admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-19T03:00:20.626421+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-19 03:03:23 +00:00
parent 8223e2e91e
commit a515abdcd6
48 changed files with 1578 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
CVE-2023/CVE-2023-529xx/CVE-2023-52921.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2023-52921",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:15:09.310",
"lastModified": "2024-11-19T02:15:09.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix possible UAF in amdgpu_cs_pass1()\n\nSince the gang_size check is outside of chunk parsing\nloop, we need to reset i before we free the chunk data.\n\nSuggested by Ye Zhang (@VAR10CK) of Baidu Security."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/90e065677e0362a777b9db97ea21d43a39211399",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9a2393af1f35d1975204fc00035c64a1c792b278",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e08e9dd09809b16f8f8cee8c466841b33d24ed96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-00xx/CVE-2024-0012.json
View File

@ -2,9 +2,13 @@
"id": "CVE-2024-0012",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-18T16:15:11.683",
"lastModified": "2024-11-18T17:11:17.393",
"lastModified": "2024-11-19T02:00:02.097",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cisaExploitAdd": "2024-11-18",
"cisaActionDue": "2024-12-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.",
"cisaVulnerabilityName": "Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability",
"descriptions": [
{
"lang": "en",

6
CVE-2024/CVE-2024-12xx/CVE-2024-1212.json
View File

@ -2,9 +2,13 @@
"id": "CVE-2024-1212",
"sourceIdentifier": "security@progress.com",
"published": "2024-02-21T18:15:50.417",
"lastModified": "2024-02-22T19:07:27.197",
"lastModified": "2024-11-19T02:00:02.097",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cisaExploitAdd": "2024-11-18",
"cisaActionDue": "2024-12-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Progress Kemp LoadMaster OS Command Injection Vulnerability",
"descriptions": [
{
"lang": "en",

6
CVE-2024/CVE-2024-501xx/CVE-2024-50152.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-50152",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-07T10:15:06.850",
"lastModified": "2024-11-13T15:15:56.840",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-19T02:16:17.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning?\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning\uff1a\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem."
},
{
"lang": "es",

6
CVE-2024/CVE-2024-501xx/CVE-2024-50159.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-50159",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-07T10:15:07.333",
"lastModified": "2024-11-13T16:19:28.807",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-19T02:16:18.443",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()\n\nClang static checker(scan-build) throws below warning?\n | drivers/firmware/arm_scmi/driver.c:line 2915, column 2\n | Attempt to free released memory.\n\nWhen devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup()\nwill run twice which causes double free of 'dbg->name'.\n\nRemove the redundant scmi_debugfs_common_cleanup() to fix this problem."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()\n\nClang static checker(scan-build) throws below warning\uff1a\n | drivers/firmware/arm_scmi/driver.c:line 2915, column 2\n | Attempt to free released memory.\n\nWhen devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup()\nwill run twice which causes double free of 'dbg->name'.\n\nRemove the redundant scmi_debugfs_common_cleanup() to fix this problem."
},
{
"lang": "es",

6
CVE-2024/CVE-2024-502xx/CVE-2024-50217.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-50217",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-09T11:15:07.103",
"lastModified": "2024-11-13T19:24:41.063",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-19T02:16:23.163",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()\n\nMounting btrfs from two images (which have the same one fsid and two\ndifferent dev_uuids) in certain executing order may trigger an UAF for\nvariable 'device->bdev_file' in __btrfs_free_extra_devids(). And\nfollowing are the details:\n\n1. Attach image_1 to loop0, attach image_2 to loop1, and scan btrfs\n devices by ioctl(BTRFS_IOC_SCAN_DEV):\n\n / btrfs_device_1 ? loop0\n fs_device\n \\ btrfs_device_2 ? loop1\n2. mount /dev/loop0 /mnt\n btrfs_open_devices\n btrfs_device_1->bdev_file = btrfs_get_bdev_and_sb(loop0)\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n fail: btrfs_close_devices // -ENOMEM\n\t btrfs_close_bdev(btrfs_device_1)\n fput(btrfs_device_1->bdev_file)\n\t // btrfs_device_1->bdev_file is freed\n\t btrfs_close_bdev(btrfs_device_2)\n fput(btrfs_device_2->bdev_file)\n\n3. mount /dev/loop1 /mnt\n btrfs_open_devices\n btrfs_get_bdev_and_sb(&bdev_file)\n // EIO, btrfs_device_1->bdev_file is not assigned,\n // which points to a freed memory area\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n btrfs_free_extra_devids\n if (btrfs_device_1->bdev_file)\n fput(btrfs_device_1->bdev_file) // UAF !\n\nFix it by setting 'device->bdev_file' as 'NULL' after closing the\nbtrfs_device in btrfs_close_one_device()."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()\n\nMounting btrfs from two images (which have the same one fsid and two\ndifferent dev_uuids) in certain executing order may trigger an UAF for\nvariable 'device->bdev_file' in __btrfs_free_extra_devids(). And\nfollowing are the details:\n\n1. Attach image_1 to loop0, attach image_2 to loop1, and scan btrfs\n devices by ioctl(BTRFS_IOC_SCAN_DEV):\n\n / btrfs_device_1 \u2192 loop0\n fs_device\n \\ btrfs_device_2 \u2192 loop1\n2. mount /dev/loop0 /mnt\n btrfs_open_devices\n btrfs_device_1->bdev_file = btrfs_get_bdev_and_sb(loop0)\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n fail: btrfs_close_devices // -ENOMEM\n\t btrfs_close_bdev(btrfs_device_1)\n fput(btrfs_device_1->bdev_file)\n\t // btrfs_device_1->bdev_file is freed\n\t btrfs_close_bdev(btrfs_device_2)\n fput(btrfs_device_2->bdev_file)\n\n3. mount /dev/loop1 /mnt\n btrfs_open_devices\n btrfs_get_bdev_and_sb(&bdev_file)\n // EIO, btrfs_device_1->bdev_file is not assigned,\n // which points to a freed memory area\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n btrfs_free_extra_devids\n if (btrfs_device_1->bdev_file)\n fput(btrfs_device_1->bdev_file) // UAF !\n\nFix it by setting 'device->bdev_file' as 'NULL' after closing the\nbtrfs_device in btrfs_close_one_device()."
},
{
"lang": "es",

49
CVE-2024/CVE-2024-502xx/CVE-2024-50264.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50264",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:28.210",
"lastModified": "2024-11-19T02:16:28.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk->trans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk->trans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk->trans to NULL."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50265.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50265",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:28.310",
"lastModified": "2024-11-19T02:16:28.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()\n\nSyzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove():\n\n[ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12\n[ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry\n[ 57.321727] BUG: kernel NULL pointer dereference, address: 0000000000000004\n[...]\n[ 57.325727] RIP: 0010:ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[...]\n[ 57.331328] Call Trace:\n[ 57.331477] <TASK>\n[...]\n[ 57.333511] ? do_user_addr_fault+0x3e5/0x740\n[ 57.333778] ? exc_page_fault+0x70/0x170\n[ 57.334016] ? asm_exc_page_fault+0x2b/0x30\n[ 57.334263] ? __pfx_ocfs2_xa_block_wipe_namevalue+0x10/0x10\n[ 57.334596] ? ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[ 57.334913] ocfs2_xa_remove_entry+0x23/0xc0\n[ 57.335164] ocfs2_xa_set+0x704/0xcf0\n[ 57.335381] ? _raw_spin_unlock+0x1a/0x40\n[ 57.335620] ? ocfs2_inode_cache_unlock+0x16/0x20\n[ 57.335915] ? trace_preempt_on+0x1e/0x70\n[ 57.336153] ? start_this_handle+0x16c/0x500\n[ 57.336410] ? preempt_count_sub+0x50/0x80\n[ 57.336656] ? _raw_read_unlock+0x20/0x40\n[ 57.336906] ? start_this_handle+0x16c/0x500\n[ 57.337162] ocfs2_xattr_block_set+0xa6/0x1e0\n[ 57.337424] __ocfs2_xattr_set_handle+0x1fd/0x5d0\n[ 57.337706] ? ocfs2_start_trans+0x13d/0x290\n[ 57.337971] ocfs2_xattr_set+0xb13/0xfb0\n[ 57.338207] ? dput+0x46/0x1c0\n[ 57.338393] ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338665] ? ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338948] __vfs_removexattr+0x92/0xc0\n[ 57.339182] __vfs_removexattr_locked+0xd5/0x190\n[ 57.339456] ? preempt_count_sub+0x50/0x80\n[ 57.339705] vfs_removexattr+0x5f/0x100\n[...]\n\nReproducer uses faultinject facility to fail ocfs2_xa_remove() ->\nocfs2_xa_value_truncate() with -ENOMEM.\n\nIn this case the comment mentions that we can return 0 if\nocfs2_xa_cleanup_value_truncate() is going to wipe the entry\nanyway. But the following 'rc' check is wrong and execution flow do\n'ocfs2_xa_remove_entry(loc);' twice:\n* 1st: in ocfs2_xa_cleanup_value_truncate();\n* 2nd: returning back to ocfs2_xa_remove() instead of going to 'out'.\n\nFix this by skipping the 2nd removal of the same entry and making\nsyzkaller repro happy."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b63c0e01fba40e3992bc627272ec7b618ccaef7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/168a9b8303fcb0317db4c06b23ce1c0ce2af4e10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2b5369528ee63c88371816178a05b5e664c87386",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/38cbf13b2e7a31362babe411f7c2c3c52cd2734b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6a7e6dcf90fe7721d0863067b6ca9a9442134692",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86dd0e8d42828923c68ad506933336bcd6f2317d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dcc8fe8c83145041cb6c80cac21f6173a3ff0204",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd73c942eed76a014c7a5597e6926435274d2c4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50266.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50266",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:28.540",
