diff --git a/CVE-2024/CVE-2024-120xx/CVE-2024-12037.json b/CVE-2024/CVE-2024-120xx/CVE-2024-12037.json new file mode 100644 index 00000000000..c4712f9c905 --- /dev/null +++ b/CVE-2024/CVE-2024-120xx/CVE-2024-12037.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12037", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-31T11:15:08.517", + "lastModified": "2025-01-31T11:15:08.517", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Post Form \u2013 Registration Form \u2013 Profile Form for User Profiles \u2013 Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bf_new_submission_link' shortcode in all versions up to, and including, 2.8.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3231602/buddyforms/trunk/includes/shortcodes.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/accd4f34-4e10-4c83-96c3-c2a078ecd5cc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-122xx/CVE-2024-12267.json b/CVE-2024/CVE-2024-122xx/CVE-2024-12267.json new file mode 100644 index 00000000000..f320f590bed --- /dev/null +++ b/CVE-2024/CVE-2024-122xx/CVE-2024-12267.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12267", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-31T11:15:09.473", + "lastModified": "2025-01-31T11:15:09.473", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Drag and Drop Multiple File Upload \u2013 Contact Form 7 plugin for WordPress is vulnerable to limited arbitrary file deletion due to insufficient file path validation in the dnd_codedropz_upload_delete() function in all versions up to, and including, 1.3.8.5. This makes it possible for unauthenticated attackers to delete limited arbitrary files on the server. It is not possible to delete files like wp-config.php that would make RCE possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3231973/drag-and-drop-multiple-file-upload-contact-form-7/trunk/inc/dnd-upload-cf7.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec7251-3be1-411a-b38e-1782d1691e18?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-124xx/CVE-2024-12415.json b/CVE-2024/CVE-2024-124xx/CVE-2024-12415.json new file mode 100644 index 00000000000..c14db04698d --- /dev/null +++ b/CVE-2024/CVE-2024-124xx/CVE-2024-12415.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-12415", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-31T11:15:09.657", + "lastModified": "2025-01-31T11:15:09.657", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/infographic-and-list-builder-ilist/trunk/embed/qcld-embed-link.php#L46", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3210519%40infographic-and-list-builder-ilist&new=3210519%40infographic-and-list-builder-ilist&sfp_email=&sfph_mail=#file1030", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3227956%40infographic-and-list-builder-ilist&new=3227956%40infographic-and-list-builder-ilist&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0aa21fad-4dd0-4ccd-a325-de3532a6ffaf?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-136xx/CVE-2024-13662.json b/CVE-2024/CVE-2024-136xx/CVE-2024-13662.json new file mode 100644 index 00000000000..dfa4aeb8ac9 --- /dev/null +++ b/CVE-2024/CVE-2024-136xx/CVE-2024-13662.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-13662", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-31T11:15:09.830", + "lastModified": "2025-01-31T11:15:09.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The eHive Objects Image Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ehive_objects_image_grid' shortcode in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ehive-objects-image-grid/trunk/templates/eHiveObjectsImageGrid.php#L22", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3230975%40ehive-objects-image-grid&new=3230975%40ehive-objects-image-grid&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/638d8ef6-dab0-4cfa-8ecc-af2ded3c6d79?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1626.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1626.json index 083eff0ecb8..f6e413d216b 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1626.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1626.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1626", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-16T00:15:09.777", - "lastModified": "2025-01-10T14:32:09.173", - "vulnStatus": "Analyzed", + "lastModified": "2025-01-31T11:15:10.037", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -64,17 +64,17 @@ "weaknesses": [ { "source": "security@huntr.dev", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-250" + "value": "CWE-639" } ] }, { "source": "nvd@nist.gov", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json index f016140f7c7..4a22b7eeacd 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1741", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:53.483", - "lastModified": "2025-01-10T14:27:57.287", - "vulnStatus": "Analyzed", + "lastModified": "2025-01-31T11:15:10.397", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -64,17 +64,17 @@ "weaknesses": [ { "source": "security@huntr.dev", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-285" + "value": "CWE-863" } ] }, { "source": "nvd@nist.gov", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4151.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4151.json index a49c392dd4d..f84f9894b69 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4151.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4151.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4151", "sourceIdentifier": "security@huntr.dev", "published": "2024-05-20T15:15:08.510", - "lastModified": "2025-01-10T14:38:14.560", - "vulnStatus": "Analyzed", + "lastModified": "2025-01-31T11:15:10.620", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -64,17 +64,17 @@ "weaknesses": [ { "source": "security@huntr.dev", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-284" + "value": "CWE-639" } ] }, { "source": "nvd@nist.gov", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -102,6 +102,10 @@ } ], "references": [ + { + "url": "https://github.com/lunary-ai/lunary/commit/ddfd497afd017a6946c582a1a806687fdac888bf", + "source": "security@huntr.dev" + }, { "url": "https://huntr.com/bounties/4acfef85-dedf-43bd-8438-0d8aaa4ffa01", "source": "security@huntr.dev", diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4154.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4154.json index 69235339cd6..2f7d5f7776a 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4154.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4154.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4154", "sourceIdentifier": "security@huntr.dev", "published": "2024-05-21T18:15:09.987", - "lastModified": "2025-01-10T14:40:50.697", - "vulnStatus": "Analyzed", + "lastModified": "2025-01-31T11:15:10.843", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -64,17 +64,17 @@ "weaknesses": [ { "source": "security@huntr.dev", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-821" + "value": "CWE-639" } ] }, { "source": "nvd@nist.gov", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -102,6 +102,10 @@ } ], "references": [ + { + "url": "https://github.com/lunary-ai/lunary/commit/c43b6c62035f32ca455f66d5fd22ba661648cde7", + "source": "security@huntr.dev" + }, { "url": "https://huntr.com/bounties/e56509af-f7af-4e1e-a04b-9cb53545f30f", "source": "security@huntr.dev", diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57948.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57948.json new file mode 100644 index 00000000000..09ea5d96ffd --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57948.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-57948", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:27.070", + "lastModified": "2025-01-31T12:15:27.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: check local interfaces before deleting sdata list\n\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\n\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\nhardware device from the system.\n\nCPU0\t\t\t\t\tCPU1\n====\t\t\t\t\t====\ngenl_family_rcv_msg_doit\t\tieee802154_unregister_hw\nieee802154_del_iface\t\t\tieee802154_remove_interfaces\nrdev_del_virtual_intf_deprecated\tlist_del(&sdata->list)\nieee802154_if_remove\nlist_del_rcu\n\nThe net device has been unregistered, since the rcu grace period,\nunregistration must be run before ieee802154_if_remove.\n\nTo avoid this issue, add a check for local->interfaces before deleting\nsdata list.\n\n[1]\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56\nCode: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 <0f> 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7\nRSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246\nRAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88805b278dd8 R08: ffffffff8174a12c R09: 1ffffffff2852f0d\nR10: dffffc0000000000 R11: fffffbfff2852f0e R12: dffffc0000000000\nR13: dffffc0000000000 R14: dead000000000100 R15: ffff88805b278cc0\nFS: 0000555572f94380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056262e4a3000 CR3: 0000000078496000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n __list_del_entry_valid include/linux/list.h:124 [inline]\n __list_del_entry include/linux/list.h:215 [inline]\n list_del_rcu include/linux/rculist.h:157 [inline]\n ieee802154_if_remove+0x86/0x1e0 net/mac802154/iface.c:687\n rdev_del_virtual_intf_deprecated net/ieee802154/rdev-ops.h:24 [inline]\n ieee802154_del_iface+0x2c0/0x5c0 net/ieee802154/nl-phy.c:323\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:744\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607\n ___sys_sendmsg net/socket.c:2661 [inline]\n __sys_sendmsg+0x292/0x380 net/socket.c:2690\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2e41e98c4e79edae338f2662dbdf74ac2245d183", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/41e4ca8acba39f1cecff2dfdf14ace4ee52c4272", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80aee0bc0dbe253b6692d33e64455dc742fc52f1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b856d2c1384bc5a7456262afd21aa439ee5cdf6e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb09fbeb48709fe66c0d708aed81e910a577a30a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21665.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21665.json new file mode 100644 index 00000000000..2775ea90a7b --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21665.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-21665", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:27.633", + "lastModified": "2025-01-31T12:15:27.