pendientes_de_env\u00edo_sin_formato_v6+0x75c/0x9e0 net/ipv6/raw.c:588 env\u00edo_sin_formato_v6+0x19c7/0x23c0 net/ipv6/raw.c:926 env\u00edo_sin_formato_v6_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x1a6/0x270 net/socket.c:745 sock_write_iter+0x2dd/0x400 net/socket.c:1160 do_iter_readv_writev+0x60a/0x890 vfs_writev+0x37c/0xbb0 fs/read_write.c:971 do_writev+0x1b1/0x350 fs/read_write.c:1018 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f DESCANSE EN P\u00c9RDIDA: 0033:0x7f936bf79e79 C\u00f3digo: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f936cd7f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000014 RAX: ffffffffffffffda RBX: 00007f936c115f80 RCX: 00007f936bf79e79 RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000004 RBP: 00007f936bfe7916 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 00000000000000246 R12: 00000000000000000 R13: 0000000000000000 R14: 00007f936c115f80 R15: 00007fff2860a7a8 Asignado por la tarea 6530: kasan_save_stack mm/kasan/common.c:47 [en l\u00ednea] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 unpoison_slab_object mm/kasan/common.c:312 [en l\u00ednea] __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338 kasan_slab_alloc include/linux/kasan.h:201 [en l\u00ednea] slab_post_alloc_hook mm/slub.c:3988 [en l\u00ednea] slab_alloc_node mm/slub.c:4037 [en l\u00ednea] kmem_cache_alloc_noprof+0x135/0x2a0 mm/slub.c:4044 dst_alloc+0x12b/0x190 net/core/dst.c:89 ip6_blackhole_route+0x59/0x340 net/ipv6/route.c:2670 make_blackhole net/xfrm/xfrm_policy.c:3120 [en l\u00ednea] xfrm_lookup_route+0xd1/0x1c0 net/xfrm/xfrm_policy.c:3313 ip6_dst_lookup_flow+0x13e/0x180 net/ipv6/ip6_output.c:1257 rawv6_sendmsg+0x1283/0x23c0 net/ipv6/raw.c:898 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x1a6/0x270 net/socket.c:745 ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597 ___sys_sendmsg net/socket.c:2651 [en l\u00ednea] __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Liberado por la tarea 45: kasan_save_stack mm/kasan/common.c:47 [en l\u00ednea] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579 poison_slab_object+0xe0/0x150 mm/kasan/common.c:240 __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256 kasan_slab_free include/linux/kasan.h:184 [en l\u00ednea] slab_free_hook mm/slub.c:2252 ---truncado---" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44988.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44988.json index c24b6d0c777..2c15744ecdc 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44988.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44988.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44988", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:07.960", - "lastModified": "2024-09-04T20:15:07.960", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: Fix out-of-bound access\n\nIf an ATU violation was caused by a CPU Load operation, the SPID could\nbe larger than DSA_MAX_PORTS (the size of mv88e6xxx_chip.ports[] array)." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: mv88e6xxx: Se corrige el acceso fuera de los l\u00edmites. Si una violaci\u00f3n de ATU fue causada por una operaci\u00f3n de carga de CPU, el SPID podr\u00eda ser mayor que DSA_MAX_PORTS (el tama\u00f1o de la matriz mv88e6xxx_chip.ports[])." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json index ba213bd579c..8f69a14e2cc 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44989", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.020", - "lastModified": "2024-09-04T20:15:08.020", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix xfrm real_dev null pointer dereference\n\nWe shouldn't set real_dev to NULL because packets can be in transit and\nxfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume\nreal_dev is set.\n\n Example trace:\n kernel: BUG: unable to handle page fault for address: 0000000000001030\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: #PF: supervisor write access in kernel mode\n kernel: #PF: error_code(0x0002) - not-present page\n kernel: PGD 0 P4D 0\n kernel: Oops: 0002 [#1] PREEMPT SMP\n kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12\n kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim]\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: Code: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel:\n kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60\n kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00\n kernel: RBP: ffff9eb3c0a42000 R08: 0000000000000010 R09: 0000000000000014\n kernel: R10: 7974203030303030 R11: 3030303030303030 R12: 0000000000000000\n kernel: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000\n kernel: FS: 00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: Call Trace:\n kernel: \n kernel: ? __die+0x1f/0x60\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: ? page_fault_oops+0x142/0x4c0\n kernel: ? do_user_addr_fault+0x65/0x670\n kernel: ? kvm_read_and_reset_apf_flags+0x3b/0x50\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: ? exc_page_fault+0x7b/0x180\n kernel: ? asm_exc_page_fault+0x22/0x30\n kernel: ? nsim_bpf_uninit+0x50/0x50 [netdevsim]\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: ? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim]\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: bond_ipsec_offload_ok+0x7b/0x90 [bonding]\n kernel: xfrm_output+0x61/0x3b0\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: ip_push_pending_frames+0x56/0x80" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: fix xfrm real_dev null pointer dereference No deber\u00edamos establecer real_dev en NULL porque los paquetes pueden estar en tr\u00e1nsito y xfrm podr\u00eda llamar a xdo_dev_offload_ok() en paralelo. Todas las devoluciones de llamadas suponen que real_dev est\u00e1 establecido. Ejemplo de seguimiento: kernel: BUG: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: 0000000000001030 kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: #PF: acceso de escritura del supervisor en modo kernel kernel: #PF: error_code(0x0002) - p\u00e1gina no presente kernel: PGD 0 P4D 0 kernel: Oops: 0002 [#1] PREEMPT SMP kernel: CPU: 4 PID: 2237 Comm: ping No contaminado 6.7.7+ #12 kernel: Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar el kernel SA: C\u00f3digo: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246 kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar SA kernel: kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60 kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00 kernel: RBP: ffff9eb3c0a42000 R08: 000000000000010 R09: 0000000000000014 kernel: R10: 797420303030303030 R11: 3030303030303030 R12: 0000000000000000 n\u00facleo: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000 n\u00facleo: FS: 00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000 n\u00facleo: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 n\u00facleo: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0 kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: Seguimiento de llamadas: kernel: kernel: ? __die+0x1f/0x60 kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: error al agregar SA kernel: ? page_fault_oops+0x142/0x4c0 kernel: ? do_user_addr_fault+0x65/0x670 kernel: ? kvm_read_and_reset_apf_flags+0x3b/0x50 kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: ? exc_page_fault+0x7b/0x180 kernel: ? asm_exc_page_fault+0x22/0x30 kernel: ? nsim_bpf_uninit+0x50/0x50 [netdevsim] kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar SA kernel: ? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: bond_ipsec_offload_ok+0x7b/0x90 [vinculaci\u00f3n] kernel: xfrm_output+0x61/0x3b0 kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar SA kernel: ip_push_pending_frames+0x56/0x80" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json index b7c9fe1f07b..7f4aa0bd704 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44990", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.087", - "lastModified": "2024-09-04T20:15:08.087", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix null pointer deref in bond_ipsec_offload_ok\n\nWe must check if there is an active slave before dereferencing the pointer." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: corregir desreferenciaci\u00f3n de puntero nulo en bond_ipsec_offload_ok Debemos comprobar si hay un esclavo activo antes de desreferenciar el puntero." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44991.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44991.json index d57bd720449..ac2129f8399 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44991.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44991.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44991", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.150", - "lastModified": "2024-09-04T20:15:08.150", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: prevent concurrent execution of tcp_sk_exit_batch\n\nIts possible that two threads call tcp_sk_exit_batch() concurrently,\nonce from the cleanup_net workqueue, once from a task that failed to clone\na new netns. In the latter case, error unwinding calls the exit handlers\nin reverse order for the 'failed' netns.\n\ntcp_sk_exit_batch() calls tcp_twsk_purge().\nProblem is that since commit b099ce2602d8 (\"net: Batch inet_twsk_purge\"),\nthis function picks up twsk in any dying netns, not just the one passed\nin via exit_batch list.\n\nThis means that the error unwind of setup_net() can \"steal\" and destroy\ntimewait sockets belonging to the exiting netns.\n\nThis allows the netns exit worker to proceed to call\n\nWARN_ON_ONCE(!refcount_dec_and_test(&net->ipv4.tcp_death_row.tw_refcount));\n\nwithout the expected 1 -> 0 transition, which then splats.\n\nAt same time, error unwind path that is also running inet_twsk_purge()\nwill splat as well:\n\nWARNING: .. at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210\n...\n refcount_dec include/linux/refcount.h:351 [inline]\n inet_twsk_kill+0x758/0x9c0 net/ipv4/inet_timewait_sock.c:70\n inet_twsk_deschedule_put net/ipv4/inet_timewait_sock.c:221\n inet_twsk_purge+0x725/0x890 net/ipv4/inet_timewait_sock.c:304\n tcp_sk_exit_batch+0x1c/0x170 net/ipv4/tcp_ipv4.c:3522\n ops_exit_list+0x128/0x180 net/core/net_namespace.c:178\n setup_net+0x714/0xb40 net/core/net_namespace.c:375\n copy_net_ns+0x2f0/0x670 net/core/net_namespace.c:508\n create_new_namespaces+0x3ea/0xb10 kernel/nsproxy.c:110\n\n... because refcount_dec() of tw_refcount unexpectedly dropped to 0.\n\nThis doesn't seem like an actual bug (no tw sockets got lost and I don't\nsee a use-after-free) but as erroneous trigger of debug check.\n\nAdd a mutex to force strict ordering: the task that calls tcp_twsk_purge()\nblocks other task from doing final _dec_and_test before mutex-owner has\nremoved all tw sockets of dying netns." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp: evitar la ejecuci\u00f3n concurrente de tcp_sk_exit_batch Es posible que dos subprocesos llamen a tcp_sk_exit_batch() simult\u00e1neamente, una vez desde la cola de trabajo cleanup_net, otra desde una tarea que no pudo clonar una nueva netns. En el \u00faltimo caso, el desenrollado de errores llama a los controladores de salida en orden inverso para las netns \"fallidas\". tcp_sk_exit_batch() llama a tcp_twsk_purge(). El problema es que desde el commit b099ce2602d8 (\"net: Batch inet_twsk_purge\"), esta funci\u00f3n recoge twsk en cualquier netn moribundo, no solo en el que se pasa a trav\u00e9s de la lista exit_batch. Esto significa que el desenrollado de errores de setup_net() puede \"robar\" y destruir los sockets timewait que pertenecen a las netns que salen. Esto permite que el trabajador de salida netns proceda a llamar a WARN_ON_ONCE(!refcount_dec_and_test(&net->ipv4.tcp_death_row.tw_refcount)); sin la transici\u00f3n esperada de 1 -> 0, que luego falla. Al mismo tiempo, la ruta de desenrollado de error que tambi\u00e9n est\u00e1 ejecutando inet_twsk_purge() tambi\u00e9n se mostrar\u00e1: ADVERTENCIA: .. en lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 ... refcount_dec include/linux/refcount.h:351 [en l\u00ednea] inet_twsk_kill+0x758/0x9c0 net/ipv4/inet_timewait_sock.c:70 inet_twsk_deschedule_put net/ipv4/inet_timewait_sock.c:221 inet_twsk_purge+0x725/0x890 net/ipv4/inet_timewait_sock.c:304 tcp_sk_exit_batch+0x1c/0x170 net/ipv4/tcp_ipv4.c:3522 ops_exit_list+0x128/0x180 net/core/net_namespace.c:178 setup_net+0x714/0xb40 net/core/net_namespace.c:375 copy_net_ns+0x2f0/0x670 net/core/net_namespace.c:508 create_new_namespaces+0x3ea/0xb10 kernel/nsproxy.c:110 ... porque refcount_dec() de tw_refcount cay\u00f3 inesperadamente a 0. Esto no parece un error real (no se perdieron sockets tw y no veo un use-after-free) sino un disparador err\u00f3neo de la comprobaci\u00f3n de depuraci\u00f3n. Agregue un mutex para forzar un orden estricto: la tarea que llama a tcp_twsk_purge() impide que otra tarea realice _dec_and_test final antes de que el propietario del mutex haya eliminado todos los sockets tw de los netn moribundos." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json index e1e7c341e06..1eec5d8ee09 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44992", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.207", - "lastModified": "2024-09-04T20:15:08.207", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb/client: avoid possible NULL dereference in cifs_free_subrequest()\n\nClang static checker (scan-build) warning:\n\tcifsglob.h:line 890, column 3\n\tAccess to field 'ops' results in a dereference of a null pointer.\n\nCommit 519be989717c (\"cifs: Add a tracepoint to track credits involved in\nR/W requests\") adds a check for 'rdata->server', and let clang throw this\nwarning about NULL dereference.\n\nWhen 'rdata->credits.value != 0 && rdata->server == NULL' happens,\nadd_credits_and_wake_if() will call rdata->server->ops->add_credits().\nThis will cause NULL dereference problem. Add a check for 'rdata->server'\nto avoid NULL dereference." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb/client: evitar posible desreferencia NULL en cifs_free_subrequest() Advertencia del verificador est\u00e1tico de Clang (scan-build): cifsglob.h:l\u00ednea 890, columna 3 El acceso al campo 'ops' da como resultado una desreferencia de un puntero nulo. El commit 519be989717c (\"cifs: Agregar un punto de seguimiento para rastrear cr\u00e9ditos involucrados en solicitudes R/W\") agrega una verificaci\u00f3n para 'rdata->server' y permite que clang lance esta advertencia sobre la desreferencia NULL. Cuando sucede 'rdata->credits.value != 0 && rdata->server == NULL', add_credits_and_wake_if() llamar\u00e1 a rdata->server->ops->add_credits(). Esto causar\u00e1 un problema de desreferencia NULL. Agregue una verificaci\u00f3n para 'rdata->server' para evitar la desreferencia NULL." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json index e78624d9cca..75c6f0f73fc 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44993", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.257", - "lastModified": "2024-09-04T20:15:08.257", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()`\n\nWhen enabling UBSAN on Raspberry Pi 5, we get the following warning:\n\n[ 387.894977] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/v3d/v3d_sched.c:320:3\n[ 387.903868] index 7 is out of range for type '__u32 [7]'\n[ 387.909692] CPU: 0 PID: 1207 Comm: kworker/u16:2 Tainted: G WC 6.10.3-v8-16k-numa #151\n[ 387.919166] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)\n[ 387.925961] Workqueue: v3d_csd drm_sched_run_job_work [gpu_sched]\n[ 387.932525] Call trace:\n[ 387.935296] dump_backtrace+0x170/0x1b8\n[ 387.939403] show_stack+0x20/0x38\n[ 387.942907] dump_stack_lvl+0x90/0xd0\n[ 387.946785] dump_stack+0x18/0x28\n[ 387.950301] __ubsan_handle_out_of_bounds+0x98/0xd0\n[ 387.955383] v3d_csd_job_run+0x3a8/0x438 [v3d]\n[ 387.960707] drm_sched_run_job_work+0x520/0x6d0 [gpu_sched]\n[ 387.966862] process_one_work+0x62c/0xb48\n[ 387.971296] worker_thread+0x468/0x5b0\n[ 387.975317] kthread+0x1c4/0x1e0\n[ 387.978818] ret_from_fork+0x10/0x20\n[ 387.983014] ---[ end trace ]---\n\nThis happens because the UAPI provides only seven configuration\nregisters and we are reading the eighth position of this u32 array.\n\nTherefore, fix the out-of-bounds read in `v3d_csd_job_run()` by\naccessing only seven positions on the '__u32 [7]' array. The eighth\nregister exists indeed on V3D 7.1, but it isn't currently used. That\nbeing so, let's guarantee that it remains unused and add a note that it\ncould be set in a future patch." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/v3d: Corregir lectura fuera de los l\u00edmites en `v3d_csd_job_run()` Al habilitar UBSAN en Raspberry Pi 5, obtenemos la siguiente advertencia: [ 387.894977] UBSAN: array-index-out-of-bounds en drivers/gpu/drm/v3d/v3d_sched.c:320:3 [ 387.903868] el \u00edndice 7 est\u00e1 fuera de rango para el tipo '__u32 [7]' [ 387.909692] CPU: 0 PID: 1207 Comm: kworker/u16:2 Tainted: G WC 6.10.3-v8-16k-numa #151 [ 387.919166] Nombre del hardware: Raspberry Pi 5 Model B Rev 1.0 (DT) [ 387.925961] Cola de trabajo: v3d_csd drm_sched_run_job_work [gpu_sched] [ 387.932525] Rastreo de llamadas: [ 387.935296] dump_backtrace+0x170/0x1b8 [ 387.939403] show_stack+0x20/0x38 [ 387.942907] dump_stack_lvl+0x90/0xd0 [ 387.946785] dump_stack+0x18/0x28 [ 387.950301] __ubsan_handle_out_of_bounds+0x98/0xd0 [ 387.955383] v3d_csd_job_run+0x3a8/0x438 [v3d] [ 387.960707] drm_sched_run_job_work+0x520/0x6d0 [gpu_sched] [ 387.966862] process_one_work+0x62c/0xb48 [ 387.971296] worker_thread+0x468/0x5b0 [ 387.975317] kthread+0x1c4/0x1e0 [ 387.978818] ret_from_fork+0x10/0x20 [ 387.983014] ---[ fin del seguimiento ]--- Esto sucede porque la UAPI proporciona solo siete registros de configuraci\u00f3n y estamos leyendo la octava posici\u00f3n de esta matriz u32. Por lo tanto, solucione la lectura fuera de los l\u00edmites en `v3d_csd_job_run()` accediendo solo a siete posiciones en la matriz '__u32 [7]'. El octavo registro existe de hecho en V3D 7.1, pero no se utiliza actualmente. Siendo as\u00ed, garanticemos que permanezca sin uso y agreguemos una nota que indique que podr\u00eda configurarse en un parche futuro." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44994.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44994.json index a7cca72efc1..cc455b73b44 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44994.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44994.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44994", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.307", - "lastModified": "2024-09-04T20:15:08.307", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Restore lost return in iommu_report_device_fault()\n\nWhen iommu_report_device_fault gets called with a partial fault it is\nsupposed to collect the fault into the group and then return.\n\nInstead the return was accidently deleted which results in trying to\nprocess the fault and an eventual crash.\n\nDeleting the return was a typo, put it back." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu: Restaurar retorno perdido en iommu_report_device_fault() Cuando se llama a iommu_report_device_fault con un error parcial, se supone que debe recopilar el error en el grupo y luego regresar. En cambio, el retorno se elimin\u00f3 accidentalmente, lo que da como resultado el intento de procesar el error y un bloqueo final. Eliminar el retorno fue un error tipogr\u00e1fico, vuelva a colocarlo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json index 90e27ff1dd1..af864268397 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44995", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.353", - "lastModified": "2024-09-04T20:15:08.353", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n \u2502\n \u25bc\n ......\nsetup tc \u2502\n \u2502 \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) \u2502\n \u2502 \u2502\n \u25bc \u25bc\n ...... ......\n \u2502 \u2502\n \u25bc \u2502\nnapi_enable() \u2502\n \u25bc\n UINIT: netif_napi_del()\n \u2502\n \u25bc\n ......\n \u2502\n \u25bc\n INIT: netif_napi_add()\n \u2502\n \u25bc\n ...... global reset start\n \u2502 \u2502\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n \u2502 \u2502\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n ?\n ?\n ......\nsetup tc ?\n ? ?\n ? DOWN: napi_disable()\nnapi_disable()(skip) ?\n ? ?\n ? ?\n ...... ......\n ? ?\n ? ?\nnapi_enable() ?\n ?\n UINIT: netif_napi_del()\n ?\n ?\n ......\n ?\n ?\n INIT: netif_napi_add()\n ?\n ?\n ...... global reset start\n ? ?\n ? ?\n UP: napi_enable()(skip) ......\n ? ?\n ? ?\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net:hns3: se corrige un problema de bloqueo cuando se configura TC durante el reinicio Cuando se configura TC durante el proceso de reinicio, puede causar un bloqueo, el flujo es el siguiente: pf reset start ? ? ...... setup tc ? ? ? ? DOWN: napi_disable() napi_disable()(skip) ? ? ? ? ? ...... ...... ? ? ? ? napi_enable() ? ? UINIT: netif_napi_del() ? ? ...... ? ? INIT: netif_napi_add() ? ? ...... global reset start ? ? ? ? UP: napi_enable()(skip) ...... ? ? ? ? ...... napi_disable() En el proceso de reinicio, el controlador DESACTIVAR\u00c1 el puerto y luego UINIT; en este caso, el proceso de configuraci\u00f3n tc DESACTIVAR\u00c1 el puerto antes de UINIT, lo que provocar\u00e1 el problema. Agrega un proceso DESACTIVADO en UINIT para solucionarlo." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44996.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44996.json index b75745880da..f86698fe977 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44996.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44996.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44996", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.413", - "lastModified": "2024-09-04T20:15:08.413", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: fix recursive ->recvmsg calls\n\nAfter a vsock socket has been added to a BPF sockmap, its prot->recvmsg\nhas been replaced with vsock_bpf_recvmsg(). Thus the following\nrecursiion could happen:\n\nvsock_bpf_recvmsg()\n -> __vsock_recvmsg()\n -> vsock_connectible_recvmsg()\n -> prot->recvmsg()\n -> vsock_bpf_recvmsg() again\n\nWe need to fix it by calling the original ->recvmsg() without any BPF\nsockmap logic in __vsock_recvmsg()." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vsock: corregir llamadas recursivas ->recvmsg Despu\u00e9s de que se ha a\u00f1adido un socket vsock a un sockmap BPF, su prot->recvmsg se ha reemplazado por vsock_bpf_recvmsg(). Por lo tanto, podr\u00eda ocurrir la siguiente recursi\u00f3n: vsock_bpf_recvmsg() -> __vsock_recvmsg() -> vsock_connectible_recvmsg() -> prot->recvmsg() -> vsock_bpf_recvmsg() de nuevo Necesitamos solucionarlo llamando al ->recvmsg() original sin ninguna l\u00f3gica sockmap BPF en __vsock_recvmsg()." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json index b9ed077965b..768fdfa44fa 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44997", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.470", - "lastModified": "2024-09-04T20:15:08.470", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()\n\nWhen there are multiple ap interfaces on one band and with WED on,\nturning the interface down will cause a kernel panic on MT798X.\n\nPreviously, cb_priv was freed in mtk_wed_setup_tc_block() without\nmarking NULL,and mtk_wed_setup_tc_block_cb() didn't check the value, too.\n\nAssign NULL after free cb_priv in mtk_wed_setup_tc_block() and check NULL\nin mtk_wed_setup_tc_block_cb().\n\n----------\nUnable to handle kernel paging request at virtual address 0072460bca32b4f5\nCall trace:\n mtk_wed_setup_tc_block_cb+0x4/0x38\n 0xffffffc0794084bc\n tcf_block_playback_offloads+0x70/0x1e8\n tcf_block_unbind+0x6c/0xc8\n...\n---------" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: mtk_wed: arregla el p\u00e1nico de use after free en mtk_wed_setup_tc_block_cb() Cuando hay m\u00faltiples interfaces de punto de acceso en una banda y con WED activado, desactivar la interfaz provocar\u00e1 un p\u00e1nico de kernel en MT798X. Anteriormente, cb_priv se liberaba en mtk_wed_setup_tc_block() sin marcar NULL, y mtk_wed_setup_tc_block_cb() tampoco verificaba el valor. Asigna NULL despu\u00e9s de liberar cb_priv en mtk_wed_setup_tc_block() y marca NULL en mtk_wed_setup_tc_block_cb(). ---------- No se puede manejar la solicitud de paginaci\u00f3n del n\u00facleo en la direcci\u00f3n virtual 0072460bca32b4f5 Seguimiento de llamadas: mtk_wed_setup_tc_block_cb+0x4/0x38 0xffffffc0794084bc tcf_block_playback_offloads+0x70/0x1e8 tcf_block_unbind+0x6c/0xc8 ... ---------" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json index 5b589cee1fd..149787b7e9f 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44998", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.520", - "lastModified": "2024-09-04T20:15:08.520", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: idt77252: prevent use after free in dequeue_rx()\n\nWe can't dereference \"skb\" after calling vcc->push() because the skb\nis released." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: atm: idt77252: evitar use after free en dequeue_rx() No podemos desreferenciar \"skb\" despu\u00e9s de llamar a vcc->push() porque skb est\u00e1 liberado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json index 5d3b45cef9b..72e8fb39ef9 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json @@ -2,13 +2,17 @@ "id": "CVE-2024-44999", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.590", - "lastModified": "2024-09-04T20:15:08.590", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: pull network headers in gtp_dev_xmit()\n\nsyzbot/KMSAN reported use of uninit-value in get_dev_xmit() [1]\n\nWe must make sure the IPv4 or Ipv6 header is pulled in skb->head\nbefore accessing fields in them.\n\nUse pskb_inet_may_pull() to fix this issue.