"lastModified": "2024-11-19T02:16:28.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs\n\nA recent change in the venus driver results in a stuck clock on the\nLenovo ThinkPad X13s, for example, when streaming video in firefox:\n\n\tvideo_cc_mvs0_clk status stuck at 'off'\n\tWARNING: CPU: 6 PID: 2885 at drivers/clk/qcom/clk-branch.c:87 clk_branch_wait+0x144/0x15c\n\t...\n\tCall trace:\n\t clk_branch_wait+0x144/0x15c\n\t clk_branch2_enable+0x30/0x40\n\t clk_core_enable+0xd8/0x29c\n\t clk_enable+0x2c/0x4c\n\t vcodec_clks_enable.isra.0+0x94/0xd8 [venus_core]\n\t coreid_power_v4+0x464/0x628 [venus_core]\n\t vdec_start_streaming+0xc4/0x510 [venus_dec]\n\t vb2_start_streaming+0x6c/0x180 [videobuf2_common]\n\t vb2_core_streamon+0x120/0x1dc [videobuf2_common]\n\t vb2_streamon+0x1c/0x6c [videobuf2_v4l2]\n\t v4l2_m2m_ioctl_streamon+0x30/0x80 [v4l2_mem2mem]\n\t v4l_streamon+0x24/0x30 [videodev]\n\nusing the out-of-tree sm8350/sc8280xp venus support. [1]\n\nUpdate also the sm8350/sc8280xp GDSC definitions so that the hw control\nmode can be changed at runtime as the venus driver now requires."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/d055f6f2bdfb8b9c9bc071f748c16bd3afb2db0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f903663a8dcd6e1656e52856afbf706cc14cbe6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50267.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50267",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:28.647",
"lastModified": "2024-11-19T02:16:28.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(&urb->dev->dev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-502xx/CVE-2024-50268.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-50268",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:28.787",
"lastModified": "2024-11-19T02:16:28.787",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()\n\nThe \"*cmd\" variable can be controlled by the user via debugfs. That means\n\"new_cam\" can be as high as 255 while the size of the uc->updated[] array\nis UCSI_MAX_ALTMODES (30).\n\nThe call tree is:\nucsi_cmd() // val comes from simple_attr_write_xsigned()\n-> ucsi_send_command()\n -> ucsi_send_command_common()\n -> ucsi_run_command() // calls ucsi->ops->sync_control()\n -> ucsi_ccg_sync_control()"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a2ba841659a0f15102585120dea75d8d5209616",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/604314ecd682913925980dc955caea2d036eab5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/69e19774f15e12dda6c6c58001d059e30895009b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7dd08a0b4193087976db6b3ee7807de7e8316f96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8f47984b35f3be0cfc652c2ca358d5768ea3456b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d76923164705821aa1b01b8d9d1741f20c654ab4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50269.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50269",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:28.930",
"lastModified": "2024-11-19T02:16:28.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: sunxi: Fix accessing an released usb phy\n\nCommit 6ed05c68cbca (\"usb: musb: sunxi: Explicitly release USB PHY on\nexit\") will cause that usb phy @glue->xceiv is accessed after released.\n\n1) register platform driver @sunxi_musb_driver\n// get the usb phy @glue->xceiv\nsunxi_musb_probe() -> devm_usb_get_phy().\n\n2) register and unregister platform driver @musb_driver\nmusb_probe() -> sunxi_musb_init()\nuse the phy here\n//the phy is released here\nmusb_remove() -> sunxi_musb_exit() -> devm_usb_put_phy()\n\n3) register @musb_driver again\nmusb_probe() -> sunxi_musb_init()\nuse the phy here but the phy has been released at 2).\n...\n\nFixed by reverting the commit, namely, removing devm_usb_put_phy()\nfrom sunxi_musb_exit()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/498dbd9aea205db9da674994b74c7bf8e18448bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4aa77d5ea9944468e16c3eed15e858fd5de44de1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/63559ba8077cbadae1c92a65b73ea522bf377dd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6e2848d1c8c0139161e69ac0a94133e90e9988e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/721ddad945596220c123eb6f7126729fe277ee4f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8a30da5aa9609663b3e05bcc91a916537f66a4cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b08baa75b989cf779cbfa0969681f8ba2dc46569",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ccd811c304d2ee56189bfbc49302cb3c44361893",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50270.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50270",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.033",
"lastModified": "2024-11-19T02:16:29.033",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/core: avoid overflow in damon_feed_loop_next_input()\n\ndamon_feed_loop_next_input() is inefficient and fragile to overflows. \nSpecifically, 'score_goal_diff_bp' calculation can overflow when 'score'\nis high. The calculation is actually unnecessary at all because 'goal' is\na constant of value 10,000. Calculation of 'compensation' is again\nfragile to overflow. Final calculation of return value for under-achiving\ncase is again fragile to overflow when the current score is\nunder-achieving the target.\n\nAdd two corner cases handling at the beginning of the function to make the\nbody easier to read, and rewrite the body of the function to avoid\noverflows and the unnecessary bp value calcuation."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d339a1f0f16ff5dea58e612ff336f0be0d041e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4401e9d10ab0281a520b9f8c220f30f60b5c248f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50271.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50271",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.180",
"lastModified": "2024-11-19T02:16:29.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsignal: restore the override_rlimit logic\n\nPrior to commit d64696905554 (\"Reimplement RLIMIT_SIGPENDING on top of\nucounts\") UCOUNT_RLIMIT_SIGPENDING rlimit was not enforced for a class of\nsignals. However now it's enforced unconditionally, even if\noverride_rlimit is set. This behavior change caused production issues. \n\nFor example, if the limit is reached and a process receives a SIGSEGV\nsignal, sigqueue_alloc fails to allocate the necessary resources for the\nsignal delivery, preventing the signal from being delivered with siginfo. \nThis prevents the process from correctly identifying the fault address and\nhandling the error. From the user-space perspective, applications are\nunaware that the limit has been reached and that the siginfo is\neffectively 'corrupted'. This can lead to unpredictable behavior and\ncrashes, as we observed with java applications.\n\nFix this by passing override_rlimit into inc_rlimit_get_ucounts() and skip\nthe comparison to max there if override_rlimit is set. This effectively\nrestores the old behavior."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/012f4d5d25e9ef92ee129bd5aa7aa60f692681e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0208ea17a1e4456fbfe555f13ae5c28f3d671e40",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4877d9b2a2ebad3ae240127aaa4cb8258b145cf7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e05e5c7ee8758141d2db7e8fea2cab34500c6ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50272.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50272",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.357",
"lastModified": "2024-11-19T02:16:29.357",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: Fix bounds checking in filemap_read()\n\nIf the caller supplies an iocb->ki_pos value that is close to the\nfilesystem upper limit, and an iterator with a count that causes us to\noverflow that limit, then filemap_read() enters an infinite loop.\n\nThis behaviour was discovered when testing xfstests generic/525 with the\n\"localio\" optimisation for loopback NFS mounts."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/26530b757c81f1389fb33ae0357500150933161b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6450e73f4c86d481ac2e22e1bc848d346e140826",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2746ab3bbc9c6408da5cd072653ec8c24749235",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ace149e0830c380ddfce7e466fe860ca502fe4ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50273.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50273",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.483",