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/09528bb1a4123e2a234eac2bc45a0e51e78dab43", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/280f1fb89afc01e7376f59ae611d54ca69e9f967", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/64e5fd96330df2ad278d1c4edcca581f26e5f76e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80fc836f3ebe2f2d2d2c80c698b7667974285a04", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f505e6c91e7a22d10316665a86d79f84d9f0ba76", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21666.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21666.json new file mode 100644 index 00000000000..dfc7c9b9a00 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21666.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-21666", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:27.763", + "lastModified": "2025-01-31T12:15:27.763", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn't.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/91751e248256efc111e52e15115840c35d85abaf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9e5fed46ccd2c34c5fa5a9c8825ce4823fdc853e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b52e50dd4fabd12944172bd486a4f4853b7f74dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc9c49341f9728c31fe248c5fbba32d2e81a092b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c23d1d4f8efefb72258e9cedce29de10d057f8ca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21667.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21667.json new file mode 100644 index 00000000000..8b9f7bd677a --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21667.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21667", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:27.863", + "lastModified": "2025-01-31T12:15:27.863", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/402ce16421477e27f30b57d6d1a6dc248fa3a4e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7ca4bd6b754913910151acce00be093f03642725", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/91371922704c8d82049ef7c2ad974d0a2cd1174d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c13094b894de289514d84b8db56d1f2931a0bade", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21668.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21668.json new file mode 100644 index 00000000000..2b41aa5050f --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21668.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21668", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:27.960", + "lastModified": "2025-01-31T12:15:27.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: add missing loop break condition\n\nCurrently imx8mp_blk_ctrl_remove() will continue the for loop\nuntil an out-of-bounds exception occurs.\n\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : dev_pm_domain_detach+0x8/0x48\nlr : imx8mp_blk_ctrl_shutdown+0x58/0x90\nsp : ffffffc084f8bbf0\nx29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000\nx26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028\nx23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0\nx20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff\nx17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72\nx14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000\nx11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8\nx8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077\nx2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000\nCall trace:\n dev_pm_domain_detach+0x8/0x48\n platform_shutdown+0x2c/0x48\n device_shutdown+0x158/0x268\n kernel_restart_prepare+0x40/0x58\n kernel_kexec+0x58/0xe8\n __do_sys_reboot+0x198/0x258\n __arm64_sys_reboot+0x2c/0x40\n invoke_syscall+0x5c/0x138\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xc8\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x190/0x198\nCode: 8128c2d0 ffffffc0 aa1e03e9 d503201f" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/488a68c948bc52dc2a4554a56fdd99aa67c49b06", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/699cc10cc3068f9097a506eae7fe178c860dca4e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/726efa92e02b460811e8bc6990dd742f03b645ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/926ad31b76b8e229b412536e77cdf828a5cae9c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21669.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21669.json new file mode 100644 index 00000000000..acd66e68661 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21669.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-21669", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.053", + "lastModified": "2025-01-31T12:15:28.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk->transport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk->transport` at NULL, leading to a\nNULL pointer dereference." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2cb7c756f605ec02ffe562fb26828e4bcc5fdfc1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6486915fa661584d70e8e7e4068c6c075c67dd6d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/677579b641af109613564460a4e3bdcb16850b61", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/88244163bc7e7b0ce9dd7bf4c8a563b41525c3ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d88b249e14bd0ee1e46bbe4f456e22e01b8c68de", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21670.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21670.json new file mode 100644 index 00000000000..a84f782ae04 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21670.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21670", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.160", + "lastModified": "2025-01-31T12:15:28.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/bpf: return early if transport is not assigned\n\nSome of the core functions can only be called if the transport\nhas been assigned.\n\nAs Michal reported, a socket might have the transport at NULL,\nfor example after a failed connect(), causing the following trace:\n\n BUG: kernel NULL pointer dereference, address: 00000000000000a0\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 12faf8067 P4D 12faf8067 PUD 113670067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 15 UID: 0 PID: 1198 Comm: a.out Not tainted 6.13.0-rc2+\n RIP: 0010:vsock_connectible_has_data+0x1f/0x40\n Call Trace:\n vsock_bpf_recvmsg+0xca/0x5e0\n sock_recvmsg+0xb9/0xc0\n __sys_recvfrom+0xb3/0x130\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSo we need to check the `vsk->transport` in vsock_bpf_recvmsg(),\nespecially for connected sockets (stream/seqpacket) as we already\ndo in __vsock_connectible_recvmsg()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/58e586c30d0b6f5dc0174a41026f2b0a48c9aab6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6771e1279dadf1d92a72e1465134257d9e6f2459", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f6abafcd32f9cfc4b1a2f820ecea70773e26d423", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21671.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21671.json new file mode 100644 index 00000000000..431c096b71a --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21671.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21671", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.263", + "lastModified": "2025-01-31T12:15:28.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram->table without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/212fe1c0df4a150fb6298db2cfff267ceaba5402", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/571d3f6045cd3a6d9f6aec33b678f3ffe97582ef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/902ef8f16d5ca77edc77c30656be54186c1e99b7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe3de867f94819ba0f28e035c0b0182150147d95", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21672.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21672.json new file mode 100644 index 00000000000..04392f0398b --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21672.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21672", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.360", + "lastModified": "2025-01-31T12:15:28.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix merge preference rule failure condition\n\nsyzbot reported a lock held when returning to userspace[1]. This is\nbecause if argc is less than 0 and the function returns directly, the held\ninode lock is not released.\n\nFix this by store the error in ret and jump to done to clean up instead of\nreturning directly.\n\n[dh: Modified Lizhi Xu's original patch to make it honour the error code\nfrom afs_split_string()]\n\n[1]\nWARNING: lock held when returning to user space!\n6.13.0-rc3-syzkaller-00209-g499551201b5f #0 Not tainted\n------------------------------------------------\nsyz-executor133/5823 is leaving the kernel with locks still held!\n1 lock held by syz-executor133/5823:\n #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:818 [inline]\n #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: afs_proc_addr_prefs_write+0x2bb/0x14e0 fs/afs/addr_prefs.c:388" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/17a4fde81d3a7478d97d15304a6d61094a10c2e3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/22be1d90a6211c88dd093b25d1f3aa974d0d9f9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21673.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21673.json new file mode 100644 index 00000000000..1257fb6e18f --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21673.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21673", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.463", + "lastModified": "2025-01-31T12:15:28.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server->hostname can't be freed as long as\ncifsd thread isn't done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff <0f>\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1ea68070338518a1d31ce71e6abfe1b30001b27a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2be5f2ba34d0c6d5ef2624b24e3d852561fcd6a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fa2f9906a7b333ba757a7dbae0713d8a5396186e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21674.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21674.json new file mode 100644 index 00000000000..cec75020e41 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21674.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21674", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.560", + "lastModified": "2025-01-31T12:15:28.560", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel\n\nAttempt to enable IPsec packet offload in tunnel mode in debug kernel\ngenerates the following kernel panic, which is happening due to two\nissues:\n1. In SA add section, the should be _bh() variant when marking SA mode.