admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-13T18:00:17.961437+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-13 18:03:19 +00:00
parent b48d01441e
commit 9f791e0d4c
130 changed files with 7906 additions and 749 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2009/CVE-2009-16xx/CVE-2009-1605.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2009-1605",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-05-11T20:00:00.250",
"lastModified": "2024-09-12T18:15:05.360",
"lastModified": "2024-09-13T16:35:00.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",

77
CVE-2020/CVE-2020-240xx/CVE-2020-24061.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2020-24061",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T18:15:05.660",
"lastModified": "2024-09-12T21:35:04.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:05:29.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-site Scripting (XSS) en el men\u00fa de Firewall del Panel de control en KASDA KW5515 versi\u00f3n 4.3.1.0, permite a atacantes ejecutar c\u00f3digo arbitrario y robar cookies a trav\u00e9s de un script manipulado espec\u00edficamente"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,14 +81,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kasdanet:kw5515_firmware:4.3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC85C42-FFDF-4814-9AB5-312507CB68A0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kasdanet:kw5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D94BB7-E9B5-43BE-A438-402609854984"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/0xadik/CVEs/tree/main/CVE-2020-24061",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://medium.com/%40sadikul.islam/kasda-kw5515-cross-site-scripting-html-injection-e6cb9f65ae89?sk=5e1ea8e1cba8dbeaff7f9cd710808354",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

92
CVE-2021/CVE-2021-225xx/CVE-2021-22530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22530",
"sourceIdentifier": "security@opentext.com",
"published": "2024-08-28T07:15:06.750",
"lastModified": "2024-08-28T12:57:17.117",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:15:29.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.3
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -51,10 +81,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3",
"matchCriteriaId": "7D8BAEC8-626A-4520-A89F-DB40CC774D87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*",
"matchCriteriaId": "689649F7-75D8-4D13-9A71-50C2908EACA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A0F82417-D88A-40C5-AD90-7AB826E29C2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0DD98BB8-7A85-41D6-B1CB-7849D61F085A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*",
"matchCriteriaId": "729C4860-8CAC-4D4B-8C68-00B1E84E700A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*",
"matchCriteriaId": "FEFFEB38-B4CA-48ED-9149-073334346CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "B14AC9B7-9339-44BA-BF1B-1876DAFBCA14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*",
"matchCriteriaId": "4A5CE16C-376A-40C1-83E9-2424AAAB668D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Release Notes"
]
}
]
}

4
CVE-2022/CVE-2022-24xx/CVE-2022-2446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2446",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:13.577",
"lastModified": "2024-09-13T15:15:13.577",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

14
CVE-2023/CVE-2023-220xx/CVE-2023-22019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22019",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:11.747",
"lastModified": "2023-10-23T18:19:21.580",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T17:35:02.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-220xx/CVE-2023-22023.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22023",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:13.150",
"lastModified": "2023-07-27T17:36:40.013",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T17:35:03.520",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-220xx/CVE-2023-22047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22047",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.417",
"lastModified": "2023-07-27T17:34:35.567",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T17:35:06.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-220xx/CVE-2023-22086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22086",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:13.937",
"lastModified": "2023-10-23T18:19:42.417",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T17:35:10.187",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-220xx/CVE-2023-22087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22087",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:14.007",
"lastModified": "2023-10-23T18:24:12.803",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T17:35:10.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-220xx/CVE-2023-22099.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22099",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:14.893",
"lastModified": "2023-11-01T22:15:08.447",
"lastModified": "2024-09-13T16:35:01.870",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-423xx/CVE-2023-42319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42319",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-18T06:15:07.893",
"lastModified": "2023-10-25T17:39:00.483",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-13T17:35:13.780",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

14
CVE-2023/CVE-2023-469xx/CVE-2023-46950.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46950",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-01T14:15:53.030",
"lastModified": "2024-08-21T15:35:01.203",
"lastModified": "2024-09-13T16:15:03.753",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,14 @@
}
],
"references": [
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/pull/829",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/releases/tag/v8.0.7",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38",
"source": "cve@mitre.org"
@ -63,6 +71,10 @@
{
"url": "https://www.link.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.mgm-sp.com/cve/sidekiq-unique-jobs-reflected-xss-cve-2023-46950-cve-2023-46951",
"source": "cve@mitre.org"
}
]
}

14
CVE-2023/CVE-2023-469xx/CVE-2023-46951.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46951",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-01T14:15:53.087",
"lastModified": "2024-08-01T13:45:03.913",
"lastModified": "2024-09-13T16:15:03.870",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,14 @@
}
],
"references": [
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/pull/829",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/releases/tag/v8.0.7",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38",
"source": "cve@mitre.org"
@ -63,6 +71,10 @@
{
"url": "https://www.link.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.mgm-sp.com/cve/sidekiq-unique-jobs-reflected-xss-cve-2023-46950-cve-2023-46951",
"source": "cve@mitre.org"
}
]
}

68
CVE-2024/CVE-2024-252xx/CVE-2024-25270.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-25270",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.290",
"lastModified": "2024-09-12T21:35:04.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:01:01.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object Reference (IDOR) vulnerability by manipulating the ID parameter and increment STEP parameter, leading to the exposure of sensitive user data."
},
{
"lang": "es",
"value": "Un problema en Mirapolis LMS 4.6.XX permite a los usuarios autenticados explotar una vulnerabilidad de Referencia Directa de Objetos Insegura (IDOR) manipulando el par\u00e1metro ID y el par\u00e1metro STEP de incremento, lo que lleva a la exposici\u00f3n de datos confidenciales del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mirapolis:lms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.6.00",
"matchCriteriaId": "8E335055-E4D8-4AE4-8F41-F0F4A2D0D700"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/fbkcs/CVE-2024-25270",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-314xx/CVE-2024-31414.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31414",
"sourceIdentifier": "CybersecurityCOE@eaton.com",
"published": "2024-09-13T17:15:11.707",
"lastModified": "2024-09-13T17:15:11.707",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feature in the Eaton Foreseer software lacked proper input sanitization on the server-side, which could lead to injection and execution of malicious scripts when abused by bad actors."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "CybersecurityCOE@eaton.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "CybersecurityCOE@eaton.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1008.pdf",
"source": "CybersecurityCOE@eaton.com"
}
]
}

56
CVE-2024/CVE-2024-314xx/CVE-2024-31415.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31415",
"sourceIdentifier": "CybersecurityCOE@eaton.com",
"published": "2024-09-13T17:15:11.907",
"lastModified": "2024-09-13T17:15:11.907",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption were insecurely stored, which could be abused to possibly change or remove the server configuration."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "CybersecurityCOE@eaton.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "CybersecurityCOE@eaton.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1008.pdf",
"source": "CybersecurityCOE@eaton.com"
}
]
}

56
CVE-2024/CVE-2024-314xx/CVE-2024-31416.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-31416",
"sourceIdentifier": "CybersecurityCOE@eaton.com",
"published": "2024-09-13T17:15:12.090",
"lastModified": "2024-09-13T17:15:12.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the length and bounds of the entered value. The exploit of this security flaw by a bad actor may result in excessive memory consumption or integer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "CybersecurityCOE@eaton.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "CybersecurityCOE@eaton.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1008.pdf",
"source": "CybersecurityCOE@eaton.com"
}
]
}

4
CVE-2024/CVE-2024-373xx/CVE-2024-37397.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37397",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:03.700",
"lastModified": "2024-09-12T15:35:46.803",
"lastModified": "2024-09-13T16:35:09.630",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -68,7 +68,7 @@
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-611"
}
]
}

83
CVE-2024/CVE-2024-393xx/CVE-2024-39380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39380",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:03.917",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:55:04.930",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.6.9",
"matchCriteriaId": "13A4DD43-A54B-4AD6-A657-FA47F610DFCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionStartIncluding": "24.0",
"versionEndExcluding": "24.6",
"matchCriteriaId": "96C348F3-A91A-4FC2-B1F8-16409EB6E1C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb24-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-393xx/CVE-2024-39381.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39381",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:04.900",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:54:39.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -51,10 +61,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.6.9",
"matchCriteriaId": "13A4DD43-A54B-4AD6-A657-FA47F610DFCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionStartIncluding": "24.0",
"versionEndExcluding": "24.6",
"matchCriteriaId": "96C348F3-A91A-4FC2-B1F8-16409EB6E1C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb24-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-393xx/CVE-2024-39382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39382",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:05.770",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:54:20.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,7 +18,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -51,10 +71,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.6.9",
"matchCriteriaId": "13A4DD43-A54B-4AD6-A657-FA47F610DFCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionStartIncluding": "24.0",
"versionEndExcluding": "24.6",
"matchCriteriaId": "96C348F3-A91A-4FC2-B1F8-16409EB6E1C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb24-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-416xx/CVE-2024-41629.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41629",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T18:15:07.800",
"lastModified": "2024-09-12T21:35:04.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:02:22.603",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials"
},
{
"lang": "es",
"value": "Un problema en Texas Instruments Fusion Digital Power Designer v.7.10.1 permite que un atacante local obtenga informaci\u00f3n confidencial a trav\u00e9s del almacenamiento de texto plano de credenciales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ti:fusion_digital_power_designer:7.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D788FC69-1F69-4694-A1F6-1A8CBA363176"
}
]
}
]
}
],
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Sep/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-418xx/CVE-2024-41859.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41859",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:10.057",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:53:51.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.6.9",
"matchCriteriaId": "13A4DD43-A54B-4AD6-A657-FA47F610DFCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionStartIncluding": "24.0",
"versionEndExcluding": "24.6",
"matchCriteriaId": "96C348F3-A91A-4FC2-B1F8-16409EB6E1C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb24-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2024/CVE-2024-418xx/CVE-2024-41867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41867",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:10.620",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:27:00.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.6.9",
"matchCriteriaId": "13A4DD43-A54B-4AD6-A657-FA47F610DFCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
"versionStartIncluding": "24.0",
"versionEndExcluding": "24.6",
"matchCriteriaId": "96C348F3-A91A-4FC2-B1F8-16409EB6E1C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/after_effects/apsb24-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

161
CVE-2024/CVE-2024-418xx/CVE-2024-41874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41874",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T10:15:12.447",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:57:52.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,165 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*",
"matchCriteriaId": "B02A37FE-5D31-4892-A3E6-156A8FE62D28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*",
"matchCriteriaId": "0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*",
"matchCriteriaId": "EB88D4FE-5496-4639-BAF2-9F29F24ABF29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*",
"matchCriteriaId": "43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*",
"matchCriteriaId": "76204873-C6E0-4202-8A03-0773270F1802"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*",
"matchCriteriaId": "C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*",
"matchCriteriaId": "E3A83642-BF14-4C37-BD94-FA76AABE8ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*",
"matchCriteriaId": "A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*",
"matchCriteriaId": "DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*",
"matchCriteriaId": "E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*",
"matchCriteriaId": "AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:*",
"matchCriteriaId": "F1FC7D1D-6DD2-48B2-980F-B001B0F24473"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:*",
"matchCriteriaId": "1FA19E1D-61C2-4640-AF06-4BCFE750BDF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update12:*:*:*:*:*:*",
"matchCriteriaId": "3F331DEA-F3D0-4B13-AB1E-6FE39B2BB55D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update13:*:*:*:*:*:*",
"matchCriteriaId": "63D5CF84-4B0D-48AE-95D6-262AEA2FFDE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update14:*:*:*:*:*:*",
"matchCriteriaId": "10616A3A-0C1C-474A-BD7D-A2A5BB870F74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update15:*:*:*:*:*:*",
"matchCriteriaId": "D7DA523E-1D9B-45FD-94D9-D4F9F2B9296B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*",
"matchCriteriaId": "D57C8681-AC68-47DF-A61E-B5C4B4A47663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*",
"matchCriteriaId": "75608383-B727-48D6-8FFA-D552A338A562"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*",
"matchCriteriaId": "7773DB68-414A-4BA9-960F-52471A784379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*",
"matchCriteriaId": "B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*",
"matchCriteriaId": "5E7BAB80-8455-4570-A2A2-8F40469EE9CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*",
"matchCriteriaId": "F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:*",
"matchCriteriaId": "6E22D701-B038-4795-AA32-A18BC93C2B6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:*",
"matchCriteriaId": "CAC4A0EC-C3FC-47D8-86CE-0E6A87A7F0B0"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-420xx/CVE-2024-42025.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-42025",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-13T16:15:04.073",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-042-042/c4f68b56-cdc4-4128-b2cb-5870209d1704",
"source": "support@hackerone.com"
}
]
}

100
CVE-2024/CVE-2024-430xx/CVE-2024-43099.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-43099",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-13T17:15:12.527",
"lastModified": "2024-09-13T17:15:12.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing authenticated session. To successfully achieve this, the attacker also needs to spoof both the IP address and MAC address of the originating host which is typical of a session-based attack."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-17",
"source": "ics-cert@hq.dhs.gov"
}
]
}