"lastModified": "2024-11-19T02:16:29.483",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reinitialize delayed ref list after deleting it from the list\n\nAt insert_delayed_ref() if we need to update the action of an existing\nref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head's\nref_add_list using list_del(), which leaves the ref's add_list member\nnot reinitialized, as list_del() sets the next and prev members of the\nlist to LIST_POISON1 and LIST_POISON2, respectively.\n\nIf later we end up calling drop_delayed_ref() against the ref, which can\nhappen during merging or when destroying delayed refs due to a transaction\nabort, we can trigger a crash since at drop_delayed_ref() we call\nlist_empty() against the ref's add_list, which returns false since\nthe list was not reinitialized after the list_del() and as a consequence\nwe call list_del() again at drop_delayed_ref(). This results in an\ninvalid list access since the next and prev members are set to poison\npointers, resulting in a splat if CONFIG_LIST_HARDENED and\nCONFIG_DEBUG_LIST are set or invalid poison pointer dereferences\notherwise.\n\nSo fix this by deleting from the list with list_del_init() instead."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2cb1a73d1d44a1c11b0ee5eeced765dd80ec48e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2fd0948a483e9cb2d669c7199bc620a21c97673d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/50a3933760b427759afdd23156a7280a19357a92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/93c5b8decc0ef39ba84f4211d2db6da0a4aefbeb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bf0b0c6d159767c0d1c21f793950d78486690ee0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c24fa427fc0ae827b2a3a07f13738cbf82c3f851",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c9a75ec45f1111ef530ab186c2a7684d0a0c9245",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f04be6d68f715c1473a8422fc0460f57b5e99931",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50274.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50274",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.650",
"lastModified": "2024-11-19T02:16:29.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: avoid vport access in idpf_get_link_ksettings\n\nWhen the device control plane is removed or the platform\nrunning device control plane is rebooted, a reset is detected\non the driver. On driver reset, it releases the resources and\nwaits for the reset to complete. If the reset fails, it takes\nthe error path and releases the vport lock. At this time if the\nmonitoring tools tries to access link settings, it call traces\nfor accessing released vport pointer.\n\nTo avoid it, move link_speed_mbps to netdev_priv structure\nwhich removes the dependency on vport pointer and the vport lock\nin idpf_get_link_ksettings. Also use netif_carrier_ok()\nto check the link status and adjust the offsetof to use link_up\ninstead of link_speed_mbps."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/81d2fb4c7c18a3b36ba3e00b9d5b753107472d75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa4d906ad0fb63a980a1d586a061c78ea1a345ba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-502xx/CVE-2024-50275.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-50275",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.760",
"lastModified": "2024-11-19T02:16:29.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/sve: Discard stale CPU state when handling SVE traps\n\nThe logic for handling SVE traps manipulates saved FPSIMD/SVE state\nincorrectly, and a race with preemption can result in a task having\nTIF_SVE set and TIF_FOREIGN_FPSTATE clear even though the live CPU state\nis stale (e.g. with SVE traps enabled). This has been observed to result\nin warnings from do_sve_acc() where SVE traps are not expected while\nTIF_SVE is set:\n\n| if (test_and_set_thread_flag(TIF_SVE))\n| WARN_ON(1); /* SVE access shouldn't have trapped */\n\nWarnings of this form have been reported intermittently, e.g.\n\n https://lore.kernel.org/linux-arm-kernel/CA+G9fYtEGe_DhY2Ms7+L7NKsLYUomGsgqpdBj+QwDLeSg=JhGg@mail.gmail.com/\n https://lore.kernel.org/linux-arm-kernel/000000000000511e9a060ce5a45c@google.com/\n\nThe race can occur when the SVE trap handler is preempted before and\nafter manipulating the saved FPSIMD/SVE state, starting and ending on\nthe same CPU, e.g.\n\n| void do_sve_acc(unsigned long esr, struct pt_regs *regs)\n| {\n| // Trap on CPU 0 with TIF_SVE clear, SVE traps enabled\n| // task->fpsimd_cpu is 0.\n| // per_cpu_ptr(&fpsimd_last_state, 0) is task.\n|\n| ...\n|\n| // Preempted; migrated from CPU 0 to CPU 1.\n| // TIF_FOREIGN_FPSTATE is set.\n|\n| get_cpu_fpsimd_context();\n|\n| if (test_and_set_thread_flag(TIF_SVE))\n| WARN_ON(1); /* SVE access shouldn't have trapped */\n|\n| sve_init_regs() {\n| if (!test_thread_flag(TIF_FOREIGN_FPSTATE)) {\n| ...\n| } else {\n| fpsimd_to_sve(current);\n| current->thread.fp_type = FP_STATE_SVE;\n| }\n| }\n|\n| put_cpu_fpsimd_context();\n|\n| // Preempted; migrated from CPU 1 to CPU 0.\n| // task->fpsimd_cpu is still 0\n| // If per_cpu_ptr(&fpsimd_last_state, 0) is still task then:\n| // - Stale HW state is reused (with SVE traps enabled)\n| // - TIF_FOREIGN_FPSTATE is cleared\n| // - A return to userspace skips HW state restore\n| }\n\nFix the case where the state is not live and TIF_FOREIGN_FPSTATE is set\nby calling fpsimd_flush_task_state() to detach from the saved CPU\nstate. This ensures that a subsequent context switch will not reuse the\nstale CPU state, and will instead set TIF_FOREIGN_FPSTATE, forcing the\nnew state to be reloaded from memory prior to a return to userspace."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/51d11ea0250d6ee461987403bbfd4b2abb5613a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/751ecf6afd6568adc98f2a6052315552c0483d18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa9ce027b3ce37a2bb173bf2553b5caa438fd8c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50276.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50276",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:29.927",
"lastModified": "2024-11-19T02:16:29.927",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vertexcom: mse102x: Fix possible double free of TX skb\n\nThe scope of the TX skb is wider than just mse102x_tx_frame_spi(),\nso in case the TX skb room needs to be expanded, we should free the\nthe temporary skb instead of the original skb. Otherwise the original\nTX skb pointer would be freed again in mse102x_tx_work(), which leads\nto crashes:\n\n Internal error: Oops: 0000000096000004 [#2] PREEMPT SMP\n CPU: 0 PID: 712 Comm: kworker/0:1 Tainted: G D 6.6.23\n Hardware name: chargebyte Charge SOM DC-ONE (DT)\n Workqueue: events mse102x_tx_work [mse102x]\n pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : skb_release_data+0xb8/0x1d8\n lr : skb_release_data+0x1ac/0x1d8\n sp : ffff8000819a3cc0\n x29: ffff8000819a3cc0 x28: ffff0000046daa60 x27: ffff0000057f2dc0\n x26: ffff000005386c00 x25: 0000000000000002 x24: 00000000ffffffff\n x23: 0000000000000000 x22: 0000000000000001 x21: ffff0000057f2e50\n x20: 0000000000000006 x19: 0000000000000000 x18: ffff00003fdacfcc\n x17: e69ad452d0c49def x16: 84a005feff870102 x15: 0000000000000000\n x14: 000000000000024a x13: 0000000000000002 x12: 0000000000000000\n x11: 0000000000000400 x10: 0000000000000930 x9 : ffff00003fd913e8\n x8 : fffffc00001bc008\n x7 : 0000000000000000 x6 : 0000000000000008\n x5 : ffff00003fd91340 x4 : 0000000000000000 x3 : 0000000000000009\n x2 : 00000000fffffffe x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n skb_release_data+0xb8/0x1d8\n kfree_skb_reason+0x48/0xb0\n mse102x_tx_work+0x164/0x35c [mse102x]\n process_one_work+0x138/0x260\n worker_thread+0x32c/0x438\n kthread+0x118/0x11c\n ret_from_fork+0x10/0x20\n Code: aa1303e0 97fffab6 72001c1f 54000141 (f9400660)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1325e838089da25217f4b403318a270fcdf88f34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1f26339b2ed63d1e8e18a18674fb73a392f3660e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2cf0e77f5a0aa1ff336aa71743eda55c73902187",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/91c9daa21f3ff8668f9e1d6c860024ce7ad64137",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50277.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50277",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.013",
"lastModified": "2024-11-19T02:16:30.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix a crash if blk_alloc_disk fails\n\nIf blk_alloc_disk fails, the variable md->disk is set to an error value.\ncleanup_mapped_device will see that md->disk is non-NULL and it will\nattempt to access it, causing a crash on this statement\n\"md->disk->private_data = NULL;\"."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/d7aec2a06730b774a97caaf48cbbc58330a85829",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fed13a5478680614ba97fc87e71f16e2e197912e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50278.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50278",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.113",
"lastModified": "2024-11-19T02:16:30.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix potential out-of-bounds access on the first resume\n\nOut-of-bounds access occurs if the fast device is expanded unexpectedly\nbefore the first-time resume of the cache table. This happens because\nexpanding the fast device requires reloading the cache table for\ncache_create to allocate new in-core data structures that fit the new\nsize, and the check in cache_preresume is not performed during the\nfirst resume, leading to the issue.\n\nReproduce steps:\n\n1. prepare component devices:\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\n\n2. load a cache table of 512 cache blocks, and deliberately expand the\n fast device before resuming the cache, making the in-core data\n structures inadequate.\n\ndmsetup create cache --notable\ndmsetup reload cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\ndmsetup reload cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\n3. suspend the cache to write out the in-core dirty bitset and hint\n array, leading to out-of-bounds access to the dirty bitset at offset\n 0x40:\n\ndmsetup suspend cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80\n Read of size 8 at addr ffffc90000085040 by task dmsetup/90\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc90000085000, ffffc90000087000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n >ffffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by checking the size change on the first resume."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/036dd6e3d2638103e0092864577ea1d091466b86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/13ed3624c6ef283acefa4cc42cc8ae54fd4391a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2222b0929d00e2d13732b799b63be391b5de4492",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/483b7261b35a9d369082ab298a6670912243f0be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c0ade5d98979585d4f5a93e4514c2e9a65afa08d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c52ec00cb2f9bebfada22edcc0db385b910a1cdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e492f71854ce03474d49e87fd98b8df1f7cd1d2d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fdef3b94dfebd57e3077a578b6e309a2bb6fa688",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50279.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50279",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.210",