\n2. There is not needed flush_workqueue in SA delete routine. It is not\nneeded as at this stage as it is removed from SADB and the running work\nwill be canceled later in SA free.\n\n =====================================================\n WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected\n 6.12.0+ #4 Not tainted\n -----------------------------------------------------\n charon/1337 [HC0[0]:SC0[4]:HE1:SE0] is trying to acquire:\n ffff88810f365020 (&xa->xa_lock#24){+.+.}-{3:3}, at: mlx5e_xfrm_del_state+0xca/0x1e0 [mlx5_core]\n\n and this task is already holding:\n ffff88813e0f0d48 (&x->lock){+.-.}-{3:3}, at: xfrm_state_delete+0x16/0x30\n which would create a new lock dependency:\n (&x->lock){+.-.}-{3:3} -> (&xa->xa_lock#24){+.+.}-{3:3}\n\n but this new dependency connects a SOFTIRQ-irq-safe lock:\n (&x->lock){+.-.}-{3:3}\n\n ... which became SOFTIRQ-irq-safe at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_timer_handler+0x91/0xd70\n __hrtimer_run_queues+0x1dd/0xa60\n hrtimer_run_softirq+0x146/0x2e0\n handle_softirqs+0x266/0x860\n irq_exit_rcu+0x115/0x1a0\n sysvec_apic_timer_interrupt+0x6e/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n default_idle+0x13/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2da/0x320\n cpu_startup_entry+0x50/0x60\n start_secondary+0x213/0x2a0\n common_startup_64+0x129/0x138\n\n to a SOFTIRQ-irq-unsafe lock:\n (&xa->xa_lock#24){+.+.}-{3:3}\n\n ... which became SOFTIRQ-irq-unsafe at:\n ...\n lock_acquire+0x1be/0x520\n _raw_spin_lock+0x2c/0x40\n xa_set_mark+0x70/0x110\n mlx5e_xfrm_add_state+0xe48/0x2290 [mlx5_core]\n xfrm_dev_state_add+0x3bb/0xd70\n xfrm_add_sa+0x2451/0x4a90\n xfrm_user_rcv_msg+0x493/0x880\n netlink_rcv_skb+0x12e/0x380\n xfrm_netlink_rcv+0x6d/0x90\n netlink_unicast+0x42f/0x740\n netlink_sendmsg+0x745/0xbe0\n __sock_sendmsg+0xc5/0x190\n __sys_sendto+0x1fe/0x2c0\n __x64_sys_sendto+0xdc/0x1b0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n other info that might help us debug this:\n\n Possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(&xa->xa_lock#24);\n local_irq_disable();\n lock(&x->lock);\n lock(&xa->xa_lock#24);\n \n lock(&x->lock);\n\n *** DEADLOCK ***\n\n 2 locks held by charon/1337:\n #0: ffffffff87f8f858 (&net->xfrm.xfrm_cfg_mutex){+.+.}-{4:4}, at: xfrm_netlink_rcv+0x5e/0x90\n #1: ffff88813e0f0d48 (&x->lock){+.-.}-{3:3}, at: xfrm_state_delete+0x16/0x30\n\n the dependencies between SOFTIRQ-irq-safe lock and the holding lock:\n -> (&x->lock){+.-.}-{3:3} ops: 29 {\n HARDIRQ-ON-W at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_alloc_spi+0xc0/0xe60\n xfrm_alloc_userspi+0x5f6/0xbc0\n xfrm_user_rcv_msg+0x493/0x880\n netlink_rcv_skb+0x12e/0x380\n xfrm_netlink_rcv+0x6d/0x90\n netlink_unicast+0x42f/0x740\n netlink_sendmsg+0x745/0xbe0\n __sock_sendmsg+0xc5/0x190\n __sys_sendto+0x1fe/0x2c0\n __x64_sys_sendto+0xdc/0x1b0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n IN-SOFTIRQ-W at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_timer_handler+0x91/0xd70\n __hrtimer_run_queues+0x1dd/0xa60\n \n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2c3688090f8a1f085230aa839cc63e4a7b977df0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6d3d69c070d920fbb146d73dd3899a50f25d0901", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/87c4417a902151cfe4363166245a3671a08c256c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21675.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21675.json new file mode 100644 index 00000000000..c3e138e77b0 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21675.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21675", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.677", + "lastModified": "2025-01-31T12:15:28.677", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That's because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() <- Failed on tt 1\n mlx5_lag_destroy_definers() <- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() <- Failed on tt 0\n mlx5_lag_destroy_definers() <- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1f6e619ef2a4def555b14ac2aeb4304bfccad59b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/473bc285378f49aa27e5b3e95a6d5ed12995d654", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5641e82cb55b4ecbc6366a499300917d2f3e6790", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/efc92a260e23cf9fafb0b6f6c9beb6f8df93fab4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21676.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21676.json new file mode 100644 index 00000000000..1e44ceab372 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21676.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21676", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.780", + "lastModified": "2025-01-31T12:15:28.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: handle page_pool_dev_alloc_pages error\n\nThe fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did\nnot handle the case when it returned NULL. There was a WARN_ON(!new_page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis case does seem somewhat rare but when the system is under memory\npressure it can happen. One case where I can duplicate this with some\nfrequency is when writing over a smbd share to a SATA HDD attached to an\nimx6q.\n\nSetting /proc/sys/vm/min_free_kbytes to higher values also seems to solve\nthe problem for my test case. But it still seems wrong that the fec driver\nignores the memory allocation error and can crash.\n\nThis commit handles the allocation error by dropping the current packet." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/001ba0902046cb6c352494df610718c0763e77a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1425cb829556398f594658512d49292f988a2ab0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8a0097db0544b658c159ac787319737712063a23", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21677.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21677.json new file mode 100644 index 00000000000..e6a88fa7b24 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21677.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21677", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.877", + "lastModified": "2025-01-31T12:15:28.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npfcp: Destroy device along with udp socket's netns dismantle.\n\npfcp_newlink() links the device to a list in dev_net(dev) instead\nof net, where a udp tunnel socket is created.\n\nEven when net is removed, the device stays alive on dev_net(dev).\nThen, removing net triggers the splat below. [0]\n\nIn this example, pfcp0 is created in ns2, but the udp socket is\ncreated in ns1.\n\n ip netns add ns1\n ip netns add ns2\n ip -n ns1 link add netns ns2 name pfcp0 type pfcp\n ip netns del ns1\n\nLet's link the device to the socket's netns instead.\n\nNow, pfcp_net_exit() needs another netdev iteration to remove\nall pfcp devices in the netns.\n\npfcp_dev_list is not used under RCU, so the list API is converted\nto the non-RCU variant.\n\npfcp_net_exit() can be converted to .exit_batch_rtnl() in net-next.\n\n[0]:\nref_tracker: net notrefcnt@00000000128b34dc has 1/1 users at\n sk_alloc (./include/net/net_namespace.h:345 net/core/sock.c:2236)\n inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252)\n __sock_create (net/socket.c:1558)\n udp_sock_create4 (net/ipv4/udp_tunnel_core.c:18)\n pfcp_create_sock (drivers/net/pfcp.c:168)\n pfcp_newlink (drivers/net/pfcp.c:182 drivers/net/pfcp.c:197)\n rtnl_newlink (net/core/rtnetlink.c:3786 net/core/rtnetlink.c:3897 net/core/rtnetlink.c:4012)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6922)\n netlink_rcv_skb (net/netlink/af_netlink.c:2542)\n netlink_unicast (net/netlink/af_netlink.c:1321 net/netlink/af_netlink.c:1347)\n netlink_sendmsg (net/netlink/af_netlink.c:1891)\n ____sys_sendmsg (net/socket.c:711 net/socket.c:726 net/socket.c:2583)\n ___sys_sendmsg (net/socket.c:2639)\n __sys_sendmsg (net/socket.c:2669)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nWARNING: CPU: 1 PID: 11 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\nModules linked in:\nCPU: 1 UID: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.13.0-rc5-00147-g4c1224501e9d #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:ref_tracker_dir_exit (lib/ref_tracker.c:179)\nCode: 00 00 00 fc ff df 4d 8b 26 49 bd 00 01 00 00 00 00 ad de 4c 39 f5 0f 85 df 00 00 00 48 8b 74 24 08 48 89 df e8 a5 cc 12 02 90 <0f> 0b 90 48 8d 6b 44 be 04 00 00 00 48 89 ef e8 80 de 67 ff 48 89\nRSP: 0018:ff11000007f3fb60 EFLAGS: 00010286\nRAX: 00000000000020ef RBX: ff1100000d6481e0 RCX: 1ffffffff0e40d82\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8423ee3c\nRBP: ff1100000d648230 R08: 0000000000000001 R09: fffffbfff0e395af\nR10: 0000000000000001 R11: 0000000000000000 R12: ff1100000d648230\nR13: dead000000000100 R14: ff1100000d648230 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ff1100006ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005620e1363990 CR3: 000000000eeb2002 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \n ? __warn (kernel/panic.c:748)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:285)\n ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:158)\n ? kfree (mm/slub.c:4613 mm/slub.c:4761)\n net_free (net/core/net_namespace.c:476 net/core/net_namespace.c:467)\n cleanup_net (net/cor\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1c35a66e2bfea53dea3562b2575ac7fd4c38ee61", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffc90e9ca61b0f619326a1417ff32efd6cc71ed2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21678.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21678.json new file mode 100644 index 00000000000..d6bdfbd3b7a --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21678.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-21678", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:28.970", + "lastModified": "2025-01-31T12:15:28.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Destroy device along with udp socket's netns dismantle.\n\ngtp_newlink() links the device to a list in dev_net(dev) instead of\nsrc_net, where a udp tunnel socket is created.\n\nEven when src_net is removed, the device stays alive on dev_net(dev).\nThen, removing src_net triggers the splat below. [0]\n\nIn this example, gtp0 is created in ns2, and the udp socket is created\nin ns1.\n\n ip netns add ns1\n ip netns add ns2\n ip -n ns1 link add netns ns2 name gtp0 type gtp role sgsn\n ip netns del ns1\n\nLet's link the device to the socket's netns instead.