61
CVE-2024/CVE-2024-437xx/CVE-2024-43756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43756",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T10:15:14.680",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:00:59.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -51,10 +61,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.7.5",
"matchCriteriaId": "F3830E99-69E4-4436-B0E2-CCF630452B64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "25.0",
"versionEndExcluding": "25.12",
"matchCriteriaId": "7D15601B-F756-430B-9B2B-4C9360E28E11"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/photoshop/apsb24-72.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-437xx/CVE-2024-43758.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43758",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:11.970",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:27:33.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "27.0.0",
"versionEndExcluding": "27.9.6",
"matchCriteriaId": "B28B9856-5CA1-4022-BB26-8774A829CF13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "28.0",
"versionEndExcluding": "28.7.1",
"matchCriteriaId": "6A51C972-D913-48BA-ADC2-95A051DFB5DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-66.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-437xx/CVE-2024-43759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43759",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:12.457",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:13:35.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "27.0.0",
"versionEndExcluding": "27.9.6",
"matchCriteriaId": "B28B9856-5CA1-4022-BB26-8774A829CF13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "28.0",
"versionEndExcluding": "28.7.1",
"matchCriteriaId": "6A51C972-D913-48BA-ADC2-95A051DFB5DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-66.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-437xx/CVE-2024-43760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43760",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T10:15:15.230",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:00:30.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.7.5",
"matchCriteriaId": "F3830E99-69E4-4436-B0E2-CCF630452B64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "25.0",
"versionEndExcluding": "25.12",
"matchCriteriaId": "7D15601B-F756-430B-9B2B-4C9360E28E11"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/photoshop/apsb24-72.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-439xx/CVE-2024-43966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43966",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-26T15:15:08.820",
"lastModified": "2024-08-26T15:15:23.727",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:01:42.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:starkdigital:wp_testimonial_widget:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1",
"matchCriteriaId": "D8AEB3E2-E2D8-4EDC-B5D7-E8160A8DB97A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-testimonial-widget/wordpress-wp-testimonial-widget-plugin-3-1-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-444xx/CVE-2024-44466.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44466",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T16:15:06.330",
"lastModified": "2024-09-11T18:35:30.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:32:15.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface."
},
{
"lang": "es",
"value": "COMFAST CF-XR11 V2.7.2 tiene una vulnerabilidad de inyecci\u00f3n de comandos en la funci\u00f3n sub_424CB4. Los atacantes pueden enviar mensajes de solicitud POST a /usr/bin/webmgnt e inyectar comandos en el par\u00e1metro iface."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:comfast:cf-xr11_firmware:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A0ACB279-03B0-4092-B9AC-32E33B25783A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:comfast:cf-xr11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA049A93-1713-4B95-AB0F-84E2D6C99A26"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CurryRaid/iot_vul/tree/main/comfast",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-446xx/CVE-2024-44685.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-44685",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T16:15:04.297",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability where sensitive information, including passwords, is exposed in clear text within the JSON response when configuring SMTP settings via the Web UI."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ShellFighter/Reports/blob/main/Titan%20MFT%20Server.md",
"source": "cve@mitre.org"
},
{
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-cve-2024-44685",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-447xx/CVE-2024-44798.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-44798",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T16:15:04.387",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/shouvikdutta1998/Bus_management",
"source": "cve@mitre.org"
}
]
}

65
CVE-2024/CVE-2024-448xx/CVE-2024-44851.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44851",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T16:15:06.380",
"lastModified": "2024-09-11T18:35:31.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:34:45.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) almacenado en la secci\u00f3n Discusi\u00f3n de Perfex CRM v1.1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado e inyectado en el par\u00e1metro Contenido."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,14 +81,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perfexcrm:perfex_crm:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F02A7B2-4119-424C-A0F7-8506BE809112"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/0xashfaq/e44a6dece3be498241aebcfaa046e634",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/0xashfaq/File-Sharing-module-for-Perfex-CRM-XSS/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

49
CVE-2024/CVE-2024-44xx/CVE-2024-4499.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4499",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-24T03:15:09.797",
"lastModified": "2024-06-24T12:57:36.513",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:01:19.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,10 +73,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "443FBFD4-2B8D-4806-91EB-75D1017AD940"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/336cd0eb-eb47-450d-9b2c-9332f69af65a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

126
CVE-2024/CVE-2024-450xx/CVE-2024-45009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45009",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.427",
"lastModified": "2024-09-12T12:15:52.183",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:36:57.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,137 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: pm: solo decrementar add_addr_accepted para solicitud MPJ Agregar la siguiente advertencia ... WARN_ON_ONCE(msk->pm.add_addr_accepted == 0) ... antes de decrementar el contador add_addr_accepted ayud\u00f3 a encontrar un error al ejecutar la subprueba \"eliminar un solo subflujo\" de la autoprueba mptcp_join.sh. Eliminar un endpoint de 'subflujo' primero activar\u00e1 un RM_ADDR, luego el cierre del subflujo. Antes de este parche, y tras la recepci\u00f3n del RM_ADDR, el otro par intentar\u00e1 decrementar este add_addr_accepted. Eso no es correcto porque los subflujos adjuntos no se han creado tras la recepci\u00f3n de un ADD_ADDR. Una forma de resolver esto es disminuir el contador solo si el subflujo adjunto fue un MP_JOIN a una identificaci\u00f3n remota que no era 0, e iniciado por el host que recibi\u00f3 el RM_ADDR."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "5B9D3798-C570-424B-A6B6-6BA1F94636BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c1f721375989579e46741f59523e39ec9b2a9bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2060f1efab370b496c4903b840844ecaff324c3c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35b31f5549ede4070566b949781e83495906b43d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/85b866e4c4e63a1d7afb58f1e24273caad03d0b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d20bf2c96d7ffd171299b32f562f70e5bf5dc608",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

118
CVE-2024/CVE-2024-450xx/CVE-2024-45010.json
View File

@ -2,32 +2,136 @@
"id": "CVE-2024-45010",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.483",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:35:05.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only mark 'subflow' endp as available\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk->pm.local_addr_used == 0)\n\n... before decrementing the local_addr_used counter helped to find a bug\nwhen running the \"remove single address\" subtest from the mptcp_join.sh\nselftests.\n\nRemoving a 'signal' endpoint will trigger the removal of all subflows\nlinked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with\nrm_type == MPTCP_MIB_RMSUBFLOW. This will decrement the local_addr_used\ncounter, which is wrong in this case because this counter is linked to\n'subflow' endpoints, and here it is a 'signal' endpoint that is being\nremoved.\n\nNow, the counter is decremented, only if the ID is being used outside\nof mptcp_pm_nl_rm_addr_or_subflow(), only for 'subflow' endpoints, and\nif the ID is not 0 -- local_addr_used is not taking into account these\nones. This marking of the ID as being available, and the decrement is\ndone no matter if a subflow using this ID is currently available,\nbecause the subflow could have been closed before."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: pm: solo marcar el extremo 'subflow' como disponible Agregar la siguiente advertencia ... WARN_ON_ONCE(msk->pm.local_addr_used == 0) ... antes de decrementar el contador local_addr_used ayud\u00f3 a encontrar un error al ejecutar la subprueba \"eliminar una sola direcci\u00f3n\" de las autopruebas mptcp_join.sh. Eliminar un extremo 'se\u00f1al' activar\u00e1 la eliminaci\u00f3n de todos los subflujos vinculados a este extremo a trav\u00e9s de mptcp_pm_nl_rm_addr_or_subflow() con rm_type == MPTCP_MIB_RMSUBFLOW. Esto decrementar\u00e1 el contador local_addr_used, lo cual es incorrecto en este caso porque este contador est\u00e1 vinculado a extremos 'subflow', y aqu\u00ed es un extremo 'se\u00f1al' el que se est\u00e1 eliminando. Ahora, el contador se reduce solo si el ID se usa fuera de mptcp_pm_nl_rm_addr_or_subflow(), solo para los puntos finales de 'subflujo' y, si el ID no es 0, local_addr_used no los tiene en cuenta. Esto marca el ID como disponible y la reducci\u00f3n se realiza sin importar si un subflujo que usa este ID est\u00e1 disponible actualmente, porque el subflujo podr\u00eda haberse cerrado antes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "6.1.108",
"matchCriteriaId": "7CC97606-2676-4D1C-8544-CE4E3498BE40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/322ea3778965da72862cca2a0c50253aacf65fe6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43cf912b0b0fc7b4fd12cbc735d1f5afb8e1322d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7fdc870d08960961408a44c569f20f50940e7d4f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9849cfc67383ceb167155186f8f8fe8a896b60b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

125
CVE-2024/CVE-2024-450xx/CVE-2024-45011.json
View File

@ -2,36 +2,145 @@
"id": "CVE-2024-45011",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.550",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:55.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nchar: xillybus: Check USB endpoints when probing device\n\nEnsure, as the driver probes the device, that all endpoints that the\ndriver may attempt to access exist and are of the correct type.\n\nAll XillyUSB devices must have a Bulk IN and Bulk OUT endpoint at\naddress 1. This is verified in xillyusb_setup_base_eps().\n\nOn top of that, a XillyUSB device may have additional Bulk OUT\nendpoints. The information about these endpoints' addresses is deduced\nfrom a data structure (the IDT) that the driver fetches from the device\nwhile probing it. These endpoints are checked in setup_channels().\n\nA XillyUSB device never has more than one IN endpoint, as all data\ntowards the host is multiplexed in this single Bulk IN endpoint. This is\nwhy setup_channels() only checks OUT endpoints."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: char: xillybus: Comprobar los endpoints USB al sondear el dispositivo Aseg\u00farese de que, mientras el controlador sondea el dispositivo, todos los endpoints a los que el controlador puede intentar acceder existan y sean del tipo correcto. Todos los dispositivos XillyUSB deben tener un endpoint Bulk IN y Bulk OUT en la direcci\u00f3n 1. Esto se verifica en xillyusb_setup_base_eps(). Adem\u00e1s de eso, un dispositivo XillyUSB puede tener endpoints Bulk OUT adicionales. La informaci\u00f3n sobre las direcciones de estos endpoints se deduce de una estructura de datos (IDT) que el controlador obtiene del dispositivo mientras lo sondea. Estos endpoints se comprueban en setup_channels(). Un dispositivo XillyUSB nunca tiene m\u00e1s de un endpoint IN, ya que todos los datos hacia el host se multiplexan en este \u00fanico endpoint Bulk IN. Es por eso que setup_channels() solo comprueba los endpoints OUT."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "9F971490-28BA-4CF2-B6ED-DC618507AC3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1371d32b95972d39c1e6e4bae8b6d0df1b573731",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2374bf7558de915edc6ec8cb10ec3291dfab9594",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25ee8b2908200fc862c0434e5ad483817d50ceda",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4267131278f5cc98f8db31d035d64bdbbfe18658",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5cff754692ad45d5086b75fef8cc3a99c30a1005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

106
CVE-2024/CVE-2024-450xx/CVE-2024-45012.json
View File

@ -2,28 +2,122 @@
"id": "CVE-2024-45012",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.607",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:35:35.787",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/firmware: use dma non-coherent allocator\n\nCurrently, enabling SG_DEBUG in the kernel will cause nouveau to hit a\nBUG() on startup, when the iommu is enabled:\n\nkernel BUG at include/linux/scatterlist.h:187!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 7 PID: 930 Comm: (udev-worker) Not tainted 6.9.0-rc3Lyude-Test+ #30\nHardware name: MSI MS-7A39/A320M GAMING PRO (MS-7A39), BIOS 1.I0 01/22/2019\nRIP: 0010:sg_init_one+0x85/0xa0\nCode: 69 88 32 01 83 e1 03 f6 c3 03 75 20 a8 01 75 1e 48 09 cb 41 89 54\n24 08 49 89 1c 24 41 89 6c 24 0c 5b 5d 41 5c e9 7b b9 88 00 <0f> 0b 0f 0b\n0f 0b 48 8b 05 5e 46 9a 01 eb b2 66 66 2e 0f 1f 84 00\nRSP: 0018:ffffa776017bf6a0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa77600d87000 RCX: 000000000000002b\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffa77680d87000\nRBP: 000000000000e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffff98f4c46aa508 R11: 0000000000000000 R12: ffff98f4c46aa508\nR13: ffff98f4c46aa008 R14: ffffa77600d4a000 R15: ffffa77600d4a018\nFS: 00007feeb5aae980(0000) GS:ffff98f5c4dc0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f22cb9a4520 CR3: 00000001043ba000 CR4: 00000000003506f0\nCall Trace:\n <TASK>\n ? die+0x36/0x90\n ? do_trap+0xdd/0x100\n ? sg_init_one+0x85/0xa0\n ? do_error_trap+0x65/0x80\n ? sg_init_one+0x85/0xa0\n ? exc_invalid_op+0x50/0x70\n ? sg_init_one+0x85/0xa0\n ? asm_exc_invalid_op+0x1a/0x20\n ? sg_init_one+0x85/0xa0\n nvkm_firmware_ctor+0x14a/0x250 [nouveau]\n nvkm_falcon_fw_ctor+0x42/0x70 [nouveau]\n ga102_gsp_booter_ctor+0xb4/0x1a0 [nouveau]\n r535_gsp_oneinit+0xb3/0x15f0 [nouveau]\n ? srso_return_thunk+0x5/0x5f\n ? srso_return_thunk+0x5/0x5f\n ? nvkm_udevice_new+0x95/0x140 [nouveau]\n ? srso_return_thunk+0x5/0x5f\n ? srso_return_thunk+0x5/0x5f\n ? ktime_get+0x47/0xb0\n\nFix this by using the non-coherent allocator instead, I think there\nmight be a better answer to this, but it involve ripping up some of\nAPIs using sg lists."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nouveau/firmware: uso de asignador no coherente dma Actualmente, habilitar SG_DEBUG en el kernel har\u00e1 que nouveau alcance un BUG() al iniciarse, cuando iommu est\u00e1 habilitado: kernel BUG en include/linux/scatterlist.h:187! c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP NOPTI CPU: 7 PID: 930 Comm: (udev-worker) No contaminado 6.9.0-rc3Lyude-Test+ #30 Nombre del hardware: MSI MS-7A39/A320M GAMING PRO (MS-7A39), BIOS 1.I0 22/01/2019 RIP: 0010:sg_init_one+0x85/0xa0 C\u00f3digo: 69 88 32 01 83 e1 03 f6 c3 03 75 20 a8 01 75 1e 48 09 cb 41 89 54 24 08 49 89 1c 24 41 89 6c 24 0c 5b 5d 41 5c e9 7b b9 88 00 &lt;0f&gt; 0b 0f 0b 0f 0b 48 8b 05 5e 46 9a 01 eb b2 66 66 2e 0f 1f 84 00 RSP: 0018:ffffa776017bf6a0 EFLAGS: 00010246 RAX: 000000000000 RBX: ffffa77600d87000 RCX: 000000000000002b RDX: 0000000000000001 RSI: 00000000000000000 RDI: ffffa77680d87000 RBP: 0000000000000e000 R08: 0000000000000000 R09: 00000000000000000 R10: ffff98f4c46aa508 R11: 0000000000000000 R12: ffff98f4c46aa508 R13: ffff98f4c46aa008 R14: ffffa77600d4a000 R15: ffffa77600d4a018 FS: 00007feeb5aae980(0000) GS:ffff98f5c4dc0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f22cb9a4520 CR3: 00000001043ba000 CR4: 00000000003506f0 Seguimiento de llamadas: ? die+0x36/0x90 ? do_trap+0xdd/0x100 ? sg_init_one+0x85/0xa0 ? do_error_trap+0x65/0x80 ? sg_init_one+0x85/0xa0 ? exc_invalid_op+0x50/0x70 ? sg_init_one+0x85/0xa0 ? asm_exc_invalid_op+0x1a/0x20 ? sg_init_one+0x85/0xa0 nvkm_firmware_ctor+0x14a/0x250 [nuevo] nvkm_falcon_fw_ctor+0x42/0x70 [nuevo] ga102_gsp_booter_ctor+0xb4/0x1a0 [nuevo] r535_gsp_oneinit+0xb3/0x15f0 [nuevo] ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? nvkm_udevice_new+0x95/0x140 [nuevo] ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? ktime_get+0x47/0xb0 Solucione esto utilizando el asignador no coherente. Creo que podr\u00eda haber una mejor respuesta para esto, pero implica destruir algunas API que usan listas sg."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/57ca481fca97ca4553e8c85d6a94baf4cb40c40e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b340aeb26d50e9a9ec99599e2a39b035fac978e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cc29c5546c6a373648363ac49781f1d74b530707",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2024/CVE-2024-450xx/CVE-2024-45013.json
View File