"lastModified": "2024-11-19T02:16:30.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n >ffffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3b02c40ff10fdf83cc545850db208de855ebe22c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4fa4feb873cea0e9d6ff883b37cca6f33169d8b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/56507203e1b6127967ec2b51fb0b23a0d4af1334",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/792227719725497ce10a8039803bec13f89f8910",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8501e38dc9e0060814c4085815fc83da3e6d43bf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e57648ce325fa405fe6bbd0e6a618ced7c301a2d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ee1f74925717ab36f6a091104c170639501ce818",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ff1dd8a04c30e8d4e2fd5c83198ca672eb6a9e7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50280.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50280",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.303",
"lastModified": "2024-11-19T02:16:30.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix flushing uninitialized delayed_work on cache_ctr error\n\nAn unexpected WARN_ON from flush_work() may occur when cache creation\nfails, caused by destroying the uninitialized delayed_work waker in the\nerror path of cache_create(). For example, the warning appears on the\nsuperblock checksum error.\n\nReproduce steps:\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/urandom of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\nKernel logs:\n\n(snip)\nWARNING: CPU: 0 PID: 84 at kernel/workqueue.c:4178 __flush_work+0x5d4/0x890\n\nFix by pulling out the cancel_delayed_work_sync() from the constructor's\nerror path. This patch doesn't affect the use-after-free fix for\nconcurrent dm_resume and dm_destroy (commit 6a459d8edbdb (\"dm cache: Fix\nUAF in destroy()\")) as cache_dtr is not changed."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/135496c208ba26fd68cdef10b64ed7a91ac9a7ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5a754d3c771280f2d06bf8ab716d6a0d36ca256e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8cc12dab635333c4ea28e72d7b947be7d0543c2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aee3ecda73ce13af7c3e556383342b57e6bd0718",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50281.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50281",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.413",
"lastModified": "2024-11-19T02:16:30.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation\n\nWhen sealing or unsealing a key blob we currently do not wait for\nthe AEAD cipher operation to finish and simply return after submitting\nthe request. If there is some load on the system we can exit before\nthe cipher operation is done and the buffer we read from/write to\nis already removed from the stack. This will e.g. result in NULL\npointer dereference errors in the DCP driver during blob creation.\n\nFix this by waiting for the AEAD cipher operation to finish before\nresuming the seal and unseal calls."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/04de7589e0a95167d803ecadd115235ba2c14997",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c75e0272289eae18c5379518a9c56ef31d65cc7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50282.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50282",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.540",
"lastModified": "2024-11-19T02:16:30.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()\n\nAvoid a possible buffer overflow if size is larger than 4K.\n\n(cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/17f5f18085acb5e9d8d13d84a4e12bb3aff2bd64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/25d7e84343e1235b667cf5226c3934fdf36f0df6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892b1d24e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ccd781794d247589104a791caab491e21218fba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aaf6160a4b7f9ee3cd91aa5b3251f5dbe2170f42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50283.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50283",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.620",
"lastModified": "2024-11-19T02:16:30.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp\n\nksmbd_user_session_put should be called under smb3_preauth_hash_rsp().\nIt will avoid freeing session before calling smb3_preauth_hash_rsp()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1b6ad475d4ed577d34e0157eb507be00c588bf5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b8fc56fbca7482c1e5c0e3351c6ae78982e25ada",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c6cdc08c25a868a08068dfc319fa9fce982b8e7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f7557bbca40d4ca8bb1c6c940ac6c95078bd0827",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50284.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50284",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.697",
"lastModified": "2024-11-19T02:16:30.697",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: Fix the missing xa_store error check\n\nxa_store() can fail, it return xa_err(-EINVAL) if the entry cannot\nbe stored in an XArray, or xa_err(-ENOMEM) if memory allocation failed,\nso check error for xa_store() to fix it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3abab905b14f4ba756d413f37f1fb02b708eee93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/726c1568b9145fa13ee248df184b186c382a7ff8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c2a232c4f790f4bcd4d218904c56ac7a39a448f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d8664ce789bd46290c59a00da6897252f92c237d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-502xx/CVE-2024-50285.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-50285",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.787",
"lastModified": "2024-11-19T02:16:30.787",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: check outstanding simultaneous SMB operations\n\nIf Client send simultaneous SMB operations to ksmbd, It exhausts too much\nmemory through the \"ksmbd_work_cache\u201d. It will cause OOM issue.\nksmbd has a credit mechanism but it can't handle this problem. This patch\nadd the check if it exceeds max credits to prevent this problem by assuming\nthat one smb request consumes at least one credit."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a77d947f599b1f39065015bec99390d0c0022ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1f993777275cbd8f74765c4f9d9285cb907c9be5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e257ac6fe138623cf59fca8898abdf659dbc8356",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-502xx/CVE-2024-50286.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50286",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.860",
"lastModified": "2024-11-19T02:16:30.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab-use-after-free in ksmbd_smb2_session_create\n\nThere is a race condition between ksmbd_smb2_session_create and\nksmbd_expire_session. This patch add missing sessions_table_lock\nwhile adding/deleting session from global session table."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a77715db22611df50b178374c51e2ba0d58866e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e7a2ad2044377853cf8c59528dac808a08a99c72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e923503a56b3385b64ae492e3225e4623f560c5b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f56446ba5378d19e31040b548a14ee9a8f1500ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50287.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50287",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.937",
"lastModified": "2024-11-19T02:16:30.937",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: prevent the risk of a division by zero\n\nAs reported by Coverity, the logic at tpg_precalculate_line()\nblindly rescales the buffer even when scaled_witdh is equal to\nzero. If this ever happens, this will cause a division by zero.\n\nInstead, add a WARN_ON_ONCE() to trigger such cases and return\nwithout doing any precalculation."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/054931ca3cfcb8e8fa036e887d6f379942b02565",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0bfc6e38ee2250f0503d96f1a1de441c31d88715",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0cdb42ba0b28f548c1a4e86bb8489dba0d78fc21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2d0f01aa602fd15a805771bdf3f4d9a9b4df7f47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a749c15dccc58d9cbad9cd23bd8ab4b5fa96cf47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c63c30c9d9f2c8de34b16cd2b8400240533b914e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e3c36d0bde309f690ed1f9cd5f7e63b3a513f94a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e6a3ea83fbe15d4818d01804e904cbb0e64e543b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50288.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50288",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.023",