\n\n[1]\nBUG: KMSAN: uninit-value in ipv6_pdp_find drivers/net/gtp.c:220 [inline]\n BUG: KMSAN: uninit-value in gtp_build_skb_ip6 drivers/net/gtp.c:1229 [inline]\n BUG: KMSAN: uninit-value in gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281\n ipv6_pdp_find drivers/net/gtp.c:220 [inline]\n gtp_build_skb_ip6 drivers/net/gtp.c:1229 [inline]\n gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281\n __netdev_start_xmit include/linux/netdevice.h:4913 [inline]\n netdev_start_xmit include/linux/netdevice.h:4922 [inline]\n xmit_one net/core/dev.c:3580 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3596\n __dev_queue_xmit+0x358c/0x5610 net/core/dev.c:4423\n dev_queue_xmit include/linux/netdevice.h:3105 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3145 [inline]\n packet_sendmsg+0x90e3/0xa3a0 net/packet/af_packet.c:3177\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n __sys_sendto+0x685/0x830 net/socket.c:2204\n __do_sys_sendto net/socket.c:2216 [inline]\n __se_sys_sendto net/socket.c:2212 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2212\n x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3994 [inline]\n slab_alloc_node mm/slub.c:4037 [inline]\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4080\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:583\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:674\n alloc_skb include/linux/skbuff.h:1320 [inline]\n alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6526\n sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2815\n packet_alloc_skb net/packet/af_packet.c:2994 [inline]\n packet_snd net/packet/af_packet.c:3088 [inline]\n packet_sendmsg+0x749c/0xa3a0 net/packet/af_packet.c:3177\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n __sys_sendto+0x685/0x830 net/socket.c:2204\n __do_sys_sendto net/socket.c:2216 [inline]\n __se_sys_sendto net/socket.c:2212 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2212\n x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 7115 Comm: syz.1.515 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gtp: extraer encabezados de red en gtp_dev_xmit() syzbot/KMSAN inform\u00f3 del uso de uninit-value en get_dev_xmit() [1] Debemos asegurarnos de que el encabezado IPv4 o Ipv6 se extraiga en skb->head antes de acceder a los campos que contienen. Utilice pskb_inet_may_pull() para solucionar este problema. [1] ERROR: KMSAN: valor no inicializado en ipv6_pdp_find drivers/net/gtp.c:220 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en gtp_build_skb_ip6 drivers/net/gtp.c:1229 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281 ipv6_pdp_find drivers/net/gtp.c:220 [en l\u00ednea] gtp_build_skb_ip6 drivers/net/gtp.c:1229 [en l\u00ednea] gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281 __netdev_start_xmit incluir/linux/netdevice.h:4913 [en l\u00ednea] netdev_start_xmit incluir/linux/netdevice.h:4922 [en l\u00ednea] xmit_one net/core/dev.c:3580 [en l\u00ednea] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3596 __dev_queue_xmit+0x358c/0x5610 net/core/dev.c:4423 dev_queue_xmit incluir/linux/netdevice.h:3105 [en l\u00ednea] paquete_xmit+0x9c/0x6c0 net/paquete/af_packet.c:276 paquete_snd net/paquete/af_packet.c:3145 [en l\u00ednea] paquete_sendmsg+0x90e3/0xa3a0 net/packet/af_packet.c:3177 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 net/socket.c:745 __sys_sendto+0x685/0x830 net/socket.c:2204 __do_sys_sendto net/socket.c:2216 [en l\u00ednea] __se_sys_sendto net/socket.c:2212 [en l\u00ednea] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2212 x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slub.c:3994 [en l\u00ednea] slab_alloc_node mm/slub.c:4037 [en l\u00ednea] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4080 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:583 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:674 alloc_skb include/linux/skbuff.h:1320 [en l\u00ednea] alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6526 sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2815 packet_alloc_skb net/packet/af_packet.c:2994 [en l\u00ednea] packet_snd net/packet/af_packet.c:3088 [en l\u00ednea] packet_sendmsg+0x749c/0xa3a0 net/packet/af_packet.c:3177 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 net/socket.c:745 __sys_sendto+0x685/0x830 red/socket.c:2204 __do_sys_sendto red/socket.c:2216 [en l\u00ednea] __se_sys_sendto red/socket.c:2212 [en l\u00ednea] __x64_sys_sendto+0x125/0x1d0 red/socket.c:2212 x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 7115 Comm: syz.1.515 No contaminado 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 27/06/2024" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json index 02d96ba67e1..d776d475684 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45000", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.657", - "lastModified": "2024-09-04T20:15:08.657", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/netfs/fscache_cookie: add missing \"n_accesses\" check\n\nThis fixes a NULL pointer dereference bug due to a data race which\nlooks like this:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000008\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 33 PID: 16573 Comm: kworker/u97:799 Not tainted 6.8.7-cm4all1-hp+ #43\n Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 10/17/2018\n Workqueue: events_unbound netfs_rreq_write_to_cache_work\n RIP: 0010:cachefiles_prepare_write+0x30/0xa0\n Code: 57 41 56 45 89 ce 41 55 49 89 cd 41 54 49 89 d4 55 53 48 89 fb 48 83 ec 08 48 8b 47 08 48 83 7f 10 00 48 89 34 24 48 8b 68 20 <48> 8b 45 08 4c 8b 38 74 45 49 8b 7f 50 e8 4e a9 b0 ff 48 8b 73 10\n RSP: 0018:ffffb4e78113bde0 EFLAGS: 00010286\n RAX: ffff976126be6d10 RBX: ffff97615cdb8438 RCX: 0000000000020000\n RDX: ffff97605e6c4c68 RSI: ffff97605e6c4c60 RDI: ffff97615cdb8438\n RBP: 0000000000000000 R08: 0000000000278333 R09: 0000000000000001\n R10: ffff97605e6c4600 R11: 0000000000000001 R12: ffff97605e6c4c68\n R13: 0000000000020000 R14: 0000000000000001 R15: ffff976064fe2c00\n FS: 0000000000000000(0000) GS:ffff9776dfd40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000008 CR3: 000000005942c002 CR4: 00000000001706f0\n Call Trace:\n \n ? __die+0x1f/0x70\n ? page_fault_oops+0x15d/0x440\n ? search_module_extables+0xe/0x40\n ? fixup_exception+0x22/0x2f0\n ? exc_page_fault+0x5f/0x100\n ? asm_exc_page_fault+0x22/0x30\n ? cachefiles_prepare_write+0x30/0xa0\n netfs_rreq_write_to_cache_work+0x135/0x2e0\n process_one_work+0x137/0x2c0\n worker_thread+0x2e9/0x400\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x30/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \n Modules linked in:\n CR2: 0000000000000008\n ---[ end trace 0000000000000000 ]---\n\nThis happened because fscache_cookie_state_machine() was slow and was\nstill running while another process invoked fscache_unuse_cookie();\nthis led to a fscache_cookie_lru_do_one() call, setting the\nFSCACHE_COOKIE_DO_LRU_DISCARD flag, which was picked up by\nfscache_cookie_state_machine(), withdrawing the cookie via\ncachefiles_withdraw_cookie(), clearing cookie->cache_priv.\n\nAt the same time, yet another process invoked\ncachefiles_prepare_write(), which found a NULL pointer in this code\nline:\n\n struct cachefiles_object *object = cachefiles_cres_object(cres);\n\nThe next line crashes, obviously:\n\n struct cachefiles_cache *cache = object->volume->cache;\n\nDuring cachefiles_prepare_write(), the \"n_accesses\" counter is\nnon-zero (via fscache_begin_operation()). The cookie must not be\nwithdrawn until it drops to zero.\n\nThe counter is checked by fscache_cookie_state_machine() before\nswitching to FSCACHE_COOKIE_STATE_RELINQUISHING and\nFSCACHE_COOKIE_STATE_WITHDRAWING (in \"case\nFSCACHE_COOKIE_STATE_FAILED\"), but not for\nFSCACHE_COOKIE_STATE_LRU_DISCARDING (\"case\nFSCACHE_COOKIE_STATE_ACTIVE\").\n\nThis patch adds the missing check. With a non-zero access counter,\nthe function returns and the next fscache_end_cookie_access() call\nwill queue another fscache_cookie_state_machine() call to handle the\nstill-pending FSCACHE_COOKIE_DO_LRU_DISCARD." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/netfs/fscache_cookie: agregar comprobaci\u00f3n \"n_accesses\" faltante Esto corrige un error de desreferencia de puntero NULL debido a una ejecuci\u00f3n de datos que se ve as\u00ed: ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000008 #PF: acceso de lectura de supervisor en modo kernel #PF: error_code(0x0000) - p\u00e1gina no presente PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI CPU: 33 PID: 16573 Comm: kworker/u97:799 No contaminado 6.8.7-cm4all1-hp+ #43 Nombre del hardware: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 17/10/2018 Cola de trabajo: events_unbound netfs_rreq_write_to_cache_work RIP: 0010:cachefiles_prepare_write+0x30/0xa0 C\u00f3digo: 57 41 56 45 89 ce 41 55 49 89 cd 41 54 49 89 d4 55 53 48 89 fb 48 83 ec 08 48 8b 47 08 48 83 7f 10 00 48 89 34 24 48 8b 68 20 <48> 8b 45 08 4c 8b 38 74 45 49 8b 7f 50 e8 4e a9 b0 ff 48 8b 73 10 RSP: 0018:ffffb4e78113bde0 EFLAGS: 00010286 RAX: ffff976126be6d10 RBX: ffff97615cdb8438 RCX: 0000000000020000 RDX: ffff97605e6c4c68 RSI: ffff97605e6c4c60 RDI: ffff97615cdb8438 RBP: 000000000000000 R08: 0000000000278333 R09: 0000000000000001 R10: ffff97605e6c4600 R11: 0000000000000001 R12: ffff97605e6c4c68 R13: 0000000000020000 R14: 0000000000000001 R15: ffff976064fe2c00 FS: 000000000000000(0000) GS:ffff9776dfd40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000008 CR3: 000000005942c002 CR4: 00000000001706f0 Seguimiento de llamadas: ? __die+0x1f/0x70 ? page_fault_oops+0x15d/0x440 ? search_module_extables+0xe/0x40 ? fixup_exception+0x22/0x2f0 ? exc_page_fault+0x5f/0x100 ? asm_exc_page_fault+0x22/0x30 ? cachefiles_prepare_write+0x30/0xa0 netfs_rreq_write_to_cache_work+0x135/0x2e0 process_one_work+0x137/0x2c0 subproceso_trabajador+0x2e9/0x400 ? __pfx_worker_thread+0x10/0x10 kthread+0xcc/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x30/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 M\u00f3dulos vinculados en: CR2: 000000000000008 ---[ fin del seguimiento 000000000000000 ]--- Esto sucedi\u00f3 porque fscache_cookie_state_machine() era lento y todav\u00eda se estaba ejecutando mientras otro proceso invocaba fscache_unuse_cookie(); Esto llev\u00f3 a una llamada a fscache_cookie_lru_do_one(), que estableci\u00f3 el indicador FSCACHE_COOKIE_DO_LRU_DISCARD, que fue detectado por fscache_cookie_state_machine(), retirando la cookie a trav\u00e9s de cachefiles_withdraw_cookie(), borrando cookie->cache_priv. Al mismo tiempo, otro proceso invoc\u00f3 cachefiles_prepare_write(), que encontr\u00f3 un puntero NULL en esta l\u00ednea de c\u00f3digo: struct cachefiles_object *object = cachefiles_cres_object(cres); La siguiente l\u00ednea falla, obviamente: struct cachefiles_cache *cache = object->volume->cache; Durante cachefiles_prepare_write(), el contador \"n_accesses\" no es cero (a trav\u00e9s de fscache_begin_operation()). La cookie no debe retirarse hasta que baje a cero. El contador se comprueba mediante fscache_cookie_state_machine() antes de cambiar a FSCACHE_COOKIE_STATE_RELINQUISHING y FSCACHE_COOKIE_STATE_WITHDRAWING (en el \"caso FSCACHE_COOKIE_STATE_FAILED\"), pero no para FSCACHE_COOKIE_STATE_LRU_DISCARDING (\"caso FSCACHE_COOKIE_STATE_ACTIVE\"). Este parche agrega la comprobaci\u00f3n faltante. Con un contador de acceso distinto de cero, la funci\u00f3n retorna y la siguiente llamada fscache_end_cookie_access() pondr\u00e1 en cola otra llamada fscache_cookie_state_machine() para manejar la FSCACHE_COOKIE_DO_LRU_DISCARD a\u00fan pendiente." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45001.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45001.json index 2525768745e..3510ec674fe 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45001.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45001.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45001", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.710", - "lastModified": "2024-09-04T20:15:08.710", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix RX buf alloc_size alignment and atomic op panic\n\nThe MANA driver's RX buffer alloc_size is passed into napi_build_skb() to\ncreate SKB. skb_shinfo(skb) is located at the end of skb, and its alignment\nis affected by the alloc_size passed into napi_build_skb(). The size needs\nto be aligned properly for better performance and atomic operations.\nOtherwise, on ARM64 CPU, for certain MTU settings like 4000, atomic\noperations may panic on the skb_shinfo(skb)->dataref due to alignment fault.\n\nTo fix this bug, add proper alignment to the alloc_size calculation.\n\nSample panic info:\n[ 253.298819] Unable to handle kernel paging request at virtual address ffff000129ba5cce\n[ 253.300900] Mem abort info:\n[ 253.301760] ESR = 0x0000000096000021\n[ 253.302825] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 253.304268] SET = 0, FnV = 0\n[ 253.305172] EA = 0, S1PTW = 0\n[ 253.306103] FSC = 0x21: alignment fault\nCall trace:\n __skb_clone+0xfc/0x198\n skb_clone+0x78/0xe0\n raw6_local_deliver+0xfc/0x228\n ip6_protocol_deliver_rcu+0x80/0x500\n ip6_input_finish+0x48/0x80\n ip6_input+0x48/0xc0\n ip6_sublist_rcv_finish+0x50/0x78\n ip6_sublist_rcv+0x1cc/0x2b8\n ipv6_list_rcv+0x100/0x150\n __netif_receive_skb_list_core+0x180/0x220\n netif_receive_skb_list_internal+0x198/0x2a8\n __napi_poll+0x138/0x250\n net_rx_action+0x148/0x330\n handle_softirqs+0x12c/0x3a0" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mana: Fix RX buf alloc_size adjustment and atomic op panic El b\u00fafer RX alloc_size del controlador MANA se pasa a napi_build_skb() para crear SKB. skb_shinfo(skb) se encuentra al final de skb, y su alineaci\u00f3n se ve afectada por el alloc_size pasado a napi_build_skb(). El tama\u00f1o debe estar alineado correctamente para un mejor rendimiento y operaciones at\u00f3micas. De lo contrario, en la CPU ARM64, para ciertas configuraciones de MTU como 4000, las operaciones at\u00f3micas pueden entrar en p\u00e1nico en skb_shinfo(skb)->dataref debido a un error de alineaci\u00f3n. Para corregir este error, agregue la alineaci\u00f3n adecuada al c\u00e1lculo alloc_size. Informaci\u00f3n de p\u00e1nico de muestra: [253.298819] No se puede manejar la solicitud de paginaci\u00f3n del n\u00facleo en la direcci\u00f3n virtual ffff000129ba5cce [253.300900] Informaci\u00f3n de aborto de memoria: [253.301760] ESR = 0x0000000096000021 [253.302825] EC = 0x25: DABT (EL actual), IL = 32 bits [253.304268] SET = 0, FnV = 0 [253.305172] EA = 0, S1PTW = 0 [253.306103] FSC = 0x21: error de alineaci\u00f3n Rastreo de llamada: __skb_clone+0xfc/0x198 skb_clone+0x78/0xe0 raw6_local_deliver+0xfc/0x228 ip6_protocol_deliver_rcu+0x80/0x500 ip6_input_finish+0x48/0x80 ip6_input+0x48/0xc0 ip6_sublist_rcv_finish+0x50/0x78 ip6_sublist_rcv+0x1cc/0x2b8 ipv6_list_rcv+0x100/0x150 __netif_receive_skb_list_core+0x180/0x220 netif_receive_skb_list_internal+0x198/0x2a8 __napi_poll+0x138/0x250 net_rx_action+0x148/0x330 manejar_softirqs+0x12c/0x3a0" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json index 3860a378d30..98152708a86 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45002", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.763", - "lastModified": "2024-09-04T20:15:08.763", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtla/osnoise: Prevent NULL dereference in error handling\n\nIf the \"tool->data\" allocation fails then there is no need to call\nosnoise_free_top() and, in fact, doing so will lead to a NULL dereference." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rtla/osnoise: Evitar la desreferenciaci\u00f3n NULL en el manejo de errores. Si la asignaci\u00f3n \"tool->data\" falla, entonces no es necesario llamar a osnoise_free_top() y, de hecho, hacerlo provocar\u00e1 una desreferenciaci\u00f3n NULL." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45003.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45003.json index 48441f551c5..f22e0f73be7 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45003.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45003.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45003", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.823", - "lastModified": "2024-09-04T20:15:08.823", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don't evict inode under the inode lru traversing context\n\nThe inode reclaiming process(See function prune_icache_sb) collects all\nreclaimable inodes and mark them with I_FREEING flag at first, at that\ntime, other processes will be stuck if they try getting these inodes\n(See function find_inode_fast), then the reclaiming process destroy the\ninodes by function dispose_list(). Some filesystems(eg. ext4 with\nea_inode feature, ubifs with xattr) may do inode lookup in the inode\nevicting callback function, if the inode lookup is operated under the\ninode lru traversing context, deadlock problems may happen.\n\nCase 1: In function ext4_evict_inode(), the ea inode lookup could happen\n if ea_inode feature is enabled, the lookup process will be stuck\n\tunder the evicting context like this:\n\n 1. File A has inode i_reg and an ea inode i_ea\n 2. getfattr(A, xattr_buf) // i_ea is added into lru // lru->i_ea\n 3. Then, following three processes running like this:\n\n PA PB\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // i_reg is added into lru, lru->i_ea->i_reg\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n i_ea->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(i_reg)\n spin_unlock(&i_reg->i_lock)\n spin_unlock(lru_lock)\n rm file A\n i_reg->nlink = 0\n iput(i_reg) // i_reg->nlink is 0, do evict\n ext4_evict_inode\n ext4_xattr_delete_inode\n ext4_xattr_inode_dec_ref_all\n ext4_xattr_inode_iget\n ext4_iget(i_ea->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(i_ea) ----\u2192 AA deadlock\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&i_ea->i_state)\n\nCase 2: In deleted inode writing function ubifs_jnl_write_inode(), file\n deleting process holds BASEHD's wbuf->io_mutex while getting the\n\txattr inode, which could race with inode reclaiming process(The\n reclaiming process could try locking BASEHD's wbuf->io_mutex in\n\tinode evicting function), then an ABBA deadlock problem would\n\thappen as following:\n\n 1. File A has inode ia and a xattr(with inode ixa), regular file B has\n inode ib and a xattr.\n 2. getfattr(A, xattr_buf) // ixa is added into lru // lru->ixa\n 3. Then, following three processes running like this:\n\n PA PB PC\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // ib and ia are added into lru, lru->ixa->ib->ia\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n ixa->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(ib)\n spin_unlock(&ib->i_lock)\n spin_unlock(lru_lock)\n rm file B\n ib->nlink = 0\n rm file A\n iput(ia)\n ubifs_evict_inode(ia)\n ubifs_jnl_delete_inode(ia)\n ubifs_jnl_write_inode(ia)\n make_reservation(BASEHD) // Lock wbuf->io_mutex\n ubifs_iget(ixa->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(ixa)\n | iput(ib) // ib->nlink is 0, do evict\n | ubifs_evict_inode\n | ubifs_jnl_delete_inode(ib)\n \u2193 ubifs_jnl_write_inode\n ABBA deadlock \u2190-----make_reservation(BASEHD)\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&ixa->i_state)\n\nFix the possible deadlock by using new inode state flag I_LRU_ISOLATING\nto pin the inode in memory while inode_lru_isolate(\n---truncated---" + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don't evict inode under the inode lru traversing context\n\nThe inode reclaiming process(See function prune_icache_sb) collects all\nreclaimable inodes and mark them with I_FREEING flag at first, at that\ntime, other processes will be stuck if they try getting these inodes\n(See function find_inode_fast), then the reclaiming process destroy the\ninodes by function dispose_list(). Some filesystems(eg. ext4 with\nea_inode feature, ubifs with xattr) may do inode lookup in the inode\nevicting callback function, if the inode lookup is operated under the\ninode lru traversing context, deadlock problems may happen.\n\nCase 1: In function ext4_evict_inode(), the ea inode lookup could happen\n if ea_inode feature is enabled, the lookup process will be stuck\n\tunder the evicting context like this:\n\n 1. File A has inode i_reg and an ea inode i_ea\n 2. getfattr(A, xattr_buf) // i_ea is added into lru // lru->i_ea\n 3. Then, following three processes running like this:\n\n PA PB\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // i_reg is added into lru, lru->i_ea->i_reg\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n i_ea->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(i_reg)\n spin_unlock(&i_reg->i_lock)\n spin_unlock(lru_lock)\n rm file A\n i_reg->nlink = 0\n iput(i_reg) // i_reg->nlink is 0, do evict\n ext4_evict_inode\n ext4_xattr_delete_inode\n ext4_xattr_inode_dec_ref_all\n ext4_xattr_inode_iget\n ext4_iget(i_ea->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(i_ea) ----? AA deadlock\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&i_ea->i_state)\n\nCase 2: In deleted inode writing function ubifs_jnl_write_inode(), file\n deleting process holds BASEHD's wbuf->io_mutex while getting the\n\txattr inode, which could race with inode reclaiming process(The\n reclaiming process could try locking BASEHD's wbuf->io_mutex in\n\tinode evicting function), then an ABBA deadlock problem would\n\thappen as following:\n\n 1. File A has inode ia and a xattr(with inode ixa), regular file B has\n inode ib and a xattr.\n 2. getfattr(A, xattr_buf) // ixa is added into lru // lru->ixa\n 3. Then, following three processes running like this:\n\n PA PB PC\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // ib and ia are added into lru, lru->ixa->ib->ia\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n ixa->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(ib)\n spin_unlock(&ib->i_lock)\n spin_unlock(lru_lock)\n rm file B\n ib->nlink = 0\n rm file A\n iput(ia)\n ubifs_evict_inode(ia)\n ubifs_jnl_delete_inode(ia)\n ubifs_jnl_write_inode(ia)\n make_reservation(BASEHD) // Lock wbuf->io_mutex\n ubifs_iget(ixa->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(ixa)\n | iput(ib) // ib->nlink is 0, do evict\n | ubifs_evict_inode\n | ubifs_jnl_delete_inode(ib)\n ? ubifs_jnl_write_inode\n ABBA deadlock ?-----make_reservation(BASEHD)\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&ixa->i_state)\n\nFix the possible deadlock by using new inode state flag I_LRU_ISOLATING\nto pin the inode in memory while inode_lru_isolate(\n---truncated---" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vfs: No desalojar inodo bajo el contexto de recorrido lru de inodo El proceso de recuperaci\u00f3n de inodo (ver funci\u00f3n prune_icache_sb) recopila todos los inodos recuperables y los marca con el indicador I_FREEING al principio, en ese momento, otros procesos se atascar\u00e1n si intentan obtener estos inodos (ver funci\u00f3n find_inode_fast), luego el proceso de recuperaci\u00f3n destruye los inodos mediante la funci\u00f3n dispose_list(). Algunos sistemas de archivos (por ejemplo, ext4 con la funci\u00f3n ea_inode, ubifs con xattr) pueden realizar una b\u00fasqueda de inodo en la funci\u00f3n de devoluci\u00f3n de llamada de expulsi\u00f3n de inodo, si la b\u00fasqueda de inodo se opera bajo el contexto de recorrido lru de inodo, pueden ocurrir problemas de interbloqueo. Caso 1: En la funci\u00f3n ext4_evict_inode(), la b\u00fasqueda de inodo ea podr\u00eda ocurrir si la caracter\u00edstica ea_inode est\u00e1 habilitada, el proceso de b\u00fasqueda se quedar\u00e1 atascado bajo el contexto de desalojo de esta manera: 1. El archivo A tiene un inodo i_reg y un inodo ea i_ea 2. getfattr(A, xattr_buf) // i_ea se agrega a lru // lru->i_ea 3. Luego, los siguientes tres procesos se ejecutan de esta manera: PA PB echo 2 > /proc/sys/vm/drop_caches shrink_slab prune_dcache_sb // i_reg se agrega a lru, lru->i_ea->i_reg prune_icache_sb list_lru_walk_one inode_lru_isolate i_ea->i_state |= I_FREEING // establece el estado del inodo inode_lru_isolate __iget(i_reg) spin_unlock(&i_reg->i_lock) spin_unlock(lru_lock) rm archivo A i_reg->nlink = 0 iput(i_reg) // i_reg->nlink es 0, desalojar ext4_evict_inode ext4_xattr_delete_inode ext4_xattr_inode_dec_ref_all ext4_xattr_inode_iget ext4_iget(i_ea->i_ino) iget_locked find_inode_fast __wait_on_freeing_inode(i_ea) ----? Bloqueo AA dispose_list // no puede ser ejecutado por prune_icache_sb wake_up_bit(&i_ea->i_state) Caso 2: En la funci\u00f3n de escritura de inodo eliminado ubifs_jnl_write_inode(), el proceso de eliminaci\u00f3n de archivo retiene BASEHD wbuf->io_mutex mientras obtiene el inodo xattr, que podr\u00eda competir con el proceso de recuperaci\u00f3n de inodo (el proceso de recuperaci\u00f3n podr\u00eda intentar bloquear wbuf->io_mutex de BASEHD en la funci\u00f3n de desalojo de inodo), entonces ocurrir\u00eda un problema de bloqueo ABBA de la siguiente manera: 1. El archivo A tiene un inodo ia y un xattr (con un inodo ixa), el archivo B normal tiene un inodo ib y un xattr. 2. getfattr(A, xattr_buf) // ixa se agrega a lru // lru->ixa 3. Luego, los siguientes tres procesos se ejecutan de esta manera: PA PB PC echo 2 > /proc/sys/vm/drop_caches shrink_slab prune_dcache_sb // ib e ia se agregan a lru, lru->ixa->ib->ia prune_icache_sb list_lru_walk_one inode_lru_isolate ixa->i_state |= I_FREEING // establece el estado del inodo inode_lru_isolate __iget(ib) spin_unlock(&ib->i_lock) spin_unlock(lru_lock) rm archivo B ib->nlink = 0 rm archivo A iput(ia) ubifs_evict_inode(ia) ubifs_jnl_delete_inode(ia) ubifs_jnl_write_inode(ia) make_reservation(BASEHD) // Bloquear wbuf->io_mutex ubifs_iget(ixa->i_ino) iget_locked find_inode_fast __wait_on_freeing_inode(ixa) | iput(ib) // ib->nlink es 0, desalojar | ubifs_evict_inode | ubifs_jnl_delete_inode(ib) ? ubifs_jnl_write_inode Bloqueo ABBA ?-----make_reservation(BASEHD) dispose_list // no puede ser ejecutado por prune_icache_sb wake_up_bit(&ixa->i_state) Corrija el posible bloqueo utilizando el nuevo indicador de estado de inodo I_LRU_ISOLATING para fijar el inodo en la memoria mientras inode_lru_isolate( ---truncado---" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45004.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45004.json index c93b25e0aaf..f57bc76868d 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45004.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45004.