@ -2,24 +2,108 @@
"id": "CVE-2024-45013",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.663",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:35:42.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: move stopping keep-alive into nvme_uninit_ctrl()\n\nCommit 4733b65d82bd (\"nvme: start keep-alive after admin queue setup\")\nmoves starting keep-alive from nvme_start_ctrl() into\nnvme_init_ctrl_finish(), but don't move stopping keep-alive into\nnvme_uninit_ctrl(), so keep-alive work can be started and keep pending\nafter failing to start controller, finally use-after-free is triggered if\nnvme host driver is unloaded.\n\nThis patch fixes kernel panic when running nvme/004 in case that connection\nfailure is triggered, by moving stopping keep-alive into nvme_uninit_ctrl().\n\nThis way is reasonable because keep-alive is now started in\nnvme_init_ctrl_finish()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvme: mover la detenci\u00f3n de keep-alive a nvme_uninit_ctrl() el commit 4733b65d82bd (\"nvme: iniciar keep-alive despu\u00e9s de la configuraci\u00f3n de la cola de administraci\u00f3n\") mueve el inicio de keep-alive de nvme_start_ctrl() a nvme_init_ctrl_finish(), pero no mueve la detenci\u00f3n de keep-alive a nvme_uninit_ctrl(), por lo que el trabajo de keep-alive se puede iniciar y mantener pendiente despu\u00e9s de un error al iniciar el controlador, finalmente, se activa el use-after-free si se descarga el controlador del host nvme. Este parche corrige el p\u00e1nico del kernel al ejecutar nvme/004 en caso de que se active una falla de conexi\u00f3n, moviendo la detenci\u00f3n de keep-alive a nvme_uninit_ctrl(). Esta forma es razonable porque keep-alive ahora se inicia en nvme_init_ctrl_finish()."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4101af98ab573554c4225e328d506fec2a74bc54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a54a93d0e3599b05856971734e15418ac551a14c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2024/CVE-2024-450xx/CVE-2024-45014.json
View File

@ -2,24 +2,108 @@
"id": "CVE-2024-45014",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.710",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:35:50.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/boot: Avoid possible physmem_info segment corruption\n\nWhen physical memory for the kernel image is allocated it does not\nconsider extra memory required for offsetting the image start to\nmatch it with the lower 20 bits of KASLR virtual base address. That\nmight lead to kernel access beyond its memory range."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/boot: Evitar la posible corrupci\u00f3n del segmento physmem_info Cuando se asigna memoria f\u00edsica para la imagen del kernel, no se tiene en cuenta la memoria adicional necesaria para compensar el inicio de la imagen para que coincida con los 20 bits inferiores de la direcci\u00f3n base virtual de KASLR. Eso podr\u00eda provocar un acceso al kernel m\u00e1s all\u00e1 de su rango de memoria."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "E55C1263-DF43-41EF-8DA8-2BA68DF4FFFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/a944cba5d57687b747023c3bc074fcf9c790f7df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d7fd2941ae9a67423d1c7bee985f240e4686634f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

106
CVE-2024/CVE-2024-450xx/CVE-2024-45015.json
View File

@ -2,28 +2,122 @@
"id": "CVE-2024-45015",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.763",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:35:58.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()\n\nFor cases where the crtc's connectors_changed was set without enable/active\ngetting toggled , there is an atomic_enable() call followed by an\natomic_disable() but without an atomic_mode_set().\n\nThis results in a NULL ptr access for the dpu_encoder_get_drm_fmt() call in\nthe atomic_enable() as the dpu_encoder's connector was cleared in the\natomic_disable() but not re-assigned as there was no atomic_mode_set() call.\n\nFix the NULL ptr access by moving the assignment for atomic_enable() and also\nuse drm_atomic_get_new_connector_for_encoder() to get the connector from\nthe atomic_state.\n\nPatchwork: https://patchwork.freedesktop.org/patch/606729/"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm/dpu: mover la asignaci\u00f3n del conector de dpu_encoder a atomic_enable() Para los casos en los que se configur\u00f3 connectors_changed de crtc sin que se alternara enable/active, hay una llamada a atomic_enable() seguida de una atomic_disable() pero sin una atomic_mode_set(). Esto da como resultado un acceso ptr NULL para la llamada dpu_encoder_get_drm_fmt() en atomic_enable() ya que el conector de dpu_encoder se borr\u00f3 en atomic_disable() pero no se reasign\u00f3 ya que no hubo una llamada a atomic_mode_set(). Corrija el acceso ptr NULL moviendo la asignaci\u00f3n para atomic_enable() y tambi\u00e9n use drm_atomic_get_new_connector_for_encoder() para obtener el conector de atomic_state. Parche: https://patchwork.freedesktop.org/patch/606729/"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "74701FE5-269E-4746-9FA4-73ABD478D02A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3bacf814b6a61cc683c68465f175ebd938f09c52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3fb61718bcbe309279205d1cc275a6435611dc77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aedf02e46eb549dac8db4821a6b9f0c6bf6e3990",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

154
CVE-2024/CVE-2024-450xx/CVE-2024-45016.json
View File

@ -2,44 +2,178 @@
"id": "CVE-2024-45016",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.817",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:06.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc's q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq->enqueue() and then\n the original packet is also dropped.\n- If rootq->enqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netem: corregir valor de retorno si falla la puesta en cola duplicada Hay un error en netem_enqueue() introducido por el commit 5845f706388a (\"net: netem: corregir BUG_ON de longitud de skb en __skb_to_sgvec\") que puede provocar un use-after-free. Esta confirmaci\u00f3n hizo que netem_enqueue() siempre devolviera NET_XMIT_SUCCESS cuando se duplica un paquete, lo que puede provocar que el q.qlen de la qdisc padre se incremente por error. Cuando esto sucede, es posible que qlen_notify() se omita en el padre durante la destrucci\u00f3n, dejando un puntero colgante para algunas qdisc con clase como DRR. Hay dos formas en las que ocurre el error: - Si el paquete duplicado se descarta mediante rootq-&gt;enqueue() y luego tambi\u00e9n se descarta el paquete original. - Si rootq-&gt;enqueue() env\u00eda el paquete duplicado a una qdisc diferente y se descarta el paquete original, en ambos casos se devuelve NET_XMIT_SUCCESS aunque no haya paquetes en cola en la qdisc netem. La soluci\u00f3n es posponer la puesta en cola del paquete duplicado hasta que se haya garantizado que el paquete original devolver\u00e1 NET_XMIT_SUCCESS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "07286026-9003-45BE-90E5-51F9AF983C18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0486d31dd8198e22b63a4730244b38fffce6d469",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/52d99a69f3d556c6426048c9d481b912205919d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/577d6c0619467fe90f7e8e57e45cb5bd9d936014",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/759e3e8c4a6a6b4e52ebc4547123a457f0ce90d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c07ff8592d57ed258afee5a5e04991a48dbaf382",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c414000da1c2ea1ba9a5e5bb1a4ba774e51e202d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e5bb2988a310667abed66c7d3ffa28880cf0f883",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2024/CVE-2024-450xx/CVE-2024-45017.json
View File

@ -2,24 +2,108 @@
"id": "CVE-2024-45017",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.877",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:13.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix IPsec RoCE MPV trace call\n\nPrevent the call trace below from happening, by not allowing IPsec\ncreation over a slave, if master device doesn't support IPsec.\n\nWARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240 down_read+0x75/0x94\nModules linked in: esp4_offload esp4 act_mirred act_vlan cls_flower sch_ingress mlx5_vdpa vringh vhost_iotlb vdpa mst_pciconf(OE) nfsv3 nfs_acl nfs lockd grace fscache netfs xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 rfkill cuse fuse rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_core_mod ib_umad ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_ipoib iw_cm ib_cm ipmi_ssif intel_rapl_msr intel_rapl_common amd64_edac edac_mce_amd kvm_amd kvm irqbypass crct10dif_pclmul crc32_pclmul mlx5_ib ghash_clmulni_intel sha1_ssse3 dell_smbios ib_uverbs aesni_intel crypto_simd dcdbas wmi_bmof dell_wmi_descriptor cryptd pcspkr ib_core acpi_ipmi sp5100_tco ccp i2c_piix4 ipmi_si ptdma k10temp ipmi_devintf ipmi_msghandler acpi_power_meter acpi_cpufreq ext4 mbcache jbd2 sd_mod t10_pi sg mgag200 drm_kms_helper syscopyarea sysfillrect mlx5_core sysimgblt fb_sys_fops cec\n ahci libahci mlxfw drm pci_hyperv_intf libata tg3 sha256_ssse3 tls megaraid_sas i2c_algo_bit psample wmi dm_mirror dm_region_hash dm_log dm_mod [last unloaded: mst_pci]\nCPU: 44 PID: 16136 Comm: kworker/44:3 Kdump: loaded Tainted: GOE 5.15.0-20240509.el8uek.uek7_u3_update_v6.6_ipsec_bf.x86_64 #2\nHardware name: Dell Inc. PowerEdge R7525/074H08, BIOS 2.0.3 01/15/2021\nWorkqueue: events xfrm_state_gc_task\nRIP: 0010:down_read+0x75/0x94\nCode: 00 48 8b 45 08 65 48 8b 14 25 80 fc 01 00 83 e0 02 48 09 d0 48 83 c8 01 48 89 45 08 5d 31 c0 89 c2 89 c6 89 c7 e9 cb 88 3b 00 <0f> 0b 48 8b 45 08 a8 01 74 b2 a8 02 75 ae 48 89 c2 48 83 ca 02 f0\nRSP: 0018:ffffb26387773da8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffffa08b658af900 RCX: 0000000000000001\nRDX: 0000000000000000 RSI: ff886bc5e1366f2f RDI: 0000000000000000\nRBP: ffffa08b658af940 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffa0a9bfb31540\nR13: ffffa0a9bfb37900 R14: 0000000000000000 R15: ffffa0a9bfb37905\nFS: 0000000000000000(0000) GS:ffffa0a9bfb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055a45ed814e8 CR3: 000000109038a000 CR4: 0000000000350ee0\nCall Trace:\n <TASK>\n ? show_trace_log_lvl+0x1d6/0x2f9\n ? show_trace_log_lvl+0x1d6/0x2f9\n ? mlx5_devcom_for_each_peer_begin+0x29/0x60 [mlx5_core]\n ? down_read+0x75/0x94\n ? __warn+0x80/0x113\n ? down_read+0x75/0x94\n ? report_bug+0xa4/0x11d\n ? handle_bug+0x35/0x8b\n ? exc_invalid_op+0x14/0x75\n ? asm_exc_invalid_op+0x16/0x1b\n ? down_read+0x75/0x94\n ? down_read+0xe/0x94\n mlx5_devcom_for_each_peer_begin+0x29/0x60 [mlx5_core]\n mlx5_ipsec_fs_roce_tx_destroy+0xb1/0x130 [mlx5_core]\n tx_destroy+0x1b/0xc0 [mlx5_core]\n tx_ft_put+0x53/0xc0 [mlx5_core]\n mlx5e_xfrm_free_state+0x45/0x90 [mlx5_core]\n ___xfrm_state_destroy+0x10f/0x1a2\n xfrm_state_gc_task+0x81/0xa9\n process_one_work+0x1f1/0x3c6\n worker_thread+0x53/0x3e4\n ? process_one_work.cold+0x46/0x3c\n kthread+0x127/0x144\n ? set_kthread_struct+0x60/0x52\n ret_from_fork+0x22/0x2d\n </TASK>\n---[ end trace 5ef7896144d398e1 ]---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5: Reparar llamada de seguimiento IPsec RoCE MPV Evita que se realice el seguimiento de llamada a continuaci\u00f3n al no permitir la creaci\u00f3n de IPsec en un esclavo, si el dispositivo maestro no admite IPsec. ADVERTENCIA: CPU: 44 PID: 16136 en kernel/locking/rwsem.c:240 down_read+0x75/0x94 M\u00f3dulos vinculados en: esp4_offload esp4 act_mirred act_vlan cls_flower sch_ingress mlx5_vdpa vringh vhost_iotlb vdpa mst_pciconf(OE) nfsv3 nfs_acl nfs lockd grace fscache netfs xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 rfkill cuse fuse rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_core_mod ib_umad ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_ipoib iw_cm ib_cm ipmi_ssif intel_rapl_msr intel_rapl_common amd64_edac edac_mce_amd kvm_amd kvm irqbypass _pclmul crc32_pclmul mlx5_ib ghash_clmulni_intel sha1_ssse3 dell_smbios ib_uverbs aesni_intel crypto_simd dcdbas wmi_bmof dell_wmi_descriptor cryptd pcspkr ib_core acpi_ipmi sp5100_tco ccp i2c_piix4 ipmi_si ptdma k10temp ipmi_devintf ipmi_msghandler acpi_power_meter acpi_cpufreq ext4 mbcache jbd2 sd_mod t10_pi sg mgag200 drm_kms_helper syscopyarea sysfillrect mlx5_core sysimgblt fb_sys_fops cec ahci libahci mlxfw drm pci_hyperv_intf libata tg3 sha256_ssse3 tls megaraid_sas i2c_algo_bit psample wmi dm_mirror dm_region_hash dm_log dm_mod [\u00faltima descarga: mst_pci] CPU: 44 PID: 16136 Comm: kworker/44:3 Kdump: cargado Contaminado: GOE 5.15.0-20240509.el8uek.uek7_u3_update_v6.6_ipsec_bf.x86_64 #2 Nombre del hardware: Dell Inc. PowerEdge R7525/074H08, BIOS 2.0.3 15/01/2021 Cola de trabajo: eventos xfrm_state_gc_task RIP: 0010:down_read+0x75/0x94 C\u00f3digo: 00 48 8b 45 08 65 48 8b 14 25 80 fc 01 00 83 e0 02 48 09 d0 48 83 c8 01 48 89 45 08 5d 31 c0 89 c2 89 c6 89 c7 e9 cb 88 3b 00 &lt;0f&gt; 0b 48 8b 45 08 a8 01 74 b2 a8 02 75 ae 48 89 c2 48 83 ca 02 f0 RSP: 0018:ffffb26387773da8 EFLAGS: 00010282 RAX: 000000000000000 RBX: ffffa08b658af900 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ff886bc5e1366f2f RDI: 0000000000000000 RBP: ffffa08b658af940 R08: 00000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffa0a9bfb31540 R13: ffffa0a9bfb37900 R14: 000000000000000 R15: ffffa0a9bfb37905 FS: 000000000000000(0000) GS:ffffa0a9bfb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055a45ed814e8 CR3: 000000109038a000 CR4: 0000000000350ee0 Seguimiento de llamadas: ? show_trace_log_lvl+0x1d6/0x2f9 ? show_trace_log_lvl+0x1d6/0x2f9 ? mlx5_devcom_for_each_peer_begin+0x29/0x60 [mlx5_core] ? down_read+0x75/0x94 ? __warn+0x80/0x113 ? down_read+0x75/0x94 ? report_bug+0xa4/0x11d ? handle_bug+0x35/0x8b ? asm_exc_invalid_op+0x16/0x1b ? lectura_abajo+0x75/0x94 ? lectura_abajo+0xe/0x94 mlx5_devcom_para_cada_par_inicio+0x29/0x60 [n\u00facleo_mlx5] mlx5_ipsec_fs_roce_tx_destroy+0xb1/0x130 [n\u00facleo_mlx5] tx_destroy+0x1b/0xc0 [n\u00facleo_mlx5] tx_ft_put+0x53/0xc0 [n\u00facleo_mlx5] mlx5e_xfrm_estado_libre+0x45/0x90 [n\u00facleo_mlx5] ___xfrm_estado_destruir+0x10f/0x1a2 xfrm_estado_gc_task+0x81/0xa9 proceso_uno_trabajo+0x1f1/0x3c6 subproceso_trabajador+0x53/0x3e4 ? proceso_uno_trabajo.fr\u00edo+0x46/0x3c kthread+0x127/0x144 ? conjunto_kthread_struct+0x60/0x52 ret_from_fork+0x22/0x2d ---[ fin de seguimiento 5ef7896144d398e1 ]---"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2ae52a65a850ded75a94e8d7ec1e09737f4c6509",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/607e1df7bd47fe91cab85a97f57870a26d066137",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