"lastModified": "2024-11-19T02:16:31.023",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vivid: fix buffer overwrite when using > 32 buffers\n\nThe maximum number of buffers that can be requested was increased to\n64 for the video capture queue. But video capture used a must_blank\narray that was still sized for 32 (VIDEO_MAX_FRAME). This caused an\nout-of-bounds write when using buffer indices >= 32.\n\nCreate a new define MAX_VID_CAP_BUFFERS that is used to access the\nmust_blank array and set max_num_buffers for the video capture queue.\n\nThis solves a crash reported by:\n\n\thttps://bugzilla.kernel.org/show_bug.cgi?id=219258"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/96d8569563916fe2f8fe17317e20e43f54f9ba4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e6bacd8f2178b22859fe6d9f755f19dfcd9d3862",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50289.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50289",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.117",
"lastModified": "2024-11-19T02:16:31.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: fix a spectre vulnerability\n\nAs warned by smatch:\n\tdrivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap)\n\nThere is a spectre-related vulnerability at the code. Fix it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/458ea1c0be991573ec436aa0afa23baacfae101a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f3927206c478bd249c225414f7a751752a30e7b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50290.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50290",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.190",
"lastModified": "2024-11-19T02:16:31.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/127b9076baeadd734b18ddc8f2cd93b47d5a3ea3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3a1ed994d9454132354b860321414955da289929",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/576a307a7650bd544fbb24df801b9b7863b85e2f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/828047c70f4716fde4b1316f7b610e97a4e83824",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/83c152b55d88cbf6fc4685941fcb31333986774d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cad97ca8cfd43a78a19b59949f33e3563d369247",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f2b4f277c41db8d548f38f1dd091bbdf6a5acb07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fbefe31e4598cdb0889eee2e74c995b2212efb08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50291.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50291",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.280",
"lastModified": "2024-11-19T02:16:31.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-core: add missing buffer index check\n\ndvb_vb2_expbuf() didn't check if the given buffer index was\nfor a valid buffer. Add this check."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/721c37af0355cc0b540909c57fd7930dc99c72d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa88dc7db176c79b50adb132a56120a1d4d9d18b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-502xx/CVE-2024-50292.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-50292",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.363",
"lastModified": "2024-11-19T02:16:31.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove\n\nIn case of error when requesting ctrl_chan DMA channel, ctrl_chan is not\nnull. So the release of the dma channel leads to the following issue:\n[ 4.879000] st,stm32-spdifrx 500d0000.audio-controller:\ndma_request_slave_channel error -19\n[ 4.888975] Unable to handle kernel NULL pointer dereference\nat virtual address 000000000000003d\n[...]\n[ 5.096577] Call trace:\n[ 5.099099] dma_release_channel+0x24/0x100\n[ 5.103235] stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx]\n[ 5.109494] stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx]\n\nTo avoid this issue, release channel only if the pointer is valid."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0d75f887aabd80cf37ea48d28f159afa7850ea28",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/22ae9321054cf7f36c537702af133659f51a0b88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/23bdbd1ef3e063e03d3c50c15a591b005ebbae39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3a977b554f668382dfba31fd62e4cce4fe5643db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f1d74f74752eab8af6b8b28797dc6490d57374c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9bb4af400c386374ab1047df44c508512c08c31f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50293.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50293",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.493",
"lastModified": "2024-11-19T02:16:31.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: do not leave a dangling sk pointer in __smc_create()\n\nThanks to commit 4bbd360a5084 (\"socket: Print pf->create() when\nit does not clear sock->sk on failure.\"), syzbot found an issue with AF_SMC:\n\nsmc_create must clear sock->sk on failure, family: 43, type: 1, protocol: 0\n WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563\nModules linked in:\nCPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563\nCode: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 <0f> 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7\nRSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246\nRAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50\nR10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8\nR13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0\nFS: 000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n sock_create net/socket.c:1616 [inline]\n __sys_socket_create net/socket.c:1653 [inline]\n __sys_socket+0x150/0x3c0 net/socket.c:1700\n __do_sys_socket net/socket.c:1714 [inline]\n __se_sys_socket net/socket.c:1712 [inline]\n\nFor reference, see commit 2d859aff775d (\"Merge branch\n'do-not-leave-dangling-sk-pointers-in-pf-create-functions'\")"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/d293958a8595ba566fb90b99da4d6263e14fee15",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2cc492124e1f22daa1700f069bcc58788043381",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-502xx/CVE-2024-50294.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-50294",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.587",
"lastModified": "2024-11-19T02:16:31.587",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix missing locking causing hanging calls\n\nIf a call gets aborted (e.g. because kafs saw a signal) between it being\nqueued for connection and the I/O thread picking up the call, the abort\nwill be prioritised over the connection and it will be removed from\nlocal->new_client_calls by rxrpc_disconnect_client_call() without a lock\nbeing held. This may cause other calls on the list to disappear if a race\noccurs.\n\nFix this by taking the client_call_lock when removing a call from whatever\nlist its ->wait_link happens to be on."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fc9de52de38f656399d2ce40f7349a6b5f86e787",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-502xx/CVE-2024-50295.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-50295",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.687",
"lastModified": "2024-11-19T02:16:31.687",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: arc: fix the device for dma_map_single/dma_unmap_single\n\nThe ndev->dev and pdev->dev aren't the same device, use ndev->dev.parent\nwhich has dma_mask, ndev->dev.parent is just pdev->dev.\nOr it would cause the following issue:\n\n[ 39.933526] ------------[ cut here ]------------\n[ 39.938414] WARNING: CPU: 1 PID: 501 at kernel/dma/mapping.c:149 dma_map_page_attrs+0x90/0x1f8"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/30606ea3fae57f8e9f2467415389e988e3c53a18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3898393b5483c8aa2efd7cb13aa70e22078ab022",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/71803c1dfa29e0d13b99e48fda11107cc8caebc7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8ed7a4a39c3f7cd9655af867e878fda512ae67ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd4706d9ac0d8d3bab8dc9e50cc1187f6cfa43dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fd4e062fbc07156f8e9d73212d347c744572677e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50296.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50296",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.780",
"lastModified": "2024-11-19T02:16:31.780",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when uninstalling driver\n\nWhen the driver is uninstalled and the VF is disabled concurrently, a\nkernel crash occurs. The reason is that the two actions call function\npci_disable_sriov(). The num_VFs is checked to determine whether to\nrelease the corresponding resources. During the second calling, num_VFs\nis not 0 and the resource release function is called. However, the\ncorresponding resource has been released during the first invoking.\nTherefore, the problem occurs:\n\n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n...\n[15278.131557][T50670] Call trace:\n[15278.134686][T50670] klist_put+0x28/0x12c\n[15278.138682][T50670] klist_del+0x14/0x20\n[15278.142592][T50670] device_del+0xbc/0x3c0\n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120\n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80\n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c\n[15278.162485][T50670] sriov_disable+0x50/0x11c\n[15278.166829][T50670] pci_disable_sriov+0x24/0x30\n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3]\n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge]\n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230\n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30\n[15278.193848][T50670] invoke_syscall+0x50/0x11c\n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164\n[15278.203837][T50670] do_el0_svc+0x34/0xcc\n[15278.207834][T50670] el0_svc+0x20/0x30\n\nFor details, see the following figure.\n\n rmmod hclge disable VFs\n----------------------------------------------------\nhclge_exit() sriov_numvfs_store()\n ... device_lock()\n pci_disable_sriov() hns3_pci_sriov_configure()\n pci_disable_sriov()\n sriov_disable()\n sriov_disable() if !num_VFs :\n if !num_VFs : return;\n return; sriov_del_vfs()\n sriov_del_vfs() ...\n ... klist_put()\n klist_put() ...\n ... num_VFs = 0;\n num_VFs = 0; device_unlock();\n\nIn this patch, when driver is removing, we get the device_lock()\nto protect num_VFs, just like sriov_numvfs_store()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/590a4b2d4e0b73586e88bce9b8135b593355ec09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/719edd9f3372ce7fb3b157647c6658672946874b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/76b155e14d9b182ce83d32ada2d0d7219ea8c8dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ae4e56de7dbd0999578246a536cf52a63f4056d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a0df055775f30850c0da8f7dab40d67c0fd63908",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b5c94e4d947d15d521e935ff10c5a22a7883dea5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df3dff8ab6d79edc942464999d06fbaedf8cdd18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e36482b222e00cc7aeeea772fc0cf2943590bc4d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-502xx/CVE-2024-50297.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50297",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.887",