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45004", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.890", - "lastModified": "2024-09-04T20:15:08.890", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: dcp: fix leak of blob encryption key\n\nTrusted keys unseal the key blob on load, but keep the sealed payload in\nthe blob field so that every subsequent read (export) will simply\nconvert this field to hex and send it to userspace.\n\nWith DCP-based trusted keys, we decrypt the blob encryption key (BEK)\nin the Kernel due hardware limitations and then decrypt the blob payload.\nBEK decryption is done in-place which means that the trusted key blob\nfield is modified and it consequently holds the BEK in plain text.\nEvery subsequent read of that key thus send the plain text BEK instead\nof the encrypted BEK to userspace.\n\nThis issue only occurs when importing a trusted DCP-based key and\nthen exporting it again. This should rarely happen as the common use cases\nare to either create a new trusted key and export it, or import a key\nblob and then just use it without exporting it again.\n\nFix this by performing BEK decryption and encryption in a dedicated\nbuffer. Further always wipe the plain text BEK buffer to prevent leaking\nthe key via uninitialized memory." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KEYS: trusted: dcp: fix leak of blob encrypted key Las claves confiables abren el blob de la clave al cargar, pero mantienen la carga sellada en el campo blob para que cada lectura posterior (exportaci\u00f3n) simplemente convierta este campo a hexadecimal y lo env\u00ede al espacio de usuario. Con claves confiables basadas en DCP, desciframos la clave de cifrado de blob (BEK) en el kernel debido a limitaciones de hardware y luego desciframos el payload del blob. El descifrado de BEK se realiza en el lugar, lo que significa que el campo blob de la clave confiable se modifica y, en consecuencia, contiene la BEK en texto plano. Cada lectura posterior de esa clave env\u00eda la BEK en texto plano en lugar de la BEK cifrada al espacio de usuario. Este problema solo ocurre cuando se importa una clave confiable basada en DCP y luego se vuelve a exportar. Esto rara vez deber\u00eda suceder, ya que los casos de uso comunes son crear una nueva clave confiable y exportarla, o importar un blob de clave y luego simplemente usarlo sin exportarlo nuevamente. Solucione este problema realizando el descifrado y cifrado de BEK en un b\u00fafer dedicado. Adem\u00e1s, borre siempre el b\u00fafer de BEK de texto plano para evitar la fuga de la clave a trav\u00e9s de la memoria no inicializada." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45005.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45005.json index 690cc6b2579..e4e00789518 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45005.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45005.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45005", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.940", - "lastModified": "2024-09-04T20:15:08.940", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: fix validity interception issue when gisa is switched off\n\nWe might run into a SIE validity if gisa has been disabled either via using\nkernel parameter \"kvm.use_gisa=0\" or by setting the related sysfs\nattribute to N (echo N >/sys/module/kvm/parameters/use_gisa).\n\nThe validity is caused by an invalid value in the SIE control block's\ngisa designation. That happens because we pass the uninitialized gisa\norigin to virt_to_phys() before writing it to the gisa designation.\n\nTo fix this we return 0 in kvm_s390_get_gisa_desc() if the origin is 0.\nkvm_s390_get_gisa_desc() is used to determine which gisa designation to\nset in the SIE control block. A value of 0 in the gisa designation disables\ngisa usage.\n\nThe issue surfaces in the host kernel with the following kernel message as\nsoon a new kvm guest start is attemted.\n\nkvm: unhandled validity intercept 0x1011\nWARNING: CPU: 0 PID: 781237 at arch/s390/kvm/intercept.c:101 kvm_handle_sie_intercept+0x42e/0x4d0 [kvm]\nModules linked in: vhost_net tap tun xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT xt_tcpudp nft_compat x_tables nf_nat_tftp nf_conntrack_tftp vfio_pci_core irqbypass vhost_vsock vmw_vsock_virtio_transport_common vsock vhost vhost_iotlb kvm nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables sunrpc mlx5_ib ib_uverbs ib_core mlx5_core uvdevice s390_trng eadm_sch vfio_ccw zcrypt_cex4 mdev vfio_iommu_type1 vfio sch_fq_codel drm i2c_core loop drm_panel_orientation_quirks configfs nfnetlink lcs ctcm fsm dm_service_time ghash_s390 prng chacha_s390 libchacha aes_s390 des_s390 libdes sha3_512_s390 sha3_256_s390 sha512_s390 sha256_s390 sha1_s390 sha_common dm_mirror dm_region_hash dm_log zfcp scsi_transport_fc scsi_dh_rdac scsi_dh_emc scsi_dh_alua pkey zcrypt dm_multipath rng_core autofs4 [last unloaded: vfio_pci]\nCPU: 0 PID: 781237 Comm: CPU 0/KVM Not tainted 6.10.0-08682-gcad9f11498ea #6\nHardware name: IBM 3931 A01 701 (LPAR)\nKrnl PSW : 0704c00180000000 000003d93deb0122 (kvm_handle_sie_intercept+0x432/0x4d0 [kvm])\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3\nKrnl GPRS: 000003d900000027 000003d900000023 0000000000000028 000002cd00000000\n 000002d063a00900 00000359c6daf708 00000000000bebb5 0000000000001eff\n 000002cfd82e9000 000002cfd80bc000 0000000000001011 000003d93deda412\n 000003ff8962df98 000003d93de77ce0 000003d93deb011e 00000359c6daf960\nKrnl Code: 000003d93deb0112: c020fffe7259\tlarl\t%r2,000003d93de7e5c4\n 000003d93deb0118: c0e53fa8beac\tbrasl\t%r14,000003d9bd3c7e70\n #000003d93deb011e: af000000\t\tmc\t0,0\n >000003d93deb0122: a728ffea\t\tlhi\t%r2,-22\n 000003d93deb0126: a7f4fe24\t\tbrc\t15,000003d93deafd6e\n 000003d93deb012a: 9101f0b0\t\ttm\t176(%r15),1\n 000003d93deb012e: a774fe48\t\tbrc\t7,000003d93deafdbe\n 000003d93deb0132: 40a0f0ae\t\tsth\t%r10,174(%r15)\nCall Trace:\n [<000003d93deb0122>] kvm_handle_sie_intercept+0x432/0x4d0 [kvm]\n([<000003d93deb011e>] kvm_handle_sie_intercept+0x42e/0x4d0 [kvm])\n [<000003d93deacc10>] vcpu_post_run+0x1d0/0x3b0 [kvm]\n [<000003d93deaceda>] __vcpu_run+0xea/0x2d0 [kvm]\n [<000003d93dead9da>] kvm_arch_vcpu_ioctl_run+0x16a/0x430 [kvm]\n [<000003d93de93ee0>] kvm_vcpu_ioctl+0x190/0x7c0 [kvm]\n [<000003d9bd728b4e>] vfs_ioctl+0x2e/0x70\n [<000003d9bd72a092>] __s390x_sys_ioctl+0xc2/0xd0\n [<000003d9be0e9222>] __do_syscall+0x1f2/0x2e0\n [<000003d9be0f9a90>] system_call+0x70/0x98\nLast Breaking-Event-Address:\n [<000003d9bd3c7f58>] __warn_printk+0xe8/0xf0" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: s390: soluciona el problema de intercepci\u00f3n de validez cuando gisa est\u00e1 desactivado Podemos encontrarnos con una validez de SIE si gisa se ha deshabilitado mediante el uso del par\u00e1metro del kernel \"kvm.use_gisa=0\" o configurando el atributo sysfs relacionado en N (echo N >/sys/module/kvm/parameters/use_gisa). La validez es causada por un valor no v\u00e1lido en la designaci\u00f3n gisa del bloque de control SIE. Esto sucede porque pasamos el origen gisa no inicializado a virt_to_phys() antes de escribirlo en la designaci\u00f3n gisa. Para solucionar esto, devolvemos 0 en kvm_s390_get_gisa_desc() si el origen es 0. kvm_s390_get_gisa_desc() se utiliza para determinar qu\u00e9 designaci\u00f3n gisa establecer en el bloque de control SIE. Un valor de 0 en la designaci\u00f3n gisa deshabilita el uso de gisa. El problema aparece en el kernel del host con el siguiente mensaje del kernel tan pronto como se intenta iniciar un nuevo invitado kvm. kvm: interceptaci\u00f3n de validez no controlada 0x1011 WARNING: CPU: 0 PID: 781237 at arch/s390/kvm/intercept.c:101 kvm_handle_sie_intercept+0x42e/0x4d0 [kvm] Modules linked in: vhost_net tap tun xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT xt_tcpudp nft_compat x_tables nf_nat_tftp nf_conntrack_tftp vfio_pci_core irqbypass vhost_vsock vmw_vsock_virtio_transport_common vsock vhost vhost_iotlb kvm nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables sunrpc mlx5_ib ib_uverbs ib_core mlx5_core uvdevice s390_trng eadm_sch vfio_ccw zcrypt_cex4 mdev vfio_iommu_type1 vfio sch_fq_codel drm i2c_core loop drm_panel_orientation_quirks configfs nfnetlink lcs ctcm fsm dm_service_time ghash_s390 prng chacha_s390 libchacha aes_s390 des_s390 libdes sha3_512_s390 sha3_256_s390 sha512_s390 sha256_s390 sha1_s390 sha_common dm_mirror dm_region_hash dm_log zfcp scsi_transport_fc scsi_dh_rdac scsi_dh_emc scsi_dh_alua pkey zcrypt dm_multipath rng_core autofs4 [last unloaded: vfio_pci] CPU: 0 PID: 781237 Comm: CPU 0/KVM Not tainted 6.10.0-08682-gcad9f11498ea #6 Hardware name: IBM 3931 A01 701 (LPAR) Krnl PSW : 0704c00180000000 000003d93deb0122 (kvm_handle_sie_intercept+0x432/0x4d0 [kvm]) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 Krnl GPRS: 000003d900000027 000003d900000023 0000000000000028 000002cd00000000 000002d063a00900 00000359c6daf708 00000000000bebb5 0000000000001eff 000002cfd82e9000 000002cfd80bc000 0000000000001011 000003d93deda412 000003ff8962df98 000003d93de77ce0 000003d93deb011e 00000359c6daf960 Krnl Code: 000003d93deb0112: c020fffe7259 larl %r2,000003d93de7e5c4 000003d93deb0118: c0e53fa8beac brasl %r14,000003d9bd3c7e70 #000003d93deb011e: af000000 mc 0,0 >000003d93deb0122: a728ffea lhi %r2,-22 000003d93deb0126: a7f4fe24 brc 15,000003d93deafd6e 000003d93deb012a: 9101f0b0 tm 176(%r15),1 000003d93deb012e: a774fe48 brc 7,000003d93deafdbe 000003d93deb0132: 40a0f0ae sth %r10,174(%r15) Call Trace: [<000003d93deb0122>] kvm_handle_sie_intercept+0x432/0x4d0 [kvm] ([<000003d93deb011e>] kvm_handle_sie_intercept+0x42e/0x4d0 [kvm]) [<000003d93deacc10>] vcpu_post_run+0x1d0/0x3b0 [kvm] [<000003d93deaceda>] __vcpu_run+0xea/0x2d0 [kvm] [<000003d93dead9da>] kvm_arch_vcpu_ioctl_run+0x16a/0x430 [kvm] [<000003d93de93ee0>] kvm_vcpu_ioctl+0x190/0x7c0 [kvm] [<000003d9bd728b4e>] vfs_ioctl+0x2e/0x70 [<000003d9bd72a092>] __s390x_sys_ioctl+0xc2/0xd0 [<000003d9be0e9222>] __do_syscall+0x1f2/0x2e0 [<000003d9be0f9a90>] system_call+0x70/0x98 Last Breaking-Event-Address: [<000003d9bd3c7f58>] __warn_printk+0xe8/0xf0" } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json index abdb10c2d7c..1b516b58900 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45006", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.997", - "lastModified": "2024-09-04T20:15:08.997", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix Panther point NULL pointer deref at full-speed re-enumeration\n\nre-enumerating full-speed devices after a failed address device command\ncan trigger a NULL pointer dereference.\n\nFull-speed devices may need to reconfigure the endpoint 0 Max Packet Size\nvalue during enumeration. Usb core calls usb_ep0_reinit() in this case,\nwhich ends up calling xhci_configure_endpoint().\n\nOn Panther point xHC the xhci_configure_endpoint() function will\nadditionally check and reserve bandwidth in software. Other hosts do\nthis in hardware\n\nIf xHC address device command fails then a new xhci_virt_device structure\nis allocated as part of re-enabling the slot, but the bandwidth table\npointers are not set up properly here.\nThis triggers the NULL pointer dereference the next time usb_ep0_reinit()\nis called and xhci_configure_endpoint() tries to check and reserve\nbandwidth\n\n[46710.713538] usb 3-1: new full-speed USB device number 5 using xhci_hcd\n[46710.713699] usb 3-1: Device not responding to setup address.\n[46710.917684] usb 3-1: Device not responding to setup address.\n[46711.125536] usb 3-1: device not accepting address 5, error -71\n[46711.125594] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[46711.125600] #PF: supervisor read access in kernel mode\n[46711.125603] #PF: error_code(0x0000) - not-present page\n[46711.125606] PGD 0 P4D 0\n[46711.125610] Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n[46711.125615] CPU: 1 PID: 25760 Comm: kworker/1:2 Not tainted 6.10.3_2 #1\n[46711.125620] Hardware name: Gigabyte Technology Co., Ltd.\n[46711.125623] Workqueue: usb_hub_wq hub_event [usbcore]\n[46711.125668] RIP: 0010:xhci_reserve_bandwidth (drivers/usb/host/xhci.c\n\nFix this by making sure bandwidth table pointers are set up correctly\nafter a failed address device command, and additionally by avoiding\nchecking for bandwidth in cases like this where no actual endpoints are\nadded or removed, i.e. only context for default control endpoint 0 is\nevaluated." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xhci: Fix Panther point NULL point deref at full-speed re-enumeration reenumerar dispositivos de velocidad completa despu\u00e9s de un comando de dispositivo de direcci\u00f3n fallido puede desencadenar una desreferencia de puntero NULL. Los dispositivos de velocidad completa pueden necesitar reconfigurar el valor 0 Max Packet Size del endpoint durante la enumeraci\u00f3n. Usb core llama a usb_ep0_reinit() en este caso, que termina llamando a xhci_configure_endpoint(). En Panther point xHC, la funci\u00f3n xhci_configure_endpoint() verificar\u00e1 y reservar\u00e1 adicionalmente el ancho de banda en el software. Otros hosts hacen esto en el hardware Si el comando de dispositivo de direcci\u00f3n xHC falla, se asigna una nueva estructura xhci_virt_device como parte de la rehabilitaci\u00f3n de la ranura, pero los punteros de la tabla de ancho de banda no se configuran correctamente aqu\u00ed. Esto activa la desreferencia del puntero NULL la pr\u00f3xima vez que se llama a usb_ep0_reinit() y xhci_configure_endpoint() intenta verificar y reservar el ancho de banda [46710.713538] usb 3-1: nuevo dispositivo USB de velocidad completa n\u00famero 5 que usa xhci_hcd [46710.713699] usb 3-1: el dispositivo no responde a la direcci\u00f3n de configuraci\u00f3n. [46710.917684] usb 3-1: el dispositivo no responde a la direcci\u00f3n de configuraci\u00f3n. [46711.125536] usb 3-1: el dispositivo no acepta la direcci\u00f3n 5, error -71 [46711.125594] ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000008 [46711.125600] #PF: acceso de lectura del supervisor en modo kernel [46711.125603] #PF: error_code(0x0000) - p\u00e1gina no presente [46711.125606] PGD 0 P4D 0 [46711.125610] Oops: Oops: 0000 [#1] PREEMPT SMP PTI [46711.125615] CPU: 1 PID: 25760 Comm: kworker/1:2 No contaminado 6.10.3_2 #1 [46711.125620] Nombre del hardware: Gigabyte Technology Co., Ltd. [46711.125623] Cola de trabajo: usb_hub_wq hub_event [usbcore] [46711.125668] RIP: 0010:xhci_reserve_bandwidth (drivers/usb/host/xhci.c Solucione esto asegur\u00e1ndose de que los punteros de la tabla de ancho de banda est\u00e9n configurados correctamente despu\u00e9s de un comando de dispositivo de direcci\u00f3n fallido y, adem\u00e1s, evitando verificar el ancho de banda en casos como este donde no se agregan ni eliminan endpoints reales, es decir, solo se eval\u00faa el contexto para el endpoint de control predeterminado 0." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45007.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45007.json index 3418a11100e..37644f478ce 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45007.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45007.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45007", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:09.053", - "lastModified": "2024-09-04T20:15:09.053", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nchar: xillybus: Don't destroy workqueue from work item running on it\n\nTriggered by a kref decrement, destroy_workqueue() may be called from\nwithin a work item for destroying its own workqueue. This illegal\nsituation is averted by adding a module-global workqueue for exclusive\nuse of the offending work item. Other work items continue to be queued\non per-device workqueues to ensure performance." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: char: xillybus: No destruya la cola de trabajo del elemento de trabajo que se ejecuta en ella. Desencadenado por una disminuci\u00f3n de kref, destroy_workqueue() puede llamarse desde dentro de un elemento de trabajo para destruir su propia cola de trabajo. Esta situaci\u00f3n ilegal se evita a\u00f1adiendo una cola de trabajo global del m\u00f3dulo para uso exclusivo del elemento de trabajo infractor. Otros elementos de trabajo contin\u00faan en colas de trabajo por dispositivo para garantizar el rendimiento." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45008.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45008.json index 3bab0eb59db..e14291be7fd 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45008.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45008.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45008", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:09.107", - "lastModified": "2024-09-04T20:15:09.107", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: MT - limit max slots\n\nsyzbot is reporting too large allocation at input_mt_init_slots(), for\nnum_slots is supplied from userspace using ioctl(UI_DEV_CREATE).\n\nSince nobody knows possible max slots, this patch chose 1024." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Entrada: MT - l\u00edmite de ranuras m\u00e1ximas syzbot informa una asignaci\u00f3n demasiado grande en input_mt_init_slots(), ya que num_slots se suministra desde el espacio de usuario mediante ioctl(UI_DEV_CREATE). Como nadie conoce la cantidad m\u00e1xima de ranuras posibles, este parche eligi\u00f3 1024." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45050.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45050.json index 1cfb3cb4499..c1998b11f41 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45050.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45050.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45050", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T16:15:07.480", - "lastModified": "2024-09-04T16:15:07.480", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conversation. This allows any user with a Lif Account to load any conversation between two users without permission. This issue had been patched in version 1.3.1. There is no action required for users. Lif Platforms will update their servers with the patch." + }, + { + "lang": "es", + "value": "El servidor Ringer es el c\u00f3digo del servidor de la aplicaci\u00f3n de mensajer\u00eda Ringer. Antes de la versi\u00f3n 1.3.1, hab\u00eda un problema con la ruta de carga de mensajes en el que el servidor Ringer no verificaba que el usuario que cargaba la conversaci\u00f3n fuera realmente miembro de esa conversaci\u00f3n. Esto permit\u00eda que cualquier usuario con una cuenta Lif cargara cualquier conversaci\u00f3n entre dos usuarios sin permiso. Este problema se hab\u00eda solucionado en la versi\u00f3n 1.3.1. No se requiere ninguna acci\u00f3n por parte de los usuarios. Las plataformas Lif actualizar\u00e1n sus servidores con el parche." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45052.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45052.json index b281828364d..c005228c933 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45052.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45052.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45052", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T16:15:07.697", - "lastModified": "2024-09-04T16:15:07.697", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an unauthenticated attacker to determine the existence of valid usernames by analyzing the time it takes for the server to respond to login requests. The discrepancy in response times between valid and invalid usernames can be leveraged to enumerate users on the system. This vulnerability enables a timing-based username enumeration attack. An attacker can systematically guess and verify which usernames are valid by measuring the server's response time to authentication requests. This information can be used to conduct further attacks on authentication such as password brute-forcing and credential stuffing. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds." + }, + { + "lang": "es", + "value": "Fides es una plataforma de ingenier\u00eda de privacidad de c\u00f3digo abierto. Antes de la versi\u00f3n 2.44.0, exist\u00eda una vulnerabilidad de enumeraci\u00f3n de nombres de usuario basada en el tiempo en la autenticaci\u00f3n del servidor web de Fides. Esta vulnerabilidad permite a un atacante no autenticado determinar la existencia de nombres de usuario v\u00e1lidos analizando el tiempo que tarda el servidor en responder a las solicitudes de inicio de sesi\u00f3n. La discrepancia en los tiempos de respuesta entre nombres de usuario v\u00e1lidos e inv\u00e1lidos se puede aprovechar para enumerar usuarios en el sistema. Esta vulnerabilidad permite un ataque de enumeraci\u00f3n de nombres de usuario basado en el tiempo. Un atacante puede adivinar y verificar sistem\u00e1ticamente qu\u00e9 nombres de usuario son v\u00e1lidos midiendo el tiempo de respuesta del servidor a las solicitudes de autenticaci\u00f3n. Esta informaci\u00f3n se puede utilizar para realizar otros ataques a la autenticaci\u00f3n, como la fuerza bruta de contrase\u00f1as y el robo de credenciales. La vulnerabilidad se ha corregido en la versi\u00f3n 2.44.0 de Fides. Se recomienda a los usuarios que actualicen a esta versi\u00f3n o posterior para proteger sus sistemas contra esta amenaza. No hay workarounds." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45053.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45053.json index 1fe300cc13e..1235e70b433 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45053.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45053.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45053", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T16:15:07.910", - "lastModified": "2024-09-04T16:15:07.910", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds." + }, + { + "lang": "es", + "value": "Fides es una plataforma de ingenier\u00eda de privacidad de c\u00f3digo abierto. A partir de la versi\u00f3n 2.19.0 y antes de la versi\u00f3n 2.44.0, la funci\u00f3n de creaci\u00f3n de plantillas de correo electr\u00f3nico utiliza Jinja2 sin la desinfecci\u00f3n de entrada adecuada ni restricciones del entorno de renderizado, lo que permite la inyecci\u00f3n de plantillas del lado del servidor que otorga la ejecuci\u00f3n remota de c\u00f3digo a usuarios privilegiados. Un usuario privilegiado se refiere a un usuario de la interfaz de usuario de administraci\u00f3n con el rol predeterminado de \"Propietario\" o \"Colaborador\", que puede escalar su acceso y ejecutar c\u00f3digo en el contenedor del servidor web de Fides subyacente donde se ejecuta la funci\u00f3n de renderizado de plantillas de Jinja. La vulnerabilidad se ha corregido en la versi\u00f3n \"2.44.0\" de Fides. Se recomienda a los usuarios que actualicen a esta versi\u00f3n o una posterior para proteger sus sistemas contra esta amenaza. No hay workarounds." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json index a67d2da46e5..75015990a49 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45063", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.830", - "lastModified": "2024-09-05T05:15:13.830", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing.\n\nMalicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host." + }, + { + "lang": "es", + "value": "La funci\u00f3n ctl_write_buffer estableci\u00f3 incorrectamente un indicador que result\u00f3 en un uso posterior a la liberaci\u00f3n del n\u00facleo cuando finaliz\u00f3 el procesamiento de un comando. El software malintencionado que se ejecuta en una m\u00e1quina virtual invitada que expone virtio_scsi puede explotar las vulnerabilidades para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malintencionado est\u00e1 limitado por las capacidades disponibles para el proceso bhyve. Un iniciador iSCSI malintencionado podr\u00eda lograr la ejecuci\u00f3n remota de c\u00f3digo en el host de destino iSCSI." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json index 4812d7f92b6..e586aec4389 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45074", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-04T16:15:08.110", - "lastModified": "2024-09-04T16:15:08.110", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system." + }, + { + "lang": "es", + "value": "IBM webMethods Integration 10.15 podr\u00eda permitir que un usuario autenticado recorra directorios en el sistema. Un atacante podr\u00eda enviar una solicitud de URL especialmente manipulada que contenga secuencias de \"punto punto\" (/../) para ver archivos arbitrarios en el sistema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json index be5b8c3cc25..1f8d66bb435 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45075", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-04T16:15:08.357", - "lastModified": "2024-09-04T16:15:08.357", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication." + }, + { + "lang": "es", + "value": "IBM webMethods Integration 10.15 podr\u00eda permitir que un usuario autenticado cree tareas de planificador que le permitan escalar sus privilegios a administrador debido a la falta de autenticaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json index ed37c82df9b..29e59a5c02a 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45076", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-04T16:15:08.600", - "lastModified": "2024-09-04T16:15:08.600", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system." + }, + { + "lang": "es", + "value": "IBM webMethods Integration 10.15 podr\u00eda permitir que un usuario autenticado cargue y ejecute archivos arbitrarios que podr\u00edan ejecutarse en el sistema operativo subyacente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json index 01813c9cced..9ea11eabcf4 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45107", "sourceIdentifier": "psirt@adobe.com", "published": "2024-09-05T09:15:03.123", - "lastModified": "2024-09-05T09:15:03.123", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45170.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45170.json index 5015b814cc6..8c2d9cf8c78 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45170.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45170.