\n\nNow, gtp_net_exit_batch_rtnl() needs another netdev iteration to remove\nall gtp devices in the netns.\n\n[0]:\nref_tracker: net notrefcnt@000000003d6e7d05 has 1/2 users at\n sk_alloc (./include/net/net_namespace.h:345 net/core/sock.c:2236)\n inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252)\n __sock_create (net/socket.c:1558)\n udp_sock_create4 (net/ipv4/udp_tunnel_core.c:18)\n gtp_create_sock (./include/net/udp_tunnel.h:59 drivers/net/gtp.c:1423)\n gtp_create_sockets (drivers/net/gtp.c:1447)\n gtp_newlink (drivers/net/gtp.c:1507)\n rtnl_newlink (net/core/rtnetlink.c:3786 net/core/rtnetlink.c:3897 net/core/rtnetlink.c:4012)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6922)\n netlink_rcv_skb (net/netlink/af_netlink.c:2542)\n netlink_unicast (net/netlink/af_netlink.c:1321 net/netlink/af_netlink.c:1347)\n netlink_sendmsg (net/netlink/af_netlink.c:1891)\n ____sys_sendmsg (net/socket.c:711 net/socket.c:726 net/socket.c:2583)\n ___sys_sendmsg (net/socket.c:2639)\n __sys_sendmsg (net/socket.c:2669)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n\nWARNING: CPU: 1 PID: 60 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\nModules linked in:\nCPU: 1 UID: 0 PID: 60 Comm: kworker/u16:2 Not tainted 6.13.0-rc5-00147-g4c1224501e9d #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:ref_tracker_dir_exit (lib/ref_tracker.c:179)\nCode: 00 00 00 fc ff df 4d 8b 26 49 bd 00 01 00 00 00 00 ad de 4c 39 f5 0f 85 df 00 00 00 48 8b 74 24 08 48 89 df e8 a5 cc 12 02 90 <0f> 0b 90 48 8d 6b 44 be 04 00 00 00 48 89 ef e8 80 de 67 ff 48 89\nRSP: 0018:ff11000009a07b60 EFLAGS: 00010286\nRAX: 0000000000002bd3 RBX: ff1100000f4e1aa0 RCX: 1ffffffff0e40ac6\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8423ee3c\nRBP: ff1100000f4e1af0 R08: 0000000000000001 R09: fffffbfff0e395ae\nR10: 0000000000000001 R11: 0000000000036001 R12: ff1100000f4e1af0\nR13: dead000000000100 R14: ff1100000f4e1af0 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ff1100006ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9b2464bd98 CR3: 0000000005286005 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \n ? __warn (kernel/panic.c:748)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:285)\n ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:158)\n ? kfree (mm/slub.c:4613 mm/slub.c:4761)\n net_free (net/core/net_namespace.c:476 net/core/net_namespace.c:467)\n cleanup_net (net/core/net_namespace.c:664 (discriminator 3))\n process_one_work (kernel/workqueue.c:3229)\n worker_thread (kernel/workqueue.c:3304 kernel/workqueue.c:3391\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/036f8d814a2cd11ee8ef62b8f3e7ce5dec0ee4f3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/86f73d4ab2f27deeff22ba9336ad103d94f12ac7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bb11f992f5a475bc68ef959f17a55306f0328495", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb28fd76c0a08a47b470677c6cef9dd1c60e92d1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/efec287cbac92ac6ee8312a89221854760e13b34", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21679.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21679.json new file mode 100644 index 00000000000..970979e317d --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21679.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21679", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:29.070", + "lastModified": "2025-01-31T12:15:29.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: add the missing error handling inside get_canonical_dev_path\n\nInside function get_canonical_dev_path(), we call d_path() to get the\nfinal device path.\n\nBut d_path() can return error, and in that case the next strscpy() call\nwill trigger an invalid memory access.\n\nAdd back the missing error handling for d_path()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/d0fb5741932b831eded49bfaaf33353e96200d6d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe4de594f7a2e9bc49407de60fbd20809fad4192", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21680.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21680.json new file mode 100644 index 00000000000..b432fa176e5 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21680.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-21680", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:29.160", + "lastModified": "2025-01-31T12:15:29.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev->imix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type 'imix_pkt [20]'\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1a9b65c672ca9dc4ba52ca2fd54329db9580ce29", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3450092cc2d1c311c5ea92a2486daa2a33520ea5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76201b5979768500bca362871db66d77cb4c225e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7cde21f52042aa2e29a654458166b873d2ae66b3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e5d24a7074dcd0c7e76b7e7e4efbbe7418d62486", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21681.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21681.json new file mode 100644 index 00000000000..f47a48f42c9 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21681.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21681", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:29.260", + "lastModified": "2025-01-31T12:15:29.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -> ovs_vport_send\n -> dev_queue_xmit\n -> __dev_queue_xmit\n -> netdev_core_pick_tx\n -> skb_tx_hash\n\nWhen device is unregistering, the 'dev->real_num_tx_queues' goes to\nzero and the 'while (unlikely(hash >= qcount))' loop inside the\n'skb_tx_hash' becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn't implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn't really have a carrier.\nTherefore, while this device is unregistering, it's still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don't really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/47e55e4b410f7d552e43011baa5be1aab4093990", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/82f433e8dd0629e16681edf6039d094b5518d8ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ea966b6698785fb9cd0fdb867acd91b222e4723f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ea9e990356b7bee95440ba0e6e83cc4d701afaca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21682.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21682.json new file mode 100644 index 00000000000..fc46ebff195 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21682.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21682", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:29.363", + "lastModified": "2025-01-31T12:15:29.363", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: always recalculate features after XDP clearing, fix null-deref\n\nRecalculate features when XDP is detached.\n\nBefore:\n # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp\n # ip li set dev eth0 xdp off\n # ethtool -k eth0 | grep gro\n rx-gro-hw: off [requested on]\n\nAfter:\n # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp\n # ip li set dev eth0 xdp off\n # ethtool -k eth0 | grep gro\n rx-gro-hw: on\n\nThe fact that HW-GRO doesn't get re-enabled automatically is just\na minor annoyance. The real issue is that the features will randomly\ncome back during another reconfiguration which just happens to invoke\nnetdev_update_features(). The driver doesn't handle reconfiguring\ntwo things at a time very robustly.\n\nStarting with commit 98ba1d931f61 (\"bnxt_en: Fix RSS logic in\n__bnxt_reserve_rings()\") we only reconfigure the RSS hash table\nif the \"effective\" number of Rx rings has changed. If HW-GRO is\nenabled \"effective\" number of rings is 2x what user sees.\nSo if we are in the bad state, with HW-GRO re-enablement \"pending\"\nafter XDP off, and we lower the rings by / 2 - the HW-GRO rings\ndoing 2x and the ethtool -L doing / 2 may cancel each other out,\nand the:\n\n if (old_rx_rings != bp->hw_resc.resv_rx_rings &&\n\ncondition in __bnxt_reserve_rings() will be false.\nThe RSS map won't get updated, and we'll crash with:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000168\n RIP: 0010:__bnxt_hwrm_vnic_set_rss+0x13a/0x1a0\n bnxt_hwrm_vnic_rss_cfg_p5+0x47/0x180\n __bnxt_setup_vnic_p5+0x58/0x110\n bnxt_init_nic+0xb72/0xf50\n __bnxt_open_nic+0x40d/0xab0\n bnxt_open_nic+0x2b/0x60\n ethtool_set_channels+0x18c/0x1d0\n\nAs we try to access a freed ring.\n\nThe issue is present since XDP support was added, really, but\nprior to commit 98ba1d931f61 (\"bnxt_en: Fix RSS logic in\n__bnxt_reserve_rings()\") it wasn't causing major issues." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/08831a894d18abfaabb5bbde7c2069a7fb41dd93", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0aa6a37a3dbb40b272df5fc6db93c114688adcd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21683.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21683.json new file mode 100644 index 00000000000..c097df75d2c --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21683.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-21683", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-31T12:15:29.460", + "lastModified": "2025-01-31T12:15:29.