137
CVE-2024/CVE-2024-450xx/CVE-2024-45018.json
View File

@ -2,40 +2,159 @@
"id": "CVE-2024-45018",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.933",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:24.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: initialise extack before use\n\nFix missing initialisation of extack in flow offload."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: flowtable: inicializar extack antes de su uso. Se corrige la inicializaci\u00f3n faltante de extack en la descarga de flujo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/119be227bc04f5035efa64cb823b8a5ca5e2d1c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/356beb911b63a8cff34cb57f755c2a2d2ee9dec7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7eafeec6be68ebd6140a830ce9ae68ad5b67ec78",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7b760499f7791352b49b11667ed04b23d7f5b0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e5ceff2196dc633c995afb080f6f44a72cff6e1d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e9767137308daf906496613fd879808a07f006a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

113
CVE-2024/CVE-2024-450xx/CVE-2024-45019.json
View File

@ -2,32 +2,131 @@
"id": "CVE-2024-45019",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.990",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:19.360",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Take state lock during tx timeout reporter\n\nmlx5e_safe_reopen_channels() requires the state lock taken. The\nreferenced changed in the Fixes tag removed the lock to fix another\nissue. This patch adds it back but at a later point (when calling\nmlx5e_safe_reopen_channels()) to avoid the deadlock referenced in the\nFixes tag."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5e: Tomar bloqueo de estado durante el tiempo de espera de la transmisi\u00f3n El reportero mlx5e_safe_reopen_channels() requiere que se tome el bloqueo de estado. El cambio al que se hace referencia en la etiqueta Fixes elimin\u00f3 el bloqueo para solucionar otro problema. Este parche lo vuelve a agregar, pero en un momento posterior (al llamar a mlx5e_safe_reopen_channels()) para evitar el bloqueo al que se hace referencia en la etiqueta Fixes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.69",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "D5EB5507-74EF-4855-AAE0-24034D3B924D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.8",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "431A4443-7314-4253-AFAC-DDBAF86C063A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/03d3734bd692affe4d0e9c9d638f491aaf37411b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e57e66ecbdd2fddc9fbf3e984b1c523b70e9809",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b3b9a87adee97854bcd71057901d46943076267e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e6b5afd30b99b43682a7764e1a74a42fe4d5f4b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

101
CVE-2024/CVE-2024-450xx/CVE-2024-45020.json
View File

@ -2,28 +2,117 @@
"id": "CVE-2024-45020",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.050",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:52.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a kernel verifier crash in stacksafe()\n\nDaniel Hodges reported a kernel verifier crash when playing with sched-ext.\nFurther investigation shows that the crash is due to invalid memory access\nin stacksafe(). More specifically, it is the following code:\n\n if (exact != NOT_EXACT &&\n old->stack[spi].slot_type[i % BPF_REG_SIZE] !=\n cur->stack[spi].slot_type[i % BPF_REG_SIZE])\n return false;\n\nThe 'i' iterates old->allocated_stack.\nIf cur->allocated_stack < old->allocated_stack the out-of-bound\naccess will happen.\n\nTo fix the issue add 'i >= cur->allocated_stack' check such that if\nthe condition is true, stacksafe() should fail. Otherwise,\ncur->stack[spi].slot_type[i % BPF_REG_SIZE] memory access is legal."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Se corrige un fallo del verificador del kernel en stacksafe() Daniel Hodges inform\u00f3 de un fallo del verificador del kernel al jugar con sched-ext. Una investigaci\u00f3n m\u00e1s profunda muestra que el fallo se debe a un acceso a memoria no v\u00e1lido en stacksafe(). M\u00e1s espec\u00edficamente, es el siguiente c\u00f3digo: if (exact != NOT_EXACT &amp;&amp; old-&gt;stack[spi].slot_type[i % BPF_REG_SIZE] != cur-&gt;stack[spi].slot_type[i % BPF_REG_SIZE]) return false; La 'i' itera old-&gt;allocated_stack. Si cur-&gt;allocated_stack &lt; old-&gt;allocated_stack, se producir\u00e1 el acceso fuera de l\u00edmites. Para solucionar el problema, agregue la comprobaci\u00f3n 'i &gt;= cur-&gt;allocated_stack' de modo que, si la condici\u00f3n es verdadera, stacksafe() deber\u00eda fallar. De lo contrario, el acceso a la memoria cur-&gt;stack[spi].slot_type[i % BPF_REG_SIZE] es legal."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.15",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "FE59A694-DE72-41A4-A18F-3B41532FCE94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6e3987ac310c74bb4dd6a2fa8e46702fe505fb2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7cad3174cc79519bf5f6c4441780264416822c08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bed2eb964c70b780fb55925892a74f26cb590b25",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

161
CVE-2024/CVE-2024-450xx/CVE-2024-45021.json
View File

@ -2,48 +2,187 @@
"id": "CVE-2024-45021",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.103",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:31.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcg_write_event_control(): fix a user-triggerable oops\n\nwe are *not* guaranteed that anything past the terminating NUL\nis mapped (let alone initialized with anything sane)."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: memcg_write_event_control(): corrige un error que puede ser activado por el usuario. Oops, *no* tenemos garant\u00eda de que todo lo que est\u00e9 m\u00e1s all\u00e1 del NUL de terminaci\u00f3n se asigne (y mucho menos se inicialice con algo sensato)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.34",
"versionEndExcluding": "4.19.321",
"matchCriteriaId": "FBEF6731-CEFF-4F68-87C3-0C83A2F70337"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/046667c4d3196938e992fba0dfcde570aa85cd0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0fbe2a72e853a1052abe9bc2b7df8ddb102da227",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1b37ec85ad95b612307627758c6018cd9d92cca8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/21b578f1d599edb87462f11113c5b0fc7a04ac61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43768fa80fd192558737e24ed6548f74554611d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad149f5585345e383baa65f1539d816cd715fd3b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f1aa7c509aa766080db7ab3aec2e31b1df09e57c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fa5bfdf6cb5846a00e712d630a43e3cf55ccb411",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

113
CVE-2024/CVE-2024-450xx/CVE-2024-45022.json
View File

@ -2,32 +2,131 @@
"id": "CVE-2024-45022",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.163",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:36:39.043",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0\n\nThe __vmap_pages_range_noflush() assumes its argument pages** contains\npages with the same page shift. However, since commit e9c3cda4d86e (\"mm,\nvmalloc: fix high order __GFP_NOFAIL allocations\"), if gfp_flags includes\n__GFP_NOFAIL with high order in vm_area_alloc_pages() and page allocation\nfailed for high order, the pages** may contain two different page shifts\n(high order and order-0). This could lead __vmap_pages_range_noflush() to\nperform incorrect mappings, potentially resulting in memory corruption.\n\nUsers might encounter this as follows (vmap_allow_huge = true, 2M is for\nPMD_SIZE):\n\nkvmalloc(2M, __GFP_NOFAIL|GFP_X)\n __vmalloc_node_range_noprof(vm_flags=VM_ALLOW_HUGE_VMAP)\n vm_area_alloc_pages(order=9) ---> order-9 allocation failed and fallback to order-0\n vmap_pages_range()\n vmap_pages_range_noflush()\n __vmap_pages_range_noflush(page_shift = 21) ----> wrong mapping happens\n\nWe can remove the fallback code because if a high-order allocation fails,\n__vmalloc_node_range_noprof() will retry with order-0. Therefore, it is\nunnecessary to fallback to order-0 here. Therefore, fix this by removing\nthe fallback code."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/vmalloc: se corrige la asignaci\u00f3n de p\u00e1ginas si vm_area_alloc_pages() con un retroceso de orden superior al orden 0 __vmap_pages_range_noflush() asume que su argumento pages** contiene p\u00e1ginas con el mismo cambio de p\u00e1gina. Sin embargo, desde el commit e9c3cda4d86e (\"mm, vmalloc: se corrigen las asignaciones de orden superior __GFP_NOFAIL\"), si gfp_flags incluye __GFP_NOFAIL con orden superior en vm_area_alloc_pages() y la asignaci\u00f3n de p\u00e1ginas falla para el orden superior, pages** puede contener dos cambios de p\u00e1gina diferentes (orden superior y orden 0). Esto podr\u00eda provocar que __vmap_pages_range_noflush() realice asignaciones incorrectas, lo que podr\u00eda provocar una corrupci\u00f3n de memoria. Los usuarios pueden encontrarse con esto de la siguiente manera (vmap_allow_huge = true, 2M es para PMD_SIZE): kvmalloc(2M, __GFP_NOFAIL|GFP_X) __vmalloc_node_range_noprof(vm_flags=VM_ALLOW_HUGE_VMAP) vm_area_alloc_pages(order=9) ---&gt; la asignaci\u00f3n del pedido 9 fall\u00f3 y se vuelve al pedido 0 vmap_pages_range() vmap_pages_range_noflush() __vmap_pages_range_noflush(page_shift = 21) ----&gt; ocurre una asignaci\u00f3n incorrecta Podemos eliminar el c\u00f3digo de respaldo porque si falla una asignaci\u00f3n de orden alto, __vmalloc_node_range_noprof() volver\u00e1 a intentarlo con el pedido 0. Por lo tanto, no es necesario volver al pedido 0 aqu\u00ed. Por lo tanto, solucione esto eliminando el c\u00f3digo de respaldo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.95",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "EAB88E73-4A4D-4E7B-B85E-47EA47174A83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "8A7B36D8-72F7-4F2A-A151-A59474D95B61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/61ebe5a747da649057c37be1c37eb934b4af79ca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c91618816f4d21fc574d7577a37722adcd4075b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de7bad86345c43cd040ed43e20d9fad78a3ee59f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fd1ffbb50ef4da5e1378a46616b6d7407dc795da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

89
CVE-2024/CVE-2024-450xx/CVE-2024-45023.json
View File

@ -2,24 +2,103 @@
"id": "CVE-2024-45023",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.230",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:30:30.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix data corruption for degraded array with slow disk\n\nread_balance() will avoid reading from slow disks as much as possible,\nhowever, if valid data only lands in slow disks, and a new normal disk\nis still in recovery, unrecovered data can be read:\n\nraid1_read_request\n read_balance\n raid1_should_read_first\n -> return false\n choose_best_rdev\n -> normal disk is not recovered, return -1\n choose_bb_rdev\n -> missing the checking of recovery, return the normal disk\n -> read unrecovered data\n\nRoot cause is that the checking of recovery is missing in\nchoose_bb_rdev(). Hence add such checking to fix the problem.\n\nAlso fix similar problem in choose_slow_rdev()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md/raid1: Reparar la corrupci\u00f3n de datos para la matriz degradada con disco lento read_balance() evitar\u00e1 la lectura de discos lentos tanto como sea posible, sin embargo, si los datos v\u00e1lidos solo llegan a discos lentos, y un nuevo disco normal a\u00fan est\u00e1 en recuperaci\u00f3n, se pueden leer los datos no recuperados: raid1_read_request read_balance raid1_should_read_first -&gt; return false choose_best_rdev -&gt; no se recupera el disco normal, devuelve -1 choose_bb_rdev -&gt; falta la comprobaci\u00f3n de recuperaci\u00f3n, devuelve el disco normal -&gt; leer datos no recuperados La causa ra\u00edz es que falta la comprobaci\u00f3n de recuperaci\u00f3n en choose_bb_rdev(). Por lo tanto, agregue dicha comprobaci\u00f3n para solucionar el problema. Tambi\u00e9n solucione un problema similar en choose_slow_rdev()."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "E94ACAFB-7FD4-4D6C-B1EF-5ACFEF7D85D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2febf5fdbf5d9a52ddc3e986971c8609b1582d67",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c916ca35308d3187c9928664f9be249b22a3a701",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