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45170", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T17:15:14.600", - "lastModified": "2024-09-04T19:35:14.620", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or missing access control, low privileged users can use administrative functions of the C-MOR web interface. It was found out that different functions are only available to administrative users. However, access those functions is restricted via the web application user interface and not checked on the server side. Thus, by sending corresponding HTTP requests to the web server of the C-MOR web interface, low privileged users can also use administrative functionality, for instance downloading backup files or changing configuration settings." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en za-internet C-MOR Video Surveillance 5.2401. Debido a un control de acceso incorrecto o inexistente, los usuarios con privilegios reducidos pueden utilizar las funciones administrativas de la interfaz web de C-MOR. Se ha descubierto que ciertas funciones solo est\u00e1n disponibles para los usuarios administrativos. Sin embargo, el acceso a esas funciones est\u00e1 restringido a trav\u00e9s de la interfaz de usuario de la aplicaci\u00f3n web y no se verifica en el lado del servidor. Por lo tanto, al enviar las solicitudes HTTP correspondientes al servidor web de la interfaz web de C-MOR, los usuarios con privilegios reducidos tambi\u00e9n pueden utilizar la funcionalidad administrativa, por ejemplo, descargar archivos de copia de seguridad o cambiar los ajustes de configuraci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45172.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45172.json index 26731dab6b8..ecb6e8a9d0b 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45172.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45172.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45172", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T20:15:09.167", - "lastModified": "2024-09-04T20:35:20.010", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to missing protection mechanisms, the C-MOR web interface is vulnerable to cross-site request forgery (CSRF) attacks. The C-MOR web interface offers no protection against cross-site request forgery (CSRF) attacks." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en za-internet C-MOR Video Surveillance 5.2401 y 6.00PL01. Debido a la falta de mecanismos de protecci\u00f3n, la interfaz web de C-MOR es vulnerable a ataques de cross-site request forgery (CSRF). La interfaz web de C-MOR no ofrece protecci\u00f3n contra ataques de cross-site request forgery (CSRF)." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45174.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45174.json index 429b3655099..86725c4d7c4 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45174.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45174.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45174", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T17:15:14.680", - "lastModified": "2024-09-04T19:35:15.443", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to improper validation of user-supplied data, different functionalities of the C-MOR web interface are vulnerable to SQL injection attacks. This kind of attack allows an authenticated user to execute arbitrary SQL commands in the context of the corresponding MySQL database." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en za-internet C-MOR Video Surveillance 5.2401 y 6.00PL01. Debido a la validaci\u00f3n incorrecta de los datos proporcionados por el usuario, diferentes funcionalidades de la interfaz web de C-MOR son vulnerables a ataques de inyecci\u00f3n SQL. Este tipo de ataque permite que un usuario autenticado ejecute comandos SQL arbitrarios en el contexto de la base de datos MySQL correspondiente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45177.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45177.json index ed1bd965d53..dbaa18daab2 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45177.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45177.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45177", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T18:15:05.270", - "lastModified": "2024-09-04T19:35:16.267", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to improper input validation, the C-MOR web interface is vulnerable to persistent cross-site scripting (XSS) attacks. It was found out that the camera configuration is vulnerable to a persistent cross-site scripting attack due to insufficient user input validation." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en za-internet C-MOR Video Surveillance 5.2401 y 6.00PL01. Debido a una validaci\u00f3n de entrada incorrecta, la interfaz web de C-MOR es vulnerable a ataques persistentes de cross site scripting (XSS). Se descubri\u00f3 que la configuraci\u00f3n de la c\u00e1mara es vulnerable a un ataque persistente de cross site scripting debido a una validaci\u00f3n de entrada de usuario insuficiente." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json index 9b236fea449..0f113c428f4 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json @@ -2,16 +2,43 @@ "id": "CVE-2024-45287", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T04:15:07.410", - "lastModified": "2024-09-05T04:15:07.410", - "vulnStatus": "Received", + "lastModified": "2024-09-05T13:35:02.927", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data." + }, + { + "lang": "es", + "value": "Un valor malicioso de tama\u00f1o en una estructura de libnv empaquetada puede provocar un desbordamiento de enteros, lo que lleva a la asignaci\u00f3n de un b\u00fafer m\u00e1s peque\u00f1o que el requerido para los datos analizados." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, "weaknesses": [ { "source": "secteam@freebsd.org", diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45288.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45288.json index 8023bd68d75..f138ddc391c 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45288.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45288.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45288", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T04:15:07.520", - "lastModified": "2024-09-05T04:15:07.520", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A missing null-termination character in the last element of an nvlist array string can lead to writing outside the allocated buffer." + }, + { + "lang": "es", + "value": "Un car\u00e1cter de terminaci\u00f3n nula faltante en el \u00faltimo elemento de una cadena de matriz nvlist puede provocar que se escriba fuera del b\u00fafer asignado." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45314.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45314.json index 54e71fc82fa..531e22e49ba 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45314.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45314.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45314", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T16:15:08.833", - "lastModified": "2024-09-04T16:15:08.833", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If upgrading is not possible, configure one's web server to send the specific HTTP headers for `/login` per the directions provided in the GitHub Security Advisory." + }, + { + "lang": "es", + "value": "Flask-AppBuilder es un framework de desarrollo de aplicaciones. Antes de la versi\u00f3n 4.5.1, las directivas de cach\u00e9 predeterminadas del formulario de inicio de sesi\u00f3n de la base de datos de autenticaci\u00f3n permiten que el navegador almacene localmente datos confidenciales. Esto puede ser un problema en entornos que utilizan recursos inform\u00e1ticos compartidos. La versi\u00f3n 4.5.1 contiene un parche para este problema. Si no es posible realizar la actualizaci\u00f3n, configure su servidor web para que env\u00ede los encabezados HTTP espec\u00edficos para `/login` seg\u00fan las instrucciones proporcionadas en el Aviso de seguridad de GitHub." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45395.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45395.json index e5937f1c397..0da3651dd53 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45395.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45395.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45395", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T21:15:14.237", - "lastModified": "2024-09-04T21:15:14.237", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "sigstore-go, a Go library for Sigstore signing and verification, is susceptible to a denial of service attack in versions prior to 0.6.1 when a verifier is provided a maliciously crafted Sigstore Bundle containing large amounts of verifiable data, in the form of signed transparency log entries, RFC 3161 timestamps, and attestation subjects. The verification of these data structures is computationally expensive. This can be used to consume excessive CPU resources, leading to a denial of service attack. TUF's security model labels this type of vulnerability an \"Endless data attack,\" and can lead to verification failing to complete and disrupting services that rely on sigstore-go for verification. This vulnerability is addressed with sigstore-go 0.6.1, which adds hard limits to the number of verifiable data structures that can be processed in a bundle. Verification will fail if a bundle has data that exceeds these limits. The limits are 32 signed transparency log entries, 32 RFC 3161 timestamps, 1024 attestation subjects, and 32 digests per attestation subject. These limits are intended to be high enough to accommodate the vast majority of use cases, while preventing the verification of maliciously crafted bundles that contain large amounts of verifiable data. Users who are vulnerable but unable to quickly upgrade may consider adding manual bundle validation to enforce limits similar to those in the referenced patch prior to calling sigstore-go's verification functions." + }, + { + "lang": "es", + "value": "sigstore-go, una librer\u00eda Go para la firma y verificaci\u00f3n de Sigstore, es susceptible a un ataque de denegaci\u00f3n de servicio en versiones anteriores a la 0.6.1 cuando se proporciona a un verificador un paquete Sigstore creado con fines malintencionados que contiene grandes cantidades de datos verificables, en forma de entradas de registro de transparencia firmadas, marcas de tiempo RFC 3161 y sujetos de atestaci\u00f3n. La verificaci\u00f3n de estas estructuras de datos es costosa en t\u00e9rminos computacionales. Esto se puede utilizar para consumir recursos excesivos de CPU, lo que lleva a un ataque de denegaci\u00f3n de servicio. El modelo de seguridad de TUF etiqueta este tipo de vulnerabilidad como un \"ataque de datos sin fin\", y puede llevar a que la verificaci\u00f3n no se complete y se interrumpan los servicios que dependen de sigstore-go para la verificaci\u00f3n. Esta vulnerabilidad se soluciona con sigstore-go 0.6.1, que agrega l\u00edmites estrictos a la cantidad de estructuras de datos verificables que se pueden procesar en un paquete. La verificaci\u00f3n fallar\u00e1 si un paquete tiene datos que exceden estos l\u00edmites. Los l\u00edmites son 32 entradas de registro de transparencia firmadas, 32 marcas de tiempo RFC 3161, 1024 sujetos de atestaci\u00f3n y 32 res\u00famenes por sujeto de atestaci\u00f3n. Estos l\u00edmites est\u00e1n pensados para ser lo suficientemente altos como para dar cabida a la gran mayor\u00eda de casos de uso, al tiempo que se evita la verificaci\u00f3n de paquetes creados con fines malintencionados que contienen grandes cantidades de datos verificables. Los usuarios que son vulnerables pero no pueden actualizar r\u00e1pidamente pueden considerar la posibilidad de a\u00f1adir una validaci\u00f3n manual de paquetes para aplicar l\u00edmites similares a los del parche al que se hace referencia antes de llamar a las funciones de verificaci\u00f3n de sigstore-go." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45399.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45399.json index 7b727f76a45..9b913a04cf6 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45399.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45399.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45399", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-04T20:15:09.257", - "lastModified": "2024-09-04T20:15:09.257", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version 3.3.4, corresponding to Flask-Multipass prior to version 0.5.5, there is a Cross-Site-Scripting vulnerability during account creation when redirecting to the `next` URL. Exploitation requires initiating the account creation process with a maliciously crafted link, and then finalizing the signup process. Because of this, it can only target newly created (and thus unprivileged) Indico users. Indico 3.3.4 upgrades the dependency on Flask-Multipass to version 0.5.5, which fixes the issue. Those who build the Indico package themselves and cannot upgrade can update the `flask-multipass` dependency to `>=0.5.5` which fixes the vulnerability. Otherwise one could configure one's web server to disallow requests containing a query string with a `next` parameter that starts with `javascript:`." + }, + { + "lang": "es", + "value": "Indico es un sistema de gesti\u00f3n de eventos que utiliza Flask-Multipass, un sistema de autenticaci\u00f3n multi-backend para Flask. En Indico anterior a la versi\u00f3n 3.3.4, correspondiente a Flask-Multipass anterior a la versi\u00f3n 0.5.5, existe una vulnerabilidad de Cross-Site-Scripting durante la creaci\u00f3n de la cuenta al redireccionar a la URL `next`. La explotaci\u00f3n requiere iniciar el proceso de creaci\u00f3n de la cuenta con un enlace creado con fines malintencionados y luego finalizar el proceso de registro. Debido a esto, solo puede apuntar a usuarios de Indico reci\u00e9n creados (y por lo tanto sin privilegios). Indico 3.3.4 actualiza la dependencia de Flask-Multipass a la versi\u00f3n 0.5.5, que corrige el problema. Aquellos que construyen el paquete Indico ellos mismos y no pueden actualizar pueden actualizar la dependencia `flask-multipass` a `>=0.5.5` que corrige la vulnerabilidad. De lo contrario, uno podr\u00eda configurar su servidor web para rechazar solicitudes que contengan una cadena de consulta con un par\u00e1metro `next` que comience con `javascript:`." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45429.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45429.json index 0ec99541867..39ea41278e5 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45429.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45429.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45429", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-09-04T23:15:12.803", - "lastModified": "2024-09-04T23:15:12.803", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. If an attacker with the 'capability' setting privilege which is set in the product settings stores an arbitrary script in the field label, the script may be executed on the web browser of the logged-in user with the same privilege as the attacker's." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross site scripting en las versiones 6.3.5 y anteriores de Advanced Custom Fields y en las versiones 6.3.5 y anteriores de Advanced Custom Fields Pro. Si un atacante con el privilegio de configuraci\u00f3n \"capacidad\" que se establece en la configuraci\u00f3n del producto almacena un script arbitrario en la etiqueta del campo, el script puede ejecutarse en el navegador web del usuario que haya iniciado sesi\u00f3n con el mismo privilegio que el atacante." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45692.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45692.json index 13fec19ca54..29b44d219e0 100644 --- a/CVE-2024/CVE-2024-456xx/CVE-2024-45692.json +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45692.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45692", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T23:15:12.887", - "lastModified": "2024-09-04T23:15:12.887", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000." + }, + { + "lang": "es", + "value": "Webmin anterior a 2.202 y Virtualmin anterior a 7.20.2 permiten un bucle de tr\u00e1fico de red a trav\u00e9s de paquetes UDP falsificados en el puerto 10000." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5309.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5309.json index 7d0664d24ce..af4dfea62f3 100644 --- a/CVE-2024/CVE-2024-53xx/CVE-2024-5309.json +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5309.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5309", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T09:15:04.253", - "lastModified": "2024-09-05T09:15:04.253", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json index d2a212a684b..30d6247067a 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5956", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2024-09-05T11:15:12.387", - "lastModified": "2024-09-05T11:15:12.387", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json index 58ece55f70e..9a66512961b 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5957", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2024-09-05T11:15:12.610", - "lastModified": "2024-09-05T11:15:12.610", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6332.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6332.json index f9d2bdd0b71..d79405d0a8d 100644 --- a/CVE-2024/CVE-2024-63xx/CVE-2024-6332.json +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6332.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6332", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T10:15:02.970", - "lastModified": "2024-09-05T10:15:02.970", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6835.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6835.json index 5c1268d5ab9..7b76f213aaf 100644 --- a/CVE-2024/CVE-2024-68xx/CVE-2024-6835.json +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6835.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6835", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T07:15:02.657", - "lastModified": "2024-09-05T07:15:02.657", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Ivory Search \u2013 WordPress Search Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.5.6 via the ajax_load_posts function. This makes it possible for unauthenticated attackers to extract text data from password-protected posts using the boolean-based attack on the AJAX search form" + }, + { + "lang": "es", + "value": "El complemento Ivory Search \u2013 WordPress Search Plugin para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 5.5.6 incluida a trav\u00e9s de la funci\u00f3n ajax_load_posts. Esto permite que atacantes no autenticados extraigan datos de texto de publicaciones protegidas con contrase\u00f1a mediante el ataque basado en booleanos en el formulario de b\u00fasqueda AJAX." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6846.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6846.json index a79ab6b78b5..c7c93266735 100644 --- a/CVE-2024/CVE-2024-68xx/CVE-2024-6846.json +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6846.json @@ -2,13 +2,17 @@ "id": "CVE-2024-6846", "sourceIdentifier": "contact@wpscan.com", "published": "2024-09-05T06:15:03.143", - "lastModified": "2024-09-05T06:15:03.143", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an unauthenticated user to purge error and chat logs" + }, + { + "lang": "es", + "value": "El Chatbot con el complemento ChatGPT de WordPress anterior a la versi\u00f3n 2.4.5 no valida el acceso en algunas rutas REST, lo que permite que un usuario no autenticado elimine los registros de errores y chats." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6894.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6894.json index c06f04c6a61..c4efda94408 100644 --- a/CVE-2024/CVE-2024-68xx/CVE-2024-6894.json +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6894.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6894", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T10:15:03.737", - "lastModified": "2024-09-05T10:15:03.737", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6929.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6929.json index 1c588145011..0d1d50ebd0d 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6929.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6929.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6929", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T10:15:03.980", - "lastModified": "2024-09-05T10:15:03.980", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7262.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7262.json index feedaa20644..dd9288e036c 100644 --- a/CVE-2024/CVE-2024-72xx/CVE-2024-7262.json +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7262.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7262", "sourceIdentifier": "security@eset.com", "published": "2024-08-15T15:15:22.290", - "lastModified": "2024-09-04T01:00:01.057", - "vulnStatus": "Modified", + "lastModified": "2024-09-05T13:30:33.680", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-09-03", "cisaActionDue": "2024-09-24", @@ -121,8 +121,8 @@ "vulnerable": true, "criteria": "cpe:2.3:a:kingsoft:wps_office:*:*:*:*:*:*:*:*", "versionStartIncluding": "12.2.0.13110", - "versionEndIncluding": "12.2.0.13489", - "matchCriteriaId": "894EF574-D400-4E44-8A84-89AAFF66BB3C" + "versionEndExcluding": "12.2.0.16412", + "matchCriteriaId": "0D31BAD7-C75A-4809-ABD7-760B4C5FD8D3" } ] }, diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7380.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7380.json index 5733af27886..3894405325f 100644 --- a/CVE-2024/CVE-2024-73xx/CVE-2024-7380.json +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7380.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7380", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T11:15:12.820", - "lastModified": "2024-09-05T11:15:12.820", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7381.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7381.json index 66fe312bebb..af24c29eaed 100644 --- a/CVE-2024/CVE-2024-73xx/CVE-2024-7381.json +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7381.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7381", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T11:15:13.043", - "lastModified": "2024-09-05T11:15:13.043", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7605.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7605.json index f57bef3493d..4bb8bdc3941 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7605.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7605.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7605", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T11:15:13.257", - "lastModified": "2024-09-05T11:15:13.257", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7627.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7627.json index 5494d754d05..dd56a297b2c 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7627.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7627.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7627", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T03:15:03.560", - "lastModified": "2024-09-05T03:15:03.560", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions." + }, + { + "lang": "es", + "value": "El complemento Bit File Manager para WordPress es vulnerable a la ejecuci\u00f3n remota de c\u00f3digo en las versiones 6.0 a 6.5.5 a trav\u00e9s de la funci\u00f3n 'checkSyntax'. Esto se debe a que se escribe un archivo temporal en un directorio de acceso p\u00fablico antes de realizar la validaci\u00f3n del archivo. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digo en el servidor si un administrador ha otorgado permisos de lectura a usuarios invitados." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7654.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7654.json index 950e5933627..c0fbcc970b5 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7654.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7654.json @@ -2,17 +2,41 @@ "id": "CVE-2024-7654", "sourceIdentifier": "security@progress.com", "published": "2024-09-03T15:15:17.223", - "lastModified": "2024-09-03T19:40:46.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:53:16.540", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OEM auto-discovery feature was activated.\u00a0 Unauthorized access to the discovery service's UDP port allowed content injection into parts of the OEM web interface making it possible for other types of attack that could spoof or deceive web interface users.\u00a0\u00a0 Unauthorized use of the OEE/OEM discovery service was remediated by deactivating the discovery service by default." + }, + { + "lang": "es", + "value": "Se pod\u00eda acceder a un servicio ActiveMQ Discovery de forma predeterminada desde una instalaci\u00f3n de OpenEdge Management cuando se activaba una funci\u00f3n de descubrimiento autom\u00e1tico de OEE/OEM. El acceso no autorizado al puerto UDP del servicio de descubrimiento permiti\u00f3 la inyecci\u00f3n de contenido en partes de la interfaz web de OEM, lo que posibilit\u00f3 otros tipos de ataques que podr\u00edan suplantar o enga\u00f1ar a los usuarios de la interfaz web. El uso no autorizado del servicio de descubrimiento de OEE/OEM se solucion\u00f3 desactivando el servicio de descubrimiento de forma predeterminada." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security@progress.com", "type": "Secondary", @@ -36,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@progress.com", "type": "Secondary", @@ -47,10 +81,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*", + "versionEndIncluding": "11.7.19", + "matchCriteriaId": "148C3BEA-FD57-492F-9214-38FF9C128B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*", + "versionStartIncluding": "12.2", + "versionEndIncluding": "12.2.14", + "matchCriteriaId": "21FD77B2-FC6C-4C65-8080-3884F2C10048" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*", + "versionStartIncluding": "12.8", + "versionEndExcluding": "12.8.3", + "matchCriteriaId": "A8DFC42C-6EBE-4770-B59C-B2C3B294FD8C" + } + ] + } + ] + } + ], "references": [ { "url": "https://community.progress.com/s/article/Unauthenticated-Content-Injection-in-OpenEdge-Management-web-interface-via-ActiveMQ-discovery-service", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7884.