"lastModified": "2024-11-19T02:16:31.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts\n\nEnqueue packets in dql after dma engine starts causes race condition.\nTx transfer starts once dma engine is started and may execute dql dequeue\nin completion before it gets queued. It results in following kernel crash\nwhile running iperf stress test:\n\nkernel BUG at lib/dynamic_queue_limits.c:99!\n<snip>\nInternal error: Oops - BUG: 00000000f2000800 [#1] SMP\npc : dql_completed+0x238/0x248\nlr : dql_completed+0x3c/0x248\n\nCall trace:\n dql_completed+0x238/0x248\n axienet_dma_tx_cb+0xa0/0x170\n xilinx_dma_do_tasklet+0xdc/0x290\n tasklet_action_common+0xf8/0x11c\n tasklet_action+0x30/0x3c\n handle_softirqs+0xf8/0x230\n<snip>\n\nStart dmaengine after enqueue in dql fixes the crash."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5ccdcdf186aec6b9111845fd37e1757e9b413e2f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/def3dee25cbd1c9b2ed443c3f6180e952563de77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-502xx/CVE-2024-50298.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-50298",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:31.970",
"lastModified": "2024-11-19T02:16:31.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: allocate vf_state during PF probes\n\nIn the previous implementation, vf_state is allocated memory only when VF\nis enabled. However, net_device_ops::ndo_set_vf_mac() may be called before\nVF is enabled to configure the MAC address of VF. If this is the case,\nenetc_pf_set_vf_mac() will access vf_state, resulting in access to a null\npointer. The simplified error log is as follows.\n\nroot@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89\n[ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n[ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy\n[ 173.641973] lr : do_setlink+0x4a8/0xec8\n[ 173.732292] Call trace:\n[ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80\n[ 173.738847] __rtnl_newlink+0x530/0x89c\n[ 173.742692] rtnl_newlink+0x50/0x7c\n[ 173.746189] rtnetlink_rcv_msg+0x128/0x390\n[ 173.750298] netlink_rcv_skb+0x60/0x130\n[ 173.754145] rtnetlink_rcv+0x18/0x24\n[ 173.757731] netlink_unicast+0x318/0x380\n[ 173.761665] netlink_sendmsg+0x17c/0x3c8"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e15c5506dd39885cd047f811a64240e2e8ab401b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef0edfbe9eeed1fccad7cb705648af5222664944",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-502xx/CVE-2024-50299.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50299",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:32.053",
"lastModified": "2024-11-19T02:16:32.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: properly validate chunk size in sctp_sf_ootb()\n\nA size validation fix similar to that in Commit 50619dbf8db7 (\"sctp: add\nsize validation when walking chunks\") is also required in sctp_sf_ootb()\nto address a crash reported by syzbot:\n\n BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712\n sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712\n sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166\n sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407\n sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88\n sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243\n sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159\n ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ead60804b64f5bd6999eec88e503c6a1a242d41",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/40b283ba76665437bc2ac72079c51b57b25bff9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/67b9a278b80f71ec62091ded97c6bcbea33b5ec3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8820d2d6589f62ee5514793fff9b50c9f8101182",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9b5d42aeaf1a52f73b003a33da6deef7df34685f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a758aa6a773bb872196bcc3173171ef8996bddf0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bf9bff13225baf5f658577f7d985fc4933d79527",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3fb3cc83cf313e4f87063ce0f3fea76b071567b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-503xx/CVE-2024-50300.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-50300",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:32.140",
"lastModified": "2024-11-19T02:16:32.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: rtq2208: Fix uninitialized use of regulator_config\n\nFix rtq2208 driver uninitialized use to cause kernel error."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2feb023110843acce790e9089e72e9a9503d9fa5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64fbab934ae59be9caffc80a75450984b1e108e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9b7c0405af667857b3ad24a7ef6723f5475a9e43",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-503xx/CVE-2024-50301.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50301",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:32.230",
"lastModified": "2024-11-19T02:16:32.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern '0xxxxxxxe6'.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node->back_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------>+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/199c20fb7499c79557a075dc24e9a7dae7d9f1ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1e4332581cd4eed75aea77af6f66cdcdda8b49b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3e79ad156bedf2da0ab909a118d2cec6c9c22b79",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4a74da044ec9ec8679e6beccc4306b936b62873f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4efb69a0e294ef201bcdf7ce3d6202cd0a545a5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bbad2d5b6c99db468d8f88b6ba6a56ed409b4881",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c3ce634ad953ce48c75c39bdfd8b711dd95f346f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e0a317ad68e4ea48a0158187238c5407e4fdec8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-503xx/CVE-2024-50302.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-50302",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:32.320",
"lastModified": "2024-11-19T02:16:32.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-94xx/CVE-2024-9474.json
View File

@ -2,9 +2,13 @@
"id": "CVE-2024-9474",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-18T16:15:29.780",
"lastModified": "2024-11-18T17:11:17.393",
"lastModified": "2024-11-19T02:00:02.097",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cisaExploitAdd": "2024-11-18",
"cisaActionDue": "2024-12-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.",
"cisaVulnerabilityName": "Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability",
"descriptions": [
{
"lang": "en",

50
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-11-19T00:55:33.861871+00:00
2024-11-19T03:00:20.626421+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-11-18T23:15:05.517000+00:00
2024-11-19T02:16:32.320000+00:00
```
### Last Data Feed Release
@ -27,32 +27,56 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2024-11-18T01:00:10.056707+00:00
2024-11-19T01:00:10.094879+00:00
```
### Total Number of included CVEs
```plain
270259
270299
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `40`
- [CVE-2024-33231](CVE-2024/CVE-2024-332xx/CVE-2024-33231.json) (`2024-11-18T23:15:04.783`)
- [CVE-2024-51939](CVE-2024/CVE-2024-519xx/CVE-2024-51939.json) (`2024-11-18T23:15:04.853`)
- [CVE-2024-51940](CVE-2024/CVE-2024-519xx/CVE-2024-51940.json) (`2024-11-18T23:15:05.073`)
- [CVE-2024-52339](CVE-2024/CVE-2024-523xx/CVE-2024-52339.json) (`2024-11-18T23:15:05.300`)
- [CVE-2024-52340](CVE-2024/CVE-2024-523xx/CVE-2024-52340.json) (`2024-11-18T23:15:05.517`)
- [CVE-2024-50278](CVE-2024/CVE-2024-502xx/CVE-2024-50278.json) (`2024-11-19T02:16:30.113`)
- [CVE-2024-50279](CVE-2024/CVE-2024-502xx/CVE-2024-50279.json) (`2024-11-19T02:16:30.210`)
- [CVE-2024-50280](CVE-2024/CVE-2024-502xx/CVE-2024-50280.json) (`2024-11-19T02:16:30.303`)
- [CVE-2024-50281](CVE-2024/CVE-2024-502xx/CVE-2024-50281.json) (`2024-11-19T02:16:30.413`)
- [CVE-2024-50282](CVE-2024/CVE-2024-502xx/CVE-2024-50282.json) (`2024-11-19T02:16:30.540`)
- [CVE-2024-50283](CVE-2024/CVE-2024-502xx/CVE-2024-50283.json) (`2024-11-19T02:16:30.620`)
- [CVE-2024-50284](CVE-2024/CVE-2024-502xx/CVE-2024-50284.json) (`2024-11-19T02:16:30.697`)
- [CVE-2024-50285](CVE-2024/CVE-2024-502xx/CVE-2024-50285.json) (`2024-11-19T02:16:30.787`)
- [CVE-2024-50286](CVE-2024/CVE-2024-502xx/CVE-2024-50286.json) (`2024-11-19T02:16:30.860`)