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk's reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ab52a8ca6e156a64c51b5e7456cac9a0ebfd9bf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b02e70be498b138e9c21701c2f33f4018ca7cd5e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b3af60928ab9129befa65e6df0310d27300942bf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cccd51dd22574216e64e5d205489e634f86999f3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d0a3b3d1176d39218b8edb2a2d03164942ab9ccd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 6c0ef0fba8d..6a37bfd2aee 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-31T11:00:32.200111+00:00 +2025-01-31T13:00:22.733490+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-31T10:15:07.630000+00:00 +2025-01-31T12:15:29.460000+00:00 ``` ### Last Data Feed Release @@ -33,44 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -279655 +279679 ``` ### CVEs added in the last Commit -Recently added CVEs: `36` +Recently added CVEs: `24` -- [CVE-2025-23671](CVE-2025/CVE-2025-236xx/CVE-2025-23671.json) (`2025-01-31T09:15:08.210`) -- [CVE-2025-23759](CVE-2025/CVE-2025-237xx/CVE-2025-23759.json) (`2025-01-31T09:15:08.357`) -- [CVE-2025-23976](CVE-2025/CVE-2025-239xx/CVE-2025-23976.json) (`2025-01-31T09:15:08.530`) -- [CVE-2025-23977](CVE-2025/CVE-2025-239xx/CVE-2025-23977.json) (`2025-01-31T09:15:08.687`) -- [CVE-2025-23978](CVE-2025/CVE-2025-239xx/CVE-2025-23978.json) (`2025-01-31T09:15:08.830`) -- [CVE-2025-23980](CVE-2025/CVE-2025-239xx/CVE-2025-23980.json) (`2025-01-31T09:15:08.973`) -- [CVE-2025-23985](CVE-2025/CVE-2025-239xx/CVE-2025-23985.json) (`2025-01-31T09:15:09.127`) -- [CVE-2025-23987](CVE-2025/CVE-2025-239xx/CVE-2025-23987.json) (`2025-01-31T09:15:09.280`) -- [CVE-2025-23989](CVE-2025/CVE-2025-239xx/CVE-2025-23989.json) (`2025-01-31T09:15:09.427`) -- [CVE-2025-23990](CVE-2025/CVE-2025-239xx/CVE-2025-23990.json) (`2025-01-31T09:15:09.577`) -- [CVE-2025-24534](CVE-2025/CVE-2025-245xx/CVE-2025-24534.json) (`2025-01-31T09:15:09.720`) -- [CVE-2025-24535](CVE-2025/CVE-2025-245xx/CVE-2025-24535.json) (`2025-01-31T09:15:09.870`) -- [CVE-2025-24549](CVE-2025/CVE-2025-245xx/CVE-2025-24549.json) (`2025-01-31T09:15:10.027`) -- [CVE-2025-24551](CVE-2025/CVE-2025-245xx/CVE-2025-24551.json) (`2025-01-31T09:15:10.170`) -- [CVE-2025-24560](CVE-2025/CVE-2025-245xx/CVE-2025-24560.json) (`2025-01-31T09:15:10.323`) -- [CVE-2025-24563](CVE-2025/CVE-2025-245xx/CVE-2025-24563.json) (`2025-01-31T09:15:10.467`) -- [CVE-2025-24597](CVE-2025/CVE-2025-245xx/CVE-2025-24597.json) (`2025-01-31T09:15:10.607`) -- [CVE-2025-24608](CVE-2025/CVE-2025-246xx/CVE-2025-24608.json) (`2025-01-31T09:15:10.767`) -- [CVE-2025-24609](CVE-2025/CVE-2025-246xx/CVE-2025-24609.json) (`2025-01-31T09:15:10.900`) -- [CVE-2025-24632](CVE-2025/CVE-2025-246xx/CVE-2025-24632.json) (`2025-01-31T09:15:11.040`) -- [CVE-2025-24635](CVE-2025/CVE-2025-246xx/CVE-2025-24635.json) (`2025-01-31T09:15:11.190`) -- [CVE-2025-24686](CVE-2025/CVE-2025-246xx/CVE-2025-24686.json) (`2025-01-31T09:15:11.340`) -- [CVE-2025-24710](CVE-2025/CVE-2025-247xx/CVE-2025-24710.json) (`2025-01-31T09:15:11.477`) -- [CVE-2025-24718](CVE-2025/CVE-2025-247xx/CVE-2025-24718.json) (`2025-01-31T09:15:11.617`) -- [CVE-2025-24749](CVE-2025/CVE-2025-247xx/CVE-2025-24749.json) (`2025-01-31T09:15:11.760`) +- [CVE-2024-12037](CVE-2024/CVE-2024-120xx/CVE-2024-12037.json) (`2025-01-31T11:15:08.517`) +- [CVE-2024-12267](CVE-2024/CVE-2024-122xx/CVE-2024-12267.json) (`2025-01-31T11:15:09.473`) +- [CVE-2024-12415](CVE-2024/CVE-2024-124xx/CVE-2024-12415.json) (`2025-01-31T11:15:09.657`) +- [CVE-2024-13662](CVE-2024/CVE-2024-136xx/CVE-2024-13662.json) (`2025-01-31T11:15:09.830`) +- [CVE-2024-57948](CVE-2024/CVE-2024-579xx/CVE-2024-57948.json) (`2025-01-31T12:15:27.070`) +- [CVE-2025-21665](CVE-2025/CVE-2025-216xx/CVE-2025-21665.json) (`2025-01-31T12:15:27.633`) +- [CVE-2025-21666](CVE-2025/CVE-2025-216xx/CVE-2025-21666.json) (`2025-01-31T12:15:27.763`) +- [CVE-2025-21667](CVE-2025/CVE-2025-216xx/CVE-2025-21667.json) (`2025-01-31T12:15:27.863`) +- [CVE-2025-21668](CVE-2025/CVE-2025-216xx/CVE-2025-21668.json) (`2025-01-31T12:15:27.960`) +- [CVE-2025-21669](CVE-2025/CVE-2025-216xx/CVE-2025-21669.json) (`2025-01-31T12:15:28.053`) +- [CVE-2025-21670](CVE-2025/CVE-2025-216xx/CVE-2025-21670.json) (`2025-01-31T12:15:28.160`) +- [CVE-2025-21671](CVE-2025/CVE-2025-216xx/CVE-2025-21671.json) (`2025-01-31T12:15:28.263`) +- [CVE-2025-21672](CVE-2025/CVE-2025-216xx/CVE-2025-21672.json) (`2025-01-31T12:15:28.360`) +- [CVE-2025-21673](CVE-2025/CVE-2025-216xx/CVE-2025-21673.json) (`2025-01-31T12:15:28.463`) +- [CVE-2025-21674](CVE-2025/CVE-2025-216xx/CVE-2025-21674.json) (`2025-01-31T12:15:28.560`) +- [CVE-2025-21675](CVE-2025/CVE-2025-216xx/CVE-2025-21675.json) (`2025-01-31T12:15:28.677`) +- [CVE-2025-21676](CVE-2025/CVE-2025-216xx/CVE-2025-21676.json) (`2025-01-31T12:15:28.780`) +- [CVE-2025-21677](CVE-2025/CVE-2025-216xx/CVE-2025-21677.json) (`2025-01-31T12:15:28.877`) +- [CVE-2025-21678](CVE-2025/CVE-2025-216xx/CVE-2025-21678.json) (`2025-01-31T12:15:28.970`) +- [CVE-2025-21679](CVE-2025/CVE-2025-216xx/CVE-2025-21679.json) (`2025-01-31T12:15:29.070`) +- [CVE-2025-21680](CVE-2025/CVE-2025-216xx/CVE-2025-21680.json) (`2025-01-31T12:15:29.160`) +- [CVE-2025-21681](CVE-2025/CVE-2025-216xx/CVE-2025-21681.json) (`2025-01-31T12:15:29.260`) +- [CVE-2025-21682](CVE-2025/CVE-2025-216xx/CVE-2025-21682.json) (`2025-01-31T12:15:29.363`) +- [CVE-2025-21683](CVE-2025/CVE-2025-216xx/CVE-2025-21683.json) (`2025-01-31T12:15:29.460`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `4` +- [CVE-2024-1626](CVE-2024/CVE-2024-16xx/CVE-2024-1626.json) (`2025-01-31T11:15:10.037`) +- [CVE-2024-1741](CVE-2024/CVE-2024-17xx/CVE-2024-1741.json) (`2025-01-31T11:15:10.397`) +- [CVE-2024-4151](CVE-2024/CVE-2024-41xx/CVE-2024-4151.json) (`2025-01-31T11:15:10.620`) +- [CVE-2024-4154](CVE-2024/CVE-2024-41xx/CVE-2024-4154.json) (`2025-01-31T11:15:10.843`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5e15b1e62aa..9350e849a2f 100644 --- a/_state.csv +++ b/_state.csv @@ -245175,6 +245175,7 @@ CVE-2024-12031,0,0,d30b745c703c186af9776c88e8d0d222bab220bbc78efc5ddb772b6e524ac CVE-2024-12032,0,0,d28549d87ab7a1da8c8e60b219695b8c0bac78074e1f07aa186ddc87bdbbdb60,2024-12-25T04:15:05.497000 CVE-2024-12033,0,0,5cda97496640b0b6aed202f7b1c5b5c1b99afbb11db7e6b9c1179f2506c52c5c,2025-01-22T17:16:45.530000 CVE-2024-12034,0,0,9c507f78158cc030dfd314ae6dde1db490ceaf3d6dfd0f8120e54566524e4e3e,2024-12-24T06:15:32.553000 +CVE-2024-12037,1,1,555d7dd12e66a0d13f5e4a7a1c20cbb2a135c4dc6d0e90ff76b843d01e574bd7,2025-01-31T11:15:08.517000 CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000 CVE-2024-12040,0,0,82ff661fdb988bbdc555297e0b0d4a5a42a6c3fde3cb51373bdf40b4e4dd0633,2024-12-12T06:15:22.947000 CVE-2024-12042,0,0,b4111492e93c9126d488ebee36a5b9ed9603a0917a66407440ec106154a8d6d8,2024-12-13T09:15:07.370000 @@ -245363,6 +245364,7 @@ CVE-2024-12263,0,0,183574df079ffbee27d57051711c108d812463b16a94004cdf52784fa08d4 CVE-2024-12264,0,0,e129c73367ffc6e13d3dd51e083cadc63c28a6ddf76a9744461af75a10c38dd6,2025-01-07T05:15:17.047000 CVE-2024-12265,0,0,4ecaf6258b9c646985803002f662a35d37ddc850eb892429f8568423d5e8ff62,2024-12-12T06:15:24.143000 CVE-2024-12266,0,0,909ac121710013990590ae1f8a6d6364fd581e2e3e734e8055f1296c676eb281,2024-12-24T05:15:06.433000 +CVE-2024-12267,1,1,4fe2f2840e91890fcea2957b7d9dd61fe19a354e4ba5966000f52400ebb2c936,2025-01-31T11:15:09.473000 CVE-2024-12268,0,0,57b1dbc34c4fad3378e18637f11a9af5fae95800fe2a5a30ffdcb7012568a613,2024-12-24T11:15:07.623000 CVE-2024-12269,0,0,3dacabee7f0840c8bb97b1b0f83aa1d1097c1a4d6e6d5a87c2ba0c49bbf47e5d,2025-01-30T14:15:31.857000 CVE-2024-1227,0,0,2b74966c63acb4b53db9100814c0ea98b900c2b18de594c13a326b21bfb265c8,2024-11-21T08:50:06.103000 @@ -245484,6 +245486,7 @@ CVE-2024-12411,0,0,fca8eab422ceda64b215d958b150a7f03625a9aa9df8afa22fe2b27e73430 CVE-2024-12412,0,0,73803094a00fe18ec7862bec4f3d5df80208f9d752aff4dcb1f7ac4bf52a33cb,2025-01-11T08:15:25.320000 CVE-2024-12413,0,0,fdd057a05387c9ace72d4ba4316c6065bf29813d0f1c7f4a169e0a5a81de204b,2024-12-25T04:15:06.607000 CVE-2024-12414,0,0,ecf25a2c3f536085b4d44f95471b078e2b7cb6ad454e7c12c9e7d103ff4fa2bb,2024-12-13T09:15:08.070000 +CVE-2024-12415,1,1,d86c5c990a5451fe8e0e28fba4dce983fa5ad54561bcf19228f5c29c3e5e0715,2025-01-31T11:15:09.657000 CVE-2024-12416,0,0,133a91588ad725ea1676e171a1de9f146794e8ea11542e637f25e6fdb4eea6e8,2025-01-07T04:15:08.143000 CVE-2024-12417,0,0,bd175c91ae947c344e10a61ee40da01cd87015ebf65316b1689d31a703a65c78,2024-12-13T09:15:08.353000 CVE-2024-12419,0,0,7f21353d0e082b12ae89c9faf26ba33e60d1cfa14523601ab098bdfff89a786a,2025-01-07T04:15:08.337000 @@ -246060,7 +246063,7 @@ CVE-2024-1315,0,0,8cb70de4b1449c82043b2652cd95d6eb6d48aeb35344f66e409dc981ea33e5 CVE-2024-13153,0,0,e5372006a19c4f2229d5d82f2f00e097ecc1dd71c1df06bd0280614a58d1fbcf,2025-01-09T09:15:07.243000 CVE-2024-13154,0,0,8b848cb4ffbbf3d5300b505058bccc136fae4b33341f37a24f40fb8ac9f235ba,2025-01-13T21:15:11.970000 CVE-2024-13156,0,0,30f08a5146793529d2149bd8fe28d1d230f7d62ef9b057e2393b31a9d88e81a0,2025-01-14T09:15:20.910000 -CVE-2024-13157,1,1,568169b0ca5fce63c3ab23adc07f4be73288bc5d1cace5b787e6cbdb1a0296ed,2025-01-31T09:15:06.617000 +CVE-2024-13157,0,0,568169b0ca5fce63c3ab23adc07f4be73288bc5d1cace5b787e6cbdb1a0296ed,2025-01-31T09:15:06.617000 CVE-2024-13158,0,0,d921bcc53f0c4810cb7f77f962be3471977624bd876c8c3eed3db3c6a249539e,2025-01-14T18:15:26.020000 CVE-2024-13159,0,0,c033202b4593bc2aeff54caa4015bf5ab23afa6f19b09f8e11d36c54b7b445e5,2025-01-14T18:15:26.243000 CVE-2024-1316,0,0,ec6b544cc876a8479e8de890063434d877e95d2641a1a8c864b5c959e6dbfa7d,2024-11-21T08:50:19.090000 @@ -246294,7 +246297,7 @@ CVE-2024-13466,0,0,653560f144409636354c1af48613afa8ec813df2848486a87387de21636b4 CVE-2024-13467,0,0,bcd6474463b1a69c9a46d9b4d6f6f02b302b85f9777a4b31585c7467fbf3f38a,2025-01-25T08:15:09.520000 CVE-2024-1347,0,0,b12a4cbf8e4f285872bf9a248874204d9208208e515ae74de2299237bb6626ad,2024-12-11T19:24:26.643000 CVE-2024-13470,0,0,cd366f2d848ecaaaa8e2a5a38b4333677f61cb3a569faf0b3b65023a656393a3,2025-01-30T08:15:26.690000 -CVE-2024-13472,1,1,65e4a4a6619e82e57e5988495a0befee15f1589fedb83f6d4252dc99948d7f2a,2025-01-31T10:15:07.630000 +CVE-2024-13472,0,0,65e4a4a6619e82e57e5988495a0befee15f1589fedb83f6d4252dc99948d7f2a,2025-01-31T10:15:07.630000 CVE-2024-1348,0,0,1859f4ea1d00e7386fbff1ae86e38e3076d8135556fc20b2256d2f026d728722,2024-11-21T08:50:23.040000 CVE-2024-13484,0,0,712c057c7d39146a8afa657b40a8d67e5499db561a28666fb52dbcced8221de3,2025-01-28T19:15:13.753000 CVE-2024-1349,0,0,8b85fafe827f099aa626e71779ca220a8bf1ec034e9ea4e44b28a687cd219e20,2024-12-31T17:15:36.763000 @@ -246332,7 +246335,7 @@ CVE-2024-13551,0,0,c0f32b47678190b67b060d76bcd33ea48dd01585e717a7e931b6ea219ab11 CVE-2024-1356,0,0,6cb6186c899ef9742e559deecf7de4862ea2bb78bef5eed0c472ae9df79196b1,2024-11-21T08:50:24.133000 CVE-2024-13561,0,0,321fb86513d3ff8255f225cc7373210080af406dea9669094350295c144d7ae9,2025-01-29T12:15:27.617000 CVE-2024-13562,0,0,77e083f4cdf73b4ddbc324f348afd08346ceeabfc8f2f059cfdc83de8bce92a8,2025-01-25T12:15:26.570000 -CVE-2024-13566,1,1,dd455b5c6c79c50cc3a56ce23db0039a6651194309cff2d1529e0608cc927c54,2025-01-31T09:15:06.847000 +CVE-2024-13566,0,0,dd455b5c6c79c50cc3a56ce23db0039a6651194309cff2d1529e0608cc927c54,2025-01-31T09:15:06.847000 CVE-2024-1357,0,0,25eaf5b978f8da82b4d3e5ed8aa890834adc21c061c9c9c169613a72fe6996b1,2024-11-21T08:50:24.283000 CVE-2024-13572,0,0,810ff57abb3e74e570a0f4342646c85283702b45afe741301e2f9c7354adbef4,2025-01-24T11:15:09.520000 CVE-2024-1358,0,0,c4ea31b36cfcd7f75873d740d9e38ca70692f76dad02370c8ddbe488b8025229,2025-01-17T19:52:41.687000 @@ -246358,6 +246361,7 @@ CVE-2024-13652,0,0,fe24ee8610e9ff652bc87b947e016c0eff2007c8f9f9d6eca3a867bb541f4 CVE-2024-13659,0,0,2ab949cac371b153f030d675a94a51cc0bb444218e14414679e2bc62713fba54,2025-01-24T06:15:26.557000 