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7884.json new file mode 100644 index 00000000000..c5526b1eb1f --- /dev/null +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7884.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-7884", + "sourceIdentifier": "6b35d637-e00f-4228-858c-b20ad6e1d07b", + "published": "2024-09-05T13:15:11.390", + "lastModified": "2024-09-05T13:15:11.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When a canister method is called via ic_cdk::call* , a new Future CallFuture\u00a0is created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called CallFutureState. A bug in the polling implementation of the CallFuture allows multiple references to be held for this internal state and not all references were dropped before the Future\u00a0is resolved. Since we have unaccounted references held, a copy of the internal state ended up being persisted in the canister's heap and thus causing a memory leak. \nImpact\u00a0Canisters built in Rust with ic_cdk\u00a0and ic_cdk_timers\u00a0are affected. If these canisters call a canister method, use timers or heartbeat, they will likely leak a small amount of memory on every such operation. In the worst case, this could lead to heap memory exhaustion triggered by an attacker. Motoko based canisters are not affected by the bug.\nPatchesThe patch has been backported to all minor versions between >= 0.8.0, <= 0.15.0. The patched versions available are 0.8.2, 0.9.3, 0.10.1, 0.11.6, 0.12.2, 0.13.5, 0.14.1, 0.15.1 and their previous versions have been yanked. WorkaroundsThere are no known workarounds at the moment. Developers are recommended to upgrade their canister as soon as possible to the latest available patched version of ic_cdk\u00a0to avoid running out of Wasm heap memory. \nUpgrading the canisters (without updating `ic_cdk`) also frees the leaked memory but it's only a temporary solution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "references": [ + { + "url": "https://docs.rs/ic-cdk/latest/ic_cdk/", + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b" + }, + { + "url": "https://github.com/dfinity/cdk-rs/pull/509", + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b" + }, + { + "url": "https://internetcomputer.org/docs/current/references/ic-interface-spec", + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8102.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8102.json index 0cffb0e390e..423fdadd4bb 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8102.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8102.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8102", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:03.580", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:28:54.747", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/admin/class-wp-extended-admin.php#L262", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d47df99-cff5-4be7-ab8e-ef333cf3755b?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8104.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8104.json index da8f332ea83..0cf9fa064b7 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8104.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8104.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8104", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:03.943", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:28:06.817", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/libraries/wpext_export/wpext_export.php#L137", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fad1834-0ee1-4542-a5a7-55a32861c81d?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8106.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8106.json index 7e6b1742e6b..8218eb06ae2 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8106.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8106.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8106", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:04.180", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:05:52.540", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,18 +61,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_export_users/wpext_export_users.php#L54", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/593eb5bc-59f9-4944-b147-4ba66d49abe6?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json index dc80554217c..1631dab569a 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8178", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.907", - "lastModified": "2024-09-05T05:15:13.907", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it.\n\nMalicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host." + }, + { + "lang": "es", + "value": "Las funciones ctl_write_buffer y ctl_read_buffer asignaron memoria para ser devuelta al espacio de usuario, sin inicializarla. El software malintencionado que se ejecuta en una m\u00e1quina virtual invitada que expone virtio_scsi puede explotar las vulnerabilidades para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malintencionado est\u00e1 limitado por las capacidades disponibles para el proceso bhyve. Un iniciador iSCSI malintencionado podr\u00eda lograr la ejecuci\u00f3n remota de c\u00f3digo en el host de destino iSCSI." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8329.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8329.json index 1685afdbfbf..3530b1d1666 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8329.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8329.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8329", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-30T03:15:04.463", - "lastModified": "2024-08-30T13:00:05.390", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:40:38.080", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:6shr_system_project:6shr_system:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A5EDAD84-3FBF-46BF-9947-1186D09D9E90" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8034-657b7-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8030-e2eac-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8330.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8330.json index a131e277a23..85fd9f3344c 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8330.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8330.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8330", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-30T03:15:04.660", - "lastModified": "2024-08-30T13:00:05.390", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-05T13:41:33.667", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:6shr_system_project:6shr_system:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A5EDAD84-3FBF-46BF-9947-1186D09D9E90" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8035-53926-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-8031-a2f21-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8363.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8363.json index 354ffc07a84..cf2f4b91e45 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8363.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8363.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8363", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-05T09:15:04.620", - "lastModified": "2024-09-05T09:15:04.620", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8391.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8391.json index 5bb3e3b008a..e6d7562a4f2 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8391.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8391.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8391", "sourceIdentifier": "emo@eclipse.org", "published": "2024-09-04T16:15:09.253", - "lastModified": "2024-09-04T16:15:09.253", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload (Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client).\u00a0\n\n\n\n\nThis is fixed in the 4.5.10 version.\u00a0\n\n\n\n\nNote this does not affect the Vert.x gRPC server based grpc-java and Netty libraries (Maven GAV: io.vertx:vertx-grpc)" + }, + { + "lang": "es", + "value": "En las versiones 4.3.0 a 4.5.9 de Eclipse Vert.x, el servidor gRPC no limita la longitud m\u00e1xima del payload del mensaje (GAV de Maven: io.vertx:vertx-grpc-server y io.vertx:vertx-grpc-client). Esto se solucion\u00f3 en la versi\u00f3n 4.5.10. Tenga en cuenta que esto no afecta a las librer\u00edas grpc-java y Netty basadas en el servidor gRPC de Vert.x (GAV de Maven: io.vertx:vertx-grpc)" } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8412.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8412.json index 832e0e32bd8..3f974b21024 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8412.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8412.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8412", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T16:15:09.393", - "lastModified": "2024-09-04T16:15:09.393", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. Affected is an unknown function of the file comments/views.py. The manipulation of the argument next leads to open redirect. It is possible to launch the attack remotely. The name of the patch is ebd1c2cba59cbac198bf2fd5a10565994d4f02cb. It is recommended to apply a patch to fix this issue." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en LinuxOSsk Shakal-NG hasta la versi\u00f3n 1.3.3. Se ve afectada una funci\u00f3n desconocida del archivo comments/views.py. La manipulaci\u00f3n del argumento next provoca una redirecci\u00f3n abierta. Es posible lanzar el ataque de forma remota. El nombre del parche es ebd1c2cba59cbac198bf2fd5a10565994d4f02cb. Se recomienda aplicar un parche para solucionar este problema." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json index 758903b0c79..bc27ee9f917 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8414", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T17:15:15.013", - "lastModified": "2024-09-04T17:15:15.013", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Insurance Management System 1.0 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida. La manipulaci\u00f3n conduce a cross-site request forgery. El ataque se puede lanzar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json index 3db2abb200a..ec10516607c 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8415", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T17:15:15.300", - "lastModified": "2024-09-04T17:15:15.300", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /routers/add-ticket.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester Food Ordering Management System 1.0 y se clasific\u00f3 como cr\u00edtica. Este problema afecta a algunas funciones desconocidas del archivo /routers/add-ticket.php. La manipulaci\u00f3n del argumento id conduce a una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha revelado al p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json index 87b7622c1be..dfd8d65470f 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8416", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T18:15:05.980", - "lastModified": "2024-09-04T18:15:05.980", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been classified as critical. This affects an unknown part of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en SourceCodester Food Ordering Management System 1.0. Se ha clasificado como cr\u00edtica. Afecta a una parte desconocida del archivo /routers/ticket-status.php. La manipulaci\u00f3n del argumento ticket_id provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8417.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8417.json index 39551632bba..e9e47a7454f 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8417.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8417.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8417", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T18:15:06.273", - "lastModified": "2024-09-04T18:15:06.273", - "vulnStatus": "Received", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability was found in \u4e91\u8bfe\u7f51\u7edc\u79d1\u6280\u6709\u9650\u516c\u53f8 Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html. The manipulation leads to inclusion of sensitive information in source code. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.6 is able to address this issue. It is recommended to upgrade the affected component." + "value": "A vulnerability was found in ?????????? Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html. The manipulation leads to inclusion of sensitive information in source code. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.6 is able to address this issue. It is recommended to upgrade the affected component." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en el sistema escolar en l\u00ednea Yunke de ?????????? hasta la versi\u00f3n 1.5.5. Se ha declarado como problem\u00e1tica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/educloud/videobind.html. La manipulaci\u00f3n lleva a la inclusi\u00f3n de informaci\u00f3n confidencial en el c\u00f3digo fuente. El ataque puede iniciarse de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece ser dif\u00edcil. El exploit se ha revelado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 1.5.6 puede solucionar este problema. Se recomienda actualizar el componente afectado." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json new file mode 100644 index 00000000000..e41b9ff40d4 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json @@ -0,0 +1,152 @@ +{ + "id": "CVE-2024-8460", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-05T12:15:03.010", + "lastModified": "2024-09-05T12:53:21.110", + "vulnStatus": "Awaiting Analysis", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file /cgi-bin/widget_api.cgi of the component Web Management Interface. The manipulation of the argument getHD/getSer/getSys leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.6 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 4.9, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276626", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276626", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.401297", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8461.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8461.json new file mode 100644 index 00000000000..87ff7a5222a --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8461.json @@ -0,0 +1,152 @@ +{ + "id": "CVE-2024-8461", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-05T13:15:11.690", + "lastModified": "2024-09-05T13:15:11.690", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in D-Link DNS-320 2.02b01. This affects an unknown part of the file /cgi-bin/discovery.cgi of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/4", + "source": "cna@vuldb.com" + }, + { + "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276627", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276627", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.401300", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8462.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8462.json new file mode 100644 index 00000000000..a8bd318e7e0 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8462.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-8462", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-05T13:15:12.050", + "lastModified": "2024-09-05T13:15:12.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Windmill 1.380.0. It has been classified as problematic. Affected is an unknown function of the file backend/windmill-api/src/users.rs of the component HTTP Request Handler. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 1.390.1 is able to address this issue. The patch is identified as acfe7786152f036f2476f93ab5536571514fa9e3. It is recommended to upgrade the affected component." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.6 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 4.9, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-307" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/windmill-labs/windmill/commit/acfe7786152f036f2476f93ab5536571514fa9e3", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/windmill-labs/windmill/releases/tag/v1.390.1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276630", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276630", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.401826", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8463.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8463.json new file mode 100644 index 00000000000..1675e81a195 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8463.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8463", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:12.440", + "lastModified": "2024-09-05T13:15:12.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8464.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8464.json new file mode 100644 index 00000000000..1d23a169a5f --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8464.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8464", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:12.730", + "lastModified": "2024-09-05T13:15:12.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8465.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8465.json new file mode 100644 index 00000000000..974e23a8430 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8465.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8465", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:13.020", + "lastModified": "2024-09-05T13:15:13.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8466.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8466.json new file mode 100644 index 00000000000..767c34a95b3 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8466.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8466", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:13.370", + "lastModified": "2024-09-05T13:15:13.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8467.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8467.json new file mode 100644 index 00000000000..db109018d0e --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8467.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8467", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:13.680", + "lastModified": "2024-09-05T13:15:13.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8468.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8468.json new file mode 100644 index 00000000000..2bdf5e58120 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8468.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8468", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:13.943", + "lastModified": "2024-09-05T13:15:13.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0search parameter in /jobportal/index.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8469.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8469.json new file mode 100644 index 00000000000..508dc51c5e9 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8469.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8469", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:14.220", + "lastModified": "2024-09-05T13:15:14.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8470.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8470.json new file mode 100644 index 00000000000..f799a2ba1d5 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8470.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8470", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:14.490", + "lastModified": "2024-09-05T13:15:14.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability, by which an attacker could send a specially designed query through\u00a0CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored in it." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8471.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8471.json new file mode 100644 index 00000000000..9ca65e51f85 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8471.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8471", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:14.777", + "lastModified": "2024-09-05T13:15:14.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through\u00a0JOBID and USERNAME parameters in /jobportal/process.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8472.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8472.json new file mode 100644 index 00000000000..0394e15944d --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8472.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8472", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:15.053", + "lastModified": "2024-09-05T13:15:15.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through\u00a0multiple parameters in /jobportal/index.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8473.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8473.json new file mode 100644 index 00000000000..72eb071b11d --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8473.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-8473", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2024-09-05T13:15:15.330", + "lastModified": "2024-09-05T13:15:15.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through\u00a0user_email parameter in /jobportal/admin/login.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8c656df0989..cfa06ec6406 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-05T12:00:36.380604+00:00 +2024-09-05T14:00:47.241852+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-05T11:15:13.257000+00:00 +2024-09-05T13:54:43.833000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -261995 +262010 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `15` -- [CVE-2022-3556](CVE-2022/CVE-2022-35xx/CVE-2022-3556.json) (`2024-09-05T11:15:11.853`) -- [CVE-2022-4529](CVE-2022/CVE-2022-45xx/CVE-2022-4529.json) (`2024-09-05T11:15:12.147`) -- [CVE-2024-5956](CVE-2024/CVE-2024-59xx/CVE-2024-5956.json) (`2024-09-05T11:15:12.387`) -- [CVE-2024-5957](CVE-2024/CVE-2024-59xx/CVE-2024-5957.json) (`2024-09-05T11:15:12.610`) -- [CVE-2024-6332](CVE-2024/CVE-2024-63xx/CVE-2024-6332.json) (`2024-09-05T10:15:02.970`) -- [CVE-2024-6894](CVE-2024/CVE-2024-68xx/CVE-2024-6894.json) (`2024-09-05T10:15:03.737`) -- [CVE-2024-6929](CVE-2024/CVE-2024-69xx/CVE-2024-6929.json) (`2024-09-05T10:15:03.980`) -- [CVE-2024-7380](CVE-2024/CVE-2024-73xx/CVE-2024-7380.json) (`2024-09-05T11:15:12.820`) -- [CVE-2024-7381](CVE-2024/CVE-2024-73xx/CVE-2024-7381.json) (`2024-09-05T11:15:13.043`) -- [CVE-2024-7605](CVE-2024/CVE-2024-76xx/CVE-2024-7605.json) (`2024-09-05T11:15:13.257`) +- [CVE-2024-7884](CVE-2024/CVE-2024-78xx/CVE-2024-7884.json) (`2024-09-05T13:15:11.390`) +- [CVE-2024-8460](CVE-2024/CVE-2024-84xx/CVE-2024-8460.json) (`2024-09-05T12:15:03.010`) +- [CVE-2024-8461](CVE-2024/CVE-2024-84xx/CVE-2024-8461.json) (`2024-09-05T13:15:11.690`) +- [CVE-2024-8462](CVE-2024/CVE-2024-84xx/CVE-2024-8462.json) (`2024-09-05T13:15:12.050`) +- [CVE-2024-8463](CVE-2024/CVE-2024-84xx/CVE-2024-8463.json) (`2024-09-05T13:15:12.440`) +- [CVE-2024-8464](CVE-2024/CVE-2024-84xx/CVE-2024-8464.json) (`2024-09-05T13:15:12.730`) +- [CVE-2024-8465](CVE-2024/CVE-2024-84xx/CVE-2024-8465.json) (`2024-09-05T13:15:13.020`) +- [CVE-2024-8466](CVE-2024/CVE-2024-84xx/CVE-2024-8466.json) (`2024-09-05T13:15:13.370`) +- [CVE-2024-8467](CVE-2024/CVE-2024-84xx/CVE-2024-8467.json) (`2024-09-05T13:15:13.680`) +- [CVE-2024-8468](CVE-2024/CVE-2024-84xx/CVE-2024-8468.json) (`2024-09-05T13:15:13.943`) +- [CVE-2024-8469](CVE-2024/CVE-2024-84xx/CVE-2024-8469.json) (`2024-09-05T13:15:14.220`) +- [CVE-2024-8470](CVE-2024/CVE-2024-84xx/CVE-2024-8470.json) (`2024-09-05T13:15:14.490`) +- [CVE-2024-8471](CVE-2024/CVE-2024-84xx/CVE-2024-8471.json) (`2024-09-05T13:15:14.777`) +- [CVE-2024-8472](CVE-2024/CVE-2024-84xx/CVE-2024-8472.json) (`2024-09-05T13:15:15.053`) +- [CVE-2024-8473](CVE-2024/CVE-2024-84xx/CVE-2024-8473.json) (`2024-09-05T13:15:15.330`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `149` +- [CVE-2024-5957](CVE-2024/CVE-2024-59xx/CVE-2024-5957.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-6332](CVE-2024/CVE-2024-63xx/CVE-2024-6332.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-6835](CVE-2024/CVE-2024-68xx/CVE-2024-6835.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-6846](CVE-2024/CVE-2024-68xx/CVE-2024-6846.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-6894](CVE-2024/CVE-2024-68xx/CVE-2024-6894.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-6929](CVE-2024/CVE-2024-69xx/CVE-2024-6929.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-7262](CVE-2024/CVE-2024-72xx/CVE-2024-7262.json) (`2024-09-05T13:30:33.680`) +- [CVE-2024-7380](CVE-2024/CVE-2024-73xx/CVE-2024-7380.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-7381](CVE-2024/CVE-2024-73xx/CVE-2024-7381.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-7605](CVE-2024/CVE-2024-76xx/CVE-2024-7605.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-7627](CVE-2024/CVE-2024-76xx/CVE-2024-7627.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-7654](CVE-2024/CVE-2024-76xx/CVE-2024-7654.json) (`2024-09-05T13:53:16.540`) +- [CVE-2024-8102](CVE-2024/CVE-2024-81xx/CVE-2024-8102.json) (`2024-09-05T13:28:54.747`) +- [CVE-2024-8104](CVE-2024/CVE-2024-81xx/CVE-2024-8104.json) (`2024-09-05T13:28:06.817`) +- [CVE-2024-8106](CVE-2024/CVE-2024-81xx/CVE-2024-8106.json) (`2024-09-05T13:05:52.540`) +- [CVE-2024-8178](CVE-2024/CVE-2024-81xx/CVE-2024-8178.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8329](CVE-2024/CVE-2024-83xx/CVE-2024-8329.json) (`2024-09-05T13:40:38.080`) +- [CVE-2024-8330](CVE-2024/CVE-2024-83xx/CVE-2024-8330.json) (`2024-09-05T13:41:33.667`) +- [CVE-2024-8363](CVE-2024/CVE-2024-83xx/CVE-2024-8363.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8391](CVE-2024/CVE-2024-83xx/CVE-2024-8391.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8412](CVE-2024/CVE-2024-84xx/CVE-2024-8412.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8414](CVE-2024/CVE-2024-84xx/CVE-2024-8414.