89
CVE-2024/CVE-2024-450xx/CVE-2024-45024.json
View File

@ -2,24 +2,103 @@
"id": "CVE-2024-45024",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.290",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:30:17.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix hugetlb vs. core-mm PT locking\n\nWe recently made GUP's common page table walking code to also walk hugetlb\nVMAs without most hugetlb special-casing, preparing for the future of\nhaving less hugetlb-specific page table walking code in the codebase. \nTurns out that we missed one page table locking detail: page table locking\nfor hugetlb folios that are not mapped using a single PMD/PUD.\n\nAssume we have hugetlb folio that spans multiple PTEs (e.g., 64 KiB\nhugetlb folios on arm64 with 4 KiB base page size). GUP, as it walks the\npage tables, will perform a pte_offset_map_lock() to grab the PTE table\nlock.\n\nHowever, hugetlb that concurrently modifies these page tables would\nactually grab the mm->page_table_lock: with USE_SPLIT_PTE_PTLOCKS, the\nlocks would differ. Something similar can happen right now with hugetlb\nfolios that span multiple PMDs when USE_SPLIT_PMD_PTLOCKS.\n\nThis issue can be reproduced [1], for example triggering:\n\n[ 3105.936100] ------------[ cut here ]------------\n[ 3105.939323] WARNING: CPU: 31 PID: 2732 at mm/gup.c:142 try_grab_folio+0x11c/0x188\n[ 3105.944634] Modules linked in: [...]\n[ 3105.974841] CPU: 31 PID: 2732 Comm: reproducer Not tainted 6.10.0-64.eln141.aarch64 #1\n[ 3105.980406] Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-4.fc40 05/24/2024\n[ 3105.986185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 3105.991108] pc : try_grab_folio+0x11c/0x188\n[ 3105.994013] lr : follow_page_pte+0xd8/0x430\n[ 3105.996986] sp : ffff80008eafb8f0\n[ 3105.999346] x29: ffff80008eafb900 x28: ffffffe8d481f380 x27: 00f80001207cff43\n[ 3106.004414] x26: 0000000000000001 x25: 0000000000000000 x24: ffff80008eafba48\n[ 3106.009520] x23: 0000ffff9372f000 x22: ffff7a54459e2000 x21: ffff7a546c1aa978\n[ 3106.014529] x20: ffffffe8d481f3c0 x19: 0000000000610041 x18: 0000000000000001\n[ 3106.019506] x17: 0000000000000001 x16: ffffffffffffffff x15: 0000000000000000\n[ 3106.024494] x14: ffffb85477fdfe08 x13: 0000ffff9372ffff x12: 0000000000000000\n[ 3106.029469] x11: 1fffef4a88a96be1 x10: ffff7a54454b5f0c x9 : ffffb854771b12f0\n[ 3106.034324] x8 : 0008000000000000 x7 : ffff7a546c1aa980 x6 : 0008000000000080\n[ 3106.038902] x5 : 00000000001207cf x4 : 0000ffff9372f000 x3 : ffffffe8d481f000\n[ 3106.043420] x2 : 0000000000610041 x1 : 0000000000000001 x0 : 0000000000000000\n[ 3106.047957] Call trace:\n[ 3106.049522] try_grab_folio+0x11c/0x188\n[ 3106.051996] follow_pmd_mask.constprop.0.isra.0+0x150/0x2e0\n[ 3106.055527] follow_page_mask+0x1a0/0x2b8\n[ 3106.058118] __get_user_pages+0xf0/0x348\n[ 3106.060647] faultin_page_range+0xb0/0x360\n[ 3106.063651] do_madvise+0x340/0x598\n\nLet's make huge_pte_lockptr() effectively use the same PT locks as any\ncore-mm page table walker would. Add ptep_lockptr() to obtain the PTE\npage table lock using a pte pointer -- unfortunately we cannot convert\npte_lockptr() because virt_to_page() doesn't work with kmap'ed page tables\nwe can have with CONFIG_HIGHPTE.\n\nHandle CONFIG_PGTABLE_LEVELS correctly by checking in reverse order, such\nthat when e.g., CONFIG_PGTABLE_LEVELS==2 with\nPGDIR_SIZE==P4D_SIZE==PUD_SIZE==PMD_SIZE will work as expected. Document\nwhy that works.\n\nThere is one ugly case: powerpc 8xx, whereby we have an 8 MiB hugetlb\nfolio being mapped using two PTE page tables. While hugetlb wants to take\nthe PMD table lock, core-mm would grab the PTE table lock of one of both\nPTE page tables. In such corner cases, we have to make sure that both\nlocks match, which is (fortunately!) currently guaranteed for 8xx as it\ndoes not support SMP and consequently doesn't use split PT locks.\n\n[1] https://lore.kernel.org/all/1bbfcc7f-f222-45a5-ac44-c5a1381c596d@redhat.com/"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/hugetlb: correcci\u00f3n del bloqueo de PT de hugetlb frente a core-mm Recientemente hicimos que el c\u00f3digo de recorrido de tabla de p\u00e1ginas com\u00fan de GUP tambi\u00e9n recorriera VMA hugetlb sin la mayor\u00eda de las may\u00fasculas y min\u00fasculas especiales de hugetlb, prepar\u00e1ndonos para el futuro de tener menos c\u00f3digo de recorrido de tabla de p\u00e1ginas espec\u00edfico de hugetlb en la base de c\u00f3digo. Resulta que nos perdimos un detalle de bloqueo de tabla de p\u00e1ginas: el bloqueo de tabla de p\u00e1ginas para folios hugetlb que no est\u00e1n mapeados usando un solo PMD/PUD. Supongamos que tenemos un folio hugetlb que abarca m\u00faltiples PTE (por ejemplo, folios hugetlb de 64 KiB en arm64 con un tama\u00f1o de p\u00e1gina base de 4 KiB). GUP, mientras recorre las tablas de p\u00e1ginas, realizar\u00e1 un pte_offset_map_lock() para agarrar el bloqueo de tabla PTE. Sin embargo, hugetlb que modifica simult\u00e1neamente estas tablas de p\u00e1ginas en realidad agarrar\u00eda el mm-&gt;page_table_lock: con USE_SPLIT_PTE_PTLOCKS, los bloqueos ser\u00edan diferentes. Algo similar puede suceder ahora mismo con folios hugetlb que abarcan m\u00faltiples PMD cuando USE_SPLIT_PMD_PTLOCKS. Este problema se puede reproducir [1], por ejemplo, activando: [ 3105.936100] ------------[ cortar aqu\u00ed ]------------ [ 3105.939323] ADVERTENCIA: CPU: 31 PID: 2732 en mm/gup.c:142 try_grab_folio+0x11c/0x188 [ 3105.944634] M\u00f3dulos vinculados en: [...] [ 3105.974841] CPU: 31 PID: 2732 Comm: reproducer No contaminado 6.10.0-64.eln141.aarch64 #1 [ 3105.980406] Nombre del hardware: QEMU KVM Virtual Machine, BIOS edk2-20240524-4.fc40 24/05/2024 [ 3105.986185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 3105.991108] pc : try_grab_folio+0x11c/0x188 [ 3105.994013] lr : follow_page_pte+0xd8/0x430 [ 3105.996986] sp : ffff80008eafb8f0 [ 3105.999346] x29: ffff80008eafb900 x28: ffffffe8d481f380 x27: 00f80001207cff43 [ 3106.004414] x26: 0000000000000001 x25: 00000000000000000 x24: ffff80008eafba48 [ 3106.009520] x23: 0000ffff9372f000 x22: ffff7a54459e2000 x21: ffff7a546c1aa978 [ 3106.014529] x20: ffffffe8d481f3c0 x19: 0000000000610041 x18: 0000000000000001 [ 3106.019506] x17: 0000000000000001 x16: ffffffffffffffffff x15: 0000000000000000 [ 3106.024494] x14: ffffb85477fdfe08 x13: 0000ffff9372ffff x12: 0000000000000000 [ 3106.029469] x11: 1fffef4a88a96be1 x10: ffff7a54454b5f0c x9: ffffb854771b12f0 [ 3106.034324] x8: 000800000000000 x7: ffff7a546c1aa980 x6: 0008000000000080 [ 3106.038902] x5 : 00000000001207cf x4 : 0000ffff9372f000 x3 : ffffffe8d481f000 [ 3106.043420] x2 : 0000000000610041 x1 : 0000000000000001 x0 : 0000000000000000 [ 3106.047957] Rastreo de llamadas: [ 3106.049522] try_grab_folio+0x11c/0x188 [ 3106.051996] follow_pmd_mask.constprop.0.isra.0+0x150/0x2e0 [ 3106.055527] follow_page_mask+0x1a0/0x2b8 [ 3106.058118] __get_user_pages+0xf0/0x348 [ 3106.060647] faultin_page_range+0xb0/0x360 [ 3106.063651] do_madvise+0x340/0x598 Hagamos que huge_pte_lockptr() use efectivamente los mismos bloqueos PT que cualquier rastreador de tablas de p\u00e1ginas core-mm har\u00eda. Agregue ptep_lockptr() para obtener el bloqueo de la tabla de p\u00e1ginas PTE usando un puntero pte - desafortunadamente no podemos convertir pte_lockptr() porque virt_to_page() no funciona con tablas de p\u00e1ginas kmap'ed que podemos tener con CONFIG_HIGHPTE. Maneje CONFIG_PGTABLE_LEVELS correctamente verificando en orden inverso, de modo que cuando, por ejemplo, CONFIG_PGTABLE_LEVELS==2 con PGDIR_SIZE==P4D_SIZE==PUD_SIZE==PMD_SIZE funcionar\u00e1 como se espera. Documente por qu\u00e9 funciona eso. Hay un caso desagradable: powerpc 8xx, en el que tenemos un folio hugetlb de 8 MiB que se asigna utilizando dos tablas de p\u00e1ginas PTE. Mientras hugetlb quiere tomar el bloqueo de la tabla PMD, core-mm tomar\u00eda el bloqueo de la tabla PTE de una de ambas tablas de p\u00e1ginas PTE. En tales casos extremos, tenemos que asegurarnos de que ambos bloqueos coincidan, lo que (\u00a1afortunadamente!) --- truncado ----"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "E55C1263-DF43-41EF-8DA8-2BA68DF4FFFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5f75cfbd6bb02295ddaed48adf667b6c828ce07b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7300dadba49e531af2d890ae4e34c9b115384a62",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