CVE-2024-1366,0,0,41f2af73acb5e76ac7c2022807fff2e016bc9ca7fb30dc8ea18cd52e10cae6bb,2025-01-07T18:21:27.007000 CVE-2024-13661,0,0,a45266cda63aebd8d8843fbb6b7a71ae38505222510e18ba03648c96ddb771a8,2025-01-30T14:15:35.233000 +CVE-2024-13662,1,1,c49b788a9913632f24ba7a49f0ac22c8d93d1bb72edff40d229a016b258d058e,2025-01-31T11:15:09.830000 CVE-2024-13664,0,0,1eb9745d2330cb71866e989696204f297a40dcfb7ab8eb64b8a0bd3e1386b8c3,2025-01-30T14:15:35.390000 CVE-2024-1367,0,0,3f60d63c26ab9e28e6dceb27e57632b2e7fb2cc7ac1eb4673458558449b3c5c8,2024-11-21T08:50:25.600000 CVE-2024-13670,0,0,736bf589d2a58d3a8565630672ac5a05df76c82710b1026bd5ab4ad798894ce9,2025-01-30T14:15:35.550000 @@ -246617,7 +246621,7 @@ CVE-2024-1622,0,0,641704d79708c5027cc525cdcdef74d012d3f37e9becbffc2cb36bf8a804f9 CVE-2024-1623,0,0,11acc09d0781037d56051debbc6de791211a8b87ba326c3093f5bc85aad229af,2025-01-23T18:10:39.310000 CVE-2024-1624,0,0,b1f0918bec96549f8bbfed4a1ac0caeb704927103c0fd16a821022d931105e93,2024-11-21T08:50:56.927000 CVE-2024-1625,0,0,36cda0a7b3481cf41435ed5b0227a3fcad5024561ee555ea020abf68435e7cfb,2025-01-30T13:15:09.420000 -CVE-2024-1626,0,0,8db5e9a7288598c466eba03561bceefa6719998255d5bf571d808455a162f36c,2025-01-10T14:32:09.173000 +CVE-2024-1626,0,1,6a34033fff49465ea11ce0b8c18846bf6d5e9b2f1145addeedecba4b2ea1cd93,2025-01-31T11:15:10.037000 CVE-2024-1628,0,0,462aaf7a2aba24826516994be48daf03675e0663819d4ebb8cdd24916637fbda,2024-11-21T08:50:57.333000 CVE-2024-1629,0,0,c74dc0a8115d571151dcc08903e06d82eae076a5e9551b744e94ddebd2daf4d9,2024-11-21T08:50:57.473000 CVE-2024-1630,0,0,9b1d75e935e3c43047021c7db741b2a5e1070d9e69f1d2a3037779c882a9deac,2024-11-21T08:50:57.613000 @@ -246727,7 +246731,7 @@ CVE-2024-1737,0,0,593418afa5de4602eb69dd941b0e02c901b4d4739e447e76ddfa6cfa85dbab CVE-2024-1738,0,0,f780707e5e3eb6bbfad32e3b36dde215a430d1659d4f0c7523a3d6b02b4d6779,2025-01-10T14:35:21.370000 CVE-2024-1739,0,0,8995e9874fb16405155b50a06edf1894c83d5f5c9bffbfd0a7dc87a3d52987fc,2024-11-21T08:51:12.100000 CVE-2024-1740,0,0,fdf35329d7e6282f8cd0bf5fff4badc7e73faa74613bd17a2ce0aea294cf76e3,2025-01-10T14:21:52.317000 -CVE-2024-1741,0,0,90ee076cc24227c4915928fa20105cd66d2a8582eaf01885e4170c37a6850366,2025-01-10T14:27:57.287000 +CVE-2024-1741,0,1,d9b4a2d88099ffdc9a064bf1352aa0bb3b6e67d21da15c446eb8f21f247cbbcc,2025-01-31T11:15:10.397000 CVE-2024-1742,0,0,542c2c34f16f6008fa22df8f55e52bcadfd55af05e5a0a313be70cc620f28193,2024-12-04T16:50:05.197000 CVE-2024-1743,0,0,bfffd3e6d4c6d98b5de5cbd7060f38603701b2f85ddbd4f81f5c93adc8294983,2024-11-21T08:51:12.680000 CVE-2024-1744,0,0,e57e89c1c38c1b4f16fac07cd4c094af44c29de3b59f0a0effddbbf171558f72,2024-09-13T20:30:09.373000 @@ -263384,7 +263388,7 @@ CVE-2024-41482,0,0,58ae3affe6e4394d947e5aa2d9dcb7a3ce735382358e46a1f77100da98d84 CVE-2024-4149,0,0,f45d768064d804412c5499f92694d8be86562e7ca241a43abd934c3f16fce1ed,2024-11-21T09:42:16.890000 CVE-2024-41492,0,0,d4569622d2ded7aa848fdcf6b8717deae380d497519daf4660cbe4b6bde4ae2b,2024-11-21T09:32:43.510000 CVE-2024-4150,0,0,2e8c0a57bcb392581939b062355027d1d8486c47fcac2388b6838611dbf235a6,2024-11-21T09:42:17.333000 -CVE-2024-4151,0,0,40503b11edc54633cb6aad039e4fabeeb5c37e4e3cde13a44cd662b8e5492839,2025-01-10T14:38:14.560000 +CVE-2024-4151,0,1,337c26dffc6a0b1164159cb60fac00060ef9443ae253113be62690b03c8c28be,2025-01-31T11:15:10.620000 CVE-2024-41511,0,0,bb04702719f78dbe27bfde7789933fae7dea1190d0ea2966cfe5a76ebec1292b,2024-10-07T19:37:09.727000 CVE-2024-41512,0,0,8ed9894a2356fc8a5e33ac367f8ff5afc2f0f1518d8c76c3254841044c9619e7,2024-10-07T19:37:09.920000 CVE-2024-41513,0,0,f407b983e55d5d0baada892820380826649691acec248a40ab1d73cdbfc4717d,2024-10-07T19:37:10.700000 @@ -263396,7 +263400,7 @@ CVE-2024-41518,0,0,1ed7f15d8888711cfc8dfa60685f79422941af7f636f475ed56a27dec5bcb CVE-2024-41519,0,0,c197bf43e86578e11d62635cdf40f99a7f891ca24b9bc97ad62c816f7aa038fa,2024-10-29T21:35:12.703000 CVE-2024-4152,0,0,36a0d7cfd7ae4093c14018eeecb901f1be03f5ffbcf2f6180fccbe34da83a1ec,2024-06-07T17:15:51.580000 CVE-2024-4153,0,0,3fae78b221751422ac040502ea12520d7ce5149857852489782ffbd186ca2e2d,2024-06-07T17:15:51.640000 -CVE-2024-4154,0,0,fb34dd0c7d323df94eb060fde65c643aaa01888a9fd44b01b2bd79ea1e8468cf,2025-01-10T14:40:50.697000 +CVE-2024-4154,0,1,2e90f40f16be1871952799d2f5b1c96bc22aa8ff6140b8fefddc88a07596b767,2025-01-31T11:15:10.843000 CVE-2024-4155,0,0,9d1d3f06be4be4f0b611f0b92aa6b48510c05900efdf1b1c24851d7c9581a867,2024-06-11T10:15:13.260000 CVE-2024-41550,0,0,f550993cd5b5dc9cc85253f185c4436ed9356e5f718dbcaa508d382b497c985f,2024-11-21T09:32:45.557000 CVE-2024-41551,0,0,e1d018116726b59a859c54c726d033d68adc85dd274a77d026bca8345fe434d1,2024-11-21T09:32:45.760000 @@ -265518,7 +265522,7 @@ CVE-2024-44051,0,0,bb4d131f280c6064efcf52c2c30f5ec83dd01e176e2104cda60ad96bd5175 CVE-2024-44052,0,0,8e8edee4d7aa020cbb77d66765bf7e0fb95955c7d29ac9bdee351d4808ebbb1a,2024-11-08T21:24:59.660000 CVE-2024-44053,0,0,1696f8c4d673fc16f00ba39f4de0363282e5fa65b41555660d42b03b08acc401,2024-09-27T15:32:14.153000 CVE-2024-44054,0,0,bbda69cd525c1452aab61418e0c2d92e823366d449e1e720bc9c980f6ca11fb6,2024-09-23T14:23:19.573000 -CVE-2024-44055,1,1,1065b2b946623cf2b8baa09aa0d29fd542c346f9a8ba223724cbd8752255637b,2025-01-31T09:15:07.010000 +CVE-2024-44055,0,0,1065b2b946623cf2b8baa09aa0d29fd542c346f9a8ba223724cbd8752255637b,2025-01-31T09:15:07.010000 CVE-2024-44056,0,0,481450d3310966d9bffbb9742f28927f3eb7120738f18a84e421e7503f87941d,2024-09-23T14:39:05.047000 CVE-2024-44057,0,0,e3b5ad83a59cabcda381e4e82a8fe3776c370c591dd3d1286b2394043ae056c9,2024-09-23T14:33:50.830000 CVE-2024-44058,0,0,5422e6d726ad626bea0b5d9141b6afe8af08d99805ad88c82875c1d67d89d797,2024-09-23T14:28:34.860000 @@ -274205,6 +274209,7 @@ CVE-2024-57944,0,0,69f37fc5a40b866c95e7b5f04fa783680bd7856897f3b164ec222c4155dd5 CVE-2024-57945,0,0,ba7b321eb8cd0d1e792a1582e6a8309da43ab8d76c6981c78527fc0b4c2a565b,2025-01-21T13:15:09.033000 CVE-2024-57946,0,0,7694bfd6f4bfcb27622fd33f724eed0c14a58bd72141bedb13eda08e23a02026,2025-01-21T13:15:09.137000 CVE-2024-57947,0,0,0f394f81965ff60be8ebf8ad0ab0612e0d5ea1bd9618d127584b4c77570cc2fc,2025-01-23T14:15:25.293000 +CVE-2024-57948,1,1,ccfc14c3be6f8add68188203caf884895ea6e832132743554c183f12cb7025b0,2025-01-31T12:15:27.070000 CVE-2024-5795,0,0,8c27870eb8f46b4876cdd6a9335698b3a6adeccd1af066b5f5391281ef70b349,2024-11-21T09:48:20.780000 CVE-2024-5796,0,0,10c3848976491ca5eeb295d89b1679f80388276c56109509ef1777f493022afe,2024-11-21T09:48:20.910000 CVE-2024-57965,0,0,d78dea09938cb8948799ad2306c3ac0ba007fa5ca7bad3555c987aecde2fbb19,2025-01-29T10:15:08.113000 @@ -278537,6 +278542,25 @@ CVE-2025-21661,0,0,0fa8c68f8e644a9e2944a5faceaf5fb67752dd573becbebbb71e40324bd4c CVE-2025-21662,0,0,a5b1a0271d3432d1de3ee1bda0755a5b6602cc0585dec57fd031d28aaec3d7e4,2025-01-21T13:15:09.847000 CVE-2025-21663,0,0,adf4d90fe890eb7047d924c99b97e4be605c879bb910a835e1b3e6e621f3836a,2025-01-21T13:15:09.947000 CVE-2025-21664,0,0,a03d1e78413d45883683b53d4573f14c457812f5c5d3f56140a4232f02a4012f,2025-01-23T17:15:26.457000 +CVE-2025-21665,1,1,1dcb76c84c1c25410b34e9931b6ec4ccc3f74a17ffca33633dffdbca872b3406,2025-01-31T12:15:27.633000 +CVE-2025-21666,1,1,183c365e3b59d08fff1d6b4521df1ab82b645112c5a52cc90dd711a5a18df74e,2025-01-31T12:15:27.763000 +CVE-2025-21667,1,1,ec2541a87baa6719d6a8c1017239ab4d60f9835c55db0c8221bd968e466bdf71,2025-01-31T12:15:27.863000 +CVE-2025-21668,1,1,8b20b97df5dd2ed7cbbba0cbf3d1ebbd67685e3ecc54b7dd3a7c5749df4931d3,2025-01-31T12:15:27.960000 +CVE-2025-21669,1,1,cc18c474c600d9ecfd5f1543dfd9a875f566cf1af0cf9b32a375697bb9b05d0e,2025-01-31T12:15:28.053000 +CVE-2025-21670,1,1,d12c9401cba1e8e9338731815f7b5e159255c5e225990eb8a1877fd4ffbecb00,2025-01-31T12:15:28.160000 +CVE-2025-21671,1,1,82055684ba59cdb4ac3ab58ee2cb025fec2afdb765aa94af38cc1c0dc4207a2a,2025-01-31T12:15:28.263000 +CVE-2025-21672,1,1,1fb6894817c2fdb5ca8472a1358b2437e3bb2a9de9e6459c58ad6f4ac43f122d,2025-01-31T12:15:28.360000 +CVE-2025-21673,1,1,9e628820134e026486c4acee1bb676a96b70d1edf2eac2a3aa94349cc89905c5,2025-01-31T12:15:28.463000 +CVE-2025-21674,1,1,69194298cd8940d45652dbb676d8c3f7403965bcf926595dfedefd4ad16e7c95,2025-01-31T12:15:28.560000 +CVE-2025-21675,1,1,c3bd3ced751194a1431aa53c613e3e5b576f540db0c777b43a76ef120c168980,2025-01-31T12:15:28.677000 +CVE-2025-21676,1,1,064284a3dbaf38fe834566f826bc3f11ae4fddcdbdf86300e5683c199decbcd1,2025-01-31T12:15:28.780000 +CVE-2025-21677,1,1,70fa9dbb19be63f0e5ea80750777ba5aef07e7b8b2e923cb9bd850906eb4000c,2025-01-31T12:15:28.877000 +CVE-2025-21678,1,1,d0e69f220b96d9714ec4fa1c38960a5a62667f664233c364663a762ad5f957a5,2025-01-31T12:15:28.970000 +CVE-2025-21679,1,1,c0a036194b73d5170da4843624623a1fb4b9e085c3ba3466b8d8f2581a1bd77d,2025-01-31T12:15:29.070000 +CVE-2025-21680,1,1,b3ddbaaa8dc622ecaf35025de804bcc4011af952e154dc87e5b861a81b1add98,2025-01-31T12:15:29.160000 +CVE-2025-21681,1,1,33386cfbe1cd639dc40c49e4251fab4b0a535f237b027c151bda6b0c921455cb,2025-01-31T12:15:29.260000 +CVE-2025-21682,1,1,af36b62ce352ba03944473d01a4afdd64cf998543119197419230273df44e036,2025-01-31T12:15:29.363000 +CVE-2025-21683,1,1,b54d88e0850fc12392c10488bc1697e13177eba342fbaaa654cbf6f3c6db4465,2025-01-31T12:15:29.460000 CVE-2025-22130,0,0,a71c51c8237898c4394724aa5ef423b90094196082b564075e1f1cf6c2992343,2025-01-08T16:15:38.543000 CVE-2025-22131,0,0,69440877e24142b0c883a083dd220512bc0b0c9b1551c23031d4be6598836d66,2025-01-20T16:15:27.880000 CVE-2025-22132,0,0,92f694afc6ce174171da36824da367c743ab8d73a418a3347309264d0570fa9a,2025-01-07T22:15:31.590000 @@ -278570,7 +278594,7 @@ CVE-2025-22222,0,0,88427fbd6b71746a7cac38ab28182f0393978cf8d8f60352e5bba62689c94 CVE-2025-22261,0,0,33a310cbc7efb685d95693f6e008875a8290fc5f9c6bce0cde03f1c0742bf7b7,2025-01-07T11:15:13.290000 CVE-2025-22262,0,0,2a90436047a91b64c9791cff4f6c4190896e3e92637458d2d2ccf25cb4f8537c,2025-01-21T14:15:09.757000 CVE-2025-22264,0,0,79177f17455e861265910dfa8dd2caa5a78c248a179fa18c3179e839e36cde00,2025-01-23T16:15:37.257000 -CVE-2025-22265,1,1,980ecef91eb5066a526a3d192ec59ee9bc96d808d70f5ce59990623a342cacc7,2025-01-31T09:15:07.167000 +CVE-2025-22265,0,0,980ecef91eb5066a526a3d192ec59ee9bc96d808d70f5ce59990623a342cacc7,2025-01-31T09:15:07.167000 CVE-2025-22267,0,0,f20afa71bc4d80e805bd92045ab58754dc4544d5a2500dd19c3f675f1704780a,2025-01-21T18:15:15.100000 CVE-2025-22275,0,0,dc0905974c721b278910237158fbbf2db7a66a5bd4b529c9d9744ba0c53260f3,2025-01-03T07:15:25.297000 CVE-2025-22276,0,0,5a96987c782440e555f7f8980bf83cb51411fc2fe9b353a8ca4c203659e7b960,2025-01-21T18:15:15.303000 @@ -278613,7 +278637,7 @@ CVE-2025-22328,0,0,bae5ea02b892a469897a505361fc54dac1bb5e3519ad609d0ce29be3676ad CVE-2025-22329,0,0,f5d56d1aa2c78408d4025f17e76f097f1bd68e404c811ca09dc38f2add757e56,2025-01-15T16:15:34.763000 