- [CVE-2024-50287](CVE-2024/CVE-2024-502xx/CVE-2024-50287.json) (`2024-11-19T02:16:30.937`)
- [CVE-2024-50288](CVE-2024/CVE-2024-502xx/CVE-2024-50288.json) (`2024-11-19T02:16:31.023`)
- [CVE-2024-50289](CVE-2024/CVE-2024-502xx/CVE-2024-50289.json) (`2024-11-19T02:16:31.117`)
- [CVE-2024-50290](CVE-2024/CVE-2024-502xx/CVE-2024-50290.json) (`2024-11-19T02:16:31.190`)
- [CVE-2024-50291](CVE-2024/CVE-2024-502xx/CVE-2024-50291.json) (`2024-11-19T02:16:31.280`)
- [CVE-2024-50292](CVE-2024/CVE-2024-502xx/CVE-2024-50292.json) (`2024-11-19T02:16:31.363`)
- [CVE-2024-50293](CVE-2024/CVE-2024-502xx/CVE-2024-50293.json) (`2024-11-19T02:16:31.493`)
- [CVE-2024-50294](CVE-2024/CVE-2024-502xx/CVE-2024-50294.json) (`2024-11-19T02:16:31.587`)
- [CVE-2024-50295](CVE-2024/CVE-2024-502xx/CVE-2024-50295.json) (`2024-11-19T02:16:31.687`)
- [CVE-2024-50296](CVE-2024/CVE-2024-502xx/CVE-2024-50296.json) (`2024-11-19T02:16:31.780`)
- [CVE-2024-50297](CVE-2024/CVE-2024-502xx/CVE-2024-50297.json) (`2024-11-19T02:16:31.887`)
- [CVE-2024-50298](CVE-2024/CVE-2024-502xx/CVE-2024-50298.json) (`2024-11-19T02:16:31.970`)
- [CVE-2024-50299](CVE-2024/CVE-2024-502xx/CVE-2024-50299.json) (`2024-11-19T02:16:32.053`)
- [CVE-2024-50300](CVE-2024/CVE-2024-503xx/CVE-2024-50300.json) (`2024-11-19T02:16:32.140`)
- [CVE-2024-50301](CVE-2024/CVE-2024-503xx/CVE-2024-50301.json) (`2024-11-19T02:16:32.230`)
- [CVE-2024-50302](CVE-2024/CVE-2024-503xx/CVE-2024-50302.json) (`2024-11-19T02:16:32.320`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `6`
- [CVE-2022-21712](CVE-2022/CVE-2022-217xx/CVE-2022-21712.json) (`2024-11-18T23:15:04.350`)
- [CVE-2023-29155](CVE-2023/CVE-2023-291xx/CVE-2023-29155.json) (`2024-11-18T23:15:04.583`)
- [CVE-2024-0012](CVE-2024/CVE-2024-00xx/CVE-2024-0012.json) (`2024-11-19T02:00:02.097`)
- [CVE-2024-1212](CVE-2024/CVE-2024-12xx/CVE-2024-1212.json) (`2024-11-19T02:00:02.097`)
- [CVE-2024-50152](CVE-2024/CVE-2024-501xx/CVE-2024-50152.json) (`2024-11-19T02:16:17.787`)
- [CVE-2024-50159](CVE-2024/CVE-2024-501xx/CVE-2024-50159.json) (`2024-11-19T02:16:18.443`)
- [CVE-2024-50217](CVE-2024/CVE-2024-502xx/CVE-2024-50217.json) (`2024-11-19T02:16:23.163`)
- [CVE-2024-9474](CVE-2024/CVE-2024-94xx/CVE-2024-9474.json) (`2024-11-19T02:00:02.097`)
## Download and Usage

66
_state.csv
View File

@ -191179,7 +191179,7 @@ CVE-2022-21708,0,0,9578c1cf39a110d5e2a639b5e3286cdb861c29c9a3005066e1fffc8d610f6
CVE-2022-2171,0,0,4279be5ecbdbed52e50041f6d2a7b2da72a15e39c67bbee691ba87779b443595,2022-08-05T18:56:45
CVE-2022-21710,0,0,4a7aeeb29bc2070704c3e61cc3b8cd65a372dff842dde587321bec36bffe1c19,2022-01-28T18:56:22.597000
CVE-2022-21711,0,0,e4ab32cdc7be32dc4f4469d94c8c64910a8f3cce0add67ce6760750592a0cb5b,2023-02-16T17:07:59.567000
CVE-2022-21712,0,1,256c722131918f92f42f6232a89dc86e26c4430791badf1ced0f6615e1a9458b,2024-11-18T23:15:04.350000
CVE-2022-21712,0,0,256c722131918f92f42f6232a89dc86e26c4430791badf1ced0f6615e1a9458b,2024-11-18T23:15:04.350000
CVE-2022-21713,0,0,6af0f957ba503abe1a396efebf511e2f64d1ce949a089a9ab233d618d4d96ce0,2023-11-07T03:43:42.347000
CVE-2022-21715,0,0,c6d0f08d771fa1aceb70c7ebd99981f97b919a1598e9ce739a03dd0cc192f6d8,2022-01-28T18:46:31.470000
CVE-2022-21716,0,0,a080ce36351bb59b354d6cf1828ba3325904fe326cab9b17b882f3af2583b379,2023-11-07T03:43:42.493000
@ -222415,7 +222415,7 @@ CVE-2023-29151,0,0,af232fc81ad657bec5131f859ab52410d7381f35f2bff860b286cbb1b4016
CVE-2023-29152,0,0,3e64eecc21db386c7f119b01e40814fc30c8f66fa79cb5214de6e4d76672f4a9,2023-06-15T19:03:37.987000
CVE-2023-29153,0,0,20e2306cd83c9e65fd335c9262fba0a4a015d470c261c83aa6e9a4bba9f99467,2024-03-22T19:15:07.753000
CVE-2023-29154,0,0,2ce80fdc92b06662b921d35598a798f56357e85c01079f69c07b54be329481ae,2023-06-08T01:53:05.697000
CVE-2023-29155,0,1,fcf0694e244b34251af1814b3e342ba5de373a2054087ea0a85df361d77e8069,2024-11-18T23:15:04.583000
CVE-2023-29155,0,0,fcf0694e244b34251af1814b3e342ba5de373a2054087ea0a85df361d77e8069,2024-11-18T23:15:04.583000
CVE-2023-29156,0,0,d8b2a9f0b1b6e72fbdce429dcdda19c1090c99aff95fc2649c75d85d281296ae,2024-09-30T10:15:02.400000
CVE-2023-29157,0,0,3d4c1b7d84ad7a94de33d0293a38b4b0adb40af5df3591417d029d597a7d484f,2023-11-21T02:09:32.690000
CVE-2023-29158,0,0,db76dabc3df93f55e4d7122ce7eb8886cfd8d274f9430c0253da65b710d59f0c,2023-06-29T20:14:11.297000
@ -239826,6 +239826,7 @@ CVE-2023-52918,0,0,21564d3b5227bff513646c579d7bdd7f1583e549e4c51e98581a4d9efd156
CVE-2023-52919,0,0,a37d9d88a926a49efde8ee5228e861273658f480dcdcfcb710741f8df16c3c09,2024-10-24T03:53:16.377000
CVE-2023-5292,0,0,214d7ae5654e29ed0e372211abf39e379cdbd830eab553609e162ffb791fd787,2023-11-07T04:23:48.910000
CVE-2023-52920,0,0,9cb91c05199de061b3421002d69a7ce229465da018594255a34833b7b80e22b1,2024-11-07T19:31:31.217000
CVE-2023-52921,1,1,592807ab07b831b0a8a6426ed51532bed248b0e3144fa0943d732c87cb35e3e2,2024-11-19T02:15:09.310000
CVE-2023-5293,0,0,37b5570c94c226fac17bbeba13451e285dd87937cebf55577645a70e3fbcf851,2024-05-17T02:32:58.843000
CVE-2023-5294,0,0,91871d88408d7e2bcaad4b05fb484ac2315248d3665cd88ba6ae47f2da8d5f16,2024-05-17T02:32:58.950000
CVE-2023-52946,0,0,43d8c575418a7f78a11e9526af607aac1baa72cf0563b1f4b331156f6ceab810,2024-10-08T15:55:07.543000
@ -241639,7 +241640,7 @@ CVE-2024-0008,0,0,899bae3dea0b6932a6d046356f47764b32f025595d0eef60d8e0e433b2b040
CVE-2024-0009,0,0,31a37345511ab8f9e782cdcb9d09dfe3dad4751b5c25ab7a9b1c5c74d0c64c05,2024-02-15T06:23:39.303000
CVE-2024-0010,0,0,0619a8beffc460e406861d5436887a98d4820a4ca409aea20f604a00879fcec0,2024-02-15T06:23:39.303000
CVE-2024-0011,0,0,871bd2790e1644ed9a3dece6c89b7131ea036c72c23f82726bf2a5f6003f50ac,2024-02-15T06:23:39.303000
CVE-2024-0012,0,0,23f9780125acddd13a52f45d78a63127c606b9f8c92f0982f201bc082130159e,2024-11-18T17:11:17.393000
CVE-2024-0012,0,1,3bcb4f1ce9c9bda850e5d74e22d9a8d65ab9319862978bdd2c73b2c584bb29b4,2024-11-19T02:00:02.097000
CVE-2024-0014,0,0,57b1d977bcf36a4089ab5ef9c9905bf2b69a9e66b00e8c3e91bd20eccc0f8b75,2024-08-26T18:35:03.770000
CVE-2024-0015,0,0,00e8b369d8c884be684dc161c3d8d59320e06337f56989191711b768cfe02c9b,2024-08-28T17:35:03.353000
CVE-2024-0016,0,0,07b99aa38f7f021ca30f24587ae8679400297ca98f5e8da8ccc928cbae430ba9,2024-10-31T15:35:18.640000
@ -243407,7 +243408,7 @@ CVE-2024-1207,0,0,dcc484c1fca006f292c23965347128c235a983932753c8f043310e93d42eee
CVE-2024-1208,0,0,931317b38cffca1e6ab678e3f4e10db5d686e3bb7ffa9e092bfb0d5704f0fe50,2024-02-13T14:06:24.090000
CVE-2024-1209,0,0,b007174870c79d931de8bd87795b421ecc64b354efa55388cf8747cc0f9b9382,2024-02-14T16:51:40.300000
CVE-2024-1210,0,0,2bd6c4d9a535fadb91354d7280da4ed73754e214ed933073c198034626ca398d,2024-02-14T17:26:54.873000
CVE-2024-1212,0,0,2947bfd8de8a2bfa8a52d0d543fd3edd4b07e524a737a6efb6885446dca7575e,2024-02-22T19:07:27.197000
CVE-2024-1212,0,1,013a909cea897f73894639cbf1de1592385cd5d008caf7561f839e436bce9dfe,2024-11-19T02:00:02.097000
CVE-2024-1213,0,0,73c928f5e166c2f8b5a80c38e18cb771f40a6d802d77253df887196bd9243584,2024-03-21T12:58:51.093000
CVE-2024-1214,0,0,3ce61bef6906de47cb6dca47166861f981b3b7a12f38cc6bc1c75e176d1b9b5e,2024-03-21T12:58:51.093000
CVE-2024-1215,0,0,a5f81972c1c766d6a1a96567c8d27bfbbda6117700102c01b81784829175fa50,2024-05-17T02:35:19.200000
@ -254077,7 +254078,7 @@ CVE-2024-33226,0,0,118644c9a4526f22ebac7f7b4738b46fc0e07956b270365957b518f88d5f0
CVE-2024-33227,0,0,7642d7b0dea4438aa6cf20447aa6ccfb5a37e8289abc2e50d39a48026159e609,2024-08-21T21:35:06.933000
CVE-2024-33228,0,0,85cdbd71550aee88b5f9d8549e2c2f09f274676ddc09487eba7cc0a4fad357e8,2024-08-15T15:35:10.277000
CVE-2024-3323,0,0,35a6027c28bfec2d03f21e8dc2fb44053ba20d6734735309aeaba44e533a0061,2024-07-03T02:06:09.693000
CVE-2024-33231,1,1,74936ae5cbba0f7bb9fdc05b3207e557a61870571e9bb2181297c5960d574f1b,2024-11-18T23:15:04.783000
CVE-2024-33231,0,0,74936ae5cbba0f7bb9fdc05b3207e557a61870571e9bb2181297c5960d574f1b,2024-11-18T23:15:04.783000
CVE-2024-33247,0,0,40a5fef5b7dc3488c3170d87b3d0b3fdeccf50a4efd249dd8f1c8814c02594a3,2024-04-25T13:18:02.660000
CVE-2024-3325,0,0,eba92195eac782e585c88625ca97b48ddac98c797259bb726a1fc19af0b8d9a8,2024-07-12T16:11:57.460000
CVE-2024-33250,0,0,b9c4a2bf1fe2b649998281997c3158803cce2200d868ae2afbc03c684a35b009,2024-11-07T00:35:02.163000
@ -265396,14 +265397,14 @@ CVE-2024-50149,0,0,d7c6740c56276f915bd62b11e0e57a6dcbeeb44de647591594fe9c7c101a2
CVE-2024-5015,0,0,57e7561ea7b4a22dc47e95fb948c2e633eea845a4a10c36b8de173108bb8285f,2024-08-21T13:37:02.370000
CVE-2024-50150,0,0,4196baec43f7736780778c168a778671c8558d06a0e2cf6ab733073a0abb416a,2024-11-08T19:01:03.880000
CVE-2024-50151,0,0,d9ce0dc9cc067e6fa22cf39a277f3e88a2611e6930bd9b5641d4f23f2714aae3,2024-11-08T19:01:03.880000
CVE-2024-50152,0,0,af4a36f373f5bd284bbc0e7f8a0ae078bbf143827fdfc00292fdfee23cabe156,2024-11-13T15:15:56.840000
CVE-2024-50152,0,1,2c96ab518a9215c0d0e79f80a961320abfaaa147496070ea4893a223a0ff5a2d,2024-11-19T02:16:17.787000
CVE-2024-50153,0,0,5f6d0a7fb1773f81b91ac445e6aae318d6060320ea428ea0efdab2d109fa9dd3,2024-11-13T15:23:49.717000
CVE-2024-50154,0,0,dd1e5f68aa038faa5d37972a828cf787243b5c34b51d1496a78801ba4944c9ea,2024-11-13T16:17:12.473000
CVE-2024-50155,0,0,5747f9cf1aa53c1e6a78fde055a5d938a23ef7a9d8e0d83af3e149b9b3f45e42,2024-11-08T19:01:03.880000
CVE-2024-50156,0,0,ed997ebe9a2b402a27fae0483970aab9a25073ff36ff717ae62fdc40d861b7ba,2024-11-08T19:01:03.880000
CVE-2024-50157,0,0,831c798ea992786f323335d193dc3ef349a34b53fcca1479c8f7474757c08c4f,2024-11-08T19:01:03.880000
CVE-2024-50158,0,0,9a6dda59860d55e42f9cf894dffd100a5d82221731fe812097f3aaee313e0486,2024-11-08T19:01:03.880000
CVE-2024-50159,0,0,28340fad2c185d2f812714ff6b1892c76ce4e6d5152917c1e3545f50c1cf57e9,2024-11-13T16:19:28.807000
CVE-2024-50159,0,1,def37e8a35c0dac6f559b833c2d259adb7d51c4315f5392fefa9b6d81411da78,2024-11-19T02:16:18.443000
CVE-2024-5016,0,0,99504ccb587052e75d99d9fcbf07f0a52b025e8122dba2c854727d3b50b1c62e,2024-08-21T13:38:32.480000
CVE-2024-50160,0,0,b2ff0e8b751c5febb607cc641fca660afb8ad0479ce2783468870ddf4e85c794,2024-11-13T16:13:39.750000
CVE-2024-50161,0,0,ad66b572cb441dad4e6ee48902eb2b158e06976f825be3871ef9c4e925a3bb8a,2024-11-13T16:36:57.413000