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8415](CVE-2024/CVE-2024-84xx/CVE-2024-8415.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8416](CVE-2024/CVE-2024-84xx/CVE-2024-8416.json) (`2024-09-05T12:53:21.110`) +- [CVE-2024-8417](CVE-2024/CVE-2024-84xx/CVE-2024-8417.json) (`2024-09-05T12:53:21.110`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5d3d281f9cc..df060dd899a 100644 --- a/_state.csv +++ b/_state.csv @@ -166435,8 +166435,8 @@ CVE-2021-2012,0,0,a7497abc79a132cbd33fc617e50925f2242fda24645cad961e1ea637ac2286 CVE-2021-20120,0,0,fc42e2fcc67c6abc4f94788f41d9fdadbae18c36b471de42b55c6234c4410cc7,2021-10-27T12:19:28.913000 CVE-2021-20121,0,0,c2d936c682cb4b093e51b4f8ec52f1c64330b86cc67891ab1a0ca5b68295cc37,2021-10-18T18:44:13.643000 CVE-2021-20122,0,0,b4fb94bc0a558b850232f8792e2996ff453015fcafdf1875ab2f6621f59911b9,2022-06-28T14:11:45.273000 -CVE-2021-20123,0,0,40fbe90a944b357f3d69f1189ccf5ebd69c968f9fb8b4d67c16d1e1c1ffa08c0,2024-09-04T01:00:01.057000 -CVE-2021-20124,0,0,05ed1f5b88e15ca5bbda11b44f3d49af77b1f69d689c490135d8ee42a3599435,2024-09-04T01:00:01.057000 +CVE-2021-20123,0,1,af5963404dafc91e3f9fc25a23f3bca4d76191f7a8486f329c682c44a85fa13e,2024-09-05T13:31:07.727000 +CVE-2021-20124,0,1,1d4dcb342524656ee95fd3141ba6116ced63f94bf6f7bde1a1fb6e44ad6002ff,2024-09-05T13:30:48.733000 CVE-2021-20125,0,0,53f895aeed66324b20a83d10d5f271d8f051f6cc798daa7850821732c14258d9,2021-10-19T16:53:47.787000 CVE-2021-20126,0,0,06315eba694191411cf0fddf956e398a37b8e3cf205d58b10a4327d33930199b,2021-10-19T17:38:16.187000 CVE-2021-20127,0,0,59c2563cad321451bca00ab4d0c87c50ff4bf106ba294c6fa92012d9204f1b12,2021-10-19T18:10:53.567000 @@ -202519,7 +202519,7 @@ CVE-2022-35555,0,0,54dd80abd32f1b045b99445ad8a17b6e26366f233f98bf175b2ec0d82094b CVE-2022-35557,0,0,a26a613f14b6013c2adebb7757bc05b2e82720db64bf863f9777cab0ab7acad0,2022-08-16T14:50:03.940000 CVE-2022-35558,0,0,85d270bf05e5de9a8abfe49de3e5007366b5142b7b88a679442802bae082e824,2022-08-16T14:50:37.237000 CVE-2022-35559,0,0,ad484c442f27b298d07835a74a3872b2a9074daf4041cd8517e66c509d578008,2022-08-16T14:52:03 -CVE-2022-3556,1,1,1f1202bf8887f7f320fc649418ed153a34706066cd9ee781290b35db8a5c376b,2024-09-05T11:15:11.853000 +CVE-2022-3556,0,1,09f9d7679d989a4cc32c77cf0bde58772c209aff115be7e7589122529d3ad83d,2024-09-05T12:53:21.110000 CVE-2022-35560,0,0,ad411e1a4c9e75e590e9900fe20e530d5834900e4c78eb482c3cc47a349779e7,2022-08-16T14:53:02.307000 CVE-2022-35561,0,0,2b87c7f060bbe3f8bee04908b1ca80cd11fc98e51c654001a9f356f5ab3b0cda,2022-08-16T14:53:31.823000 CVE-2022-35569,0,0,60515d9ccf8c6a0e62faa38e7539e843741fe488d102594b0eeec3196f5d3a93,2022-07-27T17:19:13.727000 @@ -209870,7 +209870,7 @@ CVE-2022-45280,0,0,dd48ae4a337a29dedb0da94bb275f1b511181faf6aa6b0b03a0b432586ed3 CVE-2022-45283,0,0,8fb1ca8fbc8b78b46c1cc9704b85fcd0bcb62515874d297dbc58d4f996229a22,2023-05-27T04:15:22.423000 CVE-2022-45285,0,0,98469622e68d7b7b4f0593bd1b0b6280c3b54f83b534d00bbb34748245e2d667,2023-02-22T22:30:01.127000 CVE-2022-45287,0,0,4507538752624b6694a989860cfcc119cc790a2c88190e10e866db826d481d73,2023-06-28T17:33:09.597000 -CVE-2022-4529,1,1,043ccd10fa2f0b1194c2fdf337554afb9e256aabcf3ed9a8ec31c3a9517cbb24,2024-09-05T11:15:12.147000 +CVE-2022-4529,0,1,d6a6db6f09233cb771d7be37eec820991b449f2a47dd1c6e7abe8bf515b299fe,2024-09-05T12:53:21.110000 CVE-2022-45290,0,0,1574103282ae0ba4c544426a685aefbe2bca03b480d5c7259efeea41df9cc296,2022-12-12T17:40:32.867000 CVE-2022-45291,0,0,744b5c2cd77ef0b567a922de6e418842cfc53f9b272dffaa39d394499f5cc9e1,2023-05-04T19:57:26.577000 CVE-2022-45292,0,0,464c0966b0e0b437ee2cdd1bbe16fe01734b7f530f9395828bb2786e8d86fe64,2022-12-13T00:36:18.090000 @@ -233057,7 +233057,7 @@ CVE-2023-43980,0,0,bbbdf96fe43913bc9148a2be4e4cf79c095e8946d088cfcca396bde192a42 CVE-2023-43981,0,0,7bc0b04a874fb37912d5a49421c2f5f408de1077870392e33bb57c9ca9c75f89,2023-10-07T02:52:59.353000 CVE-2023-43982,0,0,36c050839890ac22e9c1d01ac6e12f62ba92c226ca1aa60fc6850304f993fad5,2023-11-09T22:07:27.420000 CVE-2023-43983,0,0,6d9211a02e0a131adf3e167416c4fcfa68bb60a61bdffb8dcb0aef2773cbd238,2023-10-07T02:52:28.870000 -CVE-2023-43984,0,0,18f1213f716ffbf923887d933c03efb02e858d1e17f245bdf1936f242d569a37,2023-11-15T15:36:11.513000 +CVE-2023-43984,0,1,734f41a89a1d8239b9e46c66d768f28b73875d461f17b4c52b2f21e0399d5916,2024-09-05T13:35:00.617000 CVE-2023-43985,0,0,d6426e07dde5bc7e003721bf3af2143d307be62b95406f9014be4ad2380774e6,2024-01-25T20:07:56.693000 CVE-2023-43986,0,0,f6e814df340a370055926dfb76c8e5c7ca2c32dbd5d8ca11c76fab82aae5e055,2023-10-25T19:57:40.860000 CVE-2023-43988,0,0,9b5e74dadc93a14852e915ce96d92cde02d0b2005fe83539528fd032570533f1,2024-01-27T00:35:25.967000 @@ -234128,7 +234128,7 @@ CVE-2023-45688,0,0,53e3fed42941d057509cc6f45ec34e3ea0ac43c0b88374a47ddfc8ca7523e CVE-2023-45689,0,0,9a5b9a98db22284970de2ff416e2cd1edad1e21d097d8ace4303b84796a44cf2,2023-10-24T16:30:59.473000 CVE-2023-4569,0,0,13e9ae3e93013b9e6c636e661e6dff661ec6fadcb8975b604839831e7844dbef,2023-11-07T04:22:45.773000 CVE-2023-45690,0,0,d104c837f03f326a5dc9340d00f93c1f83708421d3862c6a386c41589f66c844,2023-10-24T16:45:38.280000 -CVE-2023-45696,0,0,93a709e0e4ce18e21e745c4cca36214f1746fd3bf22807e2a315c7dba47043ff,2024-02-11T22:29:15.837000 +CVE-2023-45696,0,1,49a194b4f2d268a3c97667efd0856c7e293e3b4f2e3a96ae5ba558bf875f66ff,2024-09-05T13:23:21.547000 CVE-2023-45698,0,0,9480ebb8c05b796b0b5f75bea24f6e57cf4d4e65c4dc1a3e3cf32e3fa8e458a9,2024-02-11T22:29:15.837000 CVE-2023-4570,0,0,f2557c82c9282970bda5ed09f8a2708fcb8bbd71be459586ce4b5914e7684317,2023-10-12T18:38:41.030000 CVE-2023-45700,0,0,99127c98a0922d674dde3a3491990e29c4b23d2db9ad2fd841961a3cb902503e,2024-01-02T16:47:07.460000 @@ -234141,7 +234141,7 @@ CVE-2023-45707,0,0,c9b6196c79b5d00c9329a89273abfc5e4f68dd2d284703e16af7a7bd88eb0 CVE-2023-4571,0,0,92ce5017693d8f76d50711a158af46c583ba7c6561a65e75de43de382d903662,2024-04-10T01:15:17.183000 CVE-2023-45715,0,0,3278c072bd924465dfd9116ec5360f462dea3279fa22b565085ccb5501f7df77,2024-03-28T16:07:30.893000 CVE-2023-45716,0,0,db0d44612bd142c520992fd82eb862661776e524392c1075202fb819e27d77c1,2024-02-26T21:22:54.537000 -CVE-2023-45718,0,0,8c8c9416152945b51775168f37f86b50af149f7a3a7d76b60f8dcafd9c9ca372,2024-02-11T22:29:15.837000 +CVE-2023-45718,0,1,503b94f26ece1372afe2befc1749228de6ec2a3a2f622ed4183f733f3d6e1b85,2024-09-05T13:14:01.253000 CVE-2023-4572,0,0,33f25788b279e5292359c78f525cf27e354913ed2283bce7024493d4a8685000,2024-01-31T17:15:16.437000 CVE-2023-45722,0,0,4240dd682886c768ab9b9a025ce52687e223d3b5bc66b3a8ef1362427eaf39d4,2024-01-09T19:41:37.487000 CVE-2023-45723,0,0,d75569efe29622a0fceee924d9f808ceeedc0897b5e709cd04faad485aeb7c09,2024-01-09T18:52:37.707000 @@ -236624,7 +236624,7 @@ CVE-2023-4910,0,0,6d05c75a9e17e3ccd981e8ee7bf1e2ab24479ee1803438deab4de1edd175ed CVE-2023-49100,0,0,4342e3e7d8dd4345e0c20aeab7fe640a8d12b302cf8c05308020afa470c9f95d,2024-02-22T19:07:27.197000 CVE-2023-49101,0,0,cdb3a0b6538f74622160c1a1e285d5c5fd7fe14c11635bb1fd24e2fb54c0dcca,2024-02-15T16:00:44.567000 CVE-2023-49102,0,0,395e472a244baf1edeece4e64436ae0c9e04ac589e63b4e437cc5efd790f937f,2024-08-02T22:15:58.190000 -CVE-2023-49103,0,0,211aeb34cef664c5c3d8d4d5acf5bffff68973f44888626ec88f776cd7050f36,2024-09-04T19:35:09.380000 +CVE-2023-49103,0,1,2ae024b709386837fb69f63c039bd694c6f8061cfc7156b399598900d8cede10,2024-09-05T13:30:10.023000 CVE-2023-49104,0,0,b0e1feaf13327d283bdaa686c669ebabb3df9e0765d7f300461de0686691f510,2023-12-01T16:03:59.827000 CVE-2023-49105,0,0,a615253f82e8e4a19c642ef797fbf682cf375f783ed278ea2b6d6784ce759a6c,2023-11-30T19:28:59.100000 CVE-2023-49106,0,0,be3dd7a31243d9847a16f30451a0c0d97588194e905d505516b262307d9c7645,2024-01-23T13:51:31.463000 @@ -243170,9 +243170,9 @@ CVE-2024-2042,0,0,148bfce3b5f48e2144e9167826ed5f6f120e539bf15296a435b2ce580e8b1f CVE-2024-20429,0,0,f467ae3dedce5a1f38518317999bbc8fc79bc2960eb95679505ee1fcb992ae20,2024-07-18T12:28:43.707000 CVE-2024-2043,0,0,7a3896d230f6f1ae602a08f92e2eaaa644b5893021849dee8a675eb9b7c81e88,2024-05-02T18:00:37.360000 CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000 -CVE-2024-20439,0,0,d4290710134cd2ea013e122ddbc5093cbf7ea201b0f2e5e1b99be2be8cc34800,2024-09-04T17:15:13.210000 +CVE-2024-20439,0,1,6fb64977a375184c0d5185c0552eb843ec365c9acfdabd4d864818757620d798,2024-09-05T12:53:21.110000 CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000 -CVE-2024-20440,0,0,8f8fb5d6b0b53a5bc85e993a053dd43e886243e37f914988cf14253a9f00e476,2024-09-04T17:15:13.517000 +CVE-2024-20440,0,1,f4b50f9e5188b0b39e4c96a5a40a54250e4728812cb068f798c66f7231a5f536,2024-09-05T12:53:21.110000 CVE-2024-20443,0,0,272afbe0465f6648950651b716899dcfcb722318ac954aaaf0e63544fb83de9e,2024-08-23T15:18:06.347000 CVE-2024-20446,0,0,170308ac86546c99c2d31d486f326554296a9af4794b673e7a60dd04eb019f30,2024-08-29T13:25:27.537000 CVE-2024-2045,0,0,711ac9453656184dc732c4f4633f4f7bda646ec847d7f0c1c60c568976f58aa0,2024-03-01T14:04:26.010000 @@ -243181,7 +243181,7 @@ CVE-2024-20451,0,0,616ab4cb2b50cee49c462941d4d3e48792a6a3c09b725bd97a134b2f4a53b CVE-2024-20454,0,0,b7df5fe3c7f3ad82ec42e5ba189942703f651e8bba204ff78589b452573f75e5,2024-08-23T18:13:47.510000 CVE-2024-20456,0,0,bf56f0f0f8d3ed0f6616c43fc8ca6a47b6257ec17aaac25185ba7a05790b5cc9,2024-07-11T13:05:54.930000 CVE-2024-20466,0,0,d9adbd7a5cfca4a39494a47969f1c31ae3805a9aa7b4cd0a12535f31685e123d,2024-08-22T12:48:02.790000 -CVE-2024-20469,0,0,62203b84e903f926dc983f5411b3ed0d7c098fb9c74c95d126785497899095b6,2024-09-04T17:15:13.740000 +CVE-2024-20469,0,1,19ccc3f5d38e2fe8fb2a0a1c766784c2e90393cd1985383de470344788153299,2024-09-05T12:53:21.110000 CVE-2024-2047,0,0,65f16d2420b90c918e9e57877aac5f0440eb772d779ccbd58288e6312f3c8025,2024-04-01T01:12:59.077000 CVE-2024-20478,0,0,2552b4b9bbc0a5cff57b3b8f7e9d97910094a88aceb9d33bb06e1a51f9db4e5e,2024-08-29T13:25:27.537000 CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000 @@ -243189,11 +243189,11 @@ CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3c CVE-2024-20486,0,0,1ec7a6c2a991b67e11827b3b316fed30b5b5340988b303f9088e0f10e2e894f9,2024-08-22T12:48:02.790000 CVE-2024-20488,0,0,5e03b3c0947210c585c771df848af06c1b2af4239c20e96c284c2af200a13f32,2024-08-22T12:48:02.790000 CVE-2024-2049,0,0,398a9eaf0287296877598afba029844504bbde28a3270479d8cbbb594cc11b40,2024-03-12T16:02:33.900000 -CVE-2024-20497,0,0,f5c62cddf3b4c33041f9a7259cb5d257fc47efeaf18f188937e8f66cc8d5e6a2,2024-09-04T17:15:13.970000 +CVE-2024-20497,0,1,422eb4ecec5d7dd92ef5d49505af3bc2f0e220b53f5fa76471b6dd3d460b94cb,2024-09-05T12:53:21.110000 CVE-2024-2050,0,0,309a92deb7dc6d1c9b389273f8521ce493fa3e8c536f740883081c4cdf858e77,2024-03-18T19:40:00.173000 -CVE-2024-20503,0,0,46b2afa18068952c700112e20999b1b43e12a1420d6d9c2e21b937db590db312,2024-09-04T17:15:14.200000 -CVE-2024-20505,0,0,06f331d71cb5931c6287272adb221d2efbebad20ffeb2224035f46bcfac7f179,2024-09-04T22:15:03.887000 -CVE-2024-20506,0,0,b4323cbd3a12880438ad4d37c85ff20ab68003e216b3b831e98a6103a352f4bc,2024-09-04T22:15:04.083000 +CVE-2024-20503,0,1,07ef75d51b8a016c5a37fe53d8186b15da606695a4c5183f317eec8f58396ffe,2024-09-05T12:53:21.110000 +CVE-2024-20505,0,1,064a08d16f9ab20a11a9217d78e72bf3675ecb6321d295455c548eab4bd2dc6e,2024-09-05T12:53:21.110000 +CVE-2024-20506,0,1,2b95fb64eb8dbb26ac8023d083c7c6fb313c62bfe43df97cd831211a76a9ab58,2024-09-05T12:53:21.110000 CVE-2024-2051,0,0,7b283f8057b783b668166a17f1e1ff3c63b74d0e0fa3f6b8acdcd7e3ce5a09c9,2024-03-18T19:40:00.173000 CVE-2024-2052,0,0,b3dd7173b956ed9ab7dfaa381fa39b77e63aea1f604a72f8ac014b370895d6ab,2024-03-18T19:40:00.173000 CVE-2024-2053,0,0,0d41c4e474c0960eb5e2399ded25845c51347c47ec843b53809f61d1e3d8fe3e,2024-08-06T15:35:13.397000 @@ -244095,7 +244095,7 @@ CVE-2024-21653,0,0,ce4af85c3427e8e239faa818c1af79d7b1adc1dc1f140ac9db4d80e88fa50 CVE-2024-21654,0,0,ff7ec2b8812a327818c17013b24cdd0ef431c4abd14d7dd5a8537adb8ccd1d32,2024-01-22T19:45:11.213000 CVE-2024-21655,0,0,e05ae57984fd3423a83e9c7cb5d50a52bb4d06f33337e122d8d866553309143d,2024-01-25T15:36:21.337000 CVE-2024-21658,0,0,18c2a51afb00aaffed8c0666318b89d67efb8a61f32dfa57925c396be04b5e10,2024-09-03T12:59:02.453000 -CVE-2024-2166,0,0,e6356ea64a22f33ad611c8ab85bb8ce0bb75906e04f60bf7a1f9639224cee6cb,2024-09-04T22:15:04.260000 +CVE-2024-2166,0,1,9b7c2ee80b4285a4950a2fb64ee1dbeef549dd197f4f8cb63c40c8b7251bf8a5,2024-09-05T12:53:21.110000 CVE-2024-21661,0,0,d5e0d946b3d41760ea6570a14473ae0108c9da74849db85d955568f34a0a7e8b,2024-03-18T19:40:00.173000 CVE-2024-21662,0,0,6c6f15e19e16a5ef9a32b04238e6288a5bcabd1c5ac78c1dc5b6aa6699d17dcf,2024-03-18T19:40:00.173000 CVE-2024-21663,0,0,722c9f68e0462dda2a873b80565815f1b1146bfc9206245ea518f4fde9529f1f,2024-01-12T15:22:42.607000 @@ -244256,7 +244256,7 @@ CVE-2024-21869,0,0,8c872c913480abb34143d0f7e8c4b440faef27d7ea0f4caaa7dea47669e54 CVE-2024-2187,0,0,a8936a0952b83c5ba88ca6cea81f9850e57edc6e1289ba1fdb9217f4cb3f2111,2024-04-10T13:23:38.787000 CVE-2024-21870,0,0,261e723ef3190c288a9a8c3f8500f3cefd68fef15433091d79f48a8358a48f68,2024-04-03T17:24:18.150000 CVE-2024-21872,0,0,53e0faa097226f02f7b28a1019bf889e7e0fb2883871bfc21fe50f5bf87c752b,2024-05-28T17:15:09.413000 -CVE-2024-21875,0,0,e1e3188e4a1a3daa309eabb8117102a0dc6d3aa5e89a469bc9ead0ec383c37f9,2024-04-12T07:15:08.283000 +CVE-2024-21875,0,1,c15eeb9fc23fb1b7054be1e69f99412e4f77868f1517c1932f7423f5619332ef,2024-09-05T13:50:08.927000 CVE-2024-21876,0,0,c3710b348c31e352259903f2c418ef0aba69493db54d12f1534898cd1d5b4667,2024-08-23T18:05:55.543000 CVE-2024-21877,0,0,e2e73302f5bf8afaaaffb2f0db0c2d16b586fe615b2b0992bf2ac9b6679823c9,2024-08-23T18:06:45.520000 CVE-2024-21878,0,0,789e3fe91c4f9f15772842a823deae244077b3af25e7833e3c5892430f68e0d6,2024-08-23T17:52:11.777000 @@ -245494,7 +245494,7 @@ CVE-2024-23713,0,0,84ac23a9c686e595929bab4dad7b08bca80d94f5a0dad54d418e0bd955964 CVE-2024-23717,0,0,6ae2f39818716426e507c7fefae1ead3e28d18b5fd2ac50fedfcf5c736aa3969,2024-08-16T19:35:03.877000 CVE-2024-23721,0,0,738ea0fe142701915583cf528173779941e7a1ec154f74c48132f1439081fb4a,2024-08-28T15:35:15.520000 CVE-2024-23722,0,0,af1e6a2b53efd211283ec4f6a153b9c2bd466feef4ec2b55fd6db947ef4fb0f6,2024-08-06T14:35:05.600000 -CVE-2024-23724,0,0,5cc76252bcfe665701c3f11744cfd264292f873fd21df1c2782e1c197e0c01a4,2024-08-01T23:15:47.180000 +CVE-2024-23724,0,1,394efe2387fbc35bc62c49afba3150c256b882d4d40c4dd378f5c8d1b90bc256,2024-09-05T13:28:49.510000 CVE-2024-23725,0,0,96d1f58f146e10084452af188f967aa7d2c64d922f58373c2c0f92aec9556706,2024-01-29T15:25:48.110000 CVE-2024-23726,0,0,49bfb3e940abfa1d8c182442ad4bd7c2d671bcc24ce62cd25d7197deab52125c,2024-01-29T15:25:36.090000 CVE-2024-23727,0,0,592bbfc6743ffdc567de726020ae92e431981a0ee03b44a5f9f75f8f4a11ab64,2024-08-27T20:35:12.230000 @@ -245733,7 +245733,7 @@ CVE-2024-24027,0,0,e1de0d89edec32d7960c68cefaa6dc4d7fbc32960e89d67536489aa6ad15f CVE-2024-24028,0,0,c63943ee6dfc53b25a3ab5d44f70abf633bd3f12660446bcc8d4289144acfb20,2024-03-21T12:58:51.093000 CVE-2024-24029,0,0,f48b5fef1e233f5b2615b26a0c9b1d6622e82a3c72c6c352158b88f9b48f9c5e,2024-02-06T21:04:04.993000 CVE-2024-2403,0,0,6dbf3c7b9ae6279f2eb08793701f0e3b4c85c484143147f528659885f0bc2bec,2024-03-13T18:15:58.530000 -CVE-2024-24034,0,0,2a4d3db6cf3b4e5048c500ebce4bb202246f9fdd0a665422910e0d80f673dc32,2024-02-08T13:44:21.670000 +CVE-2024-24034,0,1,c231ac5a228b81eaed843df75c62987c0c7146ffc5225065d001475c57e94564,2024-09-05T13:04:31.337000 CVE-2024-24035,0,0,d0abb7c64f0c98440e73299b8a7786cd92f1d8fbb7861de6744b39b120e98037,2024-08-15T21:35:04.070000 CVE-2024-2404,0,0,9d875e94c9294fe9953ccca085b1745d0613b8cf9f0f07db3175f75218af4ec0,2024-08-09T19:35:05.613000 CVE-2024-24041,0,0,4a0d654eb23409577a23026cb4704f48de37c0bc2bebd1ee3faa99b68f3773e8,2024-02-07T17:14:41.607000 @@ -245749,7 +245749,7 @@ CVE-2024-24061,0,0,5d41024c3bf4358ddf6a764e032d79c3e7b42e84ae0f818384964093e3386 CVE-2024-24062,0,0,5bd17028cc04bf175890fd7bbbc47ccfc157cc5cfc5979fb65824b8c0457cada,2024-02-03T00:40:52.877000 CVE-2024-2408,0,0,e2c01a5c34540ebb0aeec1f86c6fa49f65e11bad86d0e423ba6a7c8c1306c7a5,2024-06-13T04:15:16.783000 CVE-2024-2409,0,0,40134401d2d9db58f61c794cf0f4f791968f8a191847ffa4ae84dc193442f258,2024-03-29T12:45:02.937000 -CVE-2024-24091,0,0,f7e09f9bfeaac02b34d59ea149bdefa782ce8b137a08ea2bc28ac270e23c707a,2024-08-01T19:36:02.180000 +CVE-2024-24091,0,1,5abca135be2b48f97a9b4ee4284b135e3c993507c7ae94228dbfeca849094700,2024-09-05T12:57:51.890000 CVE-2024-24092,0,0,85255eb7350c088041b14db17806ac0275bf0f870c5dc0846dac7ef708da600c,2024-08-05T14:35:03.843000 CVE-2024-24093,0,0,14e5230c16c4af460c68647fa9203bde6e56c21bc1a3208cb017e8bb36864636,2024-03-13T12:33:51.697000 CVE-2024-24095,0,0,a293063a01db5092273515cc6c1fbe86e89299406200e6a2f03c1a4a2a21fbc6,2024-02-27T14:20:06.637000 @@ -245807,7 +245807,7 @@ CVE-2024-24202,0,0,668325610a66240d6d1186abf034222333d655c33a74fab67ccef82146442 CVE-2024-2421,0,0,d6a9f4a7ca738e43373fd351f7d51d46e3ad2798d84cdbebb07a7724c675a343,2024-05-30T18:18:58.870000 CVE-2024-24213,0,0,287278b021309aa035f3a4bd904869bf5f79125ed1840b3f7786eee9a7e710d4,2024-08-21T18:06:24.633000 CVE-2024-24215,0,0,85b457ffd0214deceb92715f93f3b98e9ac0926a8e517f205498cdcd7f026571,2024-02-15T18:08:47.813000 -CVE-2024-24216,0,0,cc96bdba0be53e21ec4f72b549cd1780854565b7b4a6c5081be7a211ccd03725,2024-02-08T13:44:21.670000 +CVE-2024-24216,0,1,76c61d267ffc3bc9a9f8d7a34251b3ce2ff786016df042f0f84243b8d30e6a07,2024-09-05T13:00:44.217000 CVE-2024-2422,0,0,3cd5f28c31482f281d8aa1c4c5b76e9420ca9d6bd73cdb7ceb049f2a4aab7203,2024-05-30T18:18:58.870000 CVE-2024-2423,0,0,a5394662ca83323158ee69f166f44b43cd55ba926d3a289c30331252a3a3bb7f,2024-04-10T13:23:38.787000 CVE-2024-24230,0,0,82c71df4bfb9110317959a74b9fd72520684df83f39f2438f50b8837f8628a57,2024-08-02T18:35:26.297000 @@ -245916,7 +245916,7 @@ CVE-2024-24486,0,0,39e529b53ee8ac0a551e78b15c95d1426fc6a2dfc69d8cf43736905c6cdd2 CVE-2024-24487,0,0,61850b43e58031befd51f24dca0d71cabb99802e7eb8c3674186f5ae5bc1c9ee,2024-07-03T01:48:18.013000 CVE-2024-24488,0,0,8a1b774f9a98ad947e4d6a39beb8bb8d2efb3d9f71ed41c9871eba8bd31bba90,2024-02-15T02:23:45.887000 CVE-2024-2449,0,0,46b9f015783fbc3bb0212edf8e8eeec1124980baa369640fcf7ef0a9e4831bdd,2024-03-22T15:34:43.663000 -CVE-2024-24494,0,0,a7dd406e19f10a49a8d0b51c18c583e66eb4d176999105897bbf24187168bce2,2024-02-09T01:37:59.330000 +CVE-2024-24494,0,1,f75ff704f5476e46110eb71f6507ac18017aa4b96c3d927684b00b7d6d399fde,2024-09-05T13:13:01.517000 CVE-2024-24495,0,0,d8dc8002eed0ea108d34dc970ca4d2c41a2ed070b8ef5a1ea084dd472515eb65,2024-02-22T03:38:09.717000 CVE-2024-24496,0,0,f687308707ba4596ac5d7eed5a3145bead05c7fe656edd13dca5cafff22f5de6,2024-08-19T17:35:09.977000 CVE-2024-24497,0,0,4486a5209afad695cf15372283d911b20ffd5a0694006d7e7ad69dd4f26f29cb,2024-04-24T21:15:46.997000 @@ -246354,7 +246354,7 @@ CVE-2024-25103,0,0,48ba2fcc71bfe6469903717804710edc962cfd8be321701249c6b1c270292 CVE-2024-25106,0,0,69f4a5df8f9163ba3cc00a57d78f06705015dcf6a2341378521404b16f38f37b,2024-02-15T18:53:44.707000 CVE-2024-25107,0,0,2f7af5f36b252a42eb30d1f8972da5732bf420e322522d60adcccf7f4819b86a,2024-02-15T18:52:25.613000 CVE-2024-25108,0,0,fa8f6505be74e625097fa9ac671379105ef64ceb1fabbff12fb823c3e033b607,2024-02-12T20:39:09.773000 -CVE-2024-25109,0,0,089a8122436222762b2d92967bce770405a316fd2c63491ebf7e17b776e4b9b4,2024-02-11T22:29:15.837000 +CVE-2024-25109,0,1,c41f7e7a8b0352e7db5bd3620b2014d3afb64c0a666c2f8d504ee8ea7a10e96b,2024-09-05T13:18:39.687000 CVE-2024-2511,0,0,e85e202ac0d96bf0165ada9b88f1fcf9a6fbf365413ed057ebdfaf286537c656,2024-05-03T13:15:21.930000 CVE-2024-25110,0,0,2ad123d5329d817891e8dc3bae18c16385186216cc417eebddd2d60d9619e7fe,2024-02-12T20:39:09.773000 CVE-2024-25111,0,0,260c08f765b0b23211db8fb3020f7ae46891432e3f36f885aebdb89bc620ed80,2024-06-10T18:15:27.443000 @@ -246736,10 +246736,10 @@ CVE-2024-25714,0,0,70f54472da145604490960ea7894946414b866256679ffb698af736efe283 CVE-2024-25715,0,0,c088d4b977142e9dcb9ad21b32e4f9aa61385e1d7ddbd4c017103ce015b7a37f,2024-02-16T21:35:54.270000 CVE-2024-25718,0,0,36013110a47522378a7f909cc9712cbde51ab694884ada3d0c70dc8ae34e1797,2024-08-01T20:35:25.977000 CVE-2024-2572,0,0,5b74e34492d90066cf583f89ae3fdf47d4796ec58fbab0c453f87f07a2a5fb4a,2024-05-17T02:38:20.357000 -CVE-2024-25722,0,0,162412efe5d98a1545030f95ca1fd98be43647629c949f00cde23ef6637dc76d,2024-02-11T22:29:15.837000 +CVE-2024-25722,0,1,92d3b9468bc91e349275846c28f9045c86a0984b3586a9d2c81948ecb8ae65e5,2024-09-05T13:32:17.380000 CVE-2024-25723,0,0,8c3612f460be05084d2da9e8693ad88b2c515e61b1e81491f670f8acc6d04fab,2024-08-01T13:47:49.970000 CVE-2024-25724,0,0,6c3ef472ec3fdf4e4f5e27a3bc11b2436df6b7d677ccade72728fd545179cc6f,2024-07-03T01:49:15.880000 -CVE-2024-25728,0,0,d5b5366c71853a0a7669d0ff26da971d7bca837f815051872013cca97e2e3882,2024-02-11T22:29:15.837000 +CVE-2024-25728,0,1,803e4c758ac0ea7d804200f1a1daebfb8ce3c78d175eec80477d590a77873809,2024-09-05T13:54:43.833000 CVE-2024-25729,0,0,79e2b6b94026a2503a323268aa0bb5f8e8bddcf0332d4e9b1c54117590216047,2024-08-01T13:47:50.763000 CVE-2024-2573,0,0,7ee58d60c03479b119e43465c4e2d394fe6aa4d1e8e9be023cebfd24e8bd0be1,2024-05-17T02:38:20.443000 CVE-2024-25730,0,0,2656b5cc0f1c61542c61880d4eb0c70ba5aab02222d31f0a12190133d636ab55,2024-08-16T18:35:08.673000 @@ -251759,7 +251759,7 @@ CVE-2024-32661,0,0,b5d22bd66c2b6bd493ec6300639451a11da98a2922a699b8a1427b2b32b6b CVE-2024-32662,0,0,5f003072f7211f34b59274650cc76076b71e9dd9df104678309b3e242e3ceedb,2024-06-10T18:15:34.097000 CVE-2024-32663,0,0,f2fcb4ba191e2db4c103fe37b60d13e4202c7ed224bd233cedba9fff1ee4aaaa,2024-05-07T20:07:58.737000 CVE-2024-32664,0,0,7b65453ace3efd93d2cd0a4f397cf5413b4c9e5ae106db66ef45b39a143d4e8f,2024-05-07T20:07:58.737000 -CVE-2024-32668,0,0,e55995f2c96165bfc1e60939143173c941e827a0ce3b181f1670104b8c9f34fb,2024-09-05T05:15:13.433000 +CVE-2024-32668,0,1,3b04da9189e33741795a34dd5c1c9b4a5286c22e97dca052d85667c19d163735,2024-09-05T13:35:01.927000 CVE-2024-32669,0,0,1c249494e22e7c275a812095677f2945379060d0cae4bdfd8500bbbde31f40b7,2024-05-14T16:12:23.490000 CVE-2024-3267,0,0,940010b55b9a616638f110687c77a6c496dcf0d2dfd170d1aa59ab5c8e848149,2024-04-10T13:23:38.787000 CVE-2024-32670,0,0,11e459444671f45b9f26d0cdaea8328e4da91a68f683a4e2c21fd5a0bc52f597,2024-07-11T13:05:54.930000 @@ -253183,11 +253183,11 @@ CVE-2024-34653,0,0,c3a7e954eae03c5034f7310465d52a6d651a7628b08f94570c9641d6a004f CVE-2024-34654,0,0,1d61292010af329608ba714089b18097d9f4fab29ea3188e580a21180dff7fc9,2024-09-04T13:05:36.067000 CVE-2024-34655,0,0,2b9a720979634d406c7a6ab85768813b9644c17199100988da7cc12ecbddf162,2024-09-04T13:05:36.067000 CVE-2024-34656,0,0,4b5097936519572ad489ac32cb14e42c878e2a5293e1ee1278fd186194deceef,2024-09-04T13:05:36.067000 -CVE-2024-34657,0,0,4bf0cfca4cb44c3261f66fcee7effbc520f0fd79be1676d2248fb8552205c9fc,2024-09-04T13:05:36.067000 -CVE-2024-34658,0,0,f8066fb76a7ee7e5d439447a63e82a20df1b61f3242fe15647d0703b817399d9,2024-09-04T13:05:36.067000 -CVE-2024-34659,0,0,c06e28926cfab31203ba6c123f00a847c6d2d461706e3df72227249c9b92d15d,2024-09-04T13:05:36.067000 +CVE-2024-34657,0,1,e76dd3b191c96b6eebc5e6b8603c75eeff96d8eae90f914ab3a15f3eb419d2ec,2024-09-05T13:48:54.077000 +CVE-2024-34658,0,1,0bdbae0b2b42061a8353c4769a7cf5c4aeee0cbc7bbbfd2a997adcca4577f91e,2024-09-05T13:48:52.273000 +CVE-2024-34659,0,1,dd3f9420e24bf859148c793c2123fe1fcf6f82da97ec67367518f44415c24946,2024-09-05T13:48:55.767000 CVE-2024-3466,0,0,0337eeb2bb11dc2971562c8acd5fd5c98aad745dda4239343a7e69d2339c0489,2024-05-17T02:39:57.717000 -CVE-2024-34660,0,0,742e0d571b8a3d193f608a4833ac2251231e922fbd5e8e87397da3b1e5e017cb,2024-09-04T13:05:36.067000 +CVE-2024-34660,0,1,0b2d2bea24d7fa6e914da9f7286c2cb2a544faaaec97dda10fa17e8966604e75,2024-09-05T13:30:28.343000 CVE-2024-34661,0,0,86fb073227a0dd613057f3719ad39bcd8598c9a473c97cebd24947114c578627,2024-09-04T13:05:36.067000 CVE-2024-3467,0,0,f97f520f5797999559b92a7c0577ac536f47706a8739d6dd391d5611a09166cd,2024-06-13T18:36:09.010000 CVE-2024-3468,0,0,b143f709020bfa0c4d31a3d3e75dcacae5f0344d8dcf22b8e7a02c60ed5e45e0,2024-06-13T18:36:09.010000 @@ -257609,7 +257609,7 @@ CVE-2024-4192,0,0,0768e429bccaed861e82d220deefd437e5feb26a94e95c7a12162631897066 CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280973,2024-08-01T13:59:15.743000 CVE-2024-41926,0,0,d7564816d433232552fda23a5f10a79963d6c502f628c4841f8484c17aa4f54f,2024-09-04T16:55:35.570000 CVE-2024-41927,0,0,3f14dee01fa3694f7158b974636fe5732c1b814a7e4bf1d4bb902d85a63f55ab,2024-09-04T13:05:36.067000 -CVE-2024-41928,0,0,b24202727cab32c481ed76ef9ae181b1d201781cbd6ea257569edf0bb965088b,2024-09-05T04:15:06.947000 +CVE-2024-41928,0,1,05da596a46719b7fff49d3ba366cedec1c4b490f560d51bb3d3b7047069a99a4,2024-09-05T12:53:21.110000 CVE-2024-4193,0,0,4d4f4fcde78b01b33e30a077c434c1714d01a9ac9cd58d916bc86b963b6ddbd7,2024-05-14T16:11:39.510000 CVE-2024-41936,0,0,d330b2a32a604797fc4eb94f395ba3140911090caf0d19e4d7603d421735298b,2024-08-20T16:26:54.663000 CVE-2024-41937,0,0,17d01be9af92612ee6b4d89126a811836507d3fbf35417e172928be42551212a,2024-08-23T16:21:21.893000 @@ -257979,7 +257979,7 @@ CVE-2024-42408,0,0,4d58de4373d6b44540fc0d8799a258082f4b72e8c10ed3de4134395815aaf CVE-2024-4241,0,0,1e8cfaace7e8ae3194846b1351a77e14aef6cd3a07b429e780198fa55ccad7c3,2024-05-17T02:40:19.957000 CVE-2024-42411,0,0,3fcf900cd705b45045cb94d8edb3d48eeb6b58809490fd9c74760d8ca62aa9ff,2024-08-23T16:04:26.227000 CVE-2024-42412,0,0,7ea410a30890f641de68bc8b7a39cf35396bac17868b4fd498b764e1359ef0b7,2024-09-03T14:55:58.757000 -CVE-2024-42416,0,0,5d9f2ad2e9daf01c6ad30a5f851d6bf4fff1681759539627f514c8c3be78d167,2024-09-05T05:15:13.600000 +CVE-2024-42416,0,1,3e864ff252f272e7572e01458b6a80ecb3ceeab931439daabc1a14af3f8b4fd6,2024-09-05T13:35:02.227000 CVE-2024-42418,0,0,1170a194d58fc93f3e0e1a535dff12de506530448528f0fff3eaea817d001f8b,2024-09-04T18:22:22.583000 CVE-2024-4242,0,0,9c58e9b9e77452c845f3c5179c3be4415982efd0430d3da14ab0345d444eccfb,2024-06-04T19:20:33.363000 CVE-2024-4243,0,0,d19512e4db8434daba47c490442c83df13ecbcadaf4fb9c501fe6a2c921256d5,2024-06-04T19:20:33.497000 @@ -258123,7 +258123,7 @@ CVE-2024-42637,0,0,91efd00f3a0c93af0bfc6d360416502bb044589161185dddb1564bcf24f65 CVE-2024-42638,0,0,f8a971101f7cdf9fa56d822dabf1a1d2d2e6eccbd0431f9555d3577ca133854c,2024-08-19T13:00:23.117000 CVE-2024-42639,0,0,1a5c2259211b7b8d7a3c9ad7a85700d339edaffc744195b682680689ea5c39c4,2024-08-19T18:35:13.310000 CVE-2024-4264,0,0,aceade487dcdf82d5a23a178a070b3c07d4cce69337175854977fa24341a320c,2024-05-20T13:00:34.807000 -CVE-2024-42642,0,0,c42db2f119b29daa70c452335bf1276f63c5783d9755587972827beca1f60ec2,2024-09-04T20:15:07.007000 +CVE-2024-42642,0,1,0ba5c2b5d71fc7f093dbe5419419c57aa5dd6d933b7206c572eae003d5cf0bee,2024-09-05T12:53:21.110000 