CVE-2025-22330,0,0,839502208eee95785526cf7c123f74018642e883627c07e6a080cad1506cc7ff,2025-01-09T16:16:25.840000 CVE-2025-22331,0,0,a2f8402b66c9c90ee6c55cbe4004f833df5c3b164a1649adc2a5ef04d9b0d06a,2025-01-09T16:16:26.180000 -CVE-2025-22332,1,1,1a57746b7ba0aa2ebee2c307ffe9540a4951c7c28899766a006fd211c492a286,2025-01-31T09:15:07.317000 +CVE-2025-22332,0,0,1a57746b7ba0aa2ebee2c307ffe9540a4951c7c28899766a006fd211c492a286,2025-01-31T09:15:07.317000 CVE-2025-22333,0,0,e1ce540f097535337d77ac62982e232ef112548ec7d9205fe7d663038857be1a,2025-01-07T11:15:17.160000 CVE-2025-22334,0,0,11b4f4e8db4b7785b74aad91051c2e8051c499de944f60aa9b4469a20e495399,2025-01-07T17:15:32.953000 CVE-2025-22335,0,0,4a08b412add701f059cd149e45f878ef3b0f40f24de1ec01f34841e4d73759dc,2025-01-07T16:15:42.703000 @@ -278621,7 +278645,7 @@ CVE-2025-22336,0,0,e498264d94897dc70f78e05983d91aacc96a48160550b893d84ce97145124 CVE-2025-22337,0,0,5d41c59b533e15a90ac0eb04123ef238c192c67fdf1a3a5a9bc7681f9252fc36,2025-01-13T14:15:10.440000 CVE-2025-22338,0,0,7129ea122c6554e3c515c55738d8d6c2390b8b27bae9ff6ebda6d0b32cd44085,2025-01-07T16:15:44.117000 CVE-2025-22339,0,0,e3b226b5bf5a3cbff8aebc6d88bcb4fc118cdad6ece13f47708a7ca8d8f13135,2025-01-07T11:15:17.463000 -CVE-2025-22341,1,1,7a252dfe94b5aebe5db0bf845ec16300a37e876c3203ea4e093e02a898233687,2025-01-31T09:15:07.470000 +CVE-2025-22341,0,0,7a252dfe94b5aebe5db0bf845ec16300a37e876c3203ea4e093e02a898233687,2025-01-31T09:15:07.470000 CVE-2025-22342,0,0,541f867dbda194731b8a18481f8f88aab54d4c9b69e4847a11ff394e4e7ae36c,2025-01-07T11:15:17.610000 CVE-2025-22343,0,0,5a249d51bc1bb83b765cbc47fc56c527973dc8aee76835d7267eeba7cb4b3587,2025-01-07T11:15:17.743000 CVE-2025-22344,0,0,73b38550cc61c4d4fcec8a1a6c6ebfdcafdd6bf85ac16de00bbc41a01d5f4343,2025-01-13T14:15:10.613000 @@ -278720,7 +278744,7 @@ CVE-2025-22560,0,0,9ca1212fb17f4181c18e39c7de050eeeb10043eec792b100a6ff2194db9fd CVE-2025-22561,0,0,623f2eb2c761c9d3d25a004f777db613fa6e7b7a5c670c04365fe632627b5a6b,2025-01-09T16:16:28.827000 CVE-2025-22562,0,0,5434b49fc7631b7fa2baab733e275c32c8bcafb45eb3bbd6810cf2008467fe71,2025-01-07T16:15:52.540000 CVE-2025-22563,0,0,08641cc3ce798be612ccd7e4c4a75bb78413c6f046999167e72153c276a54042,2025-01-07T16:15:52.940000 -CVE-2025-22564,1,1,f1a324a9a4a7ed353781f19eb5de87b1e37be87ba686645966b797041e2c1f77,2025-01-31T09:15:07.627000 +CVE-2025-22564,0,0,f1a324a9a4a7ed353781f19eb5de87b1e37be87ba686645966b797041e2c1f77,2025-01-31T09:15:07.627000 CVE-2025-22567,0,0,7640327e90d13935406fda5e46326035dce8768c7ac08f762a301197dc23d3c0,2025-01-13T14:15:11.460000 CVE-2025-22568,0,0,f3a337c9bc58a10967a71c972b3d36d20f02e69abf28f2da99dbae5c50742b4f,2025-01-13T14:15:11.610000 CVE-2025-22569,0,0,71c2a126896a25500ec5a83e43acb4e704a716153f97fc1411303eae2fdb9009,2025-01-13T14:15:11.787000 @@ -278782,7 +278806,7 @@ CVE-2025-22716,0,0,574cf0b5875717b93863e982d1cab0b81ccdb8ad9a1ac52da300f5eb0abac CVE-2025-22717,0,0,045d0e1e5f3cb0fdeed8a39d1665e4e46f6270d91c24ab8506dee6964c28d59b,2025-01-21T14:15:11.527000 CVE-2025-22718,0,0,af552db1d51fb8ce52426df5d2512b6494860cf9b2184f61079c95efecaa5cb1,2025-01-21T14:15:11.697000 CVE-2025-22719,0,0,5bd88b64227ddb0806bbf4a03d00b50965d6e95ab3764f375fda0f14d5c5be5c,2025-01-21T14:15:11.860000 -CVE-2025-22720,1,1,e20188414886de62acc3f7692b7201770c4130a5da74aea38c8b4c2162c464fc,2025-01-31T09:15:07.770000 +CVE-2025-22720,0,0,e20188414886de62acc3f7692b7201770c4130a5da74aea38c8b4c2162c464fc,2025-01-31T09:15:07.770000 CVE-2025-22721,0,0,b262a715cba54c17fe83d44892573aa8774855ca798bef491313a71f26432b7d,2025-01-21T18:15:15.880000 CVE-2025-22722,0,0,46dfbd6849c3dd98d390fb319b428d78acaf82f7d9a5f48a36560b752e60ded8,2025-01-21T18:15:16.057000 CVE-2025-22723,0,0,9840575079edde83aa306dc43108d401256a5ee1d470cd37a6e795011bb563cc,2025-01-21T14:15:12.017000 @@ -278811,7 +278835,7 @@ CVE-2025-22752,0,0,41bc182eb31d3ed08c47c2f1a14594b9475edefd40e6ac88496a43b932ffd CVE-2025-22753,0,0,1392ba1976b2f3737be53da9e82e2a71b66804802fe541ed64804556b77dc379,2025-01-15T16:15:38.090000 CVE-2025-22754,0,0,c0a20ff0dc7d11a65b9241a7172e5329fe4a137b477ec9e87a12160d75b634c6,2025-01-15T16:15:38.260000 CVE-2025-22755,0,0,8f6b0a04551af49856a2271381efe0b139629609cf6cdbb88a9b44d66b8939d8,2025-01-15T16:15:38.417000 -CVE-2025-22757,1,1,545c60ebe78f04709daa5d0cdafad9d8c42daedfa920bd2facae8e620e8e33d4,2025-01-31T09:15:07.913000 +CVE-2025-22757,0,0,545c60ebe78f04709daa5d0cdafad9d8c42daedfa920bd2facae8e620e8e33d4,2025-01-31T09:15:07.913000 CVE-2025-22758,0,0,75af2175b66bedd5905c80abd56322cb37a48c8bc3ca46887b18b8750dd877d0,2025-01-15T16:15:38.577000 CVE-2025-22759,0,0,9fd34399fa1530c21c9cfdecd9f53c69ec53b7cabdae01a2ee26417453f72f17,2025-01-15T16:15:38.733000 CVE-2025-22760,0,0,ceaff3b523ed1ab68ca9afc6e8dcc1721a356d85b9c6dbcc0d6dd64777fa93b0,2025-01-15T16:15:38.890000 @@ -279068,7 +279092,7 @@ CVE-2025-23580,0,0,59e55d87bb1152c0b33f0e647e86e7e0bf5bdb957c7b17144cb4b97c87ffc CVE-2025-23583,0,0,822a096c4bf103ecc85a757b154ff2676bab47254e439d8f1a0dc183e1069329,2025-01-22T15:15:17.820000 CVE-2025-23589,0,0,ddf5471ae852dabea42c5158329ef70238607d70b85f56376e4ac0c4bb487ae4,2025-01-22T15:15:17.950000 CVE-2025-23592,0,0,c6c26f6ac5e063b93a35489a4c79c8c99eaee0347d8804de080707e83378d4fd,2025-01-22T15:15:18.097000 -CVE-2025-23596,1,1,bfb0e90a6c5252afe61d41dfe71ccb2f6f594cb122772f3faebf445a764f58cc,2025-01-31T09:15:08.060000 +CVE-2025-23596,0,0,bfb0e90a6c5252afe61d41dfe71ccb2f6f594cb122772f3faebf445a764f58cc,2025-01-31T09:15:08.060000 CVE-2025-23597,0,0,3871369d91ae00dd4869bc54339db422ba0880625256256884fee491f4563202,2025-01-22T15:15:18.230000 CVE-2025-23601,0,0,8cf3c2f8696e7e005f222e1bdb76c123a3be382277805d94473298416d95984a,2025-01-22T15:15:18.363000 CVE-2025-23602,0,0,4cd584065e9b9f106e16ebb05185970d67a3f28867f9738a25ae9c2e26b7393f,2025-01-22T15:15:18.503000 @@ -279112,7 +279136,7 @@ CVE-2025-23662,0,0,551ab5d2ddda20a665b042bd77267fd330911bfdaae473af13983770c49d1 CVE-2025-23664,0,0,5eaae3d9bb9680e71179473e67178d8041daabfe633ea61ccf7a551976bb9be7,2025-01-16T20:15:43.320000 CVE-2025-23665,0,0,df3a85fb9b6ff519cb09c58b53e0bb17cb58cc0d047b57ae4c9ab7778577a02d,2025-01-16T20:15:43.460000 CVE-2025-23669,0,0,9d3b37ccadd2ee69ebcf7dda5f5c3274138874e1b048df0c9bf6fb374b103459,2025-01-27T15:15:12.423000 -CVE-2025-23671,1,1,46c84081401892868113e592ab4bbf541ce5b1e2bcfa1ff04198e153e0532705,2025-01-31T09:15:08.210000 +CVE-2025-23671,0,0,46c84081401892868113e592ab4bbf541ce5b1e2bcfa1ff04198e153e0532705,2025-01-31T09:15:08.210000 CVE-2025-23672,0,0,9b4e91d2a971d6e816e88b382cc31c2340c56e76479cf040d6e0c5290d97a21a,2025-01-22T15:15:20.287000 CVE-2025-23673,0,0,29cefcd5e33b42efd9dd838456a4202e1ca110aefe8c270bd5abccdd213d0d3b,2025-01-16T20:15:43.620000 CVE-2025-23674,0,0,82d0f47596aa91a27d7206050e2f23fe27e33f61b61152aa1cea9075ecc820e7,2025-01-22T15:15:20.420000 @@ -279170,7 +279194,7 @@ CVE-2025-23752,0,0,c4a79df1175fc8304cc7d0bc1439213a7f94dd9651e5758ccfd85de4caf11 CVE-2025-23754,0,0,21c71491dc1049f80bc2b3d0ef81d089692e692ff20a4894b4b54787667340c8,2025-01-27T15:15:12.727000 CVE-2025-23756,0,0,b189fbbb2b658c767f0f6a4b533dbbc808056809be370f040f7098f77febf47e,2025-01-27T15:15:12.877000 CVE-2025-23758,0,0,8eed9a0b591b6f7c4da32f087513eca80ea069aba6fbd197956f1fc2df31f12b,2025-01-22T15:15:22.907000 -CVE-2025-23759,1,1,e246047aa026fdb44c1a4b2854950b65bcff3c4d45b64b864f69f88e0ae090b1,2025-01-31T09:15:08.357000 +CVE-2025-23759,0,0,e246047aa026fdb44c1a4b2854950b65bcff3c4d45b64b864f69f88e0ae090b1,2025-01-31T09:15:08.357000 CVE-2025-23760,0,0,c926328276013ba4c92054487020a2c00b6299d54746739ff21a4a2b0e4582aa,2025-01-16T21:15:18.257000 CVE-2025-23761,0,0,54955953ddba7da6b8dc6db7af99134b4479d6ff349ea65bc12f9e3c7ac517a4,2025-01-16T21:15:18.410000 CVE-2025-23764,0,0,7f32d20a1e65ecaa3e33bea3553398156868c7ff8731a49a86f2b21b51701ff3,2025-01-16T21:15:18.550000 @@ -279336,15 +279360,15 @@ CVE-2025-23962,0,0,38c72a66f748d246b44f5351bf9ff0f3b3815cc4926f227945695c33eaf96 CVE-2025-23963,0,0,b25e75626ec56255a41425e6f3edd3e3aea1c19b7ee658d0d0b26b28ec1f0c5c,2025-01-16T21:15:37.873000 CVE-2025-23965,0,0,53fb1e10aaa7ebd57bd7f00633a90cd803f03e00b4bc8c44e50c428b42627500,2025-01-16T21:15:38.023000 CVE-2025-23966,0,0,0e6c6a1caa3d328f215893bbd7894611dd4559bc9c207666f24bc83d16a65051,2025-01-22T15:15:26.950000 -CVE-2025-23976,1,1,e0eab9311af6f0866161d1152b41dd0b88221351a5485aef9432360dead5ad9b,2025-01-31T09:15:08.530000 -CVE-2025-23977,1,1,2b3becab0586b5f0b804d3093772319babfc687fc85a1f0a11f4034a398fdd3a,2025-01-31T09:15:08.687000 -CVE-2025-23978,1,1,e17deaffe1129da6e865971c3b079c57195bc303f97a89196906ea25ae51ec12,2025-01-31T09:15:08.830000 -CVE-2025-23980,1,1,2b413ddfc15217b02f4cdb5a9b4327d6257cc1036ee72dffadd611ebcf279fc3,2025-01-31T09:15:08.973000 +CVE-2025-23976,0,0,e0eab9311af6f0866161d1152b41dd0b88221351a5485aef9432360dead5ad9b,2025-01-31T09:15:08.530000 +CVE-2025-23977,0,0,2b3becab0586b5f0b804d3093772319babfc687fc85a1f0a11f4034a398fdd3a,2025-01-31T09:15:08.687000 +CVE-2025-23978,0,0,e17deaffe1129da6e865971c3b079c57195bc303f97a89196906ea25ae51ec12,2025-01-31T09:15:08.830000 +CVE-2025-23980,0,0,2b413ddfc15217b02f4cdb5a9b4327d6257cc1036ee72dffadd611ebcf279fc3,2025-01-31T09:15:08.973000 CVE-2025-23982,0,0,7dfe3e48e718999b3739cbfc59b600560c8c7feccf14557bc94cb8c8978377d9,2025-01-27T15:15:13.247000 -CVE-2025-23985,1,1,874d7a7c839515ccb8b8c14aba0a7e876e46f2c3bf639e81bfafdac6710b3504,2025-01-31T09:15:09.127000 -CVE-2025-23987,1,1,eaf59c635a24b658b7ebe922a33e4a9c6f6881fff544a96f2e210734d5009610,2025-01-31T09:15:09.280000 -CVE-2025-23989,1,1,533bcc23765221caa714b18f81f4abdbd9ff5199ed2f714fba0c159c05ff4f97,2025-01-31T09:15:09.427000 -CVE-2025-23990,1,1,1d4d447844ce4d6ae33a46a793b2bfe9f8732072919d84fc1711b79793282882,2025-01-31T09:15:09.577000 +CVE-2025-23985,0,0,874d7a7c839515ccb8b8c14aba0a7e876e46f2c3bf639e81bfafdac6710b3504,2025-01-31T09:15:09.127000 +CVE-2025-23987,0,0,eaf59c635a24b658b7ebe922a33e4a9c6f6881fff544a96f2e210734d5009610,2025-01-31T09:15:09.280000 +CVE-2025-23989,0,0,533bcc23765221caa714b18f81f4abdbd9ff5199ed2f714fba0c159c05ff4f97,2025-01-31T09:15:09.427000 +CVE-2025-23990,0,0,1d4d447844ce4d6ae33a46a793b2bfe9f8732072919d84fc1711b79793282882,2025-01-31T09:15:09.577000 CVE-2025-23991,0,0,09c292242e39739888eb9fe6d97bdb10055d45d713f6ffa829b0733e0b5456d2,2025-01-24T16:15:38.723000 CVE-2025-23992,0,0,6d44f95ed9666a8a68923c67dcffd2f515365a6c1e7800071790e2d881846261,2025-01-22T16:15:32.120000 CVE-2025-23994,0,0,db61266fc09611137499867f42a15cfdb3d24abf264ca83daab38bc4b3bec239,2025-01-21T18:15:17.313000 @@ -279482,8 +279506,8 @@ CVE-2025-24527,0,0,8f5d99489f05ec903e1b0ba411b4f26945dcb60c4d1c8d36f935f4c612211 