160
CVE-2024/CVE-2024-450xx/CVE-2024-45025.json
View File

@ -2,48 +2,186 @@
"id": "CVE-2024-45025",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.440",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:30:07.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE\n\ncopy_fd_bitmaps(new, old, count) is expected to copy the first\ncount/BITS_PER_LONG bits from old->full_fds_bits[] and fill\nthe rest with zeroes. What it does is copying enough words\n(BITS_TO_LONGS(count/BITS_PER_LONG)), then memsets the rest.\nThat works fine, *if* all bits past the cutoff point are\nclear. Otherwise we are risking garbage from the last word\nwe'd copied.\n\nFor most of the callers that is true - expand_fdtable() has\ncount equal to old->max_fds, so there's no open descriptors\npast count, let alone fully occupied words in ->open_fds[],\nwhich is what bits in ->full_fds_bits[] correspond to.\n\nThe other caller (dup_fd()) passes sane_fdtable_size(old_fdt, max_fds),\nwhich is the smallest multiple of BITS_PER_LONG that covers all\nopened descriptors below max_fds. In the common case (copying on\nfork()) max_fds is ~0U, so all opened descriptors will be below\nit and we are fine, by the same reasons why the call in expand_fdtable()\nis safe.\n\nUnfortunately, there is a case where max_fds is less than that\nand where we might, indeed, end up with junk in ->full_fds_bits[] -\nclose_range(from, to, CLOSE_RANGE_UNSHARE) with\n\t* descriptor table being currently shared\n\t* 'to' being above the current capacity of descriptor table\n\t* 'from' being just under some chunk of opened descriptors.\nIn that case we end up with observably wrong behaviour - e.g. spawn\na child with CLONE_FILES, get all descriptors in range 0..127 open,\nthen close_range(64, ~0U, CLOSE_RANGE_UNSHARE) and watch dup(0) ending\nup with descriptor #128, despite #64 being observably not open.\n\nThe minimally invasive fix would be to deal with that in dup_fd().\nIf this proves to add measurable overhead, we can go that way, but\nlet's try to fix copy_fd_bitmaps() first.\n\n* new helper: bitmap_copy_and_expand(to, from, bits_to_copy, size).\n* make copy_fd_bitmaps() take the bitmap size in words, rather than\nbits; it's 'count' argument is always a multiple of BITS_PER_LONG,\nso we are not losing any information, and that way we can use the\nsame helper for all three bitmaps - compiler will see that count\nis a multiple of BITS_PER_LONG for the large ones, so it'll generate\nplain memcpy()+memset().\n\nReproducer added to tools/testing/selftests/core/close_range_test.c"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: se corrige la corrupci\u00f3n de mapas de bits en close_range() con CLOSE_RANGE_UNSHARE Se espera que copy_fd_bitmaps(new, old, count) copie los primeros bits count/BITS_PER_LONG de old-&gt;full_fds_bits[] y rellene el resto con ceros. Lo que hace es copiar suficientes palabras (BITS_TO_LONGS(count/BITS_PER_LONG)), luego memsets el resto. Eso funciona bien, *si* todos los bits m\u00e1s all\u00e1 del punto de corte est\u00e1n limpios. De lo contrario, corremos el riesgo de basura de la \u00faltima palabra que hab\u00edamos copiado. Para la mayor\u00eda de los llamadores, esto es cierto: expand_fdtable() tiene count igual a old-&gt;max_fds, por lo que no hay descriptores abiertos m\u00e1s all\u00e1 de count, y mucho menos palabras completamente ocupadas en -&gt;open_fds[], que es a lo que corresponden los bits en -&gt;full_fds_bits[]. El otro llamador (dup_fd()) pasa sane_fdtable_size(old_fdt, max_fds), que es el m\u00faltiplo m\u00e1s peque\u00f1o de BITS_PER_LONG que cubre todos los descriptores abiertos por debajo de max_fds. En el caso com\u00fan (copiar en fork()) max_fds es ~0U, por lo que todos los descriptores abiertos estar\u00e1n por debajo de \u00e9l y estamos bien, por las mismas razones por las que la llamada en expand_fdtable() es segura. Desafortunadamente, hay un caso en el que max_fds es menor que eso y en el que, de hecho, podr\u00edamos terminar con basura en -&gt;full_fds_bits[] - close_range(from, to, CLOSE_RANGE_UNSHARE) con * tabla de descriptores que se comparte actualmente * 'to' est\u00e1 por encima de la capacidad actual de la tabla de descriptores * 'from' est\u00e1 justo debajo de alg\u00fan trozo de descriptores abiertos. En ese caso, terminamos con un comportamiento observablemente incorrecto, por ejemplo, generar un hijo con CLONE_FILES, obtener todos los descriptores en el rango 0..127 abiertos, luego close_range(64, ~0U, CLOSE_RANGE_UNSHARE) y ver que dup(0) termina con el descriptor #128, a pesar de que #64 no est\u00e1 abierta observablemente. La soluci\u00f3n m\u00ednimamente invasiva ser\u00eda lidiar con eso en dup_fd(). Si esto demuestra agregar una sobrecarga medible, podemos ir por ese camino, pero intentemos arreglar copy_fd_bitmaps() primero. * nuevo ayudante: bitmap_copy_and_expand(to, from, bits_to_copy, size). * hacer que copy_fd_bitmaps() tome el tama\u00f1o del mapa de bits en palabras, en lugar de bits; Su argumento 'count' es siempre un m\u00faltiplo de BITS_PER_LONG, por lo que no perdemos ninguna informaci\u00f3n y de esa manera podemos usar el mismo asistente para los tres mapas de bits: el compilador ver\u00e1 que count es un m\u00faltiplo de BITS_PER_LONG para los grandes, por lo que generar\u00e1 memcpy()+memset() simple. Se agreg\u00f3 el reproductor a tools/testing/selftests/core/close_range_test.c"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.321",
"matchCriteriaId": "5131A29D-7B39-48FD-A512-B4599B486AB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5053581fe5dfb09b58c65dd8462bf5dea71f41ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8cad3b2b3ab81ca55f37405ffd1315bcc2948058",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9a2fa1472083580b6c66bdaf291f591e1170123a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c69d18f0ac7060de724511537810f10f29a27958",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd72ae8b0fce9c0bbe9582b9b50820f0407f8d8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e807487a1d5fd5d941f26578ae826ca815dbfcd6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ee501f827f3db02d4e599afbbc1a7f8b792d05d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe5bf14881701119aeeda7cf685f3c226c7380df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

149
CVE-2024/CVE-2024-450xx/CVE-2024-45026.json
View File

@ -2,44 +2,173 @@
"id": "CVE-2024-45026",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.507",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:29:55.927",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix error recovery leading to data corruption on ESE devices\n\nExtent Space Efficient (ESE) or thin provisioned volumes need to be\nformatted on demand during usual IO processing.\n\nThe dasd_ese_needs_format function checks for error codes that signal\nthe non existence of a proper track format.\n\nThe check for incorrect length is to imprecise since other error cases\nleading to transport of insufficient data also have this flag set.\nThis might lead to data corruption in certain error cases for example\nduring a storage server warmstart.\n\nFix by removing the check for incorrect length and replacing by\nexplicitly checking for invalid track format in transport mode.\n\nAlso remove the check for file protected since this is not a valid\nESE handling case."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: se corrige la recuperaci\u00f3n de errores que provoca la corrupci\u00f3n de datos en dispositivos ESE Los vol\u00famenes con aprovisionamiento ligero o Eficiencia de espacio de extensi\u00f3n (ESE) deben formatearse a pedido durante el procesamiento de E/S habitual. La funci\u00f3n dasd_ese_needs_format comprueba los c\u00f3digos de error que indican la inexistencia de un formato de pista adecuado. La comprobaci\u00f3n de longitud incorrecta es demasiado imprecisa, ya que otros casos de error que provocan el transporte de datos insuficientes tambi\u00e9n tienen esta bandera activada. Esto puede provocar la corrupci\u00f3n de datos en ciertos casos de error, por ejemplo, durante el arranque en caliente de un servidor de almacenamiento. Se soluciona eliminando la comprobaci\u00f3n de longitud incorrecta y reemplaz\u00e1ndola por una comprobaci\u00f3n expl\u00edcita de formato de pista no v\u00e1lido en el modo de transporte. Tambi\u00e9n se elimina la comprobaci\u00f3n de archivo protegido, ya que este no es un caso v\u00e1lido de manejo de ESE."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "D05066F4-CEBB-4CD3-8523-D54F9FE7F513"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a228896a1b3654cd461ff654f6a64e97a9c3246",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/19f60a55b2fda49bc4f6134a5f6356ef62ee69d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5d4a304338daf83ace2887aaacafd66fe99ed5cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7db4042336580dfd75cb5faa82c12cd51098c90b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/93a7e2856951680cd7fe6ebd705ac10c8a8a5efd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a665e3b7ac7d5cdc26e00e3d0fc8fd490e00316a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e245a18281c252c8dbc467492e09bb5d4b012118",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

89
CVE-2024/CVE-2024-450xx/CVE-2024-45027.json
View File

@ -2,24 +2,103 @@
"id": "CVE-2024-45027",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.570",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:29:44.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Check for xhci->interrupters being allocated in xhci_mem_clearup()\n\nIf xhci_mem_init() fails, it calls into xhci_mem_cleanup() to mop\nup the damage. If it fails early enough, before xhci->interrupters\nis allocated but after xhci->max_interrupters has been set, which\nhappens in most (all?) cases, things get uglier, as xhci_mem_cleanup()\nunconditionally derefences xhci->interrupters. With prejudice.\n\nGate the interrupt freeing loop with a check on xhci->interrupters\nbeing non-NULL.\n\nFound while debugging a DMA allocation issue that led the XHCI driver\non this exact path."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: xhci: Comprueba que xhci-&gt;interrupters se asignen en xhci_mem_clearup() Si xhci_mem_init() falla, llama a xhci_mem_cleanup() para limpiar el da\u00f1o. Si falla lo suficientemente pronto, antes de que se asigne xhci-&gt;interrupters pero despu\u00e9s de que se haya establecido xhci-&gt;max_interrupters, lo que sucede en la mayor\u00eda (\u00bftodos?) de los casos, las cosas se ponen peor, ya que xhci_mem_cleanup() desreferencia incondicionalmente a xhci-&gt;interrupters. Con prejuicio. Bloquea el bucle de liberaci\u00f3n de interrupciones con una comprobaci\u00f3n de que xhci-&gt;interrupters no sea NULL. Se encontr\u00f3 mientras se depuraba un problema de asignaci\u00f3n de DMA que llev\u00f3 al controlador XHCI por este camino exacto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "E89DCAFA-7226-4A61-B500-1229E533B4BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/770cacc75b0091ece17349195d72133912c1ca7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dcdb52d948f3a17ccd3fce757d9bd981d7c32039",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

166
CVE-2024/CVE-2024-450xx/CVE-2024-45028.json
View File

@ -2,48 +2,192 @@
"id": "CVE-2024-45028",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.647",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:29:35.877",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: mmc_test: Fix NULL dereference on allocation failure\n\nIf the \"test->highmem = alloc_pages()\" allocation fails then calling\n__free_pages(test->highmem) will result in a NULL dereference. Also\nchange the error code to -ENOMEM instead of returning success."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: mmc_test: Se corrige la desreferencia NULL en caso de error de asignaci\u00f3n. Si la asignaci\u00f3n \"test-&gt;highmem = alloc_pages()\" falla, al llamar a __free_pages(test-&gt;highmem) se obtendr\u00e1 una desreferencia NULL. Cambie tambi\u00e9n el c\u00f3digo de error a -ENOMEM en lugar de devolver un resultado positivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.27",
"versionEndExcluding": "4.19.321",
"matchCriteriaId": "AF3AF838-9DD8-4D22-9641-2E7737C81C32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2b507b03991f44dfb202fc2a82c9874d1b1f0c06",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3b4e76ceae5b5a46c968bd952f551ce173809f63",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b9ba386d7bfdbc38445932c90fa9444c0524bea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a1e627af32ed60713941cbfc8075d44cad07f6dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cac2815f49d343b2f0acc4973d2c14918ac3ab0c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e40515582141a9e7c84b269be699c05236a499a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e97be13a9f51284da450dd2a592e3fa87b49cdc9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ecb15b8ca12c0cbdab81e307e9795214d8b90890",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

113
CVE-2024/CVE-2024-450xx/CVE-2024-45029.json
View File

@ -2,32 +2,131 @@
"id": "CVE-2024-45029",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.717",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:29:29.740",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: tegra: Do not mark ACPI devices as irq safe\n\nOn ACPI machines, the tegra i2c module encounters an issue due to a\nmutex being called inside a spinlock. This leads to the following bug:\n\n\tBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\n\t...\n\n\tCall trace:\n\t__might_sleep\n\t__mutex_lock_common\n\tmutex_lock_nested\n\tacpi_subsys_runtime_resume\n\trpm_resume\n\ttegra_i2c_xfer\n\nThe problem arises because during __pm_runtime_resume(), the spinlock\n&dev->power.lock is acquired before rpm_resume() is called. Later,\nrpm_resume() invokes acpi_subsys_runtime_resume(), which relies on\nmutexes, triggering the error.\n\nTo address this issue, devices on ACPI are now marked as not IRQ-safe,\nconsidering the dependency of acpi_subsys_runtime_resume() on mutexes."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: tegra: No marcar dispositivos ACPI como seguros para irq En m\u00e1quinas ACPI, el m\u00f3dulo tegra i2c encuentra un problema debido a que se llama a un mutex dentro de un spinlock. Esto lleva al siguiente error: BUG: funci\u00f3n dormida llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:585 ... Rastreo de llamada: __might_sleep __mutex_lock_common mutex_lock_nested acpi_subsys_runtime_resume rpm_resume tegra_i2c_xfer El problema surge porque durante __pm_runtime_resume(), se adquiere el spinlock &amp;dev-&gt;power.lock antes de que se llame a rpm_resume(). M\u00e1s tarde, rpm_resume() invoca acpi_subsys_runtime_resume(), que se basa en mutexes, lo que activa el error. Para solucionar este problema, los dispositivos en ACPI ahora est\u00e1n marcados como no seguros para IRQ, considerando la dependencia de acpi_subsys_runtime_resume() en los mutex."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "E1FCBB3B-3EA3-4D99-B4C1-E8EA9F3DA097"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/14d069d92951a3e150c0a81f2ca3b93e54da913b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2853e1376d8161b04c9ff18ba82b43f08a049905",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6861faf4232e4b78878f2de1ed3ee324ddae2287",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a89aef1e6cc43fa019a58080ed05c839e6c77876",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

106
CVE-2024/CVE-2024-450xx/CVE-2024-45030.json
View File

@ -2,28 +2,122 @@
"id": "CVE-2024-45030",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.770",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:29:23.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: cope with large MAX_SKB_FRAGS\n\nSabrina reports that the igb driver does not cope well with large\nMAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload\ncorruption on TX.\n\nAn easy reproducer is to run ssh to connect to the machine. With\nMAX_SKB_FRAGS=17 it works, with MAX_SKB_FRAGS=45 it fails. This has\nbeen reported originally in\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2265320\n\nThe root cause of the issue is that the driver does not take into\naccount properly the (possibly large) shared info size when selecting\nthe ring layout, and will try to fit two packets inside the same 4K\npage even when the 1st fraglist will trump over the 2nd head.\n\nAddress the issue by checking if 2K buffers are insufficient."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igb: maneja valores MAX_SKB_FRAGS grandes Sabrina informa que el controlador igb no maneja bien valores MAX_SKB_FRAG grandes: configurar MAX_SKB_FRAG en 45 causa corrupci\u00f3n de payload en TX. Un reproductor f\u00e1cil es ejecutar ssh para conectarse a la m\u00e1quina. Con MAX_SKB_FRAGS=17 funciona, con MAX_SKB_FRAGS=45 falla. Esto se inform\u00f3 originalmente en https://bugzilla.redhat.com/show_bug.cgi?id=2265320 La causa ra\u00edz del problema es que el controlador no tiene en cuenta correctamente el tama\u00f1o de informaci\u00f3n compartida (posiblemente grande) al seleccionar el dise\u00f1o de anillo, e intentar\u00e1 ajustar dos paquetes dentro de la misma p\u00e1gina de 4K incluso cuando la primera lista de fragmentos prevalecer\u00e1 sobre la segunda cabeza. Aborde el problema verificando si los b\u00faferes de 2K son insuficientes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "EFA932A8-AACF-430D-AFBC-9A93F0749D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/8aba27c4a5020abdf60149239198297f88338a8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8ea80ff5d8298356d28077bc30913ed37df65109",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b52bd8bcb9e8ff250c79b44f9af8b15cae8911ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