CVE-2024-4265,0,0,674cb78ce8c95e07c05495b52772b5d4a079c608362a6e67c2dfb567e6b8517a,2024-05-02T18:00:37.360000 CVE-2024-42657,0,0,7a9e5456dd66d94be3a75e811d67a1de5788317e788930f1ba2e8b5887d23144,2024-08-20T16:13:12.413000 CVE-2024-42658,0,0,54060235edd9bcf5ce68f6b48efde0940a62552fb8b9f2dcc8d06d163b4ded88,2024-08-20T16:12:50.290000 @@ -258298,9 +258298,9 @@ CVE-2024-4307,0,0,9af1fe76e1dfb80a8368bbb3fc69b1f2cbb4fca53c0870243e2c9aa4c3d839 CVE-2024-4308,0,0,63b73a2fc8e8d5be636a84f19daeea12c1e2d5b3b652e500f77934bf4e894f3b,2024-07-03T02:07:22.320000 CVE-2024-4309,0,0,5b40a8fbb2137dd0d77fe6c4c1c586190f4489f813d005ab45d5553c299b0b73,2024-04-30T13:11:16.690000 CVE-2024-4310,0,0,08f5e8e76073c3640785934b5dbc198d89dde47497c02b1ac3fc670d20c22fd2,2024-04-30T13:11:16.690000 -CVE-2024-43102,0,0,0e30140205cbce73b3cbf3326b04f0adf512532e7e03c098795c415c83650534,2024-09-05T05:15:13.677000 +CVE-2024-43102,0,1,8a915cfa1acbd85f3725c14f00241fae7d92a37027fc830c06a9ca076eb73e31,2024-09-05T13:35:02.430000 CVE-2024-43105,0,0,65a66601afd2de184f3745e025013cb99c4a6cae651d4eabc58a96778d4da9f8,2024-08-23T16:18:28.547000 -CVE-2024-43110,0,0,7b038970233568a2f9b152f3110da30b61f8b2e3a4b4a5bca4fba616271efb7a,2024-09-05T05:15:13.757000 +CVE-2024-43110,0,1,0ffbdd588e752f1875b476d9b6df98e65044747ebe5acbfa4262a74148c094c5,2024-09-05T13:35:02.630000 CVE-2024-43111,0,0,45754d9244b10ae48023a8465600f12d5ca692d4146e1c9ba1d4a0e6fcd0734a,2024-08-29T16:53:16.233000 CVE-2024-43112,0,0,72269ebdb7b810fe860916d34468320e2e91d1a609ed10c8290e69cc95ee1d45,2024-08-29T16:51:55.937000 CVE-2024-43113,0,0,7e6f0ba01b475bb6cfca73e8eda2423288e38b8146984d081803bef7596c3140,2024-08-29T16:51:33.367000 @@ -258508,10 +258508,10 @@ CVE-2024-43399,0,0,72972aa8210630cb7e9ed019395b1964574a7b9fdb0cdecaf47d033016a56 CVE-2024-4340,0,0,47279ef0860b5c8c8bd0a3697c64eecb43c1be11e1b93224b8fe23143c960d81,2024-04-30T17:52:35.057000 CVE-2024-43400,0,0,a74902014f54105a8fa235ae36e5688fa3ffdb525b8d03b30be1350fafa88962,2024-08-20T16:10:29.987000 CVE-2024-43401,0,0,15903cc3c455a698e44524d269216ecf71232ae93f3f18482e5b95f18bb9ab5a,2024-08-20T16:09:23.747000 -CVE-2024-43402,0,0,7f36d6179731ff817ba4c8998cdb6b69def69ef511e75c871b3404458bb511ce,2024-09-04T16:15:06.640000 +CVE-2024-43402,0,1,f88ac2252420c28573e4d32b55a0448c84914d7bce756f0f93e4621ecd27e525,2024-09-05T12:53:21.110000 CVE-2024-43403,0,0,2d2fd26bb8b3833065b554e3ee4081855a0a04ca3de9ec4a77dfc795be220eec,2024-08-21T12:30:33.697000 CVE-2024-43404,0,0,4a621a1822c1e3e97d6e70f878ab3c56f57d21a88a8bcb23b8dabc38faa193b9,2024-08-26T18:29:15.190000 -CVE-2024-43405,0,0,5b785a94c99868ec03ac2e954c1f7c7731c344b7d763d58a874665f6337e8669,2024-09-04T16:15:06.853000 +CVE-2024-43405,0,1,8063cbc13285bb0351f17a597eed25f2405afcc430fb89f55793bb64150ce90c,2024-09-05T12:53:21.110000 CVE-2024-43406,0,0,854367aefb2456ec94d3be7f3dee319c12b7f5f1a1af5dbd89c34dcd70789a4c,2024-08-26T18:30:13.230000 CVE-2024-43407,0,0,e2ea80f87c66143027da11cf79f2cd80121ef59cc1cf87c24a28fe2c518a474a,2024-08-23T16:20:42.363000 CVE-2024-43408,0,0,d4537cc05369b1073eab6be6b0c0270081103ca8bf402f8fafe9ed3f7a29471a,2024-08-21T12:30:33.697000 @@ -258860,19 +258860,19 @@ CVE-2024-44795,0,0,f9348c862b893d90addc6562eec87c7c0ce5090e93e9e7ffbd3fc77a1c96e CVE-2024-44796,0,0,ea2f83fd317230dba37a019c6df79333d03496931fcac69fc846f82ae10f3010,2024-08-27T13:02:05.683000 CVE-2024-44797,0,0,7bc801096aef27df0c5244f5a3c761f34dc19dd9fff98d1b382da189467f2dbf,2024-08-27T15:35:18.880000 CVE-2024-4480,0,0,046ee1f51773a8c0ac4a6c81ddd78c147b0ada165d730df7b9b8d85146172347,2024-06-17T12:42:04.623000 -CVE-2024-44808,0,0,f62eb203c6dc2c06d2dae51b602a89fd3d05bad2adaaad90c3b317d8bdd63fd8,2024-09-04T18:35:05.043000 +CVE-2024-44808,0,1,53ee5f88da9d15aa3ffd696fc5703153aab92dbb219aaccde4dc48186abdbb68,2024-09-05T12:53:21.110000 CVE-2024-44809,0,0,424c650381a963ac60378eaa5a7cd36fd86829e33f994f3d0227dc416ec44e82,2024-09-04T14:35:12.707000 CVE-2024-4481,0,0,c2852db732c7c65c13524ea22e5406663429c55dff3bfe0d5bbffa299f48bbd3,2024-05-14T16:11:39.510000 -CVE-2024-44817,0,0,2aaf710c17cee955bfd41280964ae1478402910c8f39aacb50dcdae726f03058,2024-09-04T17:35:06.313000 -CVE-2024-44818,0,0,f6ca25a0d4eae63885eef05f9b886ff8860be7cdbeb9df54e1d94fb8364a9238,2024-09-04T16:35:09.593000 +CVE-2024-44817,0,1,69deaa4e7ecbf919037754dfd86d6f5f34bcd33ff645863b7e5f14d08ab18721,2024-09-05T12:53:21.110000 +CVE-2024-44818,0,1,d174c0799ffdbf965fa98c057c949d0dd19f8293fcbd2dc7f74d6c2c59752335,2024-09-05T12:53:21.110000 CVE-2024-44819,0,0,05cc7e5cb8a81c93fda0318c22e140563899d866fa07803b71078a86250958a4,2024-09-04T16:09:24.827000 CVE-2024-4482,0,0,30c719bdf44110f5d77595f668147507c21a010645f412257434e159bd101a38,2024-07-03T18:24:41.627000 CVE-2024-44820,0,0,f15637d2ac032c543e5fcbbe9f5d1cb1b7c83c8e990be9337cf6d7655fcc3e7a,2024-09-04T19:35:13.010000 -CVE-2024-44821,0,0,5a31af9152276c46f9bb30da7d72f9c82f49622cff6bbf78c1aeb12cffd74b19,2024-09-04T17:35:07.360000 +CVE-2024-44821,0,1,ff3428c7064f35632ec8516d4f1ffbf8326fb53cbc8ff73f0451f03ff4bad1c7,2024-09-05T12:53:21.110000 CVE-2024-4483,0,0,d9fadea227cf106e149715592d31bb2d237147d959617b97c9049a0f6f95d28f,2024-08-01T13:59:31.397000 CVE-2024-4484,0,0,f8c7c7a90ad9fb2504d28a2d6c05b973f8e6ce86f54104c89b314d37b71fcc46,2024-05-24T13:03:05.093000 CVE-2024-4485,0,0,a27e77eb6786137f1ff33a4e5e44b17657a4b120ca60b51b6c6a25a52d6e7411,2024-05-24T13:03:05.093000 -CVE-2024-44859,0,0,9d9393170ac87680b7f27cc737557e3f60e28b68fec2a17585eedb23d6e709c7,2024-09-04T16:35:10.447000 +CVE-2024-44859,0,1,361e21bdfe4afccedd32d666cb901903834fe5ed28d7a4a2b19923a7bb2e90ef,2024-09-05T12:53:21.110000 CVE-2024-4486,0,0,ae6967e9ce7769ae98c2cf87c0bc0fbb14e19b3005ed8a961bec51e7089d074a,2024-05-24T01:15:30.977000 CVE-2024-4487,0,0,4ec04e3a5fad37f02884076b1172c7e1dd67ad4c891fc4fe04112b3c8765dc55,2024-05-14T16:11:39.510000 CVE-2024-4488,0,0,1067ee59b8b50187d3b6e6dcedd09634fc158d8d3cf8abb63a1cced20ae50aeb,2024-06-11T18:09:34.110000 @@ -258908,73 +258908,73 @@ CVE-2024-44944,0,0,9d04637232a0ef520df300c879d5cc54bad658bb5749e19928008538f4b84 CVE-2024-44945,0,0,a3745a898858327b7fbd2ec8b66c922f7135590f07273b0fe5d696fead01dfa7,2024-09-03T12:59:02.453000 CVE-2024-44946,0,0,baba486800f48daca091ce86b0b3099b94d8fc83c17e121f4572ead5091851fa,2024-09-04T12:15:05.150000 CVE-2024-44947,0,0,8e7576eeaecebace9aa0ff7eb570fdf62eb9d08c76ce62f6b739027bbd7f2e78,2024-09-04T12:15:05.240000 -CVE-2024-44948,0,0,d8012c17f9d433866d2e891f8563d3db9de5d39a088399b86a00d1832f7f15d1,2024-09-04T19:15:29.950000 -CVE-2024-44949,0,0,9ca8ee9487af3ead6886fb43ecba23812ae5536e9a914bf921ac13e992be9ce6,2024-09-04T19:15:30.040000 +CVE-2024-44948,0,1,b6624809fc4e7fad2ef29d7ebf62dc5527a907fa09ba4a21a20058ddaf98aede,2024-09-05T12:53:21.110000 +CVE-2024-44949,0,1,6aaa0682857021304830f46058e76a9629475e0612eeb15cc3936e646938a3bc,2024-09-05T12:53:21.110000 CVE-2024-4495,0,0,cb1d8bc801c43f7ab8180176a646c9e39a56603c1305eac804522af3adac0fa8,2024-05-17T02:40:25.167000 -CVE-2024-44950,0,0,1badf7c66835589ffb91ebf65d4c2d599a9df281983079ad813144ffabc7d31b,2024-09-04T19:15:30.100000 -CVE-2024-44951,0,0,68d81fbd089f479da1852492cb673b2dc68016f4573e81853a63ba932bf5ce55,2024-09-04T19:15:30.153000 -CVE-2024-44952,0,0,b0d75340cadbc523e29bc6e86742d330c28ba33d7385312e625f082b51fd1356,2024-09-04T19:15:30.213000 -CVE-2024-44953,0,0,e7ee18d12b4b622d1b440b39e27e59df7ce0ea27ca851946dc2b471d88fe4e3c,2024-09-04T19:15:30.297000 -CVE-2024-44954,0,0,5e69ff511a569f8f1423b4c984e0fa0fb9880017ecf6c271d6b799f511e79ca2,2024-09-04T19:15:30.353000 -CVE-2024-44955,0,0,21052f489b219d9e2bcc51c5e4009eb4660e1c4bc0ad383f3e24dd434da6ad84,2024-09-04T19:15:30.423000 -CVE-2024-44956,0,0,b641bf68e4f684abc69f5de0bd6fee2fd34682e441f6a149578dcbaca98e7f1d,2024-09-04T19:15:30.480000 -CVE-2024-44957,0,0,2ba601814521b7161680331e0df1a5da4086107bb2d865aded0471442aea3def,2024-09-04T19:15:30.523000 -CVE-2024-44958,0,0,37e88188bc9e72375e0c666e6f21e461c6fc4839e8700b549999d7ad17e85038,2024-09-04T19:15:30.580000 -CVE-2024-44959,0,0,4ef865d862e4de6cf118fe493d28f18a1a019e276508560ee344cba67c1a3abb,2024-09-04T19:15:30.637000 +CVE-2024-44950,0,1,d3089902efd7e9aab9d892a62faf29027951968ca15a849fa454a848592a1ba2,2024-09-05T12:53:21.110000 +CVE-2024-44951,0,1,91785c90cadc8356660ba7fdec9917fa45a207e0be2c7481dad5e2297fb51b52,2024-09-05T12:53:21.110000 +CVE-2024-44952,0,1,3e7f7fc3f19a6b8c8b2ad971400987413f5f03a616833233266eff89d0d21202,2024-09-05T12:53:21.110000 +CVE-2024-44953,0,1,cbaf78facc00ba2382a16f654ddc1a05a298914ec55c1a3c666bb3b29c753793,2024-09-05T12:53:21.110000 +CVE-2024-44954,0,1,31b5dfbb887da799bd2bd3ced4c927fc2ecea3232fc0eafa678eaf39c7e755f6,2024-09-05T12:53:21.110000 +CVE-2024-44955,0,1,2a6532accf02411787cbf424bddea1cf6a2c7506af16dac0f1dc27d82c748f26,2024-09-05T12:53:21.110000 +CVE-2024-44956,0,1,7869397996f74394cc4c799fff8f28f6f1ae1bc5584e6a6f4fcfdbfafec4b955,2024-09-05T12:53:21.110000 +CVE-2024-44957,0,1,4765e817cf743edc20709de59d942aadb2406e8cddf770aa33fac73252ab27f0,2024-09-05T12:53:21.110000 +CVE-2024-44958,0,1,49c750c0a9b2f5b7b2c2c67e4181474af81d7c9d2786a41fdac4a4241460e7f1,2024-09-05T12:53:21.110000 +CVE-2024-44959,0,1,ce07f05b33b1296682d80c2098d95c4078dc762d4b2d2681cf75b77f51bfb848,2024-09-05T12:53:21.110000 CVE-2024-4496,0,0,6e858d3d5b48b877aff577f900a80fd10c799bd74cdf4188d346fa0d13641a80,2024-06-04T19:20:39.340000 -CVE-2024-44960,0,0,280887f2095b96497f9fadc6756789c7c5452e1edd18853b949f1009e38bc54e,2024-09-04T19:15:30.700000 -CVE-2024-44961,0,0,533d84d7eaf4d5fe01bc933abf8addee839f565e4fc9cdd22024648067cc06e3,2024-09-04T19:15:30.770000 -CVE-2024-44962,0,0,b2edb78e5e6b1a5224d0ccc5261fd89ccd43c358955019e3bdcddd9096ce2ab8,2024-09-04T19:15:30.827000 -CVE-2024-44963,0,0,e8451f96b5086f2532214e09549368c5624a1d5a7ccd35da97c40acbb0e5871e,2024-09-04T19:15:30.883000 -CVE-2024-44964,0,0,0d2dff56d5b570d3aabf401161917a091663cbedeb1c489a23e5124cf367fec9,2024-09-04T19:15:30.940000 -CVE-2024-44965,0,0,87e0556888ff2412ec9124e05618ceb5de8649faa249c58fedefb3563f191412,2024-09-04T19:15:30.990000 -CVE-2024-44966,0,0,32417c50bfe321c021a8042471dd7a42e9ee1b9960b55e19390fb3ef67da07e3,2024-09-04T19:15:31.060000 -CVE-2024-44967,0,0,68b14b1645d1223b4bf91cff1718c1b6c2b02a659a964dbc9559d2abe5dbb876,2024-09-04T19:15:31.117000 -CVE-2024-44968,0,0,dc9aa73c8df5bd43fc0645812b9c7ed15ce403d32ac038c2c3a1d4dff9797f71,2024-09-04T19:15:31.173000 -CVE-2024-44969,0,0,158bf7e3cbf772728ddf2b13d2173757ee842c97ca00ddca9b36c4c12a57d238,2024-09-04T19:15:31.240000 +CVE-2024-44960,0,1,987a31728bcd78fdf4111b52e7274a270cfc8db8ae282e2fdf60f5ee873fb101,2024-09-05T12:53:21.110000 +CVE-2024-44961,0,1,0e478ffba41ea52197924449673447dd2bbc8d5bc63fd267e662106285f3040b,2024-09-05T12:53:21.110000 +CVE-2024-44962,0,1,62f984d94b9c38c66188a73a7cba9ab055d947730f9f25dcfd1ba6d4b898204c,2024-09-05T12:53:21.110000 +CVE-2024-44963,0,1,2a9a1dcf88072c0992b95aef60f3dabe7b5cb2ba2989e7d5b5c12170d1463819,2024-09-05T12:53:21.110000 +CVE-2024-44964,0,1,2f11180c5953328396d560d66ad421e009065636b706e723421fd352a4873490,2024-09-05T12:53:21.110000 +CVE-2024-44965,0,1,a67ed955c7c9b2e3eef499a286ca4740ad761b25efa52479e58602cb7dd5aca6,2024-09-05T12:53:21.110000 +CVE-2024-44966,0,1,d7104e5cb92928ee3834c49471184f77f9ba1bb26484d1483e455fa7aadbae27,2024-09-05T12:53:21.110000 +CVE-2024-44967,0,1,89dfada01527c8edfcdf75e8d03ff9e48cea3fb292c10119a2487efa60d42183,2024-09-05T12:53:21.110000 +CVE-2024-44968,0,1,125d9977c95cd27fad067d65cfceb4b033cca732bc912f36769ab80d593425a2,2024-09-05T12:53:21.110000 +CVE-2024-44969,0,1,66b82aa80b6cd92846532cef33b442d38baf22d6911e941514910b3c6f435cd4,2024-09-05T12:53:21.110000 CVE-2024-4497,0,0,6a1d6365c146727895628930cc6e441179a183396cbc0224f0d3e640240772d3,2024-06-04T19:20:39.437000 -CVE-2024-44970,0,0,b99777f0a66971d2fb28313b6c52c970f076318d4e39b7c39c63af5e6b6955c5,2024-09-04T19:15:31.307000 -CVE-2024-44971,0,0,7a6f6c68d01f59c382962330b57f0a580cad3a628c3d3d7322bf38e3adaf2a4b,2024-09-04T19:15:31.367000 -CVE-2024-44972,0,0,9a578caa63d3dfcec0b30f0f947cc34c4ca69c71873368834df06b5403d1e0c3,2024-09-04T19:15:31.430000 -CVE-2024-44973,0,0,37b608de562ed46bf91697764ea4514a1d1464546d7aa862158749f5706d981e,2024-09-04T19:15:31.487000 -CVE-2024-44974,0,0,57bc42a1fa600dab714684acb689c9a9d3068f8126ced31470c3ade8d455b2e8,2024-09-04T20:15:07.100000 -CVE-2024-44975,0,0,8a8312ffe0d2ce9916cf1c85fafc112aa13085f7c6d61fc075d2b569a1095e3d,2024-09-04T20:15:07.160000 -CVE-2024-44976,0,0,8eb69cdbb24ff9ae00c8ec3323730bcb7497b7128b48b6c6a5cbd36f8342526b,2024-09-04T20:15:07.223000 -CVE-2024-44977,0,0,b0005ef08100d7873102bc106ae9e72d5e8636d966cca2f2d423950d5d74b823,2024-09-04T20:15:07.290000 -CVE-2024-44978,0,0,77f4653ace70f3998efbf95d984b6d0a6f7026237e2e87d3911769be5a34a857,2024-09-04T20:15:07.343000 -CVE-2024-44979,0,0,c7149a24aa1f0d8895a2c4d1ea883a50675dc88d3c33d4adb42ddfb9e9addf40,2024-09-04T20:15:07.400000 +CVE-2024-44970,0,1,70414797c7f1420a60b48e34277f5530ec1aa67aed6a07d8d2aaeded9223b4e0,2024-09-05T12:53:21.110000 +CVE-2024-44971,0,1,e476c5ff4bfb7f56378011b6da889acf56f093fdae76e21577f5ad24037fac99,2024-09-05T12:53:21.110000 +CVE-2024-44972,0,1,0b967112ef26e3fe5b0935b427f88208867173c88daf36aa5bd2c336c4f07e64,2024-09-05T12:53:21.110000 +CVE-2024-44973,0,1,add414a58e878f3aee3366f7678bfde348bdae69c48419c508ba030f370d1ae1,2024-09-05T12:53:21.110000 +CVE-2024-44974,0,1,cfad70b0308a8635463d2a3c3550e9a5bed8bac82db7da8bea8e669c50c96ce0,2024-09-05T12:53:21.110000 +CVE-2024-44975,0,1,012dcb6db335aa97afa1ef9268f931ab68a445b973fc3f10a7843af27070943c,2024-09-05T12:53:21.110000 +CVE-2024-44976,0,1,8c7b930f69a8eac68da6855eedc8b3a97b1051cdf631749b93c2aaf1d2a28ef8,2024-09-05T12:53:21.110000 +CVE-2024-44977,0,1,8267c668040f19c89ab2180e788476dee75d30c69bd18b77721b380cd5039fc4,2024-09-05T12:53:21.110000 +CVE-2024-44978,0,1,750dfff7f3690d54d4412faa52af936afcd2098a8aaeee06d2a7378cfc77eb45,2024-09-05T12:53:21.110000 +CVE-2024-44979,0,1,c564230a8b2dad8ceef7ebf62fdc806efd7fe79c5ccf1d638e23d29d49c547ed,2024-09-05T12:53:21.110000 CVE-2024-4498,0,0,237405bb434f57b5ee3d93725ee504cc093cf6521d831301400a29eebde53ae2,2024-06-26T12:44:29.693000 -CVE-2024-44980,0,0,eee5dd4dc3828e9c5c407a29ba338eef880a72efc98a7c36e390c79183fe9f95,2024-09-04T20:15:07.460000 -CVE-2024-44981,0,0,d3705005d74082cdbd3bf5655fc7864e01833220f20b423f4cfe476680dd98bc,2024-09-04T20:15:07.533000 -CVE-2024-44982,0,0,e91a2db44a9233e61fcae7b5eb9f9cc22b5310a280ee8dc56880203d89eff64b,2024-09-04T20:15:07.593000 -CVE-2024-44983,0,0,d7f8b8ce2649666f25c51a1b3975e6c10c8de3403a4d5b61e95979185de2192a,2024-09-04T20:15:07.657000 -CVE-2024-44984,0,0,6bcf4b7dd881f84041f18a88fe713c7b6f0bbb1f1682171f4ca0306bf346879f,2024-09-04T20:15:07.717000 -CVE-2024-44985,0,0,918573da5b59a5ecf9149876ff6125b44b3bb0c422e135533ab411467a6a193b,2024-09-04T20:15:07.777000 -CVE-2024-44986,0,0,13ca6ca519b27e0330a12121129c25d55ad4508966103b9a52d1875f60d0106b,2024-09-04T20:15:07.833000 -CVE-2024-44987,0,0,57c05161044c5d6cc47db445595381dac0c01ed13800c3c8a9b365812be51ee5,2024-09-04T20:15:07.890000 -CVE-2024-44988,0,0,e0d1cd09c1eb85647cfa497ace47363c9d5703801e544f6cf32047f9bcf13aa3,2024-09-04T20:15:07.960000 -CVE-2024-44989,0,0,5f66744ed26817435845a810457bc855fb93f83cee9903007d18dbd9efcd1fba,2024-09-04T20:15:08.020000 +CVE-2024-44980,0,1,47cbb2b80b64a9e65a634f164af37fe8f9bbf35b2a4763627fcb954d1d43d5f1,2024-09-05T12:53:21.110000 +CVE-2024-44981,0,1,6dba815833c9420434096a44702ab8874c664c8f58d21a83ff9a1a2f410cd61a,2024-09-05T12:53:21.110000 +CVE-2024-44982,0,1,097b402de9531ebf5ca1f6aae63ba13bda02a74939ff8ca55ac9e7a6db69946f,2024-09-05T12:53:21.110000 +CVE-2024-44983,0,1,690629c42f711182358e1764655aca93c3a6bdc31e0702c9218202b7b3762339,2024-09-05T12:53:21.110000 +CVE-2024-44984,0,1,c055413ce64b83c18979ac6480bb0a27c5e68feb3d290ff4c7ff28dc7f6a5b89,2024-09-05T12:53:21.110000 +CVE-2024-44985,0,1,e1b0ead85d5e7f6b5f9b29b7fadad04bcc2a6d3fa08bfa4a602715fc84abe9af,2024-09-05T12:53:21.110000 +CVE-2024-44986,0,1,ecb6d7ae1526c81b87b823f2743972fa1bb30c7e171e19f779a4dd2bf5b3cd06,2024-09-05T12:53:21.110000 +CVE-2024-44987,0,1,ff0dd7dd29ccda4d931135aeace4f2cc7ac219771748eff045dba7a854d78fb1,2024-09-05T12:53:21.110000 +CVE-2024-44988,0,1,88c9242491758cb5cb40dacc794baa4f1069a31af76a02349607187c0ed57054,2024-09-05T12:53:21.110000 +CVE-2024-44989,0,1,66cb11edf9d1909542342085f72a5573b26127c4e7900cbcb71ee304cabd5de7,2024-09-05T12:53:21.110000 CVE-2024-4499,0,0,570303fc4016a4dd92480bffd8c28af92c74f4e1e3602b750ed7335c1012dd3c,2024-06-24T12:57:36.513000 -CVE-2024-44990,0,0,9822a5939ebbc6a15d912b9b4bd25a9fc0b8f8ee1fda8dc6734e199431d3e520,2024-09-04T20:15:08.087000 -CVE-2024-44991,0,0,a13e5e6328a7ec190106f6d8536e187e4724b2c27a613eaee1f12f5202fca362,2024-09-04T20:15:08.150000 -CVE-2024-44992,0,0,f218879458a1497d703d908d4b401d16b07694952b05b5814bfab1696156152e,2024-09-04T20:15:08.207000 -CVE-2024-44993,0,0,99426b71b2631ff7f252263375ab129ef4a2275cef62eed183e38e5f5f1ba372,2024-09-04T20:15:08.257000 -CVE-2024-44994,0,0,2e703f55b4fb42f0618a325f58a19f47f25cfa0c46c0bf07e38e63f91621edbd,2024-09-04T20:15:08.307000 -CVE-2024-44995,0,0,ae2d612a8dca024c6847fc5a33837547600711312930e0b3fa06016336c23847,2024-09-04T20:15:08.353000 -CVE-2024-44996,0,0,fef5454e5d6b8a0cbdd700ca621d83e410fa6b53b117e07449eb25c26a2850a5,2024-09-04T20:15:08.413000 -CVE-2024-44997,0,0,11da2a562efc4bd2edb1dda2f09c68c427d2ccd9198615f032be2720852a222e,2024-09-04T20:15:08.470000 -CVE-2024-44998,0,0,923391c617d8fcf94e862773287965dd7d74c45063876654379f068e098441e1,2024-09-04T20:15:08.520000 -CVE-2024-44999,0,0,2002270f38b93b7652b60d30c56adb3be7d39191483d12d798920109f836671e,2024-09-04T20:15:08.590000 +CVE-2024-44990,0,1,5596a6de7b3ce32365210bb44f806ea44f34fa45a5453f219b86942db0945f17,2024-09-05T12:53:21.110000 +CVE-2024-44991,0,1,f23c23b71c26972b3340d83e99de181ad1289651fc94dc7dc1ac2f47ac20d2f8,2024-09-05T12:53:21.110000 +CVE-2024-44992,0,1,d7c361e4984c11f6862791382ede40d51127deebbd9fae5325f7a3bee33fad8f,2024-09-05T12:53:21.110000 +CVE-2024-44993,0,1,61d9e27a66fedf1fd65e8ad25b15ef545f43267db17579c4035bf9c78a7533c3,2024-09-05T12:53:21.110000 +CVE-2024-44994,0,1,077657e93a1c5153a567e0a622109d3f9d5a912137e3785d416b4a628cffcce8,2024-09-05T12:53:21.110000 +CVE-2024-44995,0,1,f74e1be3ab3b188848e3b7ba965cf8c7dadd1b67dd4e80f9241bf7efc8c356bc,2024-09-05T12:53:21.110000 +CVE-2024-44996,0,1,f6ac21dbf7ca4e48c96d2f064d3030e3ec7942596ac80f3d42ca724e6f5d9ee3,2024-09-05T12:53:21.110000 +CVE-2024-44997,0,1,c4f12968ddb8e8d0f2ea40a977372f31c0c799d88ab39d50de5abe548e8324fc,2024-09-05T12:53:21.110000 +CVE-2024-44998,0,1,6a504aaf4fa845b067c2321d17033fd8357d4298684ea1f5bddda4136c36910c,2024-09-05T12:53:21.110000 +CVE-2024-44999,0,1,8ccef336ee5544959a53a8ddff12dd0924c582d551ce6a59b504d88cf52ca6c3,2024-09-05T12:53:21.110000 CVE-2024-4500,0,0,a407be114022fa5d45245610952c429e57739daa41702d131b7165fd39ef277f,2024-06-04T19:20:39.540000 -CVE-2024-45000,0,0,fd89c28efa914564654bf83b7052bdaf3dec5b6a288fac931c766f00ef54c145,2024-09-04T20:15:08.657000 -CVE-2024-45001,0,0,f3a977f5ac76d9d452b11f7d60f509f9938d8968d8769b39b266d7539cf3feb9,2024-09-04T20:15:08.710000 -CVE-2024-45002,0,0,b364a32a0ebbff11c7a74705ded0a1bf339c60fc591f7fa7d836e2283f525070,2024-09-04T20:15:08.763000 -CVE-2024-45003,0,0,61d3cc0504ef6ab7103784e4337a0b39abc4e671e48f5e73986821f565cd5fe2,2024-09-04T20:15:08.823000 -CVE-2024-45004,0,0,808d4dcdf54f17fe0487ca24584c3c01fcf2d5febe713c111fa50b4bdd29106e,2024-09-04T20:15:08.890000 -CVE-2024-45005,0,0,6b7c60780e2a07cd446af607bbadac5e6be8612fe1403428da627edbf511d5b9,2024-09-04T20:15:08.940000 -CVE-2024-45006,0,0,d8e297e743c24de0fa9c189c2dc5431698c7bf9a29b9b57e596f642eff31955e,2024-09-04T20:15:08.997000 -CVE-2024-45007,0,0,2532ab02baab0f0b53b846098bd877c5ade2d126b245e139c193e4463e7b9ded,2024-09-04T20:15:09.053000 -CVE-2024-45008,0,0,4dbd150bfaa8d738ac42a2a9a9bc3c21cf32621dad2a3e8562d47f478ec5635e,2024-09-04T20:15:09.107000 +CVE-2024-45000,0,1,2c0be4e691f519dd141265f06c70a26c4fb13678f8e75581e557ecade1db0210,2024-09-05T12:53:21.110000 +CVE-2024-45001,0,1,c257b8093542d3214f8b8457670ca8ef622c934f177f6cf0e1843db5f562416f,2024-09-05T12:53:21.110000 +CVE-2024-45002,0,1,7365f265cebdeeeace0af406b537b88eee1049b6640d08cf0266f40445abf03d,2024-09-05T12:53:21.110000 +CVE-2024-45003,0,1,9a17c6672d49f0a64ef38d9007573bd12c155422950b6ac7943e2a76bc748892,2024-09-05T12:53:21.110000 +CVE-2024-45004,0,1,452734981a95050fea18e4e68a9afad7a31ec41d9f67e0aa5e6636a929ebdc48,2024-09-05T12:53:21.110000 +CVE-2024-45005,0,1,e451b7c2f4add710887224d994f9dffc8ac56adf3dcc9794335f8f3deeed48af,2024-09-05T12:53:21.110000 +CVE-2024-45006,0,1,6cacce4253b934c99cfc34568aedda38184f70b5be8c633532c070fa60f17ff5,2024-09-05T12:53:21.110000 +CVE-2024-45007,0,1,9c51cc66379cf576bcd17f9e957329cedbd34ee23634a31bf340e6e230dd369f,2024-09-05T12:53:21.110000 +CVE-2024-45008,0,1,37dc0718d2dd8ba9fb7eca159ff733be9b954368896d4dc7e665604ee4c36c7c,2024-09-05T12:53:21.110000 CVE-2024-4501,0,0,3baebe0a469dd4bf55eae5f370777b6e334d89a3883f98b03d03b2205353433a,2024-06-04T19:20:39.640000 CVE-2024-4502,0,0,f1f89a01c722d6ef2e85e855b85895e43fc279ff3a13e0257efd22aaa2b4c544,2024-06-04T19:20:39.747000 CVE-2024-4503,0,0,580a13ae85da881d7284f0e9b163135d237ab58a854d76134955e6cc28d662e6,2024-06-04T19:20:39.843000 @@ -258989,24 +258989,24 @@ CVE-2024-45047,0,0,c43619af4e5f11efeb59913c1a60fca5bf3c78aba8405f85782c32a6bc30f CVE-2024-45048,0,0,6de5f8a7ac9319b7de3e5cce18cda2d98033e2568c0175c978881a510456cdf0,2024-09-04T17:27:31.517000 CVE-2024-45049,0,0,2db7654aac013903b19c74b15111e80acc65bf9e641d52dffa75f446b2d1ef2f,2024-08-28T12:57:39.090000 CVE-2024-4505,0,0,4ef7357f00ff85be3b87c4353ae099f1aed84eaee3f1c1bda33ed5ec6e115293,2024-06-04T19:20:40.050000 -CVE-2024-45050,0,0,15b1544e98ef24125077527334014b66bf33c19ce1497a99510e7306db7db40d,2024-09-04T16:15:07.480000 -CVE-2024-45052,0,0,2d2fa35b476ef133a34ae5e4d1d842b5d9270fc342ac719fa4a3019045a8bc25,2024-09-04T16:15:07.697000 -CVE-2024-45053,0,0,f0394548bf08fbc7bd15f361468d96ec07ab5c07385bb8ccd3c327fd07587bc1,2024-09-04T16:15:07.910000 +CVE-2024-45050,0,1,3a4470d16ff2c28cb414b6aa70da3221ae9e5c5a378bba42e6eb2e3356034e65,2024-09-05T12:53:21.110000 +CVE-2024-45052,0,1,6d8dfada53cecca6acbf399a72d4da518538b66558aadfde5d364c1cc513bbd0,2024-09-05T12:53:21.110000 +CVE-2024-45053,0,1,eee8d3ee4fe1c09b4554d79ac74d332d3d9279901aa2b9c406aef4442ef6ec8e,2024-09-05T12:53:21.110000 CVE-2024-45054,0,0,b9a631b4140dc3b625193d3b302c7a5fbf5e7defa5c6f149bad3cc57b44dfb5d,2024-08-29T13:25:27.537000 CVE-2024-45056,0,0,691057e2a8bd235b7cec2ff9d1864de57863221b46b0db10be9809732ea41217,2024-09-03T15:14:54.877000 CVE-2024-45057,0,0,9d8b06345321949fa48379fc2183ae1808eec74c9e7dce5df7d16d85f9e3fc50,2024-08-29T13:25:27.537000 CVE-2024-45058,0,0,7787e6673db22abfd684889eec25f0d15a1228d1d6048ef359937e89120200d3,2024-08-29T13:25:27.537000 CVE-2024-45059,0,0,1db4a990b2e27521ef605a35909b28cc3d1be1d4c9ec2ad338f6d6fa0c866be3,2024-08-29T13:25:27.537000 CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a3f,2024-06-04T19:20:40.150000 -CVE-2024-45063,0,0,11a5a1f1c3847dcbac29781c3a0845cf0cc5bd914e47f5e7f96c4d405a42ea80,2024-09-05T05:15:13.830000 +CVE-2024-45063,0,1,388e400034fa148729af815fd29d0e2c155a55d3dc8ba2ea48512065e98df2f3,2024-09-05T12:53:21.110000 CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000 -CVE-2024-45074,0,0,85206b19e7b890792f184bb62346604bec35d1b73d40c41049098f54de297c38,2024-09-04T16:15:08.110000 -CVE-2024-45075,0,0,abb15f53222bd57625a01fe6cc4d97cc9b78e2e049317684d6201dde8213c5f4,2024-09-04T16:15:08.357000 -CVE-2024-45076,0,0,fe0f4191b6a3c0f00817eee263152abe7e6fd77b9ac84d4c4387ef43801e47d0,2024-09-04T16:15:08.600000 +CVE-2024-45074,0,1,2acf4f0c25bbf5eac392bebe7ceb928355c00f7621cfd672d38777710d0e6cb2,2024-09-05T12:53:21.110000 +CVE-2024-45075,0,1,970063a21cc69312ed5905047a4f8f95237496df40f08985a6b50e18ab5ad76e,2024-09-05T12:53:21.110000 +CVE-2024-45076,0,1,0d010c89a424f0e84ebaa9873d815dffe8bb1375c669731f5cae4948fe4c87e7,2024-09-05T12:53:21.110000 CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000 CVE-2024-4509,0,0,996942a0a2c59f4d53067a2868fbad35944719504585e3998bbd4d788c545588,2024-06-04T19:20:40.347000 CVE-2024-4510,0,0,e609022dce213b03ba687f592023f15f3e261f085d88e9ff14f3b7ffe9969d1b,2024-05-17T02:40:26.417000 -CVE-2024-45107,0,0,00b4e9759c85a577f5865a2e45d2c1d020283ac795213a2fbefbac794ac75393,2024-09-05T09:15:03.123000 +CVE-2024-45107,0,1,5e2ac9906d55f0e5240ab60036468d760c6dd02ed6b1d647a490b90389e8644b,2024-09-05T12:53:21.110000 CVE-2024-4511,0,0,4d9dcedc762dab13753e2b0a6fba06d0880c8f0afe543668ff587ed1c4cea3d1,2024-06-04T19:20:40.443000 CVE-2024-4512,0,0,26a6b6bccaf4c25a8f55831184ccf900ec4db9044766abdc62f8dfefbc7cb546,2024-06-04T19:20:40.540000 CVE-2024-4513,0,0,6c3f318b0d8a8c538c1f3920692d132bd9a92a5cfece17f174b91ed826f80818,2024-06-04T19:20:40.633000 @@ -259020,10 +259020,10 @@ CVE-2024-45167,0,0,6f3847a892b75be18a24e1374ef352424a8d56284d9550373f08d0a52ea49 CVE-2024-45168,0,0,6124dea0f408bc63748f989f7ce4cf06d1deb9da69f42ab4bdcfa64b8daa0ab1,2024-08-22T14:35:13.957000 CVE-2024-45169,0,0,9c1ccfed5f8c51cc81c5cd2eec094329fe2aa7c6c132e4f4099baad9dc306193,2024-08-22T15:35:13.507000 CVE-2024-4517,0,0,3fa4b03e407f8fc963e6e42e2d6f56f1c6623d21471e9883bdedad7e9bb00507,2024-06-04T19:20:41.030000 -CVE-2024-45170,0,0,ce3a4bf36050bd381114f7cfdda27ba1831cebeecd99b9720ebe112560e4a706,2024-09-04T19:35:14.620000 -CVE-2024-45172,0,0,d1cd50c0e16a6b9572f48736b37e3d4ff6394933e4c1f0ad9cf9db05d7e2aa51,2024-09-04T20:35:20.010000 -CVE-2024-45174,0,0,f6da7c8c9e05eba93cba3d3c9cf80c85a6d7d8192bc7333ff97dd043a4d836c1,2024-09-04T19:35:15.443000 -CVE-2024-45177,0,0,47359ac09ece1dd07330a79fbfac7a195858aa97b76c625b51790ad6b3e90cab,2024-09-04T19:35:16.267000 +CVE-2024-45170,0,1,8fe4b9ac86882f3df66af526948de512a679162d1d237b054f8ec9bd99499824,2024-09-05T12:53:21.110000 +CVE-2024-45172,0,1,68b3dace475f9bcf51f79da5da4aa2b3c04841de6dc44424481c2470782012ce,2024-09-05T12:53:21.110000 +CVE-2024-45174,0,1,2ba63c333cfe37e6c7dca9f72909d21c7893acb52b292b0e6cf7a4a15b777141,2024-09-05T12:53:21.110000 +CVE-2024-45177,0,1,e16e0cc027b9a1ab0f5d9f5e0b79a7c42660772108242f226798fd93c099bafc,2024-09-05T12:53:21.110000 CVE-2024-4518,0,0,64c3b6e6e74f6d9fd929463119875b686279109a997143c5dd3ad8e2c1af1355,2024-05-17T02:40:27.187000 CVE-2024-45180,0,0,972956c14c3744d5d70c795422903443a3c866a60353a62faa079ebc718a4b11,2024-09-04T13:05:36.067000 CVE-2024-45187,0,0,b29c34a9281e147a1f2b33bdd2a8c272cd39081d36dd9d0273787cf191e54024,2024-08-26T12:47:20.187000 @@ -259062,8 +259062,8 @@ CVE-2024-45269,0,0,930c2dda66909b7393cc3daf8d8e0bcb8066c589d45124dd784354d0c2c32 CVE-2024-4527,0,0,c7ad79186f39af6c4287cf90f197f2ec298291b738fc5af7e4ddede8b4e9adfb,2024-06-04T19:20:41.810000 