@ -265466,7 +265467,7 @@ CVE-2024-50213,0,0,d7da9f888c34c1dd4195bd9776c301a02d7788da5c1b9af054d3c0af65752
CVE-2024-50214,0,0,a68ed8141aee41f8eca6369dfa2fc5adda11c39527cac3f66bc2d231cb01160c,2024-11-13T17:25:55.197000
CVE-2024-50215,0,0,4f6c09398edd07c14dd2e66d155355fe1028e25d6908ca77bd696a2c885aefcc,2024-11-13T17:35:17.697000
CVE-2024-50216,0,0,173c858fca904c6b8ae3808e39fe7eb2abffc64106c67c7401645a47033740f6,2024-11-12T13:56:24.513000
CVE-2024-50217,0,0,30a5e848774429eaad655f054c95869bd054abf9b83d72732d2b0d27bfbcd706,2024-11-13T19:24:41.063000
CVE-2024-50217,0,1,7cfb3ad26ee03a7c847082b174c2ff997eb59c2bb7fd387d6c83ebc0279c55ea,2024-11-19T02:16:23.163000
CVE-2024-50218,0,0,0fb6d6d645b3a2c6757f1c38779b956e24c411c7561ebff1cb364f4755c7ba07,2024-11-12T13:56:24.513000
CVE-2024-50219,0,0,57ca6b6c0667d0c6ff47560f6866cfa36318c7798583ecd36bd30e6bd0856676,2024-11-11T14:15:15.210000
CVE-2024-5022,0,0,b83f09821687b900e7e3c962c3fdf76320d3bf46277a4004f5c59e7ba07e152d,2024-10-28T21:35:22.210000
@ -265517,8 +265518,47 @@ CVE-2024-50260,0,0,05a63ba87ad199ac12bf4ea248cb7aed5d0afcea08fb2e43e5b32d282eebb
CVE-2024-50261,0,0,946c442cc56e3e8af45dc6329602e8261cd21844e512a68f35505737590fc69d,2024-11-14T18:24:41.597000
CVE-2024-50262,0,0,491da488ea3f6be70bbe09eed55bf84625143c296910fe98f090fd0f0e85c13c,2024-11-13T21:10:44.267000
CVE-2024-50263,0,0,031640c798eb6a3a8aeb817df2908ddb318a337ddb803a116f07c15a4af2eba6,2024-11-14T16:23:08.347000
CVE-2024-50264,1,1,6a9a868fd5179b08302904f3d5d2cc976e52fe197ef1c642a7cab2c5be2f3c77,2024-11-19T02:16:28.210000
CVE-2024-50265,1,1,b37071bba127c6590efd0e2296d6391683d0fa98c71ad76697de5d332c8d417f,2024-11-19T02:16:28.310000
CVE-2024-50266,1,1,3a5d9f53807cea34ac9bc9251bfaffb22cd0348f790835eb3622c05182b5bae1,2024-11-19T02:16:28.540000
CVE-2024-50267,1,1,98d96b8a61e6741c60e216cf69e498d5a27b42446b0287575de260ed1e349d0f,2024-11-19T02:16:28.647000
CVE-2024-50268,1,1,81ef13698e915ee7616d3be601b1d089c143f8a7d148e60fa610325f6d5679cb,2024-11-19T02:16:28.787000
CVE-2024-50269,1,1,8c5bdf36a3f6a52264b4e2a2b2de0112b25034aaca5180804a2184e34dba6ccb,2024-11-19T02:16:28.930000
CVE-2024-50270,1,1,fb624ebf4dc63e98913ab9ca7d7716630eac42140974ea3d7e96b485c415ca32,2024-11-19T02:16:29.033000
CVE-2024-50271,1,1,15b7e826ed8e5ef7a21ad0eee3be15896d6f6a32e0145eba29bc7cd30de13837,2024-11-19T02:16:29.180000
CVE-2024-50272,1,1,1a1026a5445f4747b30b33c606e820d712000dea960181c1f52b973a3c90d1d3,2024-11-19T02:16:29.357000
CVE-2024-50273,1,1,e078e8252904cc385176cd3ba27bc923097f736c5c229374c27e245546413178,2024-11-19T02:16:29.483000
CVE-2024-50274,1,1,87fc60c88e06a3497239160961ac002861a4c22f1fcc0449e0acaff4d0cb5311,2024-11-19T02:16:29.650000
CVE-2024-50275,1,1,eff2746c7c288dd9a9e01621f1aec479e4a21779afa4474e8358d393f1675a7b,2024-11-19T02:16:29.760000
CVE-2024-50276,1,1,66580521d051806424492f659c13477763c43652da537d6d4614829e59571f97,2024-11-19T02:16:29.927000
CVE-2024-50277,1,1,ef1a33a89845dab0ae111e6b48ee06d4953e851686b1c1a96c8dab06f6b48151,2024-11-19T02:16:30.013000
CVE-2024-50278,1,1,9dedf42656a4af775c774ecbe0b4c03c3c882e7cb3360562d8c04ac972abd823,2024-11-19T02:16:30.113000
CVE-2024-50279,1,1,03df0682b8ffcf621a6d163cfc6a5a56738858b05f01647db2b9d5ff47b8c296,2024-11-19T02:16:30.210000
CVE-2024-5028,0,0,6e4747168a055d3478d0389157f1378a0e5efd7245fc9814fa65e0cf7f805db7,2024-08-01T13:59:38.360000
CVE-2024-50280,1,1,5bff768105c23591a0659d73965b18454df94280670f7f375e0738909aef8f22,2024-11-19T02:16:30.303000
CVE-2024-50281,1,1,86ec9fb1f13909e85390d475b7f0439e63bb9cd1b06a2e0a5f431d7bcb52b53d,2024-11-19T02:16:30.413000
CVE-2024-50282,1,1,e687cb265b25789fdfd21df7c3db2d356b7f8894e6c9d9dcdd8f5521015e6ded,2024-11-19T02:16:30.540000
CVE-2024-50283,1,1,28c388a5e317fdd122bf6d4d92ea01d0dc424d04009f532c1de47978efbcbe0f,2024-11-19T02:16:30.620000
CVE-2024-50284,1,1,eef226c4ecf4f5e884628727d4c7785f377bbd1794be11ab93664351237747e6,2024-11-19T02:16:30.697000
CVE-2024-50285,1,1,f94619aa26808f0b2ce500660188d05cd351ff983daacb989ba879c6c19cb13f,2024-11-19T02:16:30.787000
CVE-2024-50286,1,1,f8eb88bf027539fc6ca5a54fc4cfc3f6d1cd7a35823a7dddb7e0687229bb9078,2024-11-19T02:16:30.860000
CVE-2024-50287,1,1,2a5f1c964b5c6e905ac129a66bd6493073dc4f0c6f2fba5a0620a7397e1c089d,2024-11-19T02:16:30.937000
CVE-2024-50288,1,1,cb535fc7c983e478f4b8267f12a7bff6349db824af8e5e8410dd84fc8ee25c9a,2024-11-19T02:16:31.023000
CVE-2024-50289,1,1,b6f1a51396c98fc6833f418ac9e77c6bc16780a320ee9b0a38f279086b28cac7,2024-11-19T02:16:31.117000
CVE-2024-50290,1,1,345f8145e71ded8eda18da45f0e5da058b4297dff4879c90b2f27d139a2aee17,2024-11-19T02:16:31.190000
CVE-2024-50291,1,1,8aaf158a6863baa76fae3d5094379d069f5630ec5ffe22498d947e310bf8ca30,2024-11-19T02:16:31.280000
CVE-2024-50292,1,1,37682134db2491ccaeb65557316aaab741d57ea2a23d8034108e342756947b7d,2024-11-19T02:16:31.363000
CVE-2024-50293,1,1,3282471dc8b447412957ff992b1c6946c8c35b8e8190127a4d1c477006c76d77,2024-11-19T02:16:31.493000
CVE-2024-50294,1,1,4fa0c58b47fa7c0c34fc939d7d9175c73a973dba2d3940bc10cd4edda9caa699,2024-11-19T02:16:31.587000
CVE-2024-50295,1,1,878c952a4e20f54937f68c47682f6da6606c24e82c5e2a6b38525c98bd40e02b,2024-11-19T02:16:31.687000
CVE-2024-50296,1,1,151b7f57215567de705abce09900c255be04fa9fb72c39132334f156245a9ad1,2024-11-19T02:16:31.780000
CVE-2024-50297,1,1,2313b82f1e4f46687eb419e21e05eeda08d25bf62ed2a7f867bbcc3dfaee0e79,2024-11-19T02:16:31.887000
CVE-2024-50298,1,1,255466ce234616f5d360862b0ffc6566b4746732c1121cb6f51db82192c8dc51,2024-11-19T02:16:31.970000
CVE-2024-50299,1,1,c53fc19ca342dee6df209454a78c180f1bde0c33ddd9c14b990d61b77dbee4ba,2024-11-19T02:16:32.053000
CVE-2024-5030,0,0,bb4b715ea840400227e7a7cb9b03010c40389d422c5926920262a0b6d21748ab,2024-11-18T17:11:17.393000
CVE-2024-50300,1,1,161689f05b8e4ad91650f1f578afdaafe8a11ef5c56bdbb1de1706871fd276c4,2024-11-19T02:16:32.140000
CVE-2024-50301,1,1,d782c5c6fcf1d15dc065b1bb46bea6f3d83356f4a5e461fe3074db290272a1a9,2024-11-19T02:16:32.230000
CVE-2024-50302,1,1,d0c4766277c42a5bde655baf0c18d7fe1f70654be2864955f85c0b910cf2668f,2024-11-19T02:16:32.320000
CVE-2024-50305,0,0,b03fd6d501d19d7b209a06f202d725af272151828bcd7418064455026a0a9df5,2024-11-15T13:58:08.913000
CVE-2024-50306,0,0,99b8de1207b2fdc71c13146c7372e7163a77f6f60a3176c55d7bfb57d63fa38c,2024-11-15T13:58:08.913000
CVE-2024-50307,0,0,6d2dcfccb50c0c30fd7d9bda3b36490982da8110db31d087befc4509a1d360cd,2024-10-28T13:58:09.230000
@ -266278,9 +266318,9 @@ CVE-2024-5190,0,0,d58b9fdaecdb1abec20ccf7764e52a460a4959870ee8917a6c4a9f4c686657
CVE-2024-5191,0,0,855a566258b8b88a588ebc49e507f9db3fa3e450b83819e0fe6599e7fdad210b,2024-06-24T19:25:23.943000
CVE-2024-5192,0,0,c6f18cdb6a108bb524429e5cc753797211823ca6e8aeb4452f1d7b5f429f97e2,2024-08-01T16:59:49.620000
CVE-2024-5193,0,0,e4701e326e91e3f273094fa28520a38cf9b336400b5d22ec617cb60327a48d22,2024-06-04T19:21:01.867000
CVE-2024-51939,1,1,f2ac89d4d52255c38882917dd763252a103675084e85c5641eef5958eab7b9de,2024-11-18T23:15:04.853000
CVE-2024-51939,0,0,f2ac89d4d52255c38882917dd763252a103675084e85c5641eef5958eab7b9de,2024-11-18T23:15:04.853000
CVE-2024-5194,0,0,8b46532d156b8b3c9309e51d70c9e0d478e4dda8959433d551fb9bae0e23a4f1,2024-06-04T19:21:01.977000
CVE-2024-51940,1,1,a8380f8b08f09a034cd21ab9e44c75d5220eac09d4d54fbbbbb9a70c3d2c35b3,2024-11-18T23:15:05.073000
CVE-2024-51940,0,0,a8380f8b08f09a034cd21ab9e44c75d5220eac09d4d54fbbbbb9a70c3d2c35b3,2024-11-18T23:15:05.073000
CVE-2024-5195,0,0,a944b3bf4d682f545e6cb40d57a8d207d6c568eeb84f910c894251f96395025e,2024-06-04T19:21:02.077000
CVE-2024-5196,0,0,fe96c1eeb1213602679ab014fd535da1193da9cfe24103856ca34e734451708d,2024-06-04T19:21:02.183000
CVE-2024-5197,0,0,01172b8d20369801e638a1092c2896c82735a2e04e92ac5031b21558c286d96f,2024-06-16T21:15:50.820000
@ -266381,9 +266421,9 @@ CVE-2024-52317,0,0,8dd9cf0b2675d0151da3af6e2ac3dfaef7e6c1fd135283d8e3e44d96c5be7
CVE-2024-52318,0,0,2bba437e59239c6e36ab9227be3e173d0f3c7cc38d614e024ac840e507a6b100,2024-11-18T17:11:17.393000
CVE-2024-5232,0,0,8d68905f3b69b3dadb32694d2c73f30dc32ad3c794d56bacf5b1c8bfed3d3bb6,2024-06-04T19:21:02.890000
CVE-2024-5233,0,0,d230ff373762a089849cb791769c151d4d1eb1a364270894bffa0dbac945e679,2024-06-04T19:21:02.993000
CVE-2024-52339,1,1,4a82b06d7a65bc339d0e8b5ae1346c1408c35eb7a53a1d57697bcb107ac0d0bf,2024-11-18T23:15:05.300000
CVE-2024-52339,0,0,4a82b06d7a65bc339d0e8b5ae1346c1408c35eb7a53a1d57697bcb107ac0d0bf,2024-11-18T23:15:05.300000
CVE-2024-5234,0,0,14a09ab7485c5dff6a0e2d37ff7f584b26da4a8cf075e00d5ab541632ac32bbb,2024-06-04T19:21:03.100000
CVE-2024-52340,1,1,8f65fb1054a89ab403d617c9bf0ea5699de13b94c4efe6e7daf36c63ba7ec84b,2024-11-18T23:15:05.517000
CVE-2024-52340,0,0,8f65fb1054a89ab403d617c9bf0ea5699de13b94c4efe6e7daf36c63ba7ec84b,2024-11-18T23:15:05.517000
CVE-2024-52341,0,0,d83f9938d497291837976c3bdb934a1000915eeb369887ba9f4ce84de749a131,2024-11-18T22:15:06.257000
CVE-2024-52342,0,0,a3321673840b7d5b85fc53e6ec85b2c38bc26d0f630fdbc9a916437eaae61a89,2024-11-18T22:15:06.483000
CVE-2024-52343,0,0,ee5dfcb40a16745d408095b1ff706ca3a899f38d13d8d69260118aefe96088ac,2024-11-18T22:15:06.697000
@ -269934,7 +269974,7 @@ CVE-2024-9470,0,0,13c3a583553fbf2e90723a5a0ed6f2354808c5a1753993b658aba04d0ed9b2
CVE-2024-9471,0,0,2517c360d1e41d9c7ea79e15df7f34465e8f98b985f9011876ffa34a1656df21,2024-10-15T16:55:45.090000
CVE-2024-9472,0,0,6dc75bb8c902376e1f062a26c7a99982f272de37330a03e0fbfe9796bed76fac,2024-11-15T13:58:08.913000
CVE-2024-9473,0,0,2610a860a1ec132e11b499793a273ee08374ba46887944874ff47b7b5fdd4588,2024-10-17T06:15:04.983000
CVE-2024-9474,0,0,b02d2c20c6295f6f6f0fd4f7c09e25b3a661f7b2bc49553cc850c748944c2145,2024-11-18T17:11:17.393000
CVE-2024-9474,0,1,9aac5e902caf4f5e0ee7904c87bbd76c0bb206a1ddeaa86fadcf36584b0264ec,2024-11-19T02:00:02.097000
CVE-2024-9475,0,0,273622ecfea8dd0cb8d3a034084a5946e50b2bee83443e844bae24857067e968,2024-10-28T13:58:09.230000
CVE-2024-9476,0,0,e9d7dbd43229ebc9ea9972271d753666a58d144ea232688064d92b4b52fc9277,2024-11-15T14:00:09.720000
CVE-2024-9477,0,0,cf43e95350fa7037b016e95ffdd76723a0091878a7d1f39dfbb116076ef07df2,2024-11-15T22:54:21.233000

Can't render this file because it is too large.