51
CVE-2024/CVE-2024-451xx/CVE-2024-45108.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45108",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T10:15:15.747",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:00:03.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.7.5",
"matchCriteriaId": "F3830E99-69E4-4436-B0E2-CCF630452B64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "25.0",
"versionEndExcluding": "25.12",
"matchCriteriaId": "7D15601B-F756-430B-9B2B-4C9360E28E11"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/photoshop/apsb24-72.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-451xx/CVE-2024-45109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45109",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T10:15:16.243",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:59:46.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.7.5",
"matchCriteriaId": "F3830E99-69E4-4436-B0E2-CCF630452B64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "25.0",
"versionEndExcluding": "25.12",
"matchCriteriaId": "7D15601B-F756-430B-9B2B-4C9360E28E11"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/photoshop/apsb24-72.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-451xx/CVE-2024-45111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45111",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T09:15:13.263",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T17:20:53.993",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "27.0.0",
"versionEndExcluding": "27.9.6",
"matchCriteriaId": "B28B9856-5CA1-4022-BB26-8774A829CF13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "28.0",
"versionEndExcluding": "28.7.1",
"matchCriteriaId": "6A51C972-D913-48BA-ADC2-95A051DFB5DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-66.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

131
CVE-2024/CVE-2024-451xx/CVE-2024-45113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45113",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-13T10:15:16.737",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:56:53.673",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,135 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*",
"matchCriteriaId": "B02A37FE-5D31-4892-A3E6-156A8FE62D28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*",
"matchCriteriaId": "0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*",
"matchCriteriaId": "EB88D4FE-5496-4639-BAF2-9F29F24ABF29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*",
"matchCriteriaId": "43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*",
"matchCriteriaId": "76204873-C6E0-4202-8A03-0773270F1802"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*",
"matchCriteriaId": "C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*",
"matchCriteriaId": "E3A83642-BF14-4C37-BD94-FA76AABE8ADC"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*",
"matchCriteriaId": "AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:*",
"matchCriteriaId": "F1FC7D1D-6DD2-48B2-980F-B001B0F24473"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:*",
"matchCriteriaId": "1FA19E1D-61C2-4640-AF06-4BCFE750BDF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update12:*:*:*:*:*:*",
"matchCriteriaId": "3F331DEA-F3D0-4B13-AB1E-6FE39B2BB55D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*",
"matchCriteriaId": "D57C8681-AC68-47DF-A61E-B5C4B4A47663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*",
"matchCriteriaId": "75608383-B727-48D6-8FFA-D552A338A562"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*",
"matchCriteriaId": "7773DB68-414A-4BA9-960F-52471A784379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*",
"matchCriteriaId": "B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*",
"matchCriteriaId": "5E7BAB80-8455-4570-A2A2-8F40469EE9CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*",
"matchCriteriaId": "F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:*",
"matchCriteriaId": "6E22D701-B038-4795-AA32-A18BC93C2B6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:*",
"matchCriteriaId": "CAC4A0EC-C3FC-47D8-86CE-0E6A87A7F0B0"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

100
CVE-2024/CVE-2024-453xx/CVE-2024-45368.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-45368",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-13T17:15:12.800",
"lastModified": "2024-09-13T17:15:12.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execution, namely its acceptance of multiple distinct packets as valid authentication responses. This behavior deviates from standard security practices where a single, specific response or encoding pattern is expected for successful authentication."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-17",
"source": "ics-cert@hq.dhs.gov"
}
]
}

90
CVE-2024/CVE-2024-456xx/CVE-2024-45618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45618",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-03T22:15:05.313",
"lastModified": "2024-09-04T18:15:05.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:30:27.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,14 +81,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.26.0",
"matchCriteriaId": "3220C607-8358-4E23-AB07-11E55FD2727F"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-45618",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309287",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-460xx/CVE-2024-46044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46044",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T14:15:13.980",
"lastModified": "2024-09-13T14:35:04.770",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-460xx/CVE-2024-46045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46045",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T14:15:14.103",
"lastModified": "2024-09-13T15:35:11.233",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

41
CVE-2024/CVE-2024-460xx/CVE-2024-46046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46046",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T14:15:14.190",
"lastModified": "2024-09-13T14:15:14.190",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/BenJpopo/V/blob/main/Tenda/FH451/RouteStatic.md",

41
CVE-2024/CVE-2024-460xx/CVE-2024-46047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46047",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T14:15:14.280",
"lastModified": "2024-09-13T14:15:14.280",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/BenJpopo/V/blob/main/Tenda/FH451/DhcpListClient.md",

41
CVE-2024/CVE-2024-460xx/CVE-2024-46048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46048",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T14:15:14.397",
"lastModified": "2024-09-13T14:15:14.397",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/BenJpopo/V/blob/main/Tenda/FH451/formexeCommand.md",

4
CVE-2024/CVE-2024-460xx/CVE-2024-46049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46049",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-13T14:15:14.477",
"lastModified": "2024-09-13T14:35:06.040",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

101
CVE-2024/CVE-2024-466xx/CVE-2024-46672.json
View File

@ -2,28 +2,117 @@
"id": "CVE-2024-46672",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:07.840",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:29:17.123",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion\n\nwpa_supplicant 2.11 sends since 1efdba5fdc2c (\"Handle PMKSA flush in the\ndriver for SAE/OWE offload cases\") SSID based PMKSA del commands.\nbrcmfmac is not prepared and tries to dereference the NULL bssid and\npmkid pointers in cfg80211_pmksa. PMKID_V3 operations support SSID based\nupdates so copy the SSID."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: brcmfmac: cfg80211: Manejar la eliminaci\u00f3n de pmksa basada en SSID wpa_supplicant 2.11 env\u00eda desde 1efdba5fdc2c (\"Manejar la eliminaci\u00f3n de PMKSA en el controlador para casos de descarga SAE/OWE\") Comandos del de PMKSA basados en SSID. brcmfmac no est\u00e1 preparado e intenta desreferenciar los punteros NULL bssid y pmkid en cfg80211_pmksa. Las operaciones PMKID_V3 admiten actualizaciones basadas en SSID, por lo que copia el SSID."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "EFA932A8-AACF-430D-AFBC-9A93F0749D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f566eb912d192c83475a919331aea59619e1197",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2ad4e1ada8eebafa2d75a4b75eeeca882de6ada1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4291f94f8c6b01505132c22ee27b59ed27c3584f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

167
CVE-2024/CVE-2024-466xx/CVE-2024-46673.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46673",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:11.917",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:51:39.117",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,184 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: aacraid: Fix double-free on probe failure aac_probe_one() llama a funciones init espec\u00edficas del hardware a trav\u00e9s del puntero aac_driver_ident::init, todas las cuales eventualmente invocan a aac_init_adapter(). Si aac_init_adapter() falla despu\u00e9s de asignar memoria para aac_dev::queues, libera la memoria pero no borra ese miembro. Despu\u00e9s de que la funci\u00f3n init espec\u00edfica del hardware devuelve un error, aac_probe_one() recorre una ruta de error que libera la memoria a la que apunta aac_dev::queues, lo que da como resultado una doble liberaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.15",
"versionEndExcluding": "4.19.321",
"matchCriteriaId": "A1A6F6D3-6AE5-49E8-93CC-51BA81989E5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.108",
"matchCriteriaId": "9B5BE381-F079-43D9-AEF2-931856B13219"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.49",
"matchCriteriaId": "1191B7F1-F275-45F5-9E82-A012FF517BFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "1B5D46C3-56A4-4380-9309-27BF73DF29A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4b540ec7c0045c2d01c4e479f34bbc8f147afa4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/564e1986b00c5f05d75342f8407f75f0a17b94df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/60962c3d8e18e5d8dfa16df788974dd7f35bd87a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/85449b28ff6a89c4513115e43ddcad949b5890c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8a3995a3ffeca280a961b59f5c99843d81b15929",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/919ddf8336f0b84c0453bac583808c9f165a85c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e96dea7eff6f2bbcd0b42a098012fc66af9eb69",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d237c7d06ffddcdb5d36948c527dc01284388218",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

167
CVE-2024/CVE-2024-466xx/CVE-2024-46674.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46674",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.017",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:51:45.103",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,184 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: dwc3: st: fix probed platform device ref count on probe error path La funci\u00f3n de sonda nunca realiza ninguna asignaci\u00f3n de dispositivo de plataforma, por lo que la ruta de error \"undo_platform_dev_alloc\" es completamente falsa. Elimina el recuento de referencia del dispositivo de plataforma que se est\u00e1 sondeando. Si se activa la ruta de error, esto provocar\u00e1 recuentos de referencia de dispositivo desequilibrados y una liberaci\u00f3n prematura de los recursos del dispositivo, por lo que es posible que se produzca un use-after-free al liberar los recursos restantes administrados por devm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18",
"versionEndExcluding": "4.19.321",
"matchCriteriaId": "070FA1B5-32A1-418F-8D79-F2A3F4C411C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.108",
"matchCriteriaId": "9B5BE381-F079-43D9-AEF2-931856B13219"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.49",
"matchCriteriaId": "1191B7F1-F275-45F5-9E82-A012FF517BFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "1B5D46C3-56A4-4380-9309-27BF73DF29A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/060f41243ad7f6f5249fa7290dda0c01f723d12d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1de989668708ce5875efc9d669d227212aeb9a90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c6735299540f3c82a5033d35be76a5c42e0fb18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6aee4c5635d81f4809c3b9f0c198a65adfbb2ada",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0979a885b9d4df2a25b88e9d444ccaa5f9f495c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ddfcfeba891064b88bb844208b43bef2ef970f0c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e1e5e8ea2731150d5ba7c707f9e02fafebcfeb49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f3498650df0805c75b4e1c94d07423c46cbf4ce1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

167
CVE-2024/CVE-2024-466xx/CVE-2024-46677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46677",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.360",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:51:53.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,184 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gtp: se corrige una posible desreferencia de puntero NULL Cuando sockfd_lookup() falla, gtp_encap_enable_socket() devuelve un puntero NULL, pero sus invocadores solo comprueban los punteros de error, por lo que pasan por alto el caso del puntero NULL. Arr\u00e9glelo devolviendo un puntero de error con el c\u00f3digo de error que lleva sockfd_lookup(). (Encontr\u00e9 este error durante la inspecci\u00f3n del c\u00f3digo)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.12",
"versionEndExcluding": "4.19.321",
"matchCriteriaId": "9DD099A5-3532-49AC-9A2B-2605DC38CC1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.108",
"matchCriteriaId": "9B5BE381-F079-43D9-AEF2-931856B13219"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.49",
"matchCriteriaId": "1191B7F1-F275-45F5-9E82-A012FF517BFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "1B5D46C3-56A4-4380-9309-27BF73DF29A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2024/CVE-2024-466xx/CVE-2024-46682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46682",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.793",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:52:02.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: evitar p\u00e1nico para archivos cerrados nfsv4.0 en nfs4_show_open Antes del commit 3f29cc82a84c (\"nfsd: separar sc_status de sc_type\") states_show() depend\u00eda de que el campo sc_type fuera de un tipo v\u00e1lido antes de llamar a una subfunci\u00f3n para mostrar el contenido de un stateid en particular. A partir de esa confirmaci\u00f3n, dividimos la validez del stateid en sc_status y ya no cambiamos sc_type a 0 mientras deshacemos el hash del stateid. Esto result\u00f3 en un error del kernel para las aperturas nfsv4.0 que permanecen y en nfs4_show_open() se desreferenciaba sc_file que era NULL. En cambio, para los stateids abiertos y cerrados, renunciamos a mostrar informaci\u00f3n que depende de tener un sc_file v\u00e1lido. Para reproducir: monte el servidor con 4.0, lea y cierre un archivo y luego en el servidor cat /proc/fs/nfsd/clients/2/states [ 513.590804] Rastreo de llamadas: [ 513.590925] _raw_spin_lock+0xcc/0x160 [ 513.591119] nfs4_show_open+0x78/0x2c0 [nfsd] [ 513.591412] states_show+0x44c/0x488 [nfsd] [ 513.591681] seq_read_iter+0x5d8/0x760 [ 513.591896] seq_read+0x188/0x208 [ 513.592075] vfs_read+0x148/0x470 [513.592241] ksys_read+0xcc/0x178"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "0BCC4AEF-4876-4CFA-B9D6-F98855E75E74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/a204501e1743d695ca2930ed25a2be9f8ced96d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ba0b697de298285301c71c258598226e06494236",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2024/CVE-2024-466xx/CVE-2024-46683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46683",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:12.993",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:52:14.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: evitar UAF alrededor de la cerca de preempci\u00f3n El bloqueo de la cerca es parte de la cola, por lo tanto, en el dise\u00f1o actual, cualquier cosa que bloquee la cerca tambi\u00e9n debe contener una referencia a la cola para evitar que la cola se libere. Sin embargo, actualmente parece que le enviamos una se\u00f1al a la cerca y luego descartamos la referencia de la cola, pero si algo est\u00e1 esperando en la cerca, el que espera es expulsado para que se despierte en alg\u00fan momento posterior, donde al despertarse primero toma el bloqueo antes de verificar el estado de la cerca. Pero si ya descartamos la referencia de la cola, entonces el bloqueo ya podr\u00eda estar liberado como parte de la cola, lo que lleva a uaf. Para evitar esto, mueva el bloqueo de la cerca a la cerca misma para que no nos encontremos con problemas de duraci\u00f3n de vida. La alternativa podr\u00eda ser tener un bloqueo a nivel de dispositivo, o solo liberar la cola en la devoluci\u00f3n de llamada de liberaci\u00f3n de la cerca, sin embargo, eso podr\u00eda requerir enviar a otro trabajador para evitar problemas de bloqueo. Referencias: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2454 Referencias: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2342 Referencias: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2020 (seleccionada del commit 7116c35aacedc38be6d15bd21b2fc936eed0008b)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "2CE718D7-41ED-4D4A-AED5-326C3D4383FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/10081b0b0ed201f53e24bd92deb2e0f3c3e713d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/730b72480e29f63fd644f5fa57c9d46109428953",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2024/CVE-2024-466xx/CVE-2024-46691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46691",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:13.960",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:52:21.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: typec: ucsi: Move unregister out of atomic section El Commit '9329933699b3 (\"soc: qcom: pmic_glink: Make client-lock non-sleeping\")' movi\u00f3 la lista de clientes pmic_glink bajo un spinlock, ya que es accedida por la devoluci\u00f3n de llamada rpmsg/glink, que a su vez se invoca desde el contexto IRQ. Esto significa que ucsi_unregister() ahora se llama desde el contexto at\u00f3mico, lo que no es factible ya que espera un contexto durmiente. Se est\u00e1 realizando un esfuerzo para lograr que GLINK invoque sus devoluciones de llamada en un contexto durmiente, pero hasta entonces, programemos la anulaci\u00f3n del registro. Un efecto secundario de esto es que ucsi_unregister() ahora puede suceder despu\u00e9s de que el procesador remoto, y por lo tanto el enlace de comunicaci\u00f3n con \u00e9l, se haya ido. pmic_glink_send() se modifica con una verificaci\u00f3n para evitar la desreferencia de puntero NULL resultante. Sin embargo, esto hace que el usuario sea informado sobre este error mediante la siguiente entrada en el registro del n\u00facleo: ucsi_glink.pmic_glink_ucsi pmic_glink.ucsi.0: no se pudo enviar la solicitud de escritura UCSI: -5"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "2CE718D7-41ED-4D4A-AED5-326C3D4383FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/095b0001aefddcd9361097c971b7debc84e72714",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/11bb2ffb679399f99041540cf662409905179e3a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

107
CVE-2024/CVE-2024-466xx/CVE-2024-46692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46692",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.047",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:52:31.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,114 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: qcom: scm: Marcar get_wq_ctx() como llamada at\u00f3mica Actualmente get_wq_ctx() est\u00e1 configurado incorrectamente como una llamada est\u00e1ndar. Cuando dos llamadas SMC est\u00e1n en suspensi\u00f3n y una SMC se despierta, llama a get_wq_ctx() para reanudar el hilo dormido correspondiente. Pero si get_wq_ctx() se interrumpe, se pone en suspensi\u00f3n y otra llamada SMC est\u00e1 esperando a que se le asigne un contexto waitq, conduce a un bloqueo. Para evitar esto, get_wq_ctx() debe ser una llamada at\u00f3mica y no puede ser una llamada SMC est\u00e1ndar. Por lo tanto, marque get_wq_ctx() como una llamada r\u00e1pida."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.6.49",
"matchCriteriaId": "317A2689-BFEC-4C68-A8FF-A961C72445FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "1B5D46C3-56A4-4380-9309-27BF73DF29A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/9960085a3a82c58d3323c1c20b991db6045063b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cdf7efe4b02aa93813db0bf1ca596ad298ab6b06",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e40115c33c0d79c940545b6b12112aace7acd9f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

107
CVE-2024/CVE-2024-466xx/CVE-2024-46693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46693",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.140",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:52:41.270",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,114 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: soc: qcom: pmic_glink: Correcci\u00f3n de la ejecuci\u00f3n durante la inicializaci\u00f3n Como se\u00f1al\u00f3 Stephen Boyd, es posible que durante la inicializaci\u00f3n de los controladores secundarios pmic_glink, se activen los notificadores del dominio de protecci\u00f3n y se programe el trabajo asociado, antes de que vuelva el registro del cliente y, como resultado, se haya inicializado el puntero \"cliente\" local. El resultado de esto es una desreferencia de puntero NULL ya que el puntero \"cliente\" se desreferencia ciegamente. Cronolog\u00eda proporcionada por Stephen: CPU0 CPU1 ---- ---- ucsi-&gt;client = NULL; devm_pmic_glink_register_client() client-&gt;pdr_notify(client-&gt;priv, pg-&gt;client_state) pmic_glink_ucsi_pdr_notify() schedule_work(&amp;ucsi-&gt;register_work) pmic_glink_ucsi_register() ucsi_register() pmic_glink_ucsi_read_version() pmic_glink_ucsi_read() pmic_glink_ucsi_read() pmic_glink_send(ucsi-&gt;client) ucsi-&gt;client = client // \u00a1Demasiado tarde! Este c\u00f3digo es id\u00e9ntico en los controladores secundarios altmode, battery manager y usci. Resuelva esto dividiendo la asignaci\u00f3n del objeto \"cliente\" y su registro en dos operaciones. Esto solo sucede si el registro del dominio de protecci\u00f3n se completa al momento del registro, lo que se volvi\u00f3 mucho m\u00e1s probable con la introducci\u00f3n del commit '1ebcde047c54 (\"soc: qcom: add pd-mapper implementation\")."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.6.49",
"matchCriteriaId": "317A2689-BFEC-4C68-A8FF-A961C72445FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "1B5D46C3-56A4-4380-9309-27BF73DF29A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1efdbf5323c9360e05066049b97414405e94e087",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3568affcddd68743e25aa3ec1647d9b82797757b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/943b0e7cc646a624bb20a68080f8f1a4a55df41c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2024/CVE-2024-466xx/CVE-2024-46696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46696",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.423",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:52:54.363",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: se corrige un posible UAF en nfsd4_cb_getattr_release Una vez que eliminamos la referencia de delegaci\u00f3n, ya no es seguro acceder a los campos integrados en ella. Hagan esto al final."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "0BCC4AEF-4876-4CFA-B9D6-F98855E75E74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1116e0e372eb16dd907ec571ce5d4af325c55c10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e0b66698a5ae41078f7490e8b3527013f5fccd6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2024/CVE-2024-466xx/CVE-2024-46698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46698",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.563",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:53:03.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: video/aperture: opcionalmente hacer coincidir el dispositivo en sysfb_disable() En aperture_remove_conflicting_pci_devices(), actualmente solo llamamos a sysfb_disable() en dispositivos de clase vga. Esto lleva al siguiente problema cuando el dispositivo principal no es compatible con VGA: 1. Un dispositivo PCI con una clase que no es VGA es la pantalla de arranque 2. Ese dispositivo se sondea primero y no es un dispositivo VGA, por lo que no se llama a sysfb_disable(), pero los recursos del dispositivo se liberan mediante aperture_detach_platform_device() 3. La GPU no principal tiene una clase VGA y termina llamando a sysfb_disable() 4. Desreferencia de puntero NULL a trav\u00e9s de sysfb_disable() ya que los recursos ya se han liberado mediante aperture_detach_platform_device() cuando fue llamado por el otro dispositivo. Solucione esto pasando un puntero de dispositivo a sysfb_disable() y verificando el dispositivo para determinar si debemos ejecutarlo o no. v2: Arreglar la compilaci\u00f3n cuando CONFIG_SCREEN_INFO no est\u00e1 configurado v3: Mover la verificaci\u00f3n del dispositivo al mutex Eliminar la variable principal en aperture_remove_conflicting_pci_devices() Eliminar __init en pci sysfb_pci_dev_is_enabled()"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "44B0C10F-3694-48FB-9556-944BD815090B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/17e78f43de0c6da34204cc858b4cc05671ea9acf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b49420d6a1aeb399e5b107fc6eb8584d0860fbd7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2024/CVE-2024-466xx/CVE-2024-46699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46699",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.643",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:53:10.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/v3d: Deshabilitar la preempci\u00f3n mientras se actualizan las estad\u00edsticas de la GPU Olvidamos deshabilitar la preempci\u00f3n alrededor del par write_seqcount_begin/end() mientras se actualizan las estad\u00edsticas de la GPU: [ ] ADVERTENCIA: CPU: 2 PID: 12 en include/linux/seqlock.h:221 __seqprop_assert.isra.0+0x128/0x150 [v3d] [ ] Cola de trabajo: v3d_bin drm_sched_run_job_work [gpu_sched] &lt;...snip...&gt; [ ] Rastreo de llamadas: [ ] __seqprop_assert.isra.0+0x128/0x150 [v3d] [ ] v3d_job_start_stats.isra.0+0x90/0x218 [v3d] [ ] Arr\u00e9glalo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "2CE718D7-41ED-4D4A-AED5-326C3D4383FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1e93467ef20308da5a94cde548ee17d523e8ba7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9d824c7fce58f59982228aa85b0376b113cdfa35",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

84
CVE-2024/CVE-2024-467xx/CVE-2024-46700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46700",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T06:15:14.720",
"lastModified": "2024-09-13T14:06:04.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:53:25.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu/mes: se corrige el desbordamiento del b\u00fafer de anillo de mes; esperar a que haya suficiente espacio en la memoria antes de escribir paquetes mes para evitar el desbordamiento del b\u00fafer de anillo. v2: se corrige el squash en sched_hw_submission (seleccionado del commit 34e087e8920e635c62e2ed6a758b0cd27f836d13)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.8",
"matchCriteriaId": "04EAB214-6594-4DB7-86FA-A1EDE64FB9EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/11752c013f562a1124088a35bd314aa0e9f0e88f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed37550d7c516017c3b0324bdf144e2fa563ffb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

4
CVE-2024/CVE-2024-467xx/CVE-2024-46713.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46713",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-13T15:15:15.010",
"lastModified": "2024-09-13T15:15:15.010",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

72
CVE-2024/CVE-2024-57xx/CVE-2024-5760.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-5760",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2024-09-11T16:15:08.020",
"lastModified": "2024-09-11T18:35:32.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-13T16:28:43.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018."
},
{
"lang": "es",
"value": "El controlador de impresi\u00f3n universal de Samsung para Windows es potencialmente vulnerable a la escalada de privilegios, lo que permite la creaci\u00f3n de un shell inverso en la herramienta. Esto solo se aplica a los productos de la aplicaci\u00f3n lanzados o fabricados antes de 2018."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:universal_print_driver:3.00.16.0101:*:*:*:*:*:*:*",
"matchCriteriaId": "A639698E-B174-4EBA-A125-F90C51CEA852"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_11159589-11159645-16/hpsbpi03970",
"source": "hp-security-alert@hp.com"
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-57xx/CVE-2024-5789.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5789",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:15.137",
"lastModified": "2024-09-13T15:15:15.137",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-58xx/CVE-2024-5867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5867",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:15.353",
"lastModified": "2024-09-13T15:15:15.353",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-58xx/CVE-2024-5869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5869",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:15.610",
"lastModified": "2024-09-13T15:15:15.610",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-58xx/CVE-2024-5870.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5870",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:15.823",
"lastModified": "2024-09-13T15:15:15.823",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-58xx/CVE-2024-5884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5884",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:16.050",
"lastModified": "2024-09-13T15:15:16.050",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2024/CVE-2024-60xx/CVE-2024-6017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6017",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:23.850",
"lastModified": "2024-09-12T18:35:23.097",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:17:14.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,10 +59,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scriptonite:music_request_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "115B486D-D73E-46D1-8835-4FB342AE0CE3"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/06d0559e-4389-4280-bbef-d100c0e07903/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-60xx/CVE-2024-6018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6018",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:23.920",
"lastModified": "2024-09-12T19:35:20.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:15:14.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,10 +59,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scriptonite:music_request_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "115B486D-D73E-46D1-8835-4FB342AE0CE3"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/c3f50e30-c7c5-4e7e-988c-ab884d75870b/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-60xx/CVE-2024-6019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6019",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:24.000",
"lastModified": "2024-09-12T19:35:20.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-13T16:13:40.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,10 +59,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scriptonite:music_request_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "115B486D-D73E-46D1-8835-4FB342AE0CE3"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/5899c5c9-a550-4c86-a41d-7fcc1e84a7d3/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-60xx/CVE-2024-6087.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6087",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-09-13T17:15:13.027",
"lastModified": "2024-09-13T17:15:13.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability exists in lunary-ai/lunary at the latest commit (a761d83) on the main branch. The vulnerability allows an attacker to use the auth tokens issued by the 'invite user' functionality to obtain valid JWT tokens. These tokens can be used to compromise target users upon registration for their own arbitrary organizations. The attacker can invite a target email, obtain a one-time use token, retract the invite, and later use the token to reset the password of the target user, leading to full account takeover."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/lunary-ai/lunary/commit/844e8855c7a713dc7371766dba4125de4007b1cf",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/bd9f2301-11c7-4cbd-8d77-3e9225bd67e8",
"source": "security@huntr.dev"
}
]
}

27
CVE-2024/CVE-2024-64xx/CVE-2024-6493.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6493",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.200",
"lastModified": "2024-09-13T14:06:04.777",
"lastModified": "2024-09-13T16:35:18.740",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento NinjaTeam Header Footer Custom Code para WordPress anterior a la versi\u00f3n 1.2 no desinfecta ni escapa de algunas de sus configuraciones, lo que podr\u00eda permitir que usuarios con privilegios elevados, como el administrador, realicen ataques de Cross-site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/0e3128ef-901a-42aa-9d74-c69d3241dc07/",

4
CVE-2024/CVE-2024-65xx/CVE-2024-6544.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6544",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-13T15:15:16.300",
"lastModified": "2024-09-13T15:15:16.300",
"vulnStatus": "Received",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2024/CVE-2024-65xx/CVE-2024-6582.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6582",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-09-13T17:15:13.220",
"lastModified": "2024-09-13T17:15:13.220",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The `saml.ts` file allows a user from one organization to update the Identity Provider (IDP) settings and view the SSO metadata of another organization. This vulnerability can lead to unauthorized access and potential account takeover if the email of a user in the target organization is known."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/lunary-ai/lunary/commit/1f043d8798ad87346dfe378eea723bff78ad7433",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/251d138c-3911-4a81-96e5-5a4ab59a0b59",
"source": "security@huntr.dev"
}
]
}

60
CVE-2024/CVE-2024-65xx/CVE-2024-6587.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6587",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-09-13T16:15:04.637",
"lastModified": "2024-09-13T16:37:22.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/completions`, causing the application to send the request to the domain specified by `api_base`. This request includes the OpenAI API key. A malicious user can set the `api_base` to their own domain and intercept the OpenAI API key, leading to unauthorized access and potential misuse of the API key."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/berriai/litellm/commit/ba1912afd1b19e38d3704bb156adf887f91ae1e0",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/4001e1a2-7b7a-4776-a3ae-e6692ec3d997",
"source": "security@huntr.dev"
}
]
}

27
CVE-2024/CVE-2024-66xx/CVE-2024-6617.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6617",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-13T06:15:15.290",
"lastModified": "2024-09-13T14:06:04.777",
"lastModified": "2024-09-13T16:35:18.930",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento NinjaTeam Header Footer Custom Code para WordPress anterior a la versi\u00f3n 1.2 no desinfecta ni escapa de algunas de sus configuraciones, lo que podr\u00eda permitir que usuarios con privilegios elevados, como el administrador, realicen ataques de Cross-site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/9c5efe3c-95a8-4647-86c0-20aa7dd92b66/",

Some files were not shown because too many files have changed in this diff Show More