CVE-2024-45270,0,0,c7af37af49333c30529c68858eecc171381f5cb95414149d25997e187a81c107,2024-09-04T11:51:30.887000 CVE-2024-4528,0,0,7b720d00d965c73e07e6aefd4c36ac932b079840a05c5efc530ca8c4800fb595,2024-06-04T19:20:41.917000 -CVE-2024-45287,0,0,4b6d4985043a8cfff33ec0dc23ceb7deddc30e5db76698e62c2182512aa9d38e,2024-09-05T04:15:07.410000 -CVE-2024-45288,0,0,bb3e849a20cc0748233fde0fd1d20bf2e8593d62a63f9aa923b5611a6d367301,2024-09-05T04:15:07.520000 +CVE-2024-45287,0,1,b8f5d1a4e2e5997ea2c47b168fd9a9add6545241bf0ce8d4616381f847e8f565,2024-09-05T13:35:02.927000 +CVE-2024-45288,0,1,2aaddc8c21b6b65919d2edec7c87cde4014081c869ea3438548cafcda5d7601f,2024-09-05T12:53:21.110000 CVE-2024-4529,0,0,5fbb4c14219ef7d51954458b7780a68dbee769876e9489db6e9ba34bd68834fa,2024-07-03T02:07:42.220000 CVE-2024-4530,0,0,6b78f15ba2a60e96a20ff176cd49d228ee37f0e30a4b3e696092a717f8a23e27,2024-05-28T12:39:28.377000 CVE-2024-45302,0,0,81d543b8058ec9a64648a785b7fa014c697fce5846d6cc78b75fe051c3ed2104,2024-08-30T13:00:05.390000 @@ -259077,7 +259077,7 @@ CVE-2024-45310,0,0,cf559c2fb608db5e942d7bd154cefbc5964353e2198d862886f1fbdd9c82a CVE-2024-45311,0,0,f2b6c9c3379c0b3e8f8cccd4dc03bdd41e4b0a8129b775b47dd7144af13cbd61,2024-09-03T12:59:02.453000 CVE-2024-45312,0,0,3ab127ae457c159e255763a9cac499b257dedfb3025d06ab78788175895c278c,2024-09-03T12:59:02.453000 CVE-2024-45313,0,0,7f2c32db2a1d116c11ba8b1d5ff95be26c7a6f4c5dba7ff892eb13c5baf4c8a1,2024-09-03T12:59:02.453000 -CVE-2024-45314,0,0,111e3bfec42e5ee9a4688dfd9edf12400b6d13a5142b248689959bbda1c9bcb6,2024-09-04T16:15:08.833000 +CVE-2024-45314,0,1,b63eb7e37a749fb3c308d5e710eb140bbcfefc4e3df4519b3385c13ecabef564,2024-09-05T12:53:21.110000 CVE-2024-4532,0,0,4fd2f02f0358f1c611846b77f1b0e80bcb1985e07f23fa6a21a71cc25593500a,2024-05-28T12:39:28.377000 CVE-2024-45321,0,0,37b6c3801843cd19376dfc008024087eb46b0d9a726e5ad21af320498cf91f40,2024-08-27T14:35:13.357000 CVE-2024-4533,0,0,aca3a412ead1ce1343d6f498450801be5e059db6302d74881039b5fe75fb6c09,2024-05-28T12:39:28.377000 @@ -259093,12 +259093,12 @@ CVE-2024-4539,0,0,55abcbe26e411ca656e6a32a2a4f1ff2caad1b7d092df554c28514564a9256 CVE-2024-45390,0,0,332342778ea7f712e3a75a5f422837c59f0b8fc1cd3d7840f34f23531141c0dc,2024-09-04T13:05:36.067000 CVE-2024-45391,0,0,9c5789b02ec0149b6dd4c299f7c2076a4f5ab5f425e6ba50511de158538b434d,2024-09-04T13:05:36.067000 CVE-2024-45394,0,0,2ba0026e07469dbf430ebd158b45587c8559adbe0d6d259ad77063b3124f324c,2024-09-04T13:05:36.067000 -CVE-2024-45395,0,0,da7b76e3abfd7a5869d50ee6d85080949e1b863b724d76546b54e5db9d5000d1,2024-09-04T21:15:14.237000 -CVE-2024-45399,0,0,a30ccec61901cf4020c44300f3c41bd6429ddbc536b4f381353ceaac22a63d92,2024-09-04T20:15:09.257000 +CVE-2024-45395,0,1,e86751a06dbfe92039318153ae3e40334cccb8072cf74037173dfdb8955c4b2b,2024-09-05T12:53:21.110000 +CVE-2024-45399,0,1,a1cf7f5ebf189fb42f167aadd6e82f696503abfd38953cb1d8591d5d8cf1b025,2024-09-05T12:53:21.110000 CVE-2024-4540,0,0,56ac6cff101cc91d96d8daf4bfda0c052b655471dc0698e77d798366d59b9124,2024-06-03T23:15:08.930000 CVE-2024-4541,0,0,3195b1a81526d9da93cf28b1e1f763238ece2897561011f493b9a3c77f12398c,2024-06-20T12:44:01.637000 CVE-2024-4542,0,0,188546ca483f93e7131261a5bd57b93b03491de5e62247759ac8c05b93c8f51b,2024-05-16T14:15:08.980000 -CVE-2024-45429,0,0,b972bc8cc9a7c4266e7930bda8704953c8efd3af4614703e3299db19b61a3e2d,2024-09-04T23:15:12.803000 +CVE-2024-45429,0,1,b6682f6c5fc95a0ea1e918cc9175ec1c4ba8aa26e7eab550751e1679316bee68,2024-09-05T12:53:21.110000 CVE-2024-4543,0,0,cda17786b919b03cc3eee3c735d905916723b9b88a929a8c3a419843d78bdd6c,2024-07-03T18:23:54.237000 CVE-2024-45435,0,0,927041b8e7c5f8f0713d2961d74ba13597912bf3d79d8a6803fd6f88a7797c28,2024-09-03T17:23:36.073000 CVE-2024-45436,0,0,285ce8c7d8a1a73359dbcdd8ed12fdef35f675e020b230adf62e4aee88352a8c,2024-08-30T16:08:54.840000 @@ -259162,7 +259162,7 @@ CVE-2024-4567,0,0,55b6508070b71672e22c57660afab28e7ebc1a40a37655965c41825cdc3bc1 CVE-2024-45678,0,0,693ea2059e5782af88748cb6a47ab17c5e2b747f0badd3c534ee2c1a86fd5624,2024-09-04T13:05:36.067000 CVE-2024-4568,0,0,950b62937f2f303cb16f164d002be64527131317e5dfff26daecb96b6bec4236,2024-05-07T13:39:32.710000 CVE-2024-4569,0,0,2e4b27b05be8561bd3f260b3ccf0eed0d11ea74483878f5df5227737faa1c038,2024-06-28T13:10:05.153000 -CVE-2024-45692,0,0,d086420a1633a8c93bdd779d04038d7625613297106495fa8f7fbf0dd2439557,2024-09-04T23:15:12.887000 +CVE-2024-45692,0,1,91bb316a514315e6a6e331dc0347fb0537d00479a4e172354ad9c890093d7f2a,2024-09-05T12:53:21.110000 CVE-2024-4570,0,0,c1cc5ae154200d1c8cbc554d2bd91b7f0d0e2fb1c25faf550303ad23eb2c106c,2024-06-28T13:38:13.630000 CVE-2024-4571,0,0,76823bb120333d1d68e24e57a18868a62bd826931cb118db3f1630877d1250ae,2024-05-14T15:44:05.750000 CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df61090e,2024-05-14T15:44:06.153000 @@ -259821,7 +259821,7 @@ CVE-2024-5304,0,0,d968010935b9808df14ec3827c68c660e5030ff1e10dd473ede1e120c2d002 CVE-2024-5305,0,0,d7ef5e26da1b4b55d5a1323c739605451e8b0fffa749e9d5cf8a79ba440fa94f,2024-08-23T15:05:41.013000 CVE-2024-5306,0,0,d647292a2595d4b4621658b069669f43be59c7629ba28057e1c1f9a15fcc4dc0,2024-08-23T15:01:42.337000 CVE-2024-5307,0,0,9f60aac251e2e03d9552a0394a9c798214f03b8e43e7cbb0dd9de3359653dec5,2024-08-23T15:00:25.687000 -CVE-2024-5309,0,0,93f6324ef588075362c9ed8d35215b555730c1d7846ddf78d2ab3b60cf40ddc0,2024-09-05T09:15:04.253000 +CVE-2024-5309,0,1,537d8df423a6ccbe726d2da884b1ae55074b1174426de4b5b8f793ed5b4714f8,2024-09-05T12:53:21.110000 CVE-2024-5310,0,0,be68f6d898e4e59f65162318c0ea0836be8ef675c080dff90d77e5a0c98b0b1e,2024-06-04T19:21:04.583000 CVE-2024-5311,0,0,4e4e9b4edb642fa4d04760ded51b93254fd12f5bde190a96e2c1818c58cf4797,2024-06-03T14:46:24.250000 CVE-2024-5312,0,0,18bbe6bd336686ff14003841f43dce1a45b7d1ab8cfffd6fca5539a180b7243f,2024-05-24T13:03:05.093000 @@ -260361,8 +260361,8 @@ CVE-2024-5950,0,0,f2973766f812398c51fdc9e52a19a5f151706c2da451b30e218939a121000c CVE-2024-5951,0,0,6febf2923b11ad8e5c0b580c95ce8478dd937b62c84a55da1a853959f3aac15d,2024-08-07T18:12:55.977000 CVE-2024-5952,0,0,4b0244413edcc544ed5c05479b5dbc3eeb5d75652ce440b39e8ad3eb0aaa28bb,2024-08-07T17:50:09.493000 CVE-2024-5953,0,0,b751d8c3256cadea715af09554e498d62ce421392f8f753ae9bea01ad7d81fc9,2024-09-03T11:15:15.463000 -CVE-2024-5956,1,1,e8af2590832b92dd0e5ab24b31ba74c5048211e598b5f7a09cafe55393986c36,2024-09-05T11:15:12.387000 -CVE-2024-5957,1,1,8eca28c3f31ca5b431a45ace55530d9470787983e3e727917782534ba6a64929,2024-09-05T11:15:12.610000 +CVE-2024-5956,0,1,65b2e6d0076fdcfc50a26cdad4c01df6c7f252ab6eb4302ece19d8bcb7f9fb50,2024-09-05T12:53:21.110000 +CVE-2024-5957,0,1,bf5bcb6583fdb2044ed97ff58330d1cb7624eb9f015b3a60658443805c23b9f5,2024-09-05T12:53:21.110000 CVE-2024-5961,0,0,458be8cb6fdb0d558a4d51d11b5f294250dd9695661afd805b88290bb2df249d,2024-06-17T12:42:04.623000 CVE-2024-5963,0,0,a4cccf44b2eb0314cba658473713210aafeaf2066181b69f96f839930da4f321,2024-08-06T16:30:24.547000 CVE-2024-5964,0,0,d6f5f38a4c6449f04f742ee04a5db3f604bc83ddff32647d9051bd1d156e71e9,2024-07-18T12:28:43.707000 @@ -260673,7 +260673,7 @@ CVE-2024-6328,0,0,1dc9c3c4a448080717651ebabfb2fc281b4a1c036cabba31a96124b6cb4e8c CVE-2024-6329,0,0,86251ab842ffcb900239f67c839645a87676821122e9a881854a92c1e2f082f5,2024-08-23T17:01:34.227000 CVE-2024-6330,0,0,e1243e86845c9ad8bb8e14e862db7cae433088225de72050fd359fe249b90cd8,2024-08-19T16:35:30.907000 CVE-2024-6331,0,0,52c1c6ef5119330812f0b8f9d4c8f908510020273352e90ad354980012c782b6,2024-08-30T16:15:10.710000 -CVE-2024-6332,1,1,1073b54067030dd8e30eec02319e4104ae3ee1a84cc95f90c32b8cc3a46a866a,2024-09-05T10:15:02.970000 +CVE-2024-6332,0,1,1827326305dc9b11a010d10c8dbae8ee3eb0acc491044596c4d789421f83ecd6,2024-09-05T12:53:21.110000 CVE-2024-6334,0,0,3daf0dfe09252e7765ca30c739cfcc033a43a657c17c0275e173ac670504522a,2024-07-09T18:19:14.047000 CVE-2024-6336,0,0,1df5fc72f07b093cfd11ea9b65ef147e8130715026fca7ff47fd924988f45532,2024-07-17T13:34:20.520000 CVE-2024-6337,0,0,2e78350836fa8817ff4aec79c82f6f0f98d78739985b39708ec542654e5f48f4,2024-08-21T12:30:33.697000 @@ -261032,10 +261032,10 @@ CVE-2024-6828,0,0,5e3bce0050be5ef41f841daf735b80af46e729368278d26d6a7ddc5bbbdee6 CVE-2024-6830,0,0,66325e33317c6fde8b929b285667c5104c4ae04492532b5067560968ff36e7fb,2024-07-18T12:28:43.707000 CVE-2024-6833,0,0,b0ea48d29166f6347ac218b4f9f93d3f7fc599fd932b64c35cfa55e5a1a94672,2024-07-18T12:28:43.707000 CVE-2024-6834,0,0,23e85f57c9b7230818a4425261a24fd150d79ea72676d6bce04d47efdd69630e,2024-08-01T14:00:44.750000 -CVE-2024-6835,0,0,94e13e7b310eb631f2774d11f10c7f2e181fe3d079a527ce1362df98d058353d,2024-09-05T07:15:02.657000 +CVE-2024-6835,0,1,3165e681a9ea2e444ee96ca49c0cd059d5708ccec2fca01dca61b4e69f2dc31e,2024-09-05T12:53:21.110000 CVE-2024-6836,0,0,94c1bcaa18f7036265464de8eba36ccdaae9b63d5d20f60a8cc42904bb485160,2024-07-29T20:20:30.867000 CVE-2024-6843,0,0,aec077e7d49dac8e1cb0382a7568b4a4d58cd66583979c6d1347903e4ac17bee,2024-08-21T15:35:12.407000 -CVE-2024-6846,0,0,aab6172c7fcc63e6eaaf9c2dd7e7db62f6e31e9e22fe3d78ebb46657617ac45a,2024-09-05T06:15:03.143000 +CVE-2024-6846,0,1,d59f92bacb56e5e9288714a1222fe0e9179b5e9e5e0aae4400204624320500af,2024-09-05T12:53:21.110000 CVE-2024-6847,0,0,3aed5f2ad75c2a50eaefca5c72002315f9d747456f8615efa188f54be39bf54d,2024-08-20T19:35:15.040000 CVE-2024-6848,0,0,e171c12c58967922126feefb09977b436bb9e206684562a37899ca6ed3e35d20,2024-07-22T13:00:31.330000 CVE-2024-6864,0,0,469a0ad039e39ca71e90d0d65b529134e06346783388106a10d2fa7d0b356379,2024-09-03T20:22:16.433000 @@ -261057,7 +261057,7 @@ CVE-2024-6890,0,0,a4b61d6d84db517405e5620d04c7a39034adaee98aaff7a0c1a327ff7affb4 CVE-2024-6891,0,0,0319d5fe5c9f95304d92792a4ec9eb62a36bb2ecf00a0444185d206c61336dba,2024-08-08T20:53:26.090000 CVE-2024-6892,0,0,94014e6ee35e3929306c8f74e16e30b86ead304734b682c8817df82d89ee99e2,2024-08-09T16:35:06.330000 CVE-2024-6893,0,0,07759fcd96135a135ba512fb22253857e5bc78dc38f1fd228c0dfc24706d33b4,2024-08-08T20:53:37.443000 -CVE-2024-6894,1,1,f0748965c84b18f6f84c1328468fefb1ab6c97ff368e5c9a43efb206536eddfd,2024-09-05T10:15:03.737000 +CVE-2024-6894,0,1,9fccc7ee6c25b4dea4174212aeb325748e3072223b078243002cdfe67f15a3db,2024-09-05T12:53:21.110000 CVE-2024-6895,0,0,ba732cd0d0196677d9fba02b4344054d4844d09e5d174114e4dcf4446ecf9262,2024-07-22T13:00:53.287000 CVE-2024-6896,0,0,5408a7e80aa3e88cd45cfede99bb9ef131493e304d3dbf46fdd9905f82d27439,2024-08-08T20:06:25.957000 CVE-2024-6897,0,0,0bc0c3c85d38c464186c16b9bc40451a421eb7b428d66cf1c3a2509fdf188e66,2024-07-29T14:12:08.783000 @@ -261086,7 +261086,7 @@ CVE-2024-6922,0,0,06f94107ca0d2a59d9bc293905aa46a216c7a8ead08ee7b0b3a0f5d8d9c7d0 CVE-2024-6923,0,0,0cfbd144d08a5d679110992f45e4be991e6cd9826e8a45ed46231797910890a0,2024-09-04T21:15:14.567000 CVE-2024-6926,0,0,8f7a980eaebe48aff3a265873ac088d8aab7ac9e61e313ad47eb901f8ccee0e3,2024-09-04T15:35:26.253000 CVE-2024-6927,0,0,c6c32d7d70ee084dae2db926c974bf0a3365e62a1e0657f5800453d990661577,2024-08-29T20:37:07.310000 -CVE-2024-6929,1,1,4976ba3c7c978fb66d0b9606e4d0d93fcd110011232483e2996f6578eea786d7,2024-09-05T10:15:03.980000 +CVE-2024-6929,0,1,e67bf9fbaa24bc1cdf2dacd7c94784cd0bb2e1a8e63f552d5ade5b411939b46b,2024-09-05T12:53:21.110000 CVE-2024-6930,0,0,1339dcde2064efad12400b33b71bb10f58bb3894621d0a104ecb7e997db508bc,2024-08-08T20:06:49.207000 CVE-2024-6932,0,0,67a8aa74150c82de9338c7f5e13237de6a0b3fc058478249ab687a9bbea18d6e,2024-07-22T13:00:31.330000 CVE-2024-6933,0,0,31e003a378d639e27641dced44e726d35d058acd0301a48a16d76976ef2aa1ee,2024-07-22T13:00:31.330000 @@ -261306,7 +261306,7 @@ CVE-2024-7256,0,0,28c6c5405ca0661376f4706f7e75647b14826bc648847c0c2ef29d4ee5bafe CVE-2024-7257,0,0,e6ef266df52e25692b132cfb6522d79defb5eb3e548daae54be1d69b0c3ab16e,2024-08-05T12:41:45.957000 CVE-2024-7258,0,0,7daa83813c091cf4943890cfcc79fb77dbec053060dc3ee1861fb34d4faa0557,2024-08-23T16:18:28.547000 CVE-2024-7261,0,0,fdf19de147aeb158ba2cfdeccb94ff02bd8a84a25afb347c46bd0d0cfc6e1df6,2024-09-03T12:59:02.453000 -CVE-2024-7262,0,0,ce4ca941615aa20b8be720a40c20724c34593c923e46b6e56bd9015e23ebddbe,2024-09-04T01:00:01.057000 +CVE-2024-7262,0,1,95b3d95a32b25a2634e7e0faa3f1f6b57a404f18277315b6dddbf2c940c189df,2024-09-05T13:30:33.680000 CVE-2024-7263,0,0,9d6df8d57145d860b9f285c4defefe5eae42f914cf87b79ed3fa24860767bd90,2024-08-22T06:15:04.510000 CVE-2024-7264,0,0,12a75b53a7f63996bb7b4af3d1a6b7462e167bb63f5a12a5607f29e5ee63586a,2024-08-12T17:30:51.880000 CVE-2024-7265,0,0,7744849ec550e14a15ade5689dd13e89a671dd2d7872009d179abef8fe868c92,2024-08-23T15:09:29.843000 @@ -261405,8 +261405,8 @@ CVE-2024-7375,0,0,28bb47d4b9853eaa90b578de46ee4931868a9172df342b2f5aaa2627a30888 CVE-2024-7376,0,0,6a8239d148373b81ff417f2f5b853294092602786d672e55874e9d15579ca5e1,2024-08-09T11:22:53.947000 CVE-2024-7377,0,0,36e56aac53023f827b914b5a997e5857db515082cb379daae4b49f84fe230f27,2024-08-09T11:22:18.483000 CVE-2024-7378,0,0,4660382211ec1d3019061588c841e586a94d2ce616261678ca4d8a3644da536e,2024-08-09T11:19:25.363000 -CVE-2024-7380,1,1,c7b948f6a6b1d65660e769c76d07da0b95211e43aae94c12443dbdba2bedf6db,2024-09-05T11:15:12.820000 -CVE-2024-7381,1,1,b74aa710ad8f8afb67ab120752258a60a585af583fece1346bdeae2444473ac8,2024-09-05T11:15:13.043000 +CVE-2024-7380,0,1,834f4c1e5f9410bf5e61cf7e7e0b99d9c93722684d88bcc74481e14c45f3cbff,2024-09-05T12:53:21.110000 +CVE-2024-7381,0,1,ff327db1be2eb4785d8ee2a7c6caa956f6bac8d7333470776a3c56aa3e2075c5,2024-09-05T12:53:21.110000 CVE-2024-7382,0,0,38dbfd05201dede10e421fed3e3b0d675c062e51a3aa3f6428b06fad8a88c553,2024-08-12T13:41:36.517000 CVE-2024-7383,0,0,e9e41ebbc97601346bb675225ba79de921d0c65e55a076ffc6c52d62374e6a9a,2024-08-06T16:31:05.780000 CVE-2024-7384,0,0,959c51f9d9089f82b75c53d05c8efe51e41a9d17d895f5f42948ac7d882f9351,2024-08-22T12:48:02.790000 @@ -261554,7 +261554,7 @@ CVE-2024-7601,0,0,db9958425836572eda0b52c7e651aff0e41e4dc47ec55ea348bc5752e1b198 CVE-2024-7602,0,0,1295ede0549ca488da522cbefe2db5abad88498e69c53af1f38f0ee81eb69b62,2024-08-23T16:36:11.690000 CVE-2024-7603,0,0,026c301c8508bb2890d37936199245036e5a5160d5195c848eb9252477eef559,2024-08-23T16:36:28.327000 CVE-2024-7604,0,0,2ca377c2d37b9340c6f7d1612379ed11f338df19f0e6ffae40ca1da8c016df51,2024-08-23T16:37:09.107000 -CVE-2024-7605,1,1,6499f3a0d51fed288fdc207c652db8d1deeaab6a822f9bb0f01adb2d04f2e9ef,2024-09-05T11:15:13.257000 +CVE-2024-7605,0,1,db9fc8353b2fbab1d7696d6839477bc001c92db3aa35246de1bba5c5a3b2d170,2024-09-05T12:53:21.110000 CVE-2024-7606,0,0,d1994339c445d05a7d0516150729b84de3d1d7c8a4d08e8012b40ecbd6deed28,2024-08-30T15:43:41.773000 CVE-2024-7607,0,0,1fc6dc2de47de502ba4dba054f1982731028b52bc9234ef0062aa94d686e06ad,2024-08-30T15:41:02.407000 CVE-2024-7608,0,0,b8872988f702757177432eab77e95a14e7cc629ce3c064dd49371a09c8fc5a16,2024-08-28T12:15:06.900000 @@ -261567,7 +261567,7 @@ CVE-2024-7619,0,0,52e157835f9b49014d03653876a6177ba54feacc6eb580f7a52506ce1aa54b CVE-2024-7621,0,0,07161284faa2eb0637370b6ff462e631787a37850cefb6ac5fa6750545dd7050,2024-08-12T13:41:36.517000 CVE-2024-7624,0,0,c87cdcd90fb34d1c79e4bedcfe521cd45a7c97d88fc176665ac59544b2fffb63,2024-08-15T13:01:10.150000 CVE-2024-7625,0,0,cf7951ec684c41cac7f2f6e12b1507a1eac20d5a4914135abea68670c2031228,2024-08-15T13:01:10.150000 -CVE-2024-7627,0,0,0ae1c3ec00321904deb3ff3d3a9aaac19870bd3ea8c0d28c7aaf2d7a2d48887d,2024-09-05T03:15:03.560000 +CVE-2024-7627,0,1,af96392fc36e867c15605b6e1dc599aeac0b5c5d59eb872427406ab6bc591879,2024-09-05T12:53:21.110000 CVE-2024-7628,0,0,13c6e75993fc4e0ea638854e2c037e11703f2e05b1bb0a7d2173b121da5472cd,2024-08-15T13:01:10.150000 CVE-2024-7629,0,0,45eb45459388d6798e88edee38a7dd2ceac912098ce5cc3a42af5f252bb2fbc1,2024-08-21T12:30:33.697000 CVE-2024-7630,0,0,418e383b03350a1fa5d21be50b8eebc36b3c165fb7c794a3b77aa7313e9af0aa,2024-08-19T13:00:23.117000 @@ -261589,7 +261589,7 @@ CVE-2024-7647,0,0,c2417bbd838d2a2a494407e7a47e50a82d7e6b69bb49e726beca72fa9570b1 CVE-2024-7648,0,0,2049ae7cbf0cab301bb3d8a4c000a0971cbb2a1bb7b1a04dd9face1c419d935f,2024-08-12T13:41:36.517000 CVE-2024-7649,0,0,3d0b3905ac20943345a47479273aed49759614ef3fae3b2688335294d499ed3d,2024-08-12T13:41:36.517000 CVE-2024-7651,0,0,386a7bb7aa0b4a32ced6fe813025ac2a231789f032ca2ee2a42adaaefdd20a30,2024-08-31T03:28:02.947000 -CVE-2024-7654,0,0,48e372226ddbdad2b2169e3b27af2de6c8634648c09e2ca3ab2c1c166ee3bf55,2024-09-03T19:40:46.783000 +CVE-2024-7654,0,1,49383a5796e66ab6802124ac3212336a9fa34e97b446554c0840904b1dbfce6f,2024-09-05T13:53:16.540000 CVE-2024-7656,0,0,54bddf4f1c99f206f2f263928ecdc7b2851230b8a0f25d44b79aae993350ca70,2024-08-26T12:47:20.187000 CVE-2024-7657,0,0,b71ee6cae903ac873f30f4d097ac987c873f0095983bc9620eda1ffab659d5b8,2024-08-15T17:48:20.920000 CVE-2024-7658,0,0,832a65f53a452b2fa1561cdaae82b94e5ac7d59bc491a09b3cdc773f704d8588,2024-08-13T17:00:19.800000 @@ -261715,6 +261715,7 @@ CVE-2024-7867,0,0,cc4e8e2cbae6cc9c2393332b56b3dc1a7160836d4b3b7919e8d1234e73599a CVE-2024-7868,0,0,426aac72107d4f020c4b4c2ec1e49b6873953f44556989351b1605a1e98035d8,2024-08-19T13:00:23.117000 CVE-2024-7870,0,0,4141f264a23149fdea486ca620816f1c3f41138cabf6c23297e955fee3254fb2,2024-09-04T13:05:36.067000 CVE-2024-7871,0,0,d47ede6ca23d1578a9b705a8257da890832c1e69392e6414a190c6fb054ce14f,2024-09-04T17:34:14.630000 +CVE-2024-7884,1,1,8e292d491d191ba69532e9583dbb3b890c2ddfc2cd7474182d0699bee6f45e30,2024-09-05T13:15:11.390000 CVE-2024-7885,0,0,53926a53ab4f71fc31c04b79b6d61e8c39bb180f373c05a721578db45aa87a6a,2024-08-23T17:05:24.343000 CVE-2024-7886,0,0,b8c1f856b8479c6982faa8a2fc4a6d8b2480e045b8b096d9bd3b8640a06eb6f3,2024-08-19T13:00:23.117000 CVE-2024-7887,0,0,ba2ac28c88e5c856e9fa78c00b11f37e0df98a3508bf609dc9edbaa04a8fdb8e,2024-08-19T12:59:59.177000 @@ -261829,10 +261830,10 @@ CVE-2024-8086,0,0,1db8fbbbc3b8bbc355402aca80f0447c54000b25360ca3b1fa582aada4800d CVE-2024-8087,0,0,9e47ad2dfed1c8a4045274b6d757cb5a75d1e05917b45ee6f1489b72f67b871b,2024-08-27T13:19:35.530000 CVE-2024-8088,0,0,8ddda94d9e5d462484d35576871f82a931bed67f85a71db29ea75a996b1d19a4,2024-09-04T23:15:13.100000 CVE-2024-8089,0,0,e6e12db9d845890df3284b8f9ed104fa7a1183d91532c3c72d090f8235aedb4e,2024-08-27T13:21:22.927000 -CVE-2024-8102,0,0,b248349fbfc7dc91a8cfc6b19ccb236f9e343d641f8d646df8f93156d2650dcc,2024-09-04T13:05:36.067000 -CVE-2024-8104,0,0,84b5ca88c3348bad2756ea80feacbfeef298cd2f3fb9043558081353a7574b54,2024-09-04T13:05:36.067000 +CVE-2024-8102,0,1,59b268e27a6763219f51e9e55e73ae4276fd3b992bf79726ec1ccd845c10f5f9,2024-09-05T13:28:54.747000 +CVE-2024-8104,0,1,e0dd7af2b8170ad0cb122178cc67d0512cc1eb1562d671a3c4e0173a78c8b550,2024-09-05T13:28:06.817000 CVE-2024-8105,0,0,6cd123057443a6d5affcf89562c6f3c6a2170e0a192f0587b00965446f3cfd3c,2024-08-30T21:15:14.577000 -CVE-2024-8106,0,0,6878bd47d940628eb98bdee69aff2b282e2816ef8e41d4ec034ea7fb862475e9,2024-09-04T13:05:36.067000 +CVE-2024-8106,0,1,918839130e1d38968c976a0bfdbedb93d4d38744e55b3c51d6882ceb90663b73,2024-09-05T13:05:52.540000 CVE-2024-8108,0,0,60015ebbd181aea00918abf3b3af4bc88fba5109d0b4aa167c5902152afce1db,2024-09-03T12:59:02.453000 CVE-2024-8112,0,0,53bc9e4fb84bb028363b46c3cb18428063770b5e5c085f93ec85e24d18222c0b,2024-08-23T16:18:28.547000 CVE-2024-8113,0,0,663828d204cb9ecb17f530ae295b4541dee23e7a4b7b9d658530d5cb44ff87e3,2024-08-23T16:18:28.547000 @@ -261882,7 +261883,7 @@ CVE-2024-8171,0,0,799233d1b504a7fe9d2115d4edb9b50fc766ecc29c803bfb00827a455960ad CVE-2024-8172,0,0,0f560f815e4f982c5fa8dce4e33b1159bf9bccf943a059983fd049dd30da680a,2024-08-27T16:01:35.047000 CVE-2024-8173,0,0,df3f4daf54afccb31b2d0dbd1ade86a4fd2b61ea5ed1b3d3f6de3c93aae29da5,2024-08-26T19:10:09.607000 CVE-2024-8174,0,0,8543f0d8f92ea7727c4605df4b165224a3b6d137f11ee710b81d48c311ac7b21,2024-08-27T14:32:08.607000 -CVE-2024-8178,0,0,8ef77fc5337738cf94bd60521f804eb559b9154f2e654f83a5ab157db0fea26a,2024-09-05T05:15:13.907000 +CVE-2024-8178,0,1,1e525d66d46c62c5224b39cc215fb855e21064ea1da98f04df28728fccdf2cd7,2024-09-05T12:53:21.110000 CVE-2024-8181,0,0,3c630c74e0a5e892a66667409ec22f499f363f5b25e34ef38a41031abbd935c0,2024-09-04T12:15:05.833000 CVE-2024-8182,0,0,9ca161eed16086dd999c3dcdddb12be07c44a0882f46a0d2167122ca829615b9,2024-08-30T13:53:52.197000 CVE-2024-8188,0,0,bf948f939efb55d2700c81c8fb5cefa3fc31038462bfeb7ac3e161719faca6b2,2024-08-26T20:15:08.760000 @@ -261941,8 +261942,8 @@ CVE-2024-8319,0,0,19bee7e43deb1719502aef7eb4c05b0fb28cffea0ae04999821f01ddbcc0e2 CVE-2024-8325,0,0,6acbe28b7e23bada826026212a2fb1b0115adaa2c5e690e584f377990b0f6742,2024-09-04T13:05:36.067000 CVE-2024-8327,0,0,6596679653e59e232d9a636653bb7ef76ebcd0b7674f3704360634000a96dff3,2024-09-04T17:11:23.533000 CVE-2024-8328,0,0,108819f537a57d4b33892521031f4d00462659f72abf40066992dd6f06ea1545,2024-09-04T17:11:19.827000 -CVE-2024-8329,0,0,7ba7a0e6a1a272c4c31ea51643a4fe86d206714a3976a3e4e0fe1f38b2e9c68f,2024-08-30T13:00:05.390000 -CVE-2024-8330,0,0,782e580a39ccfd83684b4457f3125a705ab0e04b1e538fee1c67877e5bf8efaf,2024-08-30T13:00:05.390000 +CVE-2024-8329,0,1,c2ccc2abc785644d7cb42c1d3d726bc8d097d2ab19b4380670524018890012be,2024-09-05T13:40:38.080000 +CVE-2024-8330,0,1,0786b7dc26f8c0c44851d733e0c6de78ef674fa5785177297384af186e13e32c,2024-09-05T13:41:33.667000 CVE-2024-8331,0,0,1472e1d7e1a61225f84060d6ff6bf256d1a96dd525269fb5fdaa49fd38bf818e,2024-09-03T14:25:51.337000 CVE-2024-8332,0,0,4c00cdcbf756bdcb6035b8c8a07448980df8841740555a6596a264c92095adc4,2024-09-03T14:23:30.773000 CVE-2024-8333,0,0,6f1ea39c4f9d2633b88ba89972fd9ac57009b75876255dbdb47a9abfdb00a2be,2024-08-30T06:15:05.577000 @@ -261962,7 +261963,7 @@ CVE-2024-8346,0,0,b4457249ac6e42b712016be7384df47b946c6e796e6e27191d31db6f56c093 CVE-2024-8347,0,0,14715b4855076c65c4bf21be6c68b62e0d22e8650a0e63bf9f5074414663f3cb,2024-09-04T16:42:49.037000 CVE-2024-8348,0,0,d08ea1deaed5cbc2f4a773e843468145326bb3a1da186780c7ff7b6cd74aae9b,2024-09-04T16:43:30.310000 CVE-2024-8362,0,0,54abf718b9bfba93199694e9f50bfa28d6dfde9a56fb3c77d91594ed8cbda92f,2024-09-04T14:35:16.777000 -CVE-2024-8363,0,0,f314da762243a1e5cb997be7eda01594dfa28c1de5fda918b52e9481e4865419,2024-09-05T09:15:04.620000 +CVE-2024-8363,0,1,4b3d3b6b2bc6861f202efe2c016f2ce5809f7632379c52f7f41821479042cebf,2024-09-05T12:53:21.110000 CVE-2024-8365,0,0,81c889787151e95f50edc31d86d0d8800a4aaa4de596dc2a7252c4cbdeb9547d,2024-09-04T14:37:03.543000 CVE-2024-8366,0,0,be663b51eff047ef5324516e3dc05e341a7647978df6a6f91fe297f3f5c5eb50,2024-09-04T11:26:49.020000 CVE-2024-8367,0,0,5172ded1dd5d5dccb77f0059a7c6495922e642ce8e52859a1f0a60d7fb927bb9,2024-09-03T12:59:02.453000 @@ -261980,17 +261981,31 @@ CVE-2024-8386,0,0,98c8b0053aadc06b4825adcb2958d67457b6ae5e5478d1432e7a1db07426ff CVE-2024-8387,0,0,cccfa2a9463c00af390408978c7133aa456cc8cd4e2c49e9e0114842d3fd1cfb,2024-09-04T15:44:52.153000 CVE-2024-8388,0,0,c9864eb6d3c315590c52d0b0a1a482222ad75576dc8d176a33dcc59976d2f97c,2024-09-04T15:49:19.170000 CVE-2024-8389,0,0,b86f9dffcb24008ea2fc4581b98019930f23a761524133d12e1b7b2aa1f8008a,2024-09-04T15:50:02.933000 -CVE-2024-8391,0,0,c872058e3c4aef8266dfd4e1cb67fd56bf5f1b26a8467d9aad5216a24d2fcde3,2024-09-04T16:15:09.253000 +CVE-2024-8391,0,1,6ffd51df6432b1e5cadf1919587edc296707fce8f9413505ec3bec8317c9d0a8,2024-09-05T12:53:21.110000 CVE-2024-8399,0,0,3faa142573b2658da1828ae3d2ac176955aecf342f632daae5bde690c496cf4c,2024-09-04T13:05:36.067000 CVE-2024-8407,0,0,baf3fd93f3e5408b9146d4d071eafcc2dca07d94c587f97af76208afdb4d7065,2024-09-04T16:09:24.827000 CVE-2024-8408,0,0,b04a33cf854a8dde0ddd92fb602c7e3170dee88978676705653ea1d6817071e8,2024-09-04T16:09:24.827000 CVE-2024-8409,0,0,6773f622716c5a4c9bd3bedfe5cef3b66ed7b905b284be70934ec4d133cd9fa4,2024-09-04T16:09:24.827000 CVE-2024-8410,0,0,4faef94bb344d8b4397d9ce1dc4e7e23dd87c23bf7ec79b498fd7200cebf1698,2024-09-04T16:09:24.827000 CVE-2024-8411,0,0,f5d6c5b08c0334abed3724aca43877bb63e1a2b20331c1ea4f7dd3aaedba13c3,2024-09-04T16:09:24.827000 -CVE-2024-8412,0,0,84aa8687ec8d6ae26c590fc39ad870907c38eecc9ab8fcd8c6d161172b9647fb,2024-09-04T16:15:09.393000 +CVE-2024-8412,0,1,d0351d4c1c74894581bf0ef5deff245493bcbfdb0a46fd49491e896953e0c3d1,2024-09-05T12:53:21.110000 CVE-2024-8413,0,0,900f1056e9a2a3b1e1d77cb3bdcbf9982b6395625770ef6d932b5516213c20a5,2024-09-04T13:05:36.067000 -CVE-2024-8414,0,0,b0b8f6cc8b7feb17e58f86f5ed104dc2c3ab59aa778411d99ba58644d8a04fdc,2024-09-04T17:15:15.013000 -CVE-2024-8415,0,0,027c71cdbe436d1eb00fbfaa136762dd92cf1cd4703c3d6f8eb9d5804013291a,2024-09-04T17:15:15.300000 -CVE-2024-8416,0,0,7b097c4c9134a7fbfeb1d4cd0d23e3df673848b5885bcb3295e04651b282221c,2024-09-04T18:15:05.980000 -CVE-2024-8417,0,0,4a58e587a54d5259830a4b4ee632539d7ce3263fe2ea2dd35ff42e09fd936762,2024-09-04T18:15:06.273000 +CVE-2024-8414,0,1,c7a278942d1133117f185ab4b3c94fa3f349e952cb00264f39f6a8b179d4c200,2024-09-05T12:53:21.110000 +CVE-2024-8415,0,1,d8c5585e64bc4323fcda510a16df97bcb1ec11253c5d38c080bb7195e38687ce,2024-09-05T12:53:21.110000 +CVE-2024-8416,0,1,c7d13bc001a0210b2e719e08e8651ac5ae2e4ed0ee9e6e0088ac4a7e467de1ca,2024-09-05T12:53:21.110000 +CVE-2024-8417,0,1,a9619e26c595954087d9c9b458e78703071fbd5bf87ff4a22ec6d8ecc7076fcb,2024-09-05T12:53:21.110000 CVE-2024-8418,0,0,8e15324c681d319849f2da3caf1fb9a67366cdba5967d2b8869425ff8c427342,2024-09-04T16:09:24.827000 +CVE-2024-8460,1,1,9f3f8eceb3112773f2710cd04ce3ea02c4b8eea37add051a54caa5d3f11f68a4,2024-09-05T12:53:21.110000 +CVE-2024-8461,1,1,3ccf802c718ae8533bae76a032e73c351cb2b1bd92726ef0917704e95c34a231,2024-09-05T13:15:11.690000 +CVE-2024-8462,1,1,d51e34c710c0669216f179c5593ebd90c254e41355e12a7d7d2c1aa988360eba,2024-09-05T13:15:12.050000 +CVE-2024-8463,1,1,e17b2171682fe67a660d7b538ab35563cabb0097ed8af22449d3b6b373598133,2024-09-05T13:15:12.440000 +CVE-2024-8464,1,1,63c7ea231d27a7c85aa817f977a08060fbf518513e2d3e723a165a0a3d41c4e7,2024-09-05T13:15:12.730000 +CVE-2024-8465,1,1,1597c504836bdd913d82bf56a1def68a91a1cd524a66a93e2ad15f3115d0d340,2024-09-05T13:15:13.020000 +CVE-2024-8466,1,1,6014eb761b35d901bc933d19640a0238d2c094fd8e3e03f13159c12ea2dbbd6b,2024-09-05T13:15:13.370000 +CVE-2024-8467,1,1,42658ccebecd49370f0a5c580f0a98fb4a741cc87b60815741004c040f99150e,2024-09-05T13:15:13.680000 +CVE-2024-8468,1,1,5d63d7d7ac852cf3eb6c092686ca579af1c8a9d5c87302941aa55787572fcd2b,2024-09-05T13:15:13.943000 +CVE-2024-8469,1,1,06ffae906c3761304a5a8c4296e24abc57d394a2f2d0029ecd5db73fa06179e1,2024-09-05T13:15:14.220000 +CVE-2024-8470,1,1,be807df78df2f479971cb77eb5166c859fac4984969f202cc8774e32679e9c4b,2024-09-05T13:15:14.490000 +CVE-2024-8471,1,1,bf0acd95f66e5064f359e913a46fed0e125e232bacad6f48914a3dd1c3035cc4,2024-09-05T13:15:14.777000 +CVE-2024-8472,1,1,967dee72e9e36dfe672e610778d21b7b5f9f561c4501de86fd459af254aba549,2024-09-05T13:15:15.053000 +CVE-2024-8473,1,1,025d8d41664979a082286dba9311d4feae392f9de1a9b339a0cb404fb7681dee,2024-09-05T13:15:15.330000