CVE-2025-24529,0,0,659084d0f901a45c8b21d541729e6cc04c83a80a3825fa751f6337219739cf86,2025-01-23T06:15:27.710000 CVE-2025-24530,0,0,4a56bb568b6bd32a8936d0fb868cc9221851e3049a709c6787a03d46cd9e8858,2025-01-23T06:15:27.893000 CVE-2025-24533,0,0,7b36821849ab798d81c60afcd620ba9ed617eb480eb18f61a881f0c2f7c8a39d,2025-01-27T14:15:28.653000 -CVE-2025-24534,1,1,101e1e434d2a29f62e13ecd7766e303d1328267bb3d87cc866eeed722961113d,2025-01-31T09:15:09.720000 -CVE-2025-24535,1,1,c5149e14293bf035c80f56e88caca17c0576f4162a158c6e05f663c0716406a0,2025-01-31T09:15:09.870000 +CVE-2025-24534,0,0,101e1e434d2a29f62e13ecd7766e303d1328267bb3d87cc866eeed722961113d,2025-01-31T09:15:09.720000 +CVE-2025-24535,0,0,c5149e14293bf035c80f56e88caca17c0576f4162a158c6e05f663c0716406a0,2025-01-31T09:15:09.870000 CVE-2025-24537,0,0,06c9da6fbc6f8c7d8022c609da167bba6221fe718dd9e4ef9e6a1c0e2d457262,2025-01-27T15:15:13.440000 CVE-2025-24538,0,0,0f8d31f1296887dcb26ac5acc0a368526d03dde9efa05b94d9d3fe598ce981df,2025-01-27T15:15:13.607000 CVE-2025-24540,0,0,cd6ea69ba28b1ebb10b70369bc57bb82429bc2558c0fbb08776f05fe155ad78b,2025-01-27T15:15:13.753000 @@ -279491,14 +279515,14 @@ CVE-2025-24542,0,0,06390c27c63870cfb207e6b1afc38cc2bd70c54f2ceb6de8405d7ce03a079 CVE-2025-24543,0,0,a8808a4cea2b4649f0717c8217dced1494e1792562a41700280f034c2d3ba9ea,2025-01-24T18:15:32.703000 CVE-2025-24546,0,0,685ea9d400c8b68f55f713daec1971d56383230bb2c0cc8dfdd7487103aa25d1,2025-01-24T18:15:32.893000 CVE-2025-24547,0,0,c177583f7b4a7259791b6ebcff6a352143f7ed52e1ea2f3eabe18b6e76e995e9,2025-01-24T18:15:33.063000 -CVE-2025-24549,1,1,d197d4219524264836d83f7d0b4c62c1f60f5c6c08ca5a01968af8e6be12bddd,2025-01-31T09:15:10.027000 -CVE-2025-24551,1,1,89890fcb7fdc2cf0f469b52beec92a27eab339c8421ab40ceb9ef974fa54d86c,2025-01-31T09:15:10.170000 +CVE-2025-24549,0,0,d197d4219524264836d83f7d0b4c62c1f60f5c6c08ca5a01968af8e6be12bddd,2025-01-31T09:15:10.027000 +CVE-2025-24551,0,0,89890fcb7fdc2cf0f469b52beec92a27eab339c8421ab40ceb9ef974fa54d86c,2025-01-31T09:15:10.170000 CVE-2025-24552,0,0,5836fd4cff67061da1a022b37868b2f3c365d2f5d165ede2a999174e0f3c027d,2025-01-24T18:15:33.257000 CVE-2025-24555,0,0,d47f17b8e2e295cf6139e94a64e84d237163885ad2ad17216990f34a21e900fe,2025-01-24T18:15:33.440000 -CVE-2025-24560,1,1,d4c1176f1866d7ec0387cfc21d73b48c7dc3b47ed71e35d50794b79b4bc9779b,2025-01-31T09:15:10.323000 +CVE-2025-24560,0,0,d4c1176f1866d7ec0387cfc21d73b48c7dc3b47ed71e35d50794b79b4bc9779b,2025-01-31T09:15:10.323000 CVE-2025-24561,0,0,c698bd2c648564da7cb8a5ead03f00bdcfe0f5e2d45f91fef21ce218041ca538,2025-01-24T18:15:33.623000 CVE-2025-24562,0,0,f5a2b27ad0b893f9e361ae02017813ce34418cc837106061d965034991fc502e,2025-01-24T18:15:33.810000 -CVE-2025-24563,1,1,e10943f5840e540dd8ca5639d051f2511e3f57ce5b74c871814018f1b701c4fc,2025-01-31T09:15:10.467000 +CVE-2025-24563,0,0,e10943f5840e540dd8ca5639d051f2511e3f57ce5b74c871814018f1b701c4fc,2025-01-31T09:15:10.467000 CVE-2025-24568,0,0,76160f57a35703cc1bc60dd8f4bddda882f344202b02d103baf733d8125cff67,2025-01-24T18:15:33.987000 CVE-2025-24570,0,0,c28f0a95c222bf88ff7e9dd87509b02b35c9c870ecf7971f96c34cc8feb983a7,2025-01-24T18:15:34.147000 CVE-2025-24571,0,0,12bfb570d5dbb7308e59de1fd0e176919ad5f022d4e611da786987fff50f0ad8,2025-01-24T18:15:34.320000 @@ -279520,14 +279544,14 @@ CVE-2025-24593,0,0,9c36266dcac20d200a08525d83ae20f675d64d14e2bb734ccd76bf4940d78 CVE-2025-24594,0,0,1f51a1d2e76cef969f6771fdca9d4628f716965e3d22ebbbb8948ae8c6232723,2025-01-24T18:15:36.330000 CVE-2025-24595,0,0,fbc09565a4f924c0a009b4638cc6ed5e9d14e449e9654f8ef695d4106c965b5a,2025-01-24T18:15:36.497000 CVE-2025-24596,0,0,4a462b85d7c20eb1e51f14e1da141104983de82ee010f1f7b247f3fd81c9e8c1,2025-01-24T18:15:36.657000 -CVE-2025-24597,1,1,4f9595b5b3d6a1b18fa628038d17ebdb90040d7d0e2b83043a402812377ecc27,2025-01-31T09:15:10.607000 +CVE-2025-24597,0,0,4f9595b5b3d6a1b18fa628038d17ebdb90040d7d0e2b83043a402812377ecc27,2025-01-31T09:15:10.607000 CVE-2025-24600,0,0,dcdd8cdf482b8e22d2a48b0e2f348d3c7f88226c6331542bf0912f288b741729,2025-01-27T15:15:14.233000 CVE-2025-24601,0,0,db505c493b963cd133491367007025a7a3eeb79293d5855e01deb30a1e81f5f1,2025-01-27T14:15:28.927000 CVE-2025-24603,0,0,cc1c8cd1942a1d516a081ea3f5d2c128e09834a700f6e631e4df98b4ec31c06c,2025-01-27T15:15:14.437000 CVE-2025-24604,0,0,62a39d9b09aae3795a1a5623a917bfa7211aaa213197284781446d74cdc483ea,2025-01-24T18:15:36.823000 CVE-2025-24606,0,0,5a6e3000a389ad1fa9dbb9a960a9755d84ee1b04bf140fb25209a300fb4fcd1a,2025-01-27T15:15:14.587000 -CVE-2025-24608,1,1,1426d6306f52065c1181109032454fe40202afbf9c92acf2a056587aa0810c2c,2025-01-31T09:15:10.767000 -CVE-2025-24609,1,1,dabd57eb8178c8ab365b5e8b630c7ff7e563296c5bbdd16fc52bd403d7b2e050,2025-01-31T09:15:10.900000 +CVE-2025-24608,0,0,1426d6306f52065c1181109032454fe40202afbf9c92acf2a056587aa0810c2c,2025-01-31T09:15:10.767000 +CVE-2025-24609,0,0,dabd57eb8178c8ab365b5e8b630c7ff7e563296c5bbdd16fc52bd403d7b2e050,2025-01-31T09:15:10.900000 CVE-2025-24610,0,0,13a39d2f135170db910afda2a99191d77f2a29be1fdfb9d97efc58222978983e,2025-01-24T18:15:36.980000 CVE-2025-24611,0,0,5715cfb8338e1d2a6890eac94e9d49d3d44cfa21d68c17c839c3a2944696055d,2025-01-24T18:15:37.133000 CVE-2025-24612,0,0,2e20863c253051aaaea60ecd45f224a8c2678654eaa53b81ed896c6a14b65efa,2025-01-27T14:15:29.063000 @@ -279539,10 +279563,10 @@ CVE-2025-24625,0,0,c78d300f1f0ba711e3f863a83d368167a911692a6dfd48749e68c965f6f00 CVE-2025-24626,0,0,a470e4da4e034c9f2ab445a591e418acc188dd505508f456d0941bc394263b92,2025-01-27T15:15:14.777000 CVE-2025-24627,0,0,02ed717fe8cb73f0e136d781f500cc8f29934ec76495d5547688a475083bddd4,2025-01-24T18:15:38.050000 CVE-2025-24628,0,0,921a9ab162d6fedf70ed90c3acec080864c3f2a85c667b57a58565282ba9c543,2025-01-27T15:15:14.923000 -CVE-2025-24632,1,1,556d6471474be19d6e9a79c89f124dfec2d5aa506de91713bc151ebf0bd1bc14,2025-01-31T09:15:11.040000 +CVE-2025-24632,0,0,556d6471474be19d6e9a79c89f124dfec2d5aa506de91713bc151ebf0bd1bc14,2025-01-31T09:15:11.040000 CVE-2025-24633,0,0,b407bcbade3843581c653e2df1781329c3dc7476fcc6243a7b85dc7360c755e6,2025-01-24T18:15:38.200000 CVE-2025-24634,0,0,2bd24fdaae28a006ea4038da848c5e593d0eecbe902bfc5110e8d66be395288f,2025-01-24T18:15:38.350000 -CVE-2025-24635,1,1,adee0e2e2c087cce5e8c9d2e888c88ec3d1427a2ea2418aa51d5531c795222ee,2025-01-31T09:15:11.190000 +CVE-2025-24635,0,0,adee0e2e2c087cce5e8c9d2e888c88ec3d1427a2ea2418aa51d5531c795222ee,2025-01-31T09:15:11.190000 CVE-2025-24636,0,0,66aa9f526ce1fd7f3d18159e839d4ebddd24821053620416273bd4a4e01bf4a1,2025-01-24T18:15:38.507000 CVE-2025-24638,0,0,771d55a14f39075844370a6399a01b34d18de7f194d5cd5f84255753a3dd779b,2025-01-24T18:15:38.670000 CVE-2025-24644,0,0,5a47ee9c1d078a6ab6544254498806ccdab795bbe804f919ad0351c4bf3bd942,2025-01-24T18:15:38.833000 @@ -279574,7 +279598,7 @@ CVE-2025-24681,0,0,605fdc2e36dc827462c36791192232d92dd296cecf5b41187efd4a46c704e CVE-2025-24682,0,0,ca5f8a1b03b0ffb82cb43100159f5b8a9d5c286a9ed1e11204650e11edcdf612,2025-01-24T18:15:41.947000 CVE-2025-24683,0,0,bd281ec7d77c6dd8b1732719895ece773bf0791905499e1cf46a62b4feaf0c85,2025-01-24T18:15:42.133000 CVE-2025-24685,0,0,3935ef96229daa1b4c692226c2accf1fba103f1acefb63d2634035e3247a2886,2025-01-27T14:15:29.333000 -CVE-2025-24686,1,1,f70de11c29db663e16f62dc00c94a534e549254878c7eacd82f90f3a962e5fec,2025-01-31T09:15:11.340000 +CVE-2025-24686,0,0,f70de11c29db663e16f62dc00c94a534e549254878c7eacd82f90f3a962e5fec,2025-01-31T09:15:11.340000 CVE-2025-24687,0,0,a97e3c851507d885e2534c8d23f0ef9f7027aca0eec7a3965703f56e53f67d20,2025-01-24T18:15:42.283000 CVE-2025-24689,0,0,1de513e8e8f691d40e4b3e7d3658a5a290626246a247d5f74e6d4f1c5b396ca3,2025-01-27T15:15:16.073000 CVE-2025-24691,0,0,8f9407c7a90579300dd1854e170d65459a01a3bff3d853f2b1c7f87668044003,2025-01-24T18:15:42.433000 @@ -279590,7 +279614,7 @@ CVE-2025-24705,0,0,0d29a10c3c131298ef8bd5a8cb9217ebb025888c7cb5d2d97a7633b27b032 CVE-2025-24706,0,0,310d3f61486b57a678867c52af7a3873d74ff33456f7825d148f48af59ebe640,2025-01-24T18:15:44.003000 CVE-2025-24708,0,0,92ede108f27ffdee04adb376065e31ecf2859fc8c1a57b0e6ab76efd11e64544,2025-01-27T15:15:16.230000 CVE-2025-24709,0,0,6d23c7aa23f5f0132f167fb051a07c37a43447273edf0a534d427fd5c040c301,2025-01-24T18:15:44.170000 -CVE-2025-24710,1,1,566859838006945e87e24597a4a246871f0ba980ab62fd8f114894ec04b52203,2025-01-31T09:15:11.477000 +CVE-2025-24710,0,0,566859838006945e87e24597a4a246871f0ba980ab62fd8f114894ec04b52203,2025-01-31T09:15:11.477000 CVE-2025-24711,0,0,2b6393d74f40d976d8e5d885b625242518c74534f12353db2bfa977c486e6f90,2025-01-24T18:15:44.330000 CVE-2025-24712,0,0,ad5ee3989300fa678ccc1aeeb2c1408d12155cb4b9c591212188ab9aa01bb7df,2025-01-24T18:15:44.480000 CVE-2025-24713,0,0,8966c71c53790b1b9ead199719a98f45f6076ff08526301a47eed7a249ba7a5b,2025-01-24T18:15:44.630000 @@ -279598,7 +279622,7 @@ CVE-2025-24714,0,0,01c79f3d6975fa00ca9de87ee51395e5de6793c68e48bd2909badc648a193 CVE-2025-24715,0,0,918d31ff258da35c7d5a3cb0c4c244eba5a3169754271f2070db9f98a76d2e96,2025-01-24T18:15:44.913000 CVE-2025-24716,0,0,b60cda0ae81f3b0923fa7b26df1f0e620ddd729d40eb70ccadd9577c7ee769ce,2025-01-24T18:15:45.057000 CVE-2025-24717,0,0,192c45824352b7ecf8a017aadf0ae5aeb9949e337e41e88029f7cee314070cf4,2025-01-24T18:15:45.210000 -CVE-2025-24718,1,1,076d393e46e41dfcb80184b7828cac787e866a2c39d69d016e00ed53df0884fd,2025-01-31T09:15:11.617000 +CVE-2025-24718,0,0,076d393e46e41dfcb80184b7828cac787e866a2c39d69d016e00ed53df0884fd,2025-01-31T09:15:11.617000 CVE-2025-24719,0,0,b6a5eaae7b6b9dac2df9124e88387d1f1ef87c3d0c79dd412c3d005280b66ed8,2025-01-24T18:15:45.360000 CVE-2025-24720,0,0,9c714f59d0192e69fce2a5027c9e7738070e04ddd86e75e44b28cff60eb7786a,2025-01-24T18:15:45.523000 CVE-2025-24721,0,0,87c237eedc92baee03d4c2c20cc1d540e9d333bd80081e1b8926ab4576af7541,2025-01-24T18:15:45.667000 @@ -279625,7 +279649,7 @@ CVE-2025-24743,0,0,41c0ba755259a09bb78d30034dfcceff3f65521049087232d94552c5b5203 CVE-2025-24744,0,0,e89d8ff4eca838607435ef9e0329695df1c3d2f7f7da2a6a7138e174e3ce48dc,2025-01-27T15:15:17.117000 CVE-2025-24746,0,0,76b6359f26bba7626bbf7027b062daab552b87a782fc60d7a7da64d1ce3753c9,2025-01-24T18:15:48.437000 CVE-2025-24747,0,0,0ef68093fe47b6e703556413c3e771c9fd229228f186762cf3469f52d01e5aa5,2025-01-27T15:15:17.253000 -CVE-2025-24749,1,1,e117b0b7203e92297703008dde6e38898de1451f49b99f2af8811aae5a9a3098,2025-01-31T09:15:11.760000 +CVE-2025-24749,0,0,e117b0b7203e92297703008dde6e38898de1451f49b99f2af8811aae5a9a3098,2025-01-31T09:15:11.760000 CVE-2025-24750,0,0,e2f4a9b31b86d06509f886277e82ff83239dd5a8a7c14cdf3ecc2568e5cf5c3e,2025-01-24T18:15:48.663000 CVE-2025-24751,0,0,4aa19aa90aab45ec9714df6e468e19599d2a1949dc2de4e4c8d985f84e38f858,2025-01-24T18:15:48.810000 CVE-2025-24753,0,0,87b78dd3e11c90af6930cbca7a5346ee214e24237caa8b3601406532dfdbc4de,